search
Ctrlk

Events Timeline

Example URL: https://pentest.ws/e/{engagement.id}/events

Events list showing both social engineering logs and technical commands. All data shown is fictitious.

The Events system in PenTest.WS provides a structured, timestamped log of your operational activity, from reconnaissance and exploitation to social engineering and post-exploitation actions. Events are searchable, flexible, and evidence-ready, making them essential for timeline analysis and reporting.

hashtag
Overview

Each event in PenTest.WS includes:

  • Timestamp (UTC)

  • Title or summary (e.g., Phish: Email to Jane Doe)

  • Command (for technical actions like smbclient, nmap, etc.)

  • Person or host references

  • Details – one or more rich-text summary blocks

  • Meta Data – freeform key-value pairs

  • Evidence Locking – make entries immutable when needed

hashtag
Creating & Editing Events

Edit Event view with capacity for multiple rich text notes and editable key-value metadata.

You can create events manually or let the platform do it for you:

  • Manual Entry: Click Add Event and fill in the form fields.

  • Auto-Generated Events: When you click Copy Command in Hosts or Services, a corresponding event is created automatically.

  • People Events: On the People page, you can quickly log a phishing, vishing, or smishing attempt using shortcut buttons.

hashtag
Evidence Locking

When an event is finalized and used as part of a finding or timeline, you can mark it as Evidence by clicking the lock icon.

  • Evidence entries become read-only and undeletable

  • Ensures data integrity for reporting, audits, or peer review

  • Timestamp and author information is preserved

hashtag
Filtering & Sorting

The Events view allows filtering by:

  • Keyword in title or summary

  • Time (Newest/Oldest)

  • Type (e.g. Command, Vishing, Phishing, etc.)

You can also export your timeline for additional processing or inclusion in external reports.

hashtag
Notes & Best Practices

  • All timestamps are recorded in UTC to support correlation with other log sources

  • Use consistent tags and metadata to streamline search and export

  • Link people and hosts to ensure full traceability from action → target → impact

  • Lock Evidence only after review - it cannot be edited or removed afterward

hashtag
Tier Availability

Events Timeline is available on Pro Tier.

PreviousPeople HackingNextBoards

Last updated