Skip to content


Repository files navigation


Powered by Excel o365


PowerAuditor is an excel sheet over-vitaminated with macro. PowerAuditor allows you to :

  • write Pentest reports in a minimum of time.
  • no longer write the same information twice
  • share your vulnerability sheets with your co-worker via a git server
  • share your knowledge with your team via a git server

First install for the infrastructure


  • Windows 10
  • Excel / Word upper to 2013
  • a git repository for the reports template
  • a git repository for the vulnerabilities template
C:\Users\1mm0rt41PC> git clone
C:\Users\1mm0rt41PC> cd PowerAuditor

C:\Users\1mm0rt41PC\PowerAuditor> cd template
C:\Users\1mm0rt41PC\PowerAuditor\template> git init .
C:\Users\1mm0rt41PC\PowerAuditor\template> :: Put here your template (xlsm and docx) with a name like xxxx_v1-EN.xlsm and xxxx_v1-EN.docx (See Example_v1-FR.xlsm and Example_v1-FR.docx)
C:\Users\1mm0rt41PC\PowerAuditor\template> git add .
C:\Users\1mm0rt41PC\PowerAuditor\template> git commit -am "Init"
C:\Users\1mm0rt41PC\PowerAuditor\template> git remote add origin
C:\Users\1mm0rt41PC\PowerAuditor\template> git push -u origin master

C:\Users\1mm0rt41PC\PowerAuditor\template> cd ..\vulndb
C:\Users\1mm0rt41PC\PowerAuditor\vulndb>:: In this folder will be store all vulnerability that will be shared
C:\Users\1mm0rt41PC\PowerAuditor\template> git init .
C:\Users\1mm0rt41PC\PowerAuditor\template> git add .
C:\Users\1mm0rt41PC\PowerAuditor\template> git commit -am "Init"
C:\Users\1mm0rt41PC\PowerAuditor\template> git remote add origin
C:\Users\1mm0rt41PC\PowerAuditor\template> git push -u origin master

Install for end users

# Install all tools
Set-ExecutionPolicy Bypass -Scope Process -Force;
iex ((New-Object System.Net.WebClient).DownloadString(''))
choco install git.install -y
choco install notable -y
New-Alias git "C:\Program Files\Git\bin\git.exe"
git clone $env:USERPROFILE\PowerAuditor

# Install all templates from YOUR GIT REPOSITITORY
git init $env:USERPROFILE\PowerAuditor\template
cd $env:USERPROFILE\PowerAuditor\template
git remote add origin [email protected]:xxxx/myRepo-for-template.git
git pull
git reset --hard origin/master

# Installation de la bdd
git init $env:USERPROFILE\PowerAuditor\vulndb
cd $env:USERPROFILE\PowerAuditor\vulndb
git remote add origin [email protected]:xxxx/myRepo-for-vuln.git
git pull
git reset --hard origin/master

# Finalisation de l'installation
cmd /c $env:USERPROFILE\PowerAuditor\install\setup.bat


  1. Copy the PowerAuditor.xlsm from your desktop to your pentest project.
  2. Create a folder vuln forlder and create a subfolder for each vulnerability
├── PowerAuditor.xlsm
└── vuln
    ├── Citrix vulnerable to IKEExt
    │   ├── proof 1.png
    │   ├── This is a HTTP request.http
    │   └── proof 2.png
    ├── Clear text communication
    │   └── proof.png
    └── XSS
        └── proof.png
  1. Run PowerAuditor.xlsm and enable macro
  2. Select a Report type and a Language
  3. Go in the new sheet (ie: Example_v1-EN)
  4. In the ribbon tab PowerAuditor, click on Fill excel with proof to fill the the excel with all vuln from the folder vuln.
  5. Fill all lines about your vulnerabilities
  6. To export all theses datas to the word document click on Export Excel to Word


Copy PowerAuditor_last.xml into the dev folder. Tehn use the file dev\PowerAuditor_last.xlsm to dev.


This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; see the file COPYING. If not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.


No description, website, or topics provided.







No releases published


No packages published