PenTest.WS Documentation
  • What is PenTest.WS?
    • Tier Comparison
  • Getting Started
    • Dashboard
    • Creating An Engagement
    • Main Window Layout
    • Engagement Console
    • Import Nmap & Masscan XML
    • Port Scan Templates
    • Adding Hosts Manually
    • Adding Ports to Hosts
    • Capturing Credentials
  • Hosts & Services
    • Host Page
    • Port Page
    • Global Service Notes
    • Service Command Library
    • Default Service Checklist
    • Scratchpad Editor
  • People & Events
    • People Hacking
    • Events Timeline
  • Views & Filtering
    • Boards
    • The Matrix
    • Subnetting
  • User Libraries
    • Shells Library
    • General Command Library
    • General Notes Library
    • Bookmark Library
  • Built-In Tools
    • Echo Up
    • CyberChef
    • Venom Builder
  • Search Capabilities
    • CVE DB
    • Exploit-DB
    • Nmap Scripts
    • Metasploit Modules
    • Keyword Search
  • Findings
    • Findings Admin
    • Findings Library
    • Engagement Findings
  • Clients & Reporting
    • Write-Ups
    • Clients Manager
    • Reporting Templates
    • Generating Deliverables
  • Collaboration
    • User Maintenance
    • Shared Engagements
    • Access Control List
  • Automation & Integration
    • API
    • SMTP
  • Authentication
    • Two-Factor Authentication
    • LDAP Authentication
  • Exporting & Importing
    • Export Account Items
    • Import Account Items
    • Export to CSV / JSON
  • Pro Tier
    • Admin Panel
    • Intranet Mode
    • Solo Mode
    • Large Engagement Support
Powered by GitBook
On this page
  • Overview
  • Creating & Editing Events
  • Evidence Locking
  • Filtering & Sorting
  • Notes & Best Practices
  • Tier Availability
  1. People & Events

Events Timeline

PreviousPeople HackingNextBoards

Last updated 11 days ago

Example URL: https://pentest.ws/e/{engagement.id}/events

Events list showing both social engineering logs and technical commands. All data shown is fictitious.

The Events system in PenTest.WS provides a structured, timestamped log of your operational activity, from reconnaissance and exploitation to social engineering and post-exploitation actions. Events are searchable, flexible, and evidence-ready, making them essential for timeline analysis and reporting.

Overview

Each event in PenTest.WS includes:

  • Timestamp (UTC)

  • Title or summary (e.g., Phish: Email to Jane Doe)

  • Command (for technical actions like smbclient, nmap, etc.)

  • Person or host references

  • Details – one or more rich-text summary blocks

  • Meta Data – freeform key-value pairs

  • Evidence Locking – make entries immutable when needed

Creating & Editing Events

You can create events manually or let the platform do it for you:

  • Manual Entry: Click Add Event and fill in the form fields.

  • Auto-Generated Events: When you click Copy Command in Hosts or Services, a corresponding event is created automatically.

  • People Events: On the People page, you can quickly log a phishing, vishing, or smishing attempt using shortcut buttons.


Evidence Locking

When an event is finalized and used as part of a finding or timeline, you can mark it as Evidence by clicking the lock icon.

  • Evidence entries become read-only and undeletable

  • Ensures data integrity for reporting, audits, or peer review

  • Timestamp and author information is preserved


Filtering & Sorting

The Events view allows filtering by:

  • Keyword in title or summary

  • Time (Newest/Oldest)

  • Type (e.g. Command, Vishing, Phishing, etc.)

You can also export your timeline for additional processing or inclusion in external reports.


Notes & Best Practices

  • All timestamps are recorded in UTC to support correlation with other log sources

  • Use consistent tags and metadata to streamline search and export

  • Link people and hosts to ensure full traceability from action → target → impact

  • Lock Evidence only after review - it cannot be edited or removed afterward


Tier Availability

Events Timeline is available on Pro Tier.

Edit Event view with capacity for multiple rich text notes and editable key-value metadata.