Report Management ​

Overview ​

Swiftor's report editor is built using the powerful Puck library, providing a flexible drag-and-drop interface for creating professional security assessment reports. You can create reports from various templates, customize content using pre-built security-focused components, and publish them.

Creating Reports ​

Reports are initiated through the "Create New Report" dialog.

1. Choose a Template: Select a starting template from the dropdown. Available options include:

   • Web Application
   • API Security
   • Network Assessment
   • Social Engineering
   • Physical Security
   • Firewall Audit
   • Wireless Security
   • Comprehensive A preview and description of the selected template are shown.

2. Set Title: A title is automatically generated based on the template and date (e.g., REST Apr '25 #325), but you can edit it as needed.

3. Set Privacy:

   • Public: The report will be accessible via its public URL but will require the password set below for viewing (corresponds to protected=true in the API).
   • Private: The report is only accessible to you within the Swiftor dashboard (corresponds to protected=false in the API).

   Note: Your subscription tier (Core, Hacker, Engineer, etc.) may have limits on the number of public and private reports you can create.

4. Set Password: Enter a password required to access the report if it's set to Public.

5. Click "Create Report": This creates the report record and opens the Puck editor interface, pre-populated with the content structure defined by the selected template.

Editing Reports with Puck ​

Once created, the report should appear in the sidemenu. Clicking it opens in the Puck editor.

• Canvas: The central area where you arrange and edit report content.
• Component Drawer (Left): Drag components from categories like "Pentest Report", "Layout", and "Typography" onto the canvas.
• Component Editor (Right): When a component on the canvas is selected, its specific properties appear here for editing (e.g., text content, severity levels, table items).

Key Report Components ​

The editor provides several pre-built components tailored for security reports:

• TableOfContents: Automatically generates a clickable table of contents based on Heading components or specified items.
• ExecutiveSummary: A block for summarizing the assessment scope, key findings, and overall risk, often including vulnerability statistics.
• FindingStats: Displays a visual summary (e.g., bar chart or counts) of findings categorized by severity (Critical, High, Medium, Low, Info).
• ScopeBlock: Defines the assessment scope, including domains, IPs, applications, and explicit exclusions.
• VulnerabilityBlock: A structured block for documenting individual findings, including Title, Severity, Description, Impact, Reproduction Steps, Recommendations, and References.
• Heading: Standard heading component (H1-H6) used for report structure.
• Text / PuckRichText: For standard paragraph text and rich text editing.
• Layout Components: Columns, Flex, VerticalSpace for arranging content.

Publishing / Saving Reports ​

• Clicking the "Publish" button within the Puck editor saves the current state of the report content.
• This action updates the report's content field via the PUT /reports/{report_id} API endpoint.
• Report visibility (Public/Private) and password protection are set during the initial creation step and are not typically modified within the editor interface.

Viewing Reports ​

Public Access ​

• Public reports (created with Privacy set to Public) are accessible via https://swiftor.io/@{username}/{reportid}.
• Access requires the password set during creation.
• Provides read-only access to the published report content.

Private Access ​

• Private reports (created with Privacy set to Private) are only viewable by you within the Swiftor dashboard.

Report Features (Output) ​

Published reports often include:

• Interactive Elements: Collapsible sections, potentially filterable findings.
• Export Options: Depending on the theme/setup, options like PDF export might be available (functionality not detailed in provided code).

Next Steps ​

• Manage report access & visibility via API (if direct API access is available)
• Explore different template structures by creating various report types.