Pentographer
Docs/Core Features/Authoring Custom Report Templates

Authoring Custom Report Templates

Build custom Word .docx report templates for Pentographer, control branding, structure finding sections, and share templates on the community marketplace.

Pentographer generates reports by merging your project's findings and executive summary into a Word .docx template. You control the layout, branding, fonts, and section structure. The application fills in the content at export time.

How Templates Work

When you export a report, Pentographer takes the active finding versions and executive summary text and inserts them into the sections of your .docx template. The template defines the visual structure; Pentographer supplies the data.

Templates are workspace-scoped by default. You upload them once and reuse them across all projects in your organization.

Building a Template

Use Microsoft Word or LibreOffice to create and edit templates. The template is a normal .docx file — structure it with the sections your deliverables require:

Typical sections:

  • Cover page (client name, project name, dates, report version)
  • Table of contents
  • Executive summary (replaced with the written summary at export time)
  • Scope and methodology
  • Findings (one section per finding, populated with title, severity, CVSS, description, remediation, and evidence)
  • Appendices (test coverage matrix, glossary)

Pentographer uses a template engine to locate placeholder regions and inject content. Refer to the GitHub repository for the definitive list of supported placeholder variables and the exact syntax the engine expects. The source code in the report generation module documents every available field.

Uploading a Template

  1. Navigate to Workspace Settings > Report Templates.
  2. Click the upload area or drag your .docx file into the upload box.
  3. The server processes the file and adds it to your workspace template list.

Iterating on a Template

The fastest way to refine a template is to generate an export immediately after uploading:

  1. Open a project with at least one finding.
  2. Publish a report (or use an existing published report).
  3. Click Export and select the template you just uploaded.
  4. Download the result and review the output in Word.
  5. Make edits to the .docx source file, upload the revised version, and repeat.

Keep the previous template version until the new one is validated — you cannot undo an overwrite.

Template Visibility and the Community Marketplace

Every template has a visibility setting:

  • Private: Only your organization can see and use it.
  • Public: The template appears in the Community Marketplace. Other Pentographer workspaces can download and apply it to their own projects.

To change visibility, click the Private or Public badge on the template row. The change takes effect immediately.

[!NOTE] Making a template public exposes the .docx file to other users. Remove any organization-specific branding (logos, confidentiality footers, internal style guides) before setting a template to public.

Applying a Template at Export Time

Template selection happens at export, not at report creation. This means you can apply any template to any published report:

  1. Open a published report.
  2. Click Export.
  3. Select the output format (DOCX, PDF, or Markdown Zip).
  4. Choose the template from the dropdown.
  5. Click Download.

This lets you export the same report with different templates — for example, one branded for the client and one plain version for internal records.

Was this article helpful?

Help us improve the Pentographer documentation.

Subscribe to security audits for builders

Get technical write-ups on building deterministic AI pipelines, self-hosting secure apps, and automating pentesting workflows. No marketing spam.

← Previous articleTracking Playbook Coverage During an EngagementNext article →Playbook and Checklist Management