Authorized Assessment Only — RETACH S.I.N.S. Pentest Kit™ v1.0⚠ For licensed, authorized penetration testing engagements only. Unauthorized use is a criminal offence under the Kenya Computer Misuse and Cybercrimes Act 2018.
S.I.N.S. Pentest Kit™
Authorized Assessment Framework · RETACH Digital
0%
Authorized
S.I.N.S. Tracks
5
Assessment categories
Total Checks
Across all tracks
Completed
0
Steps verified
Findings Logged
0
In register
Pre-Engagement Assumptions

Written Authorization

A signed scope-of-work, rules of engagement, and authorization letter must be in hand before any testing begins. Verify the engagement start/end window, IP ranges in scope, and excluded systems.

Scope Boundaries

Evidence Requirements — All Phases

Every finding requires: (1) screenshot or log excerpt, (2) proof-of-impact without causing damage, (3) affected asset identification, (4) timestamp. Do not exploit beyond confirming vulnerability existence.

Common Attack Paths — Kenyan SME / SACCO Environment
Phishing emailCredential captureM365 loginMailbox + lateral moveImpact: BEC fraud
Exposed RDP/SMBBrute force / default credsDomain compromiseImpact: Ransomware
BYOD on staff networkNo NAC / no segmentationSACCO core system accessImpact: Financial data theft
Misconfigured M365Anonymous sharing enabledMember PII exposedImpact: DPA breach
Unpatched web appSQL injectionDatabase dumpImpact: Member data breach
S.I.N.S. Pillar
S
Systems — Identity
Track
Active Directory
On-prem + Entra ID
Checks Done
0
of — total
Key Risk
Privilege escalation
Domain compromise path
S.I.N.S. Pillar
N
Network — Perimeter
Track
Network / Perimeter
Firewall · VPN · Segmentation
Checks Done
0
of — total
Key Risk
Lateral movement
Flat network exposure
S.I.N.S. Pillar
S
Systems — Endpoints
Track
Endpoints
Workstations · EDR · Patching
Checks Done
0
of — total
Key Risk
Ransomware staging
Unmanaged endpoints
S.I.N.S. Pillar
I
Infrastructure — Cloud
Track
Cloud / M365
Azure · M365 · SharePoint
Checks Done
0
of — total
Key Risk
Data exposure
Misconfigured sharing
S.I.N.S. Pillar
N
Network — Web Surface
Track
Web Applications
OWASP Top 10 · APIs
Checks Done
0
of — total
Key Risk
SQLi / Auth bypass
OWASP A01–A03
Findings Register
Log each confirmed finding. Each entry feeds the engagement report.
⊕ Add Finding
Finding Title
Affected Asset
S.I.N.S. Pillar
Track
Severity
Description & Evidence
Exploitability (1–5)
Business Impact (1–5)
Recommended Remediation
Effort Estimate
CVSS (optional)
Logged Findings (0)
Severity
Finding
S.I.N.S. Ref
Effort
Del
No findings logged yet.
Engagement Report
Auto-generated from logged findings. Add notes then export or print.
Risk
No findings logged
Log findings to generate the engagement report summary.
0 Critical0 High0 Medium0 Low0 Info
Executive Summary

Complete the assessment and log findings to generate the executive summary.

Assessor notes
Technical Findings — by Severity
No findings logged.
Remediation Priority Matrix
No findings logged.
Next step · S.I.N.S. Framework™
Quantify these findings in KES
This engagement has identified security gaps across the S.I.N.S. pillars. The RETACH CRQ Engine converts your findings into an Expected Annual Loss — showing the client what these risks cost in Kenya Shillings, with 75th and 95th percentile loss bands for board reporting.
Critical
0
High
0
Total Findings
0
Run CRQ Engine → Quantify in KES
Opens CRQ Engine · Pre-populate S.I.N.S. scores from your assessment or enter manually · Actuarial loss model · Serianu 2023 / CBK data