Pentographer
Docs/Core Features/Reporting, Templates, and Exports

Reporting, Templates, and Exports

Learn how to create reports, manage templates, and export deliverables as Word, PDF, or Markdown packages.

Pentographer generates executive-ready reports from your security findings. You can upload custom Word templates, toggle template visibility between public and private settings, and export reports in several formats.

Creating a Report

To create a new report for a project:

  1. Open your project page.
  2. Click New Report.
  3. Pentographer generates the report shell and opens the executive summary editor.

Inside the editor, you can write markdown text for the project's executive summary. A live HTML preview renders on the right side as you write.

Freezing Finding Snapshots

When you finish reviewing findings and the executive summary, publish the report.

Publishing freezes the active finding versions. If you edit a finding after publishing the report, the report retains the version captured at the time of publication. For details on finding management and version control, see the Findings Editor guide. This mechanism ensures that historical deliverables remain accurate and unchanged.

[!IMPORTANT] You cannot edit the executive summary or alter the finding snapshots once you publish a report. Ensure all team members complete their reviews before you click publish.

Report Templates

Pentographer uses Word (.docx) files as templates to format your final exports.

Uploading a Template

To upload a custom template:

  1. Navigate to Templates or Workspace Settings > Report Templates.
  2. Click the upload area or drag your .docx file into the upload box.
  3. The server processes the template and adds it to your workspace list.

Template Visibility and Marketplace

Every template has a visibility setting:

  • Private: Only members of your organization can view and use the template.
  • Public: The template appears in the Community Marketplace section. Other Pentographer users can download and use public templates.

To change the visibility, click the Private or Public badge on the template row. The system updates the status immediately.

[!NOTE] Pentographer does not currently support setting a default template. You must select your target template each time you initiate an export.

Exporting Deliverables

You select your export format and template during the export step, rather than at report creation.

To export a published report:

  1. Open the published report.
  2. Click Export.
  3. Select your target format:
    • DOCX: Generates a Word document using your selected template.
    • PDF: Generates a PDF file.
    • Markdown Zip: Generates a ZIP archive containing markdown files and evidence images for offline use.
  4. Select the template you want to apply.
  5. Click Download to retrieve your file package.

Markdown Zip Structure

The Markdown Zip export is intended for offline archiving, Git-based workflows, and importing findings into other tools. The archive contains:

  • An executive-summary.md file with the project summary text.
  • One .md file per finding, named by finding title. Each file includes the title, severity, CVSS score, status, description, and remediation in standard Markdown.
  • An evidence/ folder containing the uploaded screenshot files referenced in the finding documents.

The Markdown files use front matter for metadata (title, severity, status), making them parseable by static site generators or custom scripts. Because the export is a snapshot of the published versions, re-exporting after editing findings produces updated files without overwriting evidence images that have not changed.

Was this article helpful?

Help us improve the Pentographer documentation.

Subscribe to security audits for builders

Get technical write-ups on building deterministic AI pipelines, self-hosting secure apps, and automating pentesting workflows. No marketing spam.

← Previous articleModel Context Protocol (MCP) Server SetupNext article →GraphQL API Reference