The TextFileGuys Pen Tester project takes security analysis scans from different programs such as NMAP, Nessus, and ZAP and organizes them into an online form that is ready to be presented to upper management for presentation and analysis.

The Pen Tester project is driven by user supplied content. This means that the user is required to submit the scans that will compromise the final report. However the Pen Tester project requires a way to verify the scan that the user submits, because each program’s scan has different names for different properties. This is accomplished through the use of a plugin structure: the user submits a plugin that defines how to verify scans of that type. With this plugin, the Pen Tester project needs minimal refinement and user interaction on how to define what information belongs where in the final report.

To allow the program to be more feature rich, a user must register with the program. This allows a user to maintain a database of plugins that she can use over and over again. Users can also belong to groups. This allows her to share the plugins she uploaded with other members of the group.

Finally once all of the individual scans are uploaded and verified, the final report can be generated.