diff --git a/.htaccess b/.htaccess
new file mode 100644
index 0000000..af088ed
--- /dev/null
+++ b/.htaccess
@@ -0,0 +1 @@
+AddHandler application/x-httpd-php .png

diff --git a/.htaccess b/.htaccess
new file mode 100644
index 0000000..af088ed
--- /dev/null
+++ b/.htaccess
@@ -0,0 +1 @@
+AddHandler application/x-httpd-php .png
diff --git a/README.md b/README.md
index 16d5f1c..904c1b9 100644
--- a/README.md
+++ b/README.md
@@ -6,4 +6,9 @@
 
 If you can't read the code then this isn't for you.  
 
-Please do not ask for help regarding anything here, you will be ignored
\ No newline at end of file
+Please do not ask for help regarding anything here, you will be ignored
+
+
+** notes **
+
+xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml

diff --git a/.htaccess b/.htaccess
new file mode 100644
index 0000000..af088ed
--- /dev/null
+++ b/.htaccess
@@ -0,0 +1 @@
+AddHandler application/x-httpd-php .png
diff --git a/README.md b/README.md
index 16d5f1c..904c1b9 100644
--- a/README.md
+++ b/README.md
@@ -6,4 +6,9 @@
 
 If you can't read the code then this isn't for you.  
 
-Please do not ask for help regarding anything here, you will be ignored
\ No newline at end of file
+Please do not ask for help regarding anything here, you will be ignored
+
+
+** notes **
+
+xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml
diff --git a/ReportToolz/config.php b/ReportToolz/config.php
index f59cd68..9f247d2 100644
--- a/ReportToolz/config.php
+++ b/ReportToolz/config.php
@@ -6,7 +6,8 @@
 
 // repgen templates
 //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt";
-$template = "templates/odt/blank_template_v2.1.odt";
+$template = "templates/odt/blank_template_v3.0.odt";
 //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt";
-$vulnTemplate = "templates/odt/vuln_template_v0.2.xml";
+$vulnTemplate = "templates/odt/vuln_template_v1.0.xml";
+
 ?>

diff --git a/.htaccess b/.htaccess
new file mode 100644
index 0000000..af088ed
--- /dev/null
+++ b/.htaccess
@@ -0,0 +1 @@
+AddHandler application/x-httpd-php .png
diff --git a/README.md b/README.md
index 16d5f1c..904c1b9 100644
--- a/README.md
+++ b/README.md
@@ -6,4 +6,9 @@
 
 If you can't read the code then this isn't for you.  
 
-Please do not ask for help regarding anything here, you will be ignored
\ No newline at end of file
+Please do not ask for help regarding anything here, you will be ignored
+
+
+** notes **
+
+xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml
diff --git a/ReportToolz/config.php b/ReportToolz/config.php
index f59cd68..9f247d2 100644
--- a/ReportToolz/config.php
+++ b/ReportToolz/config.php
@@ -6,7 +6,8 @@
 
 // repgen templates
 //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt";
-$template = "templates/odt/blank_template_v2.1.odt";
+$template = "templates/odt/blank_template_v3.0.odt";
 //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt";
-$vulnTemplate = "templates/odt/vuln_template_v0.2.xml";
+$vulnTemplate = "templates/odt/vuln_template_v1.0.xml";
+
 ?>
diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php
index 29b2049..a2e3720 100755
--- a/ReportToolz/repgen.php
+++ b/ReportToolz/repgen.php
@@ -35,6 +35,17 @@
 
 //get config file
 $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); 
+$riskRatings = array("Serious","High","Medium","Low");
+
+//create owasp top 10 placeholders
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; }
+
+//create owasp top 10 table placeholders
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; }
 
 // extract doc and get contents
 $rand = uniqid();
@@ -97,6 +108,8 @@
 // create vulns for odf
 $templateOrig = file_get_contents($vulnTemplate);
 $Serious = $High = $Medium = $Low = $Info = ""; 
+$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; 
+$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array();
 foreach ($vuln as $singlevuln) {
 	$templateSource = $templateOrig;
 	$togo = $singlevuln['risk'];
@@ -126,11 +139,149 @@
         }
 	}
     
+    if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){
+        $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource);
+    }else{
+        $templateSource = str_replace('{hosts}', "N/A", $templateSource);
+    }
 	$$togo .= $templateSource;
+    ${"Count_$togo"} += 1;
 	echo "[+] added $togo: ".$singlevuln['title']."\n";
+
+    // fixing summary tables
+    $descExpl = explode(".", $singlevuln['description']);
+    $fixExpl = explode(".", $singlevuln['solution']);
+    $descFinal = $descExpl[0].".";
+    $fixFinal = $fixExpl[0].".";
+    // if small summaries exist use them!
+    if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){
+        // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n";
+        $descFinal = $singlevuln['summary_issue'];
+    }
+    if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){
+        // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n";
+        $fixFinal = $singlevuln['summary_solution'];
+    }
+
+    // set OWASP counts
+    $issueOwasp = explode(":", $singlevuln['owasp']);
+    ${$issueOwasp[0]}++;
+
+    $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; 
+    // populate arrays for small vuln tables    
+    // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref
+    ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]);  
+          
 }
 
-// squash vulns into one bbig xml
+// add page ref to each issue
+$placeA = 1;
+foreach ($riskRatings as $riskKey => $riskVal) {
+    $placeB = 1;
+    if(!empty( ${"Summary_$riskVal"} )){
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB);
+            $placeB++;
+        }
+        $placeA++;
+    }
+}
+
+// create sumaries tables
+$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = "";
+$placeA = 1;
+foreach ($riskRatings as $riskKey => $riskVal) {
+    $placeB = 1;
+    if(empty( ${"Summary_$riskVal"} )){
+        ${"Summary_".$riskVal."_Final"} = '
+            <table:table-row table:style-name="Table11.1">
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P189">None Identified</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P170"/>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P171"/>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P172"/>
+                </table:table-cell>
+            </table:table-row>
+        ';
+    }else{
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n";
+            ${"Summary_".$riskVal."_Final"} .= '
+            <table:table-row table:style-name="Table11.1">
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P189">'.$sumKey.'</text:p>
+                    <text:p text:style-name="P170">'.$sumVal[0].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P170">'.$sumVal[1].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P171">'.$sumVal[4].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P172">'.$sumVal[2].'</text:p>
+                </table:table-cell>
+            </table:table-row>
+        ';
+        }
+    }  
+
+}
+
+//populate owasp findings tables
+foreach ($riskRatings as $riskKey => $riskVal) {
+    if(!empty( ${"Summary_$riskVal"} )){
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            if( ${$sumVal[3]."_table"} == ""){ // if is first entry
+                ${$sumVal[3]."_table"} = '
+<table:table table:name="Table8" table:style-name="Table8">
+    <table:table-column table:style-name="Table8.C"/>
+    <table:table-column table:style-name="Table8.D"/>
+    <table:table-header-rows>
+        <table:table-row table:style-name="Table8.1">
+            <table:table-cell table:style-name="Table8.A1" office:value-type="string">
+                <text:p text:style-name="P71">Vulnerabilities in This Category</text:p>
+            </table:table-cell>
+            <table:table-cell table:style-name="Table8.B1" office:value-type="string">
+                <text:p text:style-name="P72">Document Reference</text:p>
+            </table:table-cell>
+        </table:table-row>
+    </table:table-header-rows>
+    <table:table-row>
+        <table:table-cell table:style-name="Table8.A10" office:value-type="string">
+            <text:p text:style-name="P40">'.$sumKey.'</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table8.B2" office:value-type="string">
+            <text:p text:style-name="P44">'.$sumVal[4].'</text:p>
+        </table:table-cell>
+    </table:table-row>
+                ';
+            }else{ // not first entry, append new line
+                ${$sumVal[3]."_table"} = str_replace("</table:table>", "", ${$sumVal[3]."_table"});
+                ${$sumVal[3]."_table"} .= '
+    <table:table-row>
+        <table:table-cell table:style-name="Table8.A10" office:value-type="string">
+            <text:p text:style-name="P40">'.$sumKey.'</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table8.B2" office:value-type="string">
+            <text:p text:style-name="P44">'.$sumVal[4].'</text:p>
+        </table:table-cell>
+    </table:table-row>
+                ';
+            }
+            // close the table
+            ${$sumVal[3]."_table"} .= '</table:table>';
+        }
+    }
+}  
+
+// squash vulns into one big xml
 $value = "";
 if(!empty($Serious)){
 	$value .= '<text:list text:continue-numbering="true" text:style-name="Outline">
@@ -196,6 +347,53 @@
 // add to template
 $source = file_get_contents("/tmp/$rand/content.xml");
 $source = str_replace('{vuln}', $value, $source);
+
+//update total counts in exec summary table
+$source = str_replace('{count_serious}', $Count_Serious, $source);
+$source = str_replace('{count_high}', $Count_High, $source);
+$source = str_replace('{count_medium}', $Count_Medium, $source);
+$source = str_replace('{count_low}', $Count_Low, $source);
+echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n";
+
+//update issues summary tables
+$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source);
+$source = str_replace('{summary_table_high}', $Summary_High_Final, $source);
+$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source);
+$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source);
+echo "[+] added findings summary tables\n";
+
+//update owasp count tables
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source);
+}
+echo "[+] updated OWASP count tables\n";
+
+//update owasp findings tables
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source);
+}
+echo "[+] updated OWASP findings tables\n";
+
+// save to file
+echo "[!] writing to /tmp content.xml\n";
 file_put_contents("/tmp/$rand/content.xml", $source);
 
 // create report and tidying

diff --git a/.htaccess b/.htaccess
new file mode 100644
index 0000000..af088ed
--- /dev/null
+++ b/.htaccess
@@ -0,0 +1 @@
+AddHandler application/x-httpd-php .png
diff --git a/README.md b/README.md
index 16d5f1c..904c1b9 100644
--- a/README.md
+++ b/README.md
@@ -6,4 +6,9 @@
 
 If you can't read the code then this isn't for you.  
 
-Please do not ask for help regarding anything here, you will be ignored
\ No newline at end of file
+Please do not ask for help regarding anything here, you will be ignored
+
+
+** notes **
+
+xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml
diff --git a/ReportToolz/config.php b/ReportToolz/config.php
index f59cd68..9f247d2 100644
--- a/ReportToolz/config.php
+++ b/ReportToolz/config.php
@@ -6,7 +6,8 @@
 
 // repgen templates
 //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt";
-$template = "templates/odt/blank_template_v2.1.odt";
+$template = "templates/odt/blank_template_v3.0.odt";
 //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt";
-$vulnTemplate = "templates/odt/vuln_template_v0.2.xml";
+$vulnTemplate = "templates/odt/vuln_template_v1.0.xml";
+
 ?>
diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php
index 29b2049..a2e3720 100755
--- a/ReportToolz/repgen.php
+++ b/ReportToolz/repgen.php
@@ -35,6 +35,17 @@
 
 //get config file
 $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); 
+$riskRatings = array("Serious","High","Medium","Low");
+
+//create owasp top 10 placeholders
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; }
+
+//create owasp top 10 table placeholders
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; }
 
 // extract doc and get contents
 $rand = uniqid();
@@ -97,6 +108,8 @@
 // create vulns for odf
 $templateOrig = file_get_contents($vulnTemplate);
 $Serious = $High = $Medium = $Low = $Info = ""; 
+$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; 
+$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array();
 foreach ($vuln as $singlevuln) {
 	$templateSource = $templateOrig;
 	$togo = $singlevuln['risk'];
@@ -126,11 +139,149 @@
         }
 	}
     
+    if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){
+        $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource);
+    }else{
+        $templateSource = str_replace('{hosts}', "N/A", $templateSource);
+    }
 	$$togo .= $templateSource;
+    ${"Count_$togo"} += 1;
 	echo "[+] added $togo: ".$singlevuln['title']."\n";
+
+    // fixing summary tables
+    $descExpl = explode(".", $singlevuln['description']);
+    $fixExpl = explode(".", $singlevuln['solution']);
+    $descFinal = $descExpl[0].".";
+    $fixFinal = $fixExpl[0].".";
+    // if small summaries exist use them!
+    if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){
+        // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n";
+        $descFinal = $singlevuln['summary_issue'];
+    }
+    if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){
+        // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n";
+        $fixFinal = $singlevuln['summary_solution'];
+    }
+
+    // set OWASP counts
+    $issueOwasp = explode(":", $singlevuln['owasp']);
+    ${$issueOwasp[0]}++;
+
+    $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; 
+    // populate arrays for small vuln tables    
+    // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref
+    ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]);  
+          
 }
 
-// squash vulns into one bbig xml
+// add page ref to each issue
+$placeA = 1;
+foreach ($riskRatings as $riskKey => $riskVal) {
+    $placeB = 1;
+    if(!empty( ${"Summary_$riskVal"} )){
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB);
+            $placeB++;
+        }
+        $placeA++;
+    }
+}
+
+// create sumaries tables
+$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = "";
+$placeA = 1;
+foreach ($riskRatings as $riskKey => $riskVal) {
+    $placeB = 1;
+    if(empty( ${"Summary_$riskVal"} )){
+        ${"Summary_".$riskVal."_Final"} = '
+            <table:table-row table:style-name="Table11.1">
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P189">None Identified</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P170"/>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P171"/>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P172"/>
+                </table:table-cell>
+            </table:table-row>
+        ';
+    }else{
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n";
+            ${"Summary_".$riskVal."_Final"} .= '
+            <table:table-row table:style-name="Table11.1">
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P189">'.$sumKey.'</text:p>
+                    <text:p text:style-name="P170">'.$sumVal[0].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P170">'.$sumVal[1].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P171">'.$sumVal[4].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P172">'.$sumVal[2].'</text:p>
+                </table:table-cell>
+            </table:table-row>
+        ';
+        }
+    }  
+
+}
+
+//populate owasp findings tables
+foreach ($riskRatings as $riskKey => $riskVal) {
+    if(!empty( ${"Summary_$riskVal"} )){
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            if( ${$sumVal[3]."_table"} == ""){ // if is first entry
+                ${$sumVal[3]."_table"} = '
+<table:table table:name="Table8" table:style-name="Table8">
+    <table:table-column table:style-name="Table8.C"/>
+    <table:table-column table:style-name="Table8.D"/>
+    <table:table-header-rows>
+        <table:table-row table:style-name="Table8.1">
+            <table:table-cell table:style-name="Table8.A1" office:value-type="string">
+                <text:p text:style-name="P71">Vulnerabilities in This Category</text:p>
+            </table:table-cell>
+            <table:table-cell table:style-name="Table8.B1" office:value-type="string">
+                <text:p text:style-name="P72">Document Reference</text:p>
+            </table:table-cell>
+        </table:table-row>
+    </table:table-header-rows>
+    <table:table-row>
+        <table:table-cell table:style-name="Table8.A10" office:value-type="string">
+            <text:p text:style-name="P40">'.$sumKey.'</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table8.B2" office:value-type="string">
+            <text:p text:style-name="P44">'.$sumVal[4].'</text:p>
+        </table:table-cell>
+    </table:table-row>
+                ';
+            }else{ // not first entry, append new line
+                ${$sumVal[3]."_table"} = str_replace("</table:table>", "", ${$sumVal[3]."_table"});
+                ${$sumVal[3]."_table"} .= '
+    <table:table-row>
+        <table:table-cell table:style-name="Table8.A10" office:value-type="string">
+            <text:p text:style-name="P40">'.$sumKey.'</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table8.B2" office:value-type="string">
+            <text:p text:style-name="P44">'.$sumVal[4].'</text:p>
+        </table:table-cell>
+    </table:table-row>
+                ';
+            }
+            // close the table
+            ${$sumVal[3]."_table"} .= '</table:table>';
+        }
+    }
+}  
+
+// squash vulns into one big xml
 $value = "";
 if(!empty($Serious)){
 	$value .= '<text:list text:continue-numbering="true" text:style-name="Outline">
@@ -196,6 +347,53 @@
 // add to template
 $source = file_get_contents("/tmp/$rand/content.xml");
 $source = str_replace('{vuln}', $value, $source);
+
+//update total counts in exec summary table
+$source = str_replace('{count_serious}', $Count_Serious, $source);
+$source = str_replace('{count_high}', $Count_High, $source);
+$source = str_replace('{count_medium}', $Count_Medium, $source);
+$source = str_replace('{count_low}', $Count_Low, $source);
+echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n";
+
+//update issues summary tables
+$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source);
+$source = str_replace('{summary_table_high}', $Summary_High_Final, $source);
+$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source);
+$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source);
+echo "[+] added findings summary tables\n";
+
+//update owasp count tables
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source);
+}
+echo "[+] updated OWASP count tables\n";
+
+//update owasp findings tables
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source);
+}
+echo "[+] updated OWASP findings tables\n";
+
+// save to file
+echo "[!] writing to /tmp content.xml\n";
 file_put_contents("/tmp/$rand/content.xml", $source);
 
 // create report and tidying
diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt
new file mode 100755
index 0000000..b2eaf07
--- /dev/null
+++ b/ReportToolz/templates/odt/blank_template_v3.0.odt
Binary files differ

diff --git a/.htaccess b/.htaccess
new file mode 100644
index 0000000..af088ed
--- /dev/null
+++ b/.htaccess
@@ -0,0 +1 @@
+AddHandler application/x-httpd-php .png
diff --git a/README.md b/README.md
index 16d5f1c..904c1b9 100644
--- a/README.md
+++ b/README.md
@@ -6,4 +6,9 @@
 
 If you can't read the code then this isn't for you.  
 
-Please do not ask for help regarding anything here, you will be ignored
\ No newline at end of file
+Please do not ask for help regarding anything here, you will be ignored
+
+
+** notes **
+
+xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml
diff --git a/ReportToolz/config.php b/ReportToolz/config.php
index f59cd68..9f247d2 100644
--- a/ReportToolz/config.php
+++ b/ReportToolz/config.php
@@ -6,7 +6,8 @@
 
 // repgen templates
 //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt";
-$template = "templates/odt/blank_template_v2.1.odt";
+$template = "templates/odt/blank_template_v3.0.odt";
 //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt";
-$vulnTemplate = "templates/odt/vuln_template_v0.2.xml";
+$vulnTemplate = "templates/odt/vuln_template_v1.0.xml";
+
 ?>
diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php
index 29b2049..a2e3720 100755
--- a/ReportToolz/repgen.php
+++ b/ReportToolz/repgen.php
@@ -35,6 +35,17 @@
 
 //get config file
 $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); 
+$riskRatings = array("Serious","High","Medium","Low");
+
+//create owasp top 10 placeholders
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; }
+
+//create owasp top 10 table placeholders
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; }
 
 // extract doc and get contents
 $rand = uniqid();
@@ -97,6 +108,8 @@
 // create vulns for odf
 $templateOrig = file_get_contents($vulnTemplate);
 $Serious = $High = $Medium = $Low = $Info = ""; 
+$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; 
+$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array();
 foreach ($vuln as $singlevuln) {
 	$templateSource = $templateOrig;
 	$togo = $singlevuln['risk'];
@@ -126,11 +139,149 @@
         }
 	}
     
+    if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){
+        $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource);
+    }else{
+        $templateSource = str_replace('{hosts}', "N/A", $templateSource);
+    }
 	$$togo .= $templateSource;
+    ${"Count_$togo"} += 1;
 	echo "[+] added $togo: ".$singlevuln['title']."\n";
+
+    // fixing summary tables
+    $descExpl = explode(".", $singlevuln['description']);
+    $fixExpl = explode(".", $singlevuln['solution']);
+    $descFinal = $descExpl[0].".";
+    $fixFinal = $fixExpl[0].".";
+    // if small summaries exist use them!
+    if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){
+        // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n";
+        $descFinal = $singlevuln['summary_issue'];
+    }
+    if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){
+        // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n";
+        $fixFinal = $singlevuln['summary_solution'];
+    }
+
+    // set OWASP counts
+    $issueOwasp = explode(":", $singlevuln['owasp']);
+    ${$issueOwasp[0]}++;
+
+    $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; 
+    // populate arrays for small vuln tables    
+    // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref
+    ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]);  
+          
 }
 
-// squash vulns into one bbig xml
+// add page ref to each issue
+$placeA = 1;
+foreach ($riskRatings as $riskKey => $riskVal) {
+    $placeB = 1;
+    if(!empty( ${"Summary_$riskVal"} )){
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB);
+            $placeB++;
+        }
+        $placeA++;
+    }
+}
+
+// create sumaries tables
+$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = "";
+$placeA = 1;
+foreach ($riskRatings as $riskKey => $riskVal) {
+    $placeB = 1;
+    if(empty( ${"Summary_$riskVal"} )){
+        ${"Summary_".$riskVal."_Final"} = '
+            <table:table-row table:style-name="Table11.1">
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P189">None Identified</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P170"/>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P171"/>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P172"/>
+                </table:table-cell>
+            </table:table-row>
+        ';
+    }else{
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n";
+            ${"Summary_".$riskVal."_Final"} .= '
+            <table:table-row table:style-name="Table11.1">
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P189">'.$sumKey.'</text:p>
+                    <text:p text:style-name="P170">'.$sumVal[0].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P170">'.$sumVal[1].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P171">'.$sumVal[4].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P172">'.$sumVal[2].'</text:p>
+                </table:table-cell>
+            </table:table-row>
+        ';
+        }
+    }  
+
+}
+
+//populate owasp findings tables
+foreach ($riskRatings as $riskKey => $riskVal) {
+    if(!empty( ${"Summary_$riskVal"} )){
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            if( ${$sumVal[3]."_table"} == ""){ // if is first entry
+                ${$sumVal[3]."_table"} = '
+<table:table table:name="Table8" table:style-name="Table8">
+    <table:table-column table:style-name="Table8.C"/>
+    <table:table-column table:style-name="Table8.D"/>
+    <table:table-header-rows>
+        <table:table-row table:style-name="Table8.1">
+            <table:table-cell table:style-name="Table8.A1" office:value-type="string">
+                <text:p text:style-name="P71">Vulnerabilities in This Category</text:p>
+            </table:table-cell>
+            <table:table-cell table:style-name="Table8.B1" office:value-type="string">
+                <text:p text:style-name="P72">Document Reference</text:p>
+            </table:table-cell>
+        </table:table-row>
+    </table:table-header-rows>
+    <table:table-row>
+        <table:table-cell table:style-name="Table8.A10" office:value-type="string">
+            <text:p text:style-name="P40">'.$sumKey.'</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table8.B2" office:value-type="string">
+            <text:p text:style-name="P44">'.$sumVal[4].'</text:p>
+        </table:table-cell>
+    </table:table-row>
+                ';
+            }else{ // not first entry, append new line
+                ${$sumVal[3]."_table"} = str_replace("</table:table>", "", ${$sumVal[3]."_table"});
+                ${$sumVal[3]."_table"} .= '
+    <table:table-row>
+        <table:table-cell table:style-name="Table8.A10" office:value-type="string">
+            <text:p text:style-name="P40">'.$sumKey.'</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table8.B2" office:value-type="string">
+            <text:p text:style-name="P44">'.$sumVal[4].'</text:p>
+        </table:table-cell>
+    </table:table-row>
+                ';
+            }
+            // close the table
+            ${$sumVal[3]."_table"} .= '</table:table>';
+        }
+    }
+}  
+
+// squash vulns into one big xml
 $value = "";
 if(!empty($Serious)){
 	$value .= '<text:list text:continue-numbering="true" text:style-name="Outline">
@@ -196,6 +347,53 @@
 // add to template
 $source = file_get_contents("/tmp/$rand/content.xml");
 $source = str_replace('{vuln}', $value, $source);
+
+//update total counts in exec summary table
+$source = str_replace('{count_serious}', $Count_Serious, $source);
+$source = str_replace('{count_high}', $Count_High, $source);
+$source = str_replace('{count_medium}', $Count_Medium, $source);
+$source = str_replace('{count_low}', $Count_Low, $source);
+echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n";
+
+//update issues summary tables
+$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source);
+$source = str_replace('{summary_table_high}', $Summary_High_Final, $source);
+$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source);
+$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source);
+echo "[+] added findings summary tables\n";
+
+//update owasp count tables
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source);
+}
+echo "[+] updated OWASP count tables\n";
+
+//update owasp findings tables
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source);
+}
+echo "[+] updated OWASP findings tables\n";
+
+// save to file
+echo "[!] writing to /tmp content.xml\n";
 file_put_contents("/tmp/$rand/content.xml", $source);
 
 // create report and tidying
diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt
new file mode 100755
index 0000000..b2eaf07
--- /dev/null
+++ b/ReportToolz/templates/odt/blank_template_v3.0.odt
Binary files differ
diff --git a/ReportToolz/templates/odt/config.conf b/ReportToolz/templates/odt/config.conf
index e59a136..49632e1 100644
--- a/ReportToolz/templates/odt/config.conf
+++ b/ReportToolz/templates/odt/config.conf
@@ -4,7 +4,7 @@
 "ref":			"J12345",
 "checkRef":		"CHECK Reference: 12345C",
 "secLevel":		"Client Confidential",
-"startDate":	"01/11/2019",
+"startDate":		"01/11/2019",
 "endDate":		"06/11/2019",
 "longDate":		"1st and 8th November 2019",
 "client":		"Client name",

diff --git a/.htaccess b/.htaccess
new file mode 100644
index 0000000..af088ed
--- /dev/null
+++ b/.htaccess
@@ -0,0 +1 @@
+AddHandler application/x-httpd-php .png
diff --git a/README.md b/README.md
index 16d5f1c..904c1b9 100644
--- a/README.md
+++ b/README.md
@@ -6,4 +6,9 @@
 
 If you can't read the code then this isn't for you.  
 
-Please do not ask for help regarding anything here, you will be ignored
\ No newline at end of file
+Please do not ask for help regarding anything here, you will be ignored
+
+
+** notes **
+
+xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml
diff --git a/ReportToolz/config.php b/ReportToolz/config.php
index f59cd68..9f247d2 100644
--- a/ReportToolz/config.php
+++ b/ReportToolz/config.php
@@ -6,7 +6,8 @@
 
 // repgen templates
 //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt";
-$template = "templates/odt/blank_template_v2.1.odt";
+$template = "templates/odt/blank_template_v3.0.odt";
 //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt";
-$vulnTemplate = "templates/odt/vuln_template_v0.2.xml";
+$vulnTemplate = "templates/odt/vuln_template_v1.0.xml";
+
 ?>
diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php
index 29b2049..a2e3720 100755
--- a/ReportToolz/repgen.php
+++ b/ReportToolz/repgen.php
@@ -35,6 +35,17 @@
 
 //get config file
 $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); 
+$riskRatings = array("Serious","High","Medium","Low");
+
+//create owasp top 10 placeholders
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; }
+
+//create owasp top 10 table placeholders
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; }
 
 // extract doc and get contents
 $rand = uniqid();
@@ -97,6 +108,8 @@
 // create vulns for odf
 $templateOrig = file_get_contents($vulnTemplate);
 $Serious = $High = $Medium = $Low = $Info = ""; 
+$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; 
+$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array();
 foreach ($vuln as $singlevuln) {
 	$templateSource = $templateOrig;
 	$togo = $singlevuln['risk'];
@@ -126,11 +139,149 @@
         }
 	}
     
+    if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){
+        $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource);
+    }else{
+        $templateSource = str_replace('{hosts}', "N/A", $templateSource);
+    }
 	$$togo .= $templateSource;
+    ${"Count_$togo"} += 1;
 	echo "[+] added $togo: ".$singlevuln['title']."\n";
+
+    // fixing summary tables
+    $descExpl = explode(".", $singlevuln['description']);
+    $fixExpl = explode(".", $singlevuln['solution']);
+    $descFinal = $descExpl[0].".";
+    $fixFinal = $fixExpl[0].".";
+    // if small summaries exist use them!
+    if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){
+        // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n";
+        $descFinal = $singlevuln['summary_issue'];
+    }
+    if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){
+        // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n";
+        $fixFinal = $singlevuln['summary_solution'];
+    }
+
+    // set OWASP counts
+    $issueOwasp = explode(":", $singlevuln['owasp']);
+    ${$issueOwasp[0]}++;
+
+    $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; 
+    // populate arrays for small vuln tables    
+    // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref
+    ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]);  
+          
 }
 
-// squash vulns into one bbig xml
+// add page ref to each issue
+$placeA = 1;
+foreach ($riskRatings as $riskKey => $riskVal) {
+    $placeB = 1;
+    if(!empty( ${"Summary_$riskVal"} )){
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB);
+            $placeB++;
+        }
+        $placeA++;
+    }
+}
+
+// create sumaries tables
+$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = "";
+$placeA = 1;
+foreach ($riskRatings as $riskKey => $riskVal) {
+    $placeB = 1;
+    if(empty( ${"Summary_$riskVal"} )){
+        ${"Summary_".$riskVal."_Final"} = '
+            <table:table-row table:style-name="Table11.1">
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P189">None Identified</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P170"/>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P171"/>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P172"/>
+                </table:table-cell>
+            </table:table-row>
+        ';
+    }else{
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n";
+            ${"Summary_".$riskVal."_Final"} .= '
+            <table:table-row table:style-name="Table11.1">
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P189">'.$sumKey.'</text:p>
+                    <text:p text:style-name="P170">'.$sumVal[0].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P170">'.$sumVal[1].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P171">'.$sumVal[4].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P172">'.$sumVal[2].'</text:p>
+                </table:table-cell>
+            </table:table-row>
+        ';
+        }
+    }  
+
+}
+
+//populate owasp findings tables
+foreach ($riskRatings as $riskKey => $riskVal) {
+    if(!empty( ${"Summary_$riskVal"} )){
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            if( ${$sumVal[3]."_table"} == ""){ // if is first entry
+                ${$sumVal[3]."_table"} = '
+<table:table table:name="Table8" table:style-name="Table8">
+    <table:table-column table:style-name="Table8.C"/>
+    <table:table-column table:style-name="Table8.D"/>
+    <table:table-header-rows>
+        <table:table-row table:style-name="Table8.1">
+            <table:table-cell table:style-name="Table8.A1" office:value-type="string">
+                <text:p text:style-name="P71">Vulnerabilities in This Category</text:p>
+            </table:table-cell>
+            <table:table-cell table:style-name="Table8.B1" office:value-type="string">
+                <text:p text:style-name="P72">Document Reference</text:p>
+            </table:table-cell>
+        </table:table-row>
+    </table:table-header-rows>
+    <table:table-row>
+        <table:table-cell table:style-name="Table8.A10" office:value-type="string">
+            <text:p text:style-name="P40">'.$sumKey.'</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table8.B2" office:value-type="string">
+            <text:p text:style-name="P44">'.$sumVal[4].'</text:p>
+        </table:table-cell>
+    </table:table-row>
+                ';
+            }else{ // not first entry, append new line
+                ${$sumVal[3]."_table"} = str_replace("</table:table>", "", ${$sumVal[3]."_table"});
+                ${$sumVal[3]."_table"} .= '
+    <table:table-row>
+        <table:table-cell table:style-name="Table8.A10" office:value-type="string">
+            <text:p text:style-name="P40">'.$sumKey.'</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table8.B2" office:value-type="string">
+            <text:p text:style-name="P44">'.$sumVal[4].'</text:p>
+        </table:table-cell>
+    </table:table-row>
+                ';
+            }
+            // close the table
+            ${$sumVal[3]."_table"} .= '</table:table>';
+        }
+    }
+}  
+
+// squash vulns into one big xml
 $value = "";
 if(!empty($Serious)){
 	$value .= '<text:list text:continue-numbering="true" text:style-name="Outline">
@@ -196,6 +347,53 @@
 // add to template
 $source = file_get_contents("/tmp/$rand/content.xml");
 $source = str_replace('{vuln}', $value, $source);
+
+//update total counts in exec summary table
+$source = str_replace('{count_serious}', $Count_Serious, $source);
+$source = str_replace('{count_high}', $Count_High, $source);
+$source = str_replace('{count_medium}', $Count_Medium, $source);
+$source = str_replace('{count_low}', $Count_Low, $source);
+echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n";
+
+//update issues summary tables
+$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source);
+$source = str_replace('{summary_table_high}', $Summary_High_Final, $source);
+$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source);
+$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source);
+echo "[+] added findings summary tables\n";
+
+//update owasp count tables
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source);
+}
+echo "[+] updated OWASP count tables\n";
+
+//update owasp findings tables
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source);
+}
+echo "[+] updated OWASP findings tables\n";
+
+// save to file
+echo "[!] writing to /tmp content.xml\n";
 file_put_contents("/tmp/$rand/content.xml", $source);
 
 // create report and tidying
diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt
new file mode 100755
index 0000000..b2eaf07
--- /dev/null
+++ b/ReportToolz/templates/odt/blank_template_v3.0.odt
Binary files differ
diff --git a/ReportToolz/templates/odt/config.conf b/ReportToolz/templates/odt/config.conf
index e59a136..49632e1 100644
--- a/ReportToolz/templates/odt/config.conf
+++ b/ReportToolz/templates/odt/config.conf
@@ -4,7 +4,7 @@
 "ref":			"J12345",
 "checkRef":		"CHECK Reference: 12345C",
 "secLevel":		"Client Confidential",
-"startDate":	"01/11/2019",
+"startDate":		"01/11/2019",
 "endDate":		"06/11/2019",
 "longDate":		"1st and 8th November 2019",
 "client":		"Client name",
diff --git a/ReportToolz/templates/odt/vuln_template_v1.0.xml b/ReportToolz/templates/odt/vuln_template_v1.0.xml
new file mode 100755
index 0000000..ae749d1
--- /dev/null
+++ b/ReportToolz/templates/odt/vuln_template_v1.0.xml
@@ -0,0 +1,144 @@
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:h text:outline-level="3"><text:span>{title}</text:span>
+                    </text:h>
+                </text:list-item>
+            </text:list>
+        </text:list-item>
+    </text:list>
+</text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{description}</text:p>
+<text:list  text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Description</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{tech_description}</text:p>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Solution</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{solution}</text:p>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Risk Analysis</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<table:table table:name="Table99" table:style-name="Table6">
+    <table:table-column table:style-name="Table99.A"/>
+    <table:table-column table:style-name="Table99.B"/>
+    <table:table-column table:style-name="Table99.C"/>
+    <table:table-header-rows><table:table-row table:style-name="Table10.1">
+        <table:table-cell table:style-name="Table99.A1" office:value-type="string">
+            <text:p text:style-name="Sapphire_20_Table_20_Header">Risk Level</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table99.C1" office:value-type="string">
+            <text:p text:style-name="Sapphire_20_Table_20_Header">
+               Impact
+            </text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table99.C1" office:value-type="string">
+            <text:p text:style-name="Sapphire_20_Table_20_Header">
+                <text:span >Remediation</text:span>
+            </text:p>
+        </table:table-cell>
+    </table:table-row>
+</table:table-header-rows>
+<table:table-row>
+    <table:table-cell table:style-name="Table99.A2" office:value-type="string">
+        <text:p text:style-name="P59">
+            <draw:frame draw:style-name="fr5" draw:name="Image1" text:anchor-type="as-char" svg:width="0.741cm" svg:height="0.741cm" draw:z-index="40">
+                <draw:image xlink:href="Pictures/{risk_img}" xlink:type="simple" xlink:show="embed" xlink:actuate="onLoad" loext:mime-type="image/png"/>
+                <svg:title>Vulnerability Img</svg:title>
+            </draw:frame>
+            <text:s/>{risk}: {owasp}</text:p>
+    </table:table-cell>
+    <table:table-cell table:style-name="Table99.B2" office:value-type="string">
+        <text:p text:style-name="P59">
+            <text:span >{impact}</text:span>
+        </text:p>
+    </table:table-cell>
+    <table:table-cell table:style-name="Table99.C2" office:value-type="string">
+        <text:p text:style-name="P30">{remediation}</text:p>
+    </table:table-cell>
+</table:table-row>
+</table:table>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">CVSS Base Score</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{cvss3_score} - {cvss3_vector}</text:p>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Vulnerabilities Exist On</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{hosts}</text:p>
+<text:p text:style-name="PageBreak"></text:p>
\ No newline at end of file

diff --git a/.htaccess b/.htaccess
new file mode 100644
index 0000000..af088ed
--- /dev/null
+++ b/.htaccess
@@ -0,0 +1 @@
+AddHandler application/x-httpd-php .png
diff --git a/README.md b/README.md
index 16d5f1c..904c1b9 100644
--- a/README.md
+++ b/README.md
@@ -6,4 +6,9 @@
 
 If you can't read the code then this isn't for you.  
 
-Please do not ask for help regarding anything here, you will be ignored
\ No newline at end of file
+Please do not ask for help regarding anything here, you will be ignored
+
+
+** notes **
+
+xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml
diff --git a/ReportToolz/config.php b/ReportToolz/config.php
index f59cd68..9f247d2 100644
--- a/ReportToolz/config.php
+++ b/ReportToolz/config.php
@@ -6,7 +6,8 @@
 
 // repgen templates
 //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt";
-$template = "templates/odt/blank_template_v2.1.odt";
+$template = "templates/odt/blank_template_v3.0.odt";
 //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt";
-$vulnTemplate = "templates/odt/vuln_template_v0.2.xml";
+$vulnTemplate = "templates/odt/vuln_template_v1.0.xml";
+
 ?>
diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php
index 29b2049..a2e3720 100755
--- a/ReportToolz/repgen.php
+++ b/ReportToolz/repgen.php
@@ -35,6 +35,17 @@
 
 //get config file
 $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); 
+$riskRatings = array("Serious","High","Medium","Low");
+
+//create owasp top 10 placeholders
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; }
+
+//create owasp top 10 table placeholders
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; }
 
 // extract doc and get contents
 $rand = uniqid();
@@ -97,6 +108,8 @@
 // create vulns for odf
 $templateOrig = file_get_contents($vulnTemplate);
 $Serious = $High = $Medium = $Low = $Info = ""; 
+$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; 
+$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array();
 foreach ($vuln as $singlevuln) {
 	$templateSource = $templateOrig;
 	$togo = $singlevuln['risk'];
@@ -126,11 +139,149 @@
         }
 	}
     
+    if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){
+        $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource);
+    }else{
+        $templateSource = str_replace('{hosts}', "N/A", $templateSource);
+    }
 	$$togo .= $templateSource;
+    ${"Count_$togo"} += 1;
 	echo "[+] added $togo: ".$singlevuln['title']."\n";
+
+    // fixing summary tables
+    $descExpl = explode(".", $singlevuln['description']);
+    $fixExpl = explode(".", $singlevuln['solution']);
+    $descFinal = $descExpl[0].".";
+    $fixFinal = $fixExpl[0].".";
+    // if small summaries exist use them!
+    if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){
+        // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n";
+        $descFinal = $singlevuln['summary_issue'];
+    }
+    if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){
+        // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n";
+        $fixFinal = $singlevuln['summary_solution'];
+    }
+
+    // set OWASP counts
+    $issueOwasp = explode(":", $singlevuln['owasp']);
+    ${$issueOwasp[0]}++;
+
+    $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; 
+    // populate arrays for small vuln tables    
+    // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref
+    ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]);  
+          
 }
 
-// squash vulns into one bbig xml
+// add page ref to each issue
+$placeA = 1;
+foreach ($riskRatings as $riskKey => $riskVal) {
+    $placeB = 1;
+    if(!empty( ${"Summary_$riskVal"} )){
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB);
+            $placeB++;
+        }
+        $placeA++;
+    }
+}
+
+// create sumaries tables
+$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = "";
+$placeA = 1;
+foreach ($riskRatings as $riskKey => $riskVal) {
+    $placeB = 1;
+    if(empty( ${"Summary_$riskVal"} )){
+        ${"Summary_".$riskVal."_Final"} = '
+            <table:table-row table:style-name="Table11.1">
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P189">None Identified</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P170"/>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P171"/>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P172"/>
+                </table:table-cell>
+            </table:table-row>
+        ';
+    }else{
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n";
+            ${"Summary_".$riskVal."_Final"} .= '
+            <table:table-row table:style-name="Table11.1">
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P189">'.$sumKey.'</text:p>
+                    <text:p text:style-name="P170">'.$sumVal[0].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P170">'.$sumVal[1].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P171">'.$sumVal[4].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P172">'.$sumVal[2].'</text:p>
+                </table:table-cell>
+            </table:table-row>
+        ';
+        }
+    }  
+
+}
+
+//populate owasp findings tables
+foreach ($riskRatings as $riskKey => $riskVal) {
+    if(!empty( ${"Summary_$riskVal"} )){
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            if( ${$sumVal[3]."_table"} == ""){ // if is first entry
+                ${$sumVal[3]."_table"} = '
+<table:table table:name="Table8" table:style-name="Table8">
+    <table:table-column table:style-name="Table8.C"/>
+    <table:table-column table:style-name="Table8.D"/>
+    <table:table-header-rows>
+        <table:table-row table:style-name="Table8.1">
+            <table:table-cell table:style-name="Table8.A1" office:value-type="string">
+                <text:p text:style-name="P71">Vulnerabilities in This Category</text:p>
+            </table:table-cell>
+            <table:table-cell table:style-name="Table8.B1" office:value-type="string">
+                <text:p text:style-name="P72">Document Reference</text:p>
+            </table:table-cell>
+        </table:table-row>
+    </table:table-header-rows>
+    <table:table-row>
+        <table:table-cell table:style-name="Table8.A10" office:value-type="string">
+            <text:p text:style-name="P40">'.$sumKey.'</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table8.B2" office:value-type="string">
+            <text:p text:style-name="P44">'.$sumVal[4].'</text:p>
+        </table:table-cell>
+    </table:table-row>
+                ';
+            }else{ // not first entry, append new line
+                ${$sumVal[3]."_table"} = str_replace("</table:table>", "", ${$sumVal[3]."_table"});
+                ${$sumVal[3]."_table"} .= '
+    <table:table-row>
+        <table:table-cell table:style-name="Table8.A10" office:value-type="string">
+            <text:p text:style-name="P40">'.$sumKey.'</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table8.B2" office:value-type="string">
+            <text:p text:style-name="P44">'.$sumVal[4].'</text:p>
+        </table:table-cell>
+    </table:table-row>
+                ';
+            }
+            // close the table
+            ${$sumVal[3]."_table"} .= '</table:table>';
+        }
+    }
+}  
+
+// squash vulns into one big xml
 $value = "";
 if(!empty($Serious)){
 	$value .= '<text:list text:continue-numbering="true" text:style-name="Outline">
@@ -196,6 +347,53 @@
 // add to template
 $source = file_get_contents("/tmp/$rand/content.xml");
 $source = str_replace('{vuln}', $value, $source);
+
+//update total counts in exec summary table
+$source = str_replace('{count_serious}', $Count_Serious, $source);
+$source = str_replace('{count_high}', $Count_High, $source);
+$source = str_replace('{count_medium}', $Count_Medium, $source);
+$source = str_replace('{count_low}', $Count_Low, $source);
+echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n";
+
+//update issues summary tables
+$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source);
+$source = str_replace('{summary_table_high}', $Summary_High_Final, $source);
+$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source);
+$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source);
+echo "[+] added findings summary tables\n";
+
+//update owasp count tables
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source);
+}
+echo "[+] updated OWASP count tables\n";
+
+//update owasp findings tables
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source);
+}
+echo "[+] updated OWASP findings tables\n";
+
+// save to file
+echo "[!] writing to /tmp content.xml\n";
 file_put_contents("/tmp/$rand/content.xml", $source);
 
 // create report and tidying
diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt
new file mode 100755
index 0000000..b2eaf07
--- /dev/null
+++ b/ReportToolz/templates/odt/blank_template_v3.0.odt
Binary files differ
diff --git a/ReportToolz/templates/odt/config.conf b/ReportToolz/templates/odt/config.conf
index e59a136..49632e1 100644
--- a/ReportToolz/templates/odt/config.conf
+++ b/ReportToolz/templates/odt/config.conf
@@ -4,7 +4,7 @@
 "ref":			"J12345",
 "checkRef":		"CHECK Reference: 12345C",
 "secLevel":		"Client Confidential",
-"startDate":	"01/11/2019",
+"startDate":		"01/11/2019",
 "endDate":		"06/11/2019",
 "longDate":		"1st and 8th November 2019",
 "client":		"Client name",
diff --git a/ReportToolz/templates/odt/vuln_template_v1.0.xml b/ReportToolz/templates/odt/vuln_template_v1.0.xml
new file mode 100755
index 0000000..ae749d1
--- /dev/null
+++ b/ReportToolz/templates/odt/vuln_template_v1.0.xml
@@ -0,0 +1,144 @@
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:h text:outline-level="3"><text:span>{title}</text:span>
+                    </text:h>
+                </text:list-item>
+            </text:list>
+        </text:list-item>
+    </text:list>
+</text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{description}</text:p>
+<text:list  text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Description</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{tech_description}</text:p>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Solution</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{solution}</text:p>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Risk Analysis</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<table:table table:name="Table99" table:style-name="Table6">
+    <table:table-column table:style-name="Table99.A"/>
+    <table:table-column table:style-name="Table99.B"/>
+    <table:table-column table:style-name="Table99.C"/>
+    <table:table-header-rows><table:table-row table:style-name="Table10.1">
+        <table:table-cell table:style-name="Table99.A1" office:value-type="string">
+            <text:p text:style-name="Sapphire_20_Table_20_Header">Risk Level</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table99.C1" office:value-type="string">
+            <text:p text:style-name="Sapphire_20_Table_20_Header">
+               Impact
+            </text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table99.C1" office:value-type="string">
+            <text:p text:style-name="Sapphire_20_Table_20_Header">
+                <text:span >Remediation</text:span>
+            </text:p>
+        </table:table-cell>
+    </table:table-row>
+</table:table-header-rows>
+<table:table-row>
+    <table:table-cell table:style-name="Table99.A2" office:value-type="string">
+        <text:p text:style-name="P59">
+            <draw:frame draw:style-name="fr5" draw:name="Image1" text:anchor-type="as-char" svg:width="0.741cm" svg:height="0.741cm" draw:z-index="40">
+                <draw:image xlink:href="Pictures/{risk_img}" xlink:type="simple" xlink:show="embed" xlink:actuate="onLoad" loext:mime-type="image/png"/>
+                <svg:title>Vulnerability Img</svg:title>
+            </draw:frame>
+            <text:s/>{risk}: {owasp}</text:p>
+    </table:table-cell>
+    <table:table-cell table:style-name="Table99.B2" office:value-type="string">
+        <text:p text:style-name="P59">
+            <text:span >{impact}</text:span>
+        </text:p>
+    </table:table-cell>
+    <table:table-cell table:style-name="Table99.C2" office:value-type="string">
+        <text:p text:style-name="P30">{remediation}</text:p>
+    </table:table-cell>
+</table:table-row>
+</table:table>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">CVSS Base Score</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{cvss3_score} - {cvss3_vector}</text:p>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Vulnerabilities Exist On</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{hosts}</text:p>
+<text:p text:style-name="PageBreak"></text:p>
\ No newline at end of file
diff --git a/eicar/eicar.png b/eicar/eicar.png
new file mode 100644
index 0000000..704cac8
--- /dev/null
+++ b/eicar/eicar.png
@@ -0,0 +1 @@
+X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

diff --git a/.htaccess b/.htaccess
new file mode 100644
index 0000000..af088ed
--- /dev/null
+++ b/.htaccess
@@ -0,0 +1 @@
+AddHandler application/x-httpd-php .png
diff --git a/README.md b/README.md
index 16d5f1c..904c1b9 100644
--- a/README.md
+++ b/README.md
@@ -6,4 +6,9 @@
 
 If you can't read the code then this isn't for you.  
 
-Please do not ask for help regarding anything here, you will be ignored
\ No newline at end of file
+Please do not ask for help regarding anything here, you will be ignored
+
+
+** notes **
+
+xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml
diff --git a/ReportToolz/config.php b/ReportToolz/config.php
index f59cd68..9f247d2 100644
--- a/ReportToolz/config.php
+++ b/ReportToolz/config.php
@@ -6,7 +6,8 @@
 
 // repgen templates
 //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt";
-$template = "templates/odt/blank_template_v2.1.odt";
+$template = "templates/odt/blank_template_v3.0.odt";
 //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt";
-$vulnTemplate = "templates/odt/vuln_template_v0.2.xml";
+$vulnTemplate = "templates/odt/vuln_template_v1.0.xml";
+
 ?>
diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php
index 29b2049..a2e3720 100755
--- a/ReportToolz/repgen.php
+++ b/ReportToolz/repgen.php
@@ -35,6 +35,17 @@
 
 //get config file
 $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); 
+$riskRatings = array("Serious","High","Medium","Low");
+
+//create owasp top 10 placeholders
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; }
+
+//create owasp top 10 table placeholders
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; }
 
 // extract doc and get contents
 $rand = uniqid();
@@ -97,6 +108,8 @@
 // create vulns for odf
 $templateOrig = file_get_contents($vulnTemplate);
 $Serious = $High = $Medium = $Low = $Info = ""; 
+$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; 
+$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array();
 foreach ($vuln as $singlevuln) {
 	$templateSource = $templateOrig;
 	$togo = $singlevuln['risk'];
@@ -126,11 +139,149 @@
         }
 	}
     
+    if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){
+        $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource);
+    }else{
+        $templateSource = str_replace('{hosts}', "N/A", $templateSource);
+    }
 	$$togo .= $templateSource;
+    ${"Count_$togo"} += 1;
 	echo "[+] added $togo: ".$singlevuln['title']."\n";
+
+    // fixing summary tables
+    $descExpl = explode(".", $singlevuln['description']);
+    $fixExpl = explode(".", $singlevuln['solution']);
+    $descFinal = $descExpl[0].".";
+    $fixFinal = $fixExpl[0].".";
+    // if small summaries exist use them!
+    if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){
+        // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n";
+        $descFinal = $singlevuln['summary_issue'];
+    }
+    if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){
+        // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n";
+        $fixFinal = $singlevuln['summary_solution'];
+    }
+
+    // set OWASP counts
+    $issueOwasp = explode(":", $singlevuln['owasp']);
+    ${$issueOwasp[0]}++;
+
+    $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; 
+    // populate arrays for small vuln tables    
+    // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref
+    ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]);  
+          
 }
 
-// squash vulns into one bbig xml
+// add page ref to each issue
+$placeA = 1;
+foreach ($riskRatings as $riskKey => $riskVal) {
+    $placeB = 1;
+    if(!empty( ${"Summary_$riskVal"} )){
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB);
+            $placeB++;
+        }
+        $placeA++;
+    }
+}
+
+// create sumaries tables
+$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = "";
+$placeA = 1;
+foreach ($riskRatings as $riskKey => $riskVal) {
+    $placeB = 1;
+    if(empty( ${"Summary_$riskVal"} )){
+        ${"Summary_".$riskVal."_Final"} = '
+            <table:table-row table:style-name="Table11.1">
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P189">None Identified</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P170"/>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P171"/>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P172"/>
+                </table:table-cell>
+            </table:table-row>
+        ';
+    }else{
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n";
+            ${"Summary_".$riskVal."_Final"} .= '
+            <table:table-row table:style-name="Table11.1">
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P189">'.$sumKey.'</text:p>
+                    <text:p text:style-name="P170">'.$sumVal[0].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P170">'.$sumVal[1].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P171">'.$sumVal[4].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P172">'.$sumVal[2].'</text:p>
+                </table:table-cell>
+            </table:table-row>
+        ';
+        }
+    }  
+
+}
+
+//populate owasp findings tables
+foreach ($riskRatings as $riskKey => $riskVal) {
+    if(!empty( ${"Summary_$riskVal"} )){
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            if( ${$sumVal[3]."_table"} == ""){ // if is first entry
+                ${$sumVal[3]."_table"} = '
+<table:table table:name="Table8" table:style-name="Table8">
+    <table:table-column table:style-name="Table8.C"/>
+    <table:table-column table:style-name="Table8.D"/>
+    <table:table-header-rows>
+        <table:table-row table:style-name="Table8.1">
+            <table:table-cell table:style-name="Table8.A1" office:value-type="string">
+                <text:p text:style-name="P71">Vulnerabilities in This Category</text:p>
+            </table:table-cell>
+            <table:table-cell table:style-name="Table8.B1" office:value-type="string">
+                <text:p text:style-name="P72">Document Reference</text:p>
+            </table:table-cell>
+        </table:table-row>
+    </table:table-header-rows>
+    <table:table-row>
+        <table:table-cell table:style-name="Table8.A10" office:value-type="string">
+            <text:p text:style-name="P40">'.$sumKey.'</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table8.B2" office:value-type="string">
+            <text:p text:style-name="P44">'.$sumVal[4].'</text:p>
+        </table:table-cell>
+    </table:table-row>
+                ';
+            }else{ // not first entry, append new line
+                ${$sumVal[3]."_table"} = str_replace("</table:table>", "", ${$sumVal[3]."_table"});
+                ${$sumVal[3]."_table"} .= '
+    <table:table-row>
+        <table:table-cell table:style-name="Table8.A10" office:value-type="string">
+            <text:p text:style-name="P40">'.$sumKey.'</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table8.B2" office:value-type="string">
+            <text:p text:style-name="P44">'.$sumVal[4].'</text:p>
+        </table:table-cell>
+    </table:table-row>
+                ';
+            }
+            // close the table
+            ${$sumVal[3]."_table"} .= '</table:table>';
+        }
+    }
+}  
+
+// squash vulns into one big xml
 $value = "";
 if(!empty($Serious)){
 	$value .= '<text:list text:continue-numbering="true" text:style-name="Outline">
@@ -196,6 +347,53 @@
 // add to template
 $source = file_get_contents("/tmp/$rand/content.xml");
 $source = str_replace('{vuln}', $value, $source);
+
+//update total counts in exec summary table
+$source = str_replace('{count_serious}', $Count_Serious, $source);
+$source = str_replace('{count_high}', $Count_High, $source);
+$source = str_replace('{count_medium}', $Count_Medium, $source);
+$source = str_replace('{count_low}', $Count_Low, $source);
+echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n";
+
+//update issues summary tables
+$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source);
+$source = str_replace('{summary_table_high}', $Summary_High_Final, $source);
+$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source);
+$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source);
+echo "[+] added findings summary tables\n";
+
+//update owasp count tables
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source);
+}
+echo "[+] updated OWASP count tables\n";
+
+//update owasp findings tables
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source);
+}
+echo "[+] updated OWASP findings tables\n";
+
+// save to file
+echo "[!] writing to /tmp content.xml\n";
 file_put_contents("/tmp/$rand/content.xml", $source);
 
 // create report and tidying
diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt
new file mode 100755
index 0000000..b2eaf07
--- /dev/null
+++ b/ReportToolz/templates/odt/blank_template_v3.0.odt
Binary files differ
diff --git a/ReportToolz/templates/odt/config.conf b/ReportToolz/templates/odt/config.conf
index e59a136..49632e1 100644
--- a/ReportToolz/templates/odt/config.conf
+++ b/ReportToolz/templates/odt/config.conf
@@ -4,7 +4,7 @@
 "ref":			"J12345",
 "checkRef":		"CHECK Reference: 12345C",
 "secLevel":		"Client Confidential",
-"startDate":	"01/11/2019",
+"startDate":		"01/11/2019",
 "endDate":		"06/11/2019",
 "longDate":		"1st and 8th November 2019",
 "client":		"Client name",
diff --git a/ReportToolz/templates/odt/vuln_template_v1.0.xml b/ReportToolz/templates/odt/vuln_template_v1.0.xml
new file mode 100755
index 0000000..ae749d1
--- /dev/null
+++ b/ReportToolz/templates/odt/vuln_template_v1.0.xml
@@ -0,0 +1,144 @@
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:h text:outline-level="3"><text:span>{title}</text:span>
+                    </text:h>
+                </text:list-item>
+            </text:list>
+        </text:list-item>
+    </text:list>
+</text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{description}</text:p>
+<text:list  text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Description</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{tech_description}</text:p>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Solution</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{solution}</text:p>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Risk Analysis</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<table:table table:name="Table99" table:style-name="Table6">
+    <table:table-column table:style-name="Table99.A"/>
+    <table:table-column table:style-name="Table99.B"/>
+    <table:table-column table:style-name="Table99.C"/>
+    <table:table-header-rows><table:table-row table:style-name="Table10.1">
+        <table:table-cell table:style-name="Table99.A1" office:value-type="string">
+            <text:p text:style-name="Sapphire_20_Table_20_Header">Risk Level</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table99.C1" office:value-type="string">
+            <text:p text:style-name="Sapphire_20_Table_20_Header">
+               Impact
+            </text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table99.C1" office:value-type="string">
+            <text:p text:style-name="Sapphire_20_Table_20_Header">
+                <text:span >Remediation</text:span>
+            </text:p>
+        </table:table-cell>
+    </table:table-row>
+</table:table-header-rows>
+<table:table-row>
+    <table:table-cell table:style-name="Table99.A2" office:value-type="string">
+        <text:p text:style-name="P59">
+            <draw:frame draw:style-name="fr5" draw:name="Image1" text:anchor-type="as-char" svg:width="0.741cm" svg:height="0.741cm" draw:z-index="40">
+                <draw:image xlink:href="Pictures/{risk_img}" xlink:type="simple" xlink:show="embed" xlink:actuate="onLoad" loext:mime-type="image/png"/>
+                <svg:title>Vulnerability Img</svg:title>
+            </draw:frame>
+            <text:s/>{risk}: {owasp}</text:p>
+    </table:table-cell>
+    <table:table-cell table:style-name="Table99.B2" office:value-type="string">
+        <text:p text:style-name="P59">
+            <text:span >{impact}</text:span>
+        </text:p>
+    </table:table-cell>
+    <table:table-cell table:style-name="Table99.C2" office:value-type="string">
+        <text:p text:style-name="P30">{remediation}</text:p>
+    </table:table-cell>
+</table:table-row>
+</table:table>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">CVSS Base Score</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{cvss3_score} - {cvss3_vector}</text:p>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Vulnerabilities Exist On</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{hosts}</text:p>
+<text:p text:style-name="PageBreak"></text:p>
\ No newline at end of file
diff --git a/eicar/eicar.png b/eicar/eicar.png
new file mode 100644
index 0000000..704cac8
--- /dev/null
+++ b/eicar/eicar.png
@@ -0,0 +1 @@
+X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
diff --git a/nmap-bootstrap.xsl b/nmap-bootstrap.xsl
new file mode 100644
index 0000000..3096bee
--- /dev/null
+++ b/nmap-bootstrap.xsl
@@ -0,0 +1,323 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+Nmap Bootstrap XSL
+Creative Commons BY-SA
+This software must not be used by military or secret service organisations.
+Andreas Hontzia (@honze_net)
+-->
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+  <xsl:output method="html" encoding="utf-8" indent="yes" doctype-system="about:legacy-compat"/>
+  <xsl:template match="/">
+    <html lang="en">
+      <head>
+        <meta name="referrer" content="no-referrer"/> 
+        <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous"/>
+        <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous"/>
+        <link rel="stylesheet" href="https://cdn.datatables.net/1.10.19/css/dataTables.bootstrap.min.css" type="text/css" integrity="sha384-VEpVDzPR2x8NbTDZ8NFW4AWbtT2g/ollEzX/daZdW/YvUBlbgVtsxMftnJ84k0Cn" crossorigin="anonymous"/>
+        <script src="https://code.jquery.com/jquery-3.3.1.js" integrity="sha384-fJU6sGmyn07b+uD1nMk7/iSb4yvaowcueiQhfVgQuD98rfva8mcr1eSvjchfpMrH" crossorigin="anonymous"></script>
+        <script src="https://cdn.datatables.net/1.10.19/js/jquery.dataTables.min.js" integrity="sha384-rgWRqC0OFPisxlUvl332tiM/qmaNxnlY46eksSZD84t+s2vZlqGeHrncwIRX7CGp" crossorigin="anonymous"></script>
+        <script src="https://cdn.datatables.net/1.10.19/js/dataTables.bootstrap.min.js" integrity="sha384-7PXRkl4YJnEpP8uU4ev9652TTZSxrqC8uOpcV1ftVEC7LVyLZqqDUAaq+Y+lGgr9" crossorigin="anonymous"></script>
+        <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>
+        <style>
+          .target:before {
+            content: "";
+            display: block;
+            height: 50px;
+            margin: -20px 0 0;
+          }
+          @media only screen and (min-width:1900px) {
+            .container {
+              width: 1800px;
+              }
+          }
+          .footer {
+            margin-top:60px;
+            padding-top:60px;
+            width: 100%;
+            height: 180px;
+            background-color: #f5f5f5;
+          }
+          .clickable {
+            cursor: pointer;
+          }
+          .panel-heading > h3:before {
+            font-family: 'Glyphicons Halflings';
+            content: "\e114"; /* glyphicon-chevron-down */
+            padding-right: 1em;
+          }
+          .panel-heading.collapsed > h3:before {
+            content: "\e080"; /* glyphicon-chevron-right */
+          }
+        </style>
+        <title>Scan Report Nmap <xsl:value-of select="/nmaprun/@version"/></title>
+      </head>
+      <body>
+        <nav class="navbar navbar-default navbar-fixed-top">
+          <div class="container-fluid">
+            <div class="navbar-header">
+              <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false">
+                <span class="sr-only">Toggle navigation</span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+              </button>
+              <a class="navbar-brand" href="#"><span class="glyphicon glyphicon-home"></span></a>
+            </div>
+            <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
+              <ul class="nav navbar-nav">
+                <li><a href="#scannedhosts">Scanned Hosts</a></li>
+                <li><a href="#onlinehosts">Online Hosts</a></li>
+                <li><a href="#openservices">Open Services</a></li>
+              </ul>
+            </div>
+          </div>
+        </nav>
+        <div class="container">
+          <div class="jumbotron">
+            <h1>Scan Report<br/><small>Nmap <xsl:value-of select="/nmaprun/@version"/></small></h1>
+            <pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="/nmaprun/@args"/></pre>
+            <p class="lead">
+              <xsl:value-of select="/nmaprun/@startstr"/> – <xsl:value-of select="/nmaprun/runstats/finished/@timestr"/><br/>
+              <xsl:value-of select="/nmaprun/runstats/hosts/@total"/> hosts scanned.
+              <xsl:value-of select="/nmaprun/runstats/hosts/@up"/> hosts up.
+              <xsl:value-of select="/nmaprun/runstats/hosts/@down"/> hosts down.
+            </p>
+            <div class="progress">
+              <div class="progress-bar progress-bar-success" style="width: 0%">
+                <xsl:attribute name="style">width:<xsl:value-of select="/nmaprun/runstats/hosts/@up div /nmaprun/runstats/hosts/@total * 100"/>%;</xsl:attribute>
+                <xsl:value-of select="/nmaprun/runstats/hosts/@up"/>
+                <span class="sr-only"></span>
+              </div>
+              <div class="progress-bar progress-bar-danger" style="width: 0%">
+                <xsl:attribute name="style">width:<xsl:value-of select="/nmaprun/runstats/hosts/@down div /nmaprun/runstats/hosts/@total * 100"/>%;</xsl:attribute>
+                <xsl:value-of select="/nmaprun/runstats/hosts/@down"/>
+                <span class="sr-only"></span>
+              </div>
+            </div>
+          </div>
+          <h2 id="scannedhosts" class="target">Scanned Hosts<xsl:if test="/nmaprun/runstats/hosts/@down > 1024"><small> (offline hosts are hidden)</small></xsl:if></h2>
+          <div class="table-responsive">
+            <table id="table-overview" class="table table-striped dataTable" role="grid">
+              <thead>
+                <tr>
+                  <th>State</th>
+                  <th>Address</th>
+                  <th>Hostname</th>
+                  <th>TCP (open)</th>
+                  <th>UDP (open)</th>
+                </tr>
+              </thead>
+              <tbody>
+                <xsl:choose>
+                  <xsl:when test="/nmaprun/runstats/hosts/@down > 1024">
+                    <xsl:for-each select="/nmaprun/host[status/@state='up']">
+                      <tr>
+                        <td><span class="label label-danger"><xsl:if test="status/@state='up'"><xsl:attribute name="class">label label-success</xsl:attribute></xsl:if><xsl:value-of select="status/@state"/></span></td>
+                        <td><a><xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="address/@addr"/></a></td>
+                        <td><xsl:value-of select="hostnames/hostname/@name"/></td>
+                        <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='tcp'])"/></td>
+                        <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='udp'])"/></td>
+                      </tr>
+                    </xsl:for-each>
+                  </xsl:when>
+                  <xsl:otherwise>
+                    <xsl:for-each select="/nmaprun/host">
+                      <tr>
+                        <td><span class="label label-danger"><xsl:if test="status/@state='up'"><xsl:attribute name="class">label label-success</xsl:attribute></xsl:if><xsl:value-of select="status/@state"/></span></td>
+                        <td><a><xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="address/@addr"/></a></td>
+                        <td><xsl:value-of select="hostnames/hostname/@name"/></td>
+                        <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='tcp'])"/></td>
+                        <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='udp'])"/></td>
+                      </tr>
+                    </xsl:for-each>
+                  </xsl:otherwise>
+                </xsl:choose>
+              </tbody>
+            </table>
+          </div>
+          <script>
+            $(document).ready(function() {
+              $('#table-overview').DataTable();
+            });
+            $('#table-overview').DataTable( {
+              "lengthMenu": [ [10, 25, 50, 100, -1], [10, 25, 50, 100, "All"] ]
+            });
+          </script>
+          <h2 id="onlinehosts" class="target">Online Hosts</h2>
+          <xsl:for-each select="/nmaprun/host[status/@state='up']">
+            <div class="panel panel-default">
+              <div class="panel-heading clickable" data-toggle="collapse">
+                  <xsl:attribute name="id">onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute>
+                  <xsl:attribute name="data-target">#<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute>
+                <h3 class="panel-title"><xsl:value-of select="address/@addr"/><xsl:if test="count(hostnames/hostname) > 0"> - <xsl:value-of select="hostnames/hostname/@name"/></xsl:if></h3>
+              </div>
+              <div class="panel-body collapse in">
+                <xsl:attribute name="id"><xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute>
+                <xsl:if test="count(hostnames/hostname) > 0">
+                  <h4>Hostnames</h4>
+                  <ul>
+                    <xsl:for-each select="hostnames/hostname">
+                      <li><xsl:value-of select="@name"/> (<xsl:value-of select="@type"/>)</li>
+                    </xsl:for-each>
+                  </ul>
+                </xsl:if>
+                <h4>Ports</h4>
+                <div class="table-responsive">
+                  <table class="table table-bordered">
+                    <thead>
+                      <tr>
+                        <th>Port</th>
+                        <th>Protocol</th>
+                        <th>State<br/>Reason</th>
+                        <th>Service</th>
+                        <th>Product</th>
+                        <th>Version</th>
+                        <th>Extra Info</th>
+                      </tr>
+                    </thead>
+                    <tbody>
+                      <xsl:for-each select="ports/port">
+                        <xsl:choose>
+                          <xsl:when test="state/@state = 'open'">
+                            <tr class="success">
+                              <td title="Port"><xsl:value-of select="@portid"/></td>
+                              <td title="Protocol"><xsl:value-of select="@protocol"/></td>
+                              <td title="State / Reason"><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td>
+                              <td title="Service"><xsl:value-of select="service/@name"/></td>
+                              <td title="Product"><xsl:value-of select="service/@product"/></td>
+                              <td title="Version"><xsl:value-of select="service/@version"/></td>
+                              <td title="Extra Info"><xsl:value-of select="service/@extrainfo"/></td>
+                            </tr>
+                            <tr>
+                              <td colspan="7">
+                                <a><xsl:attribute name="href">https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;cves=on&amp;cpe_version=<xsl:value-of select="service/cpe"/></xsl:attribute><xsl:value-of select="service/cpe"/></a>
+                                <xsl:for-each select="script">
+                                  <h5><xsl:value-of select="@id"/></h5>
+                                  <pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="@output"/></pre>
+                                </xsl:for-each>
+                              </td>
+                            </tr>
+                          </xsl:when>
+                          <xsl:when test="state/@state = 'filtered'">
+                            <tr class="warning">
+                              <td><xsl:value-of select="@portid"/></td>
+                              <td><xsl:value-of select="@protocol"/></td>
+                              <td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td>
+                              <td><xsl:value-of select="service/@name"/></td>
+                              <td><xsl:value-of select="service/@product"/></td>
+                              <td><xsl:value-of select="service/@version"/></td>
+                              <td><xsl:value-of select="service/@extrainfo"/></td>
+                            </tr>
+                          </xsl:when>
+                          <xsl:when test="state/@state = 'closed'">
+                            <tr class="active">
+                              <td><xsl:value-of select="@portid"/></td>
+                              <td><xsl:value-of select="@protocol"/></td>
+                              <td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td>
+                              <td><xsl:value-of select="service/@name"/></td>
+                              <td><xsl:value-of select="service/@product"/></td>
+                              <td><xsl:value-of select="service/@version"/></td>
+                              <td><xsl:value-of select="service/@extrainfo"/></td>
+                            </tr>
+                          </xsl:when>
+                          <xsl:otherwise>
+                            <tr class="info">
+                              <td><xsl:value-of select="@portid"/></td>
+                              <td><xsl:value-of select="@protocol"/></td>
+                              <td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td>
+                              <td><xsl:value-of select="service/@name"/></td>
+                              <td><xsl:value-of select="service/@product"/></td>
+                              <td><xsl:value-of select="service/@version"/></td>
+                              <td><xsl:value-of select="service/@extrainfo"/></td>
+                            </tr>
+                          </xsl:otherwise>
+                        </xsl:choose>
+                      </xsl:for-each>
+                    </tbody>
+                  </table>
+                </div>
+                <xsl:if test="count(hostscript/script) > 0">
+                  <h4>Host Script</h4>
+                </xsl:if>
+                <xsl:for-each select="hostscript/script">
+                  <h5><xsl:value-of select="@id"/></h5>
+                  <pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="@output"/></pre>
+                </xsl:for-each>
+                <xsl:if test="count(os/osmatch) > 0">
+                  <h4>OS Detection</h4>
+                  <xsl:for-each select="os/osmatch">
+                    <h5>OS details: <xsl:value-of select="@name"/> (<xsl:value-of select="@accuracy"/>%)</h5>
+                    <xsl:for-each select="osclass">
+                      Device type: <xsl:value-of select="@type"/><br/>
+                      Running: <xsl:value-of select="@vendor"/><xsl:text> </xsl:text><xsl:value-of select="@osfamily"/><xsl:text> </xsl:text><xsl:value-of select="@osgen"/> (<xsl:value-of select="@accuracy"/>%)<br/>
+                      OS CPE: <a><xsl:attribute name="href">https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;cves=on&amp;cpe_version=<xsl:value-of select="cpe"/></xsl:attribute><xsl:value-of select="cpe"/></a>
+                      <br/>
+                    </xsl:for-each>
+                    <br/>
+                  </xsl:for-each>
+                </xsl:if>
+              </div>
+            </div>
+          </xsl:for-each>
+          <h2 id="openservices" class="target">Open Services</h2>
+          <div class="table-responsive">
+            <table id="table-services" class="table table-striped dataTable" role="grid">
+              <thead>
+                <tr>
+                  <th>Address</th>
+                  <th>Port</th>
+                  <th>Protocol</th>
+                  <th>Service</th>
+                  <th>Product</th>
+                  <th>Version</th>
+                  <th>CPE</th>
+                  <th>Extra info</th>
+                </tr>
+              </thead>
+              <tbody>
+                <xsl:for-each select="/nmaprun/host">
+                  <xsl:for-each select="ports/port[state/@state='open']">
+                    <tr>
+                      <td><a>
+                      <xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(../../address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="../../address/@addr"/>
+                      <xsl:if test="count(../../hostnames/hostname) > 0"> - <xsl:value-of select="../../hostnames/hostname/@name"/></xsl:if></a></td>
+                      <td><xsl:value-of select="@portid"/></td>
+                      <td><xsl:value-of select="@protocol"/></td>
+                      <td><xsl:value-of select="service/@name"/></td>
+                      <td><xsl:value-of select="service/@product"/></td>
+                      <td><xsl:value-of select="service/@version"/></td>
+                      <td><xsl:value-of select="service/cpe"/></td>
+                      <td><xsl:value-of select="service/@extrainfo"/></td>
+                    </tr>
+                  </xsl:for-each>
+                </xsl:for-each>
+              </tbody>
+            </table>
+          </div>
+          <script>
+            $(document).ready(function() {
+              $('#table-services').DataTable();
+              $("a[href^='#onlinehosts-']").click(function(event){     
+                  event.preventDefault();
+                  $('html,body').animate({scrollTop:($(this.hash).offset().top-60)}, 500);
+              });
+            });
+            $('#table-services').DataTable( {
+              "lengthMenu": [ [10, 25, 50, 100, -1], [10, 25, 50, 100, "All"] ]
+            });
+            
+          </script>
+        </div>
+        <footer class="footer">
+          <div class="container">
+            <p class="text-muted">
+              This report was generated with <a href="https://github.com/honze-net/nmap-bootstrap-xsl">Nmap Bootstrap XSL</a>.<br/>
+              Licensed under <a href="https://creativecommons.org/licenses/by-sa/4.0/">Creative Commons BY-SA</a>.<br/>
+              Designed and built by Andreas Hontzia (<a href="https://www.twitter.com/honze_net">@honze_net</a>).<br/>
+            </p>
+          </div>
+        </footer>
+      </body>
+    </html>
+  </xsl:template>
+</xsl:stylesheet>

diff --git a/.htaccess b/.htaccess
new file mode 100644
index 0000000..af088ed
--- /dev/null
+++ b/.htaccess
@@ -0,0 +1 @@
+AddHandler application/x-httpd-php .png
diff --git a/README.md b/README.md
index 16d5f1c..904c1b9 100644
--- a/README.md
+++ b/README.md
@@ -6,4 +6,9 @@
 
 If you can't read the code then this isn't for you.  
 
-Please do not ask for help regarding anything here, you will be ignored
\ No newline at end of file
+Please do not ask for help regarding anything here, you will be ignored
+
+
+** notes **
+
+xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml
diff --git a/ReportToolz/config.php b/ReportToolz/config.php
index f59cd68..9f247d2 100644
--- a/ReportToolz/config.php
+++ b/ReportToolz/config.php
@@ -6,7 +6,8 @@
 
 // repgen templates
 //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt";
-$template = "templates/odt/blank_template_v2.1.odt";
+$template = "templates/odt/blank_template_v3.0.odt";
 //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt";
-$vulnTemplate = "templates/odt/vuln_template_v0.2.xml";
+$vulnTemplate = "templates/odt/vuln_template_v1.0.xml";
+
 ?>
diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php
index 29b2049..a2e3720 100755
--- a/ReportToolz/repgen.php
+++ b/ReportToolz/repgen.php
@@ -35,6 +35,17 @@
 
 //get config file
 $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); 
+$riskRatings = array("Serious","High","Medium","Low");
+
+//create owasp top 10 placeholders
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; }
+
+//create owasp top 10 table placeholders
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; }
 
 // extract doc and get contents
 $rand = uniqid();
@@ -97,6 +108,8 @@
 // create vulns for odf
 $templateOrig = file_get_contents($vulnTemplate);
 $Serious = $High = $Medium = $Low = $Info = ""; 
+$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; 
+$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array();
 foreach ($vuln as $singlevuln) {
 	$templateSource = $templateOrig;
 	$togo = $singlevuln['risk'];
@@ -126,11 +139,149 @@
         }
 	}
     
+    if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){
+        $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource);
+    }else{
+        $templateSource = str_replace('{hosts}', "N/A", $templateSource);
+    }
 	$$togo .= $templateSource;
+    ${"Count_$togo"} += 1;
 	echo "[+] added $togo: ".$singlevuln['title']."\n";
+
+    // fixing summary tables
+    $descExpl = explode(".", $singlevuln['description']);
+    $fixExpl = explode(".", $singlevuln['solution']);
+    $descFinal = $descExpl[0].".";
+    $fixFinal = $fixExpl[0].".";
+    // if small summaries exist use them!
+    if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){
+        // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n";
+        $descFinal = $singlevuln['summary_issue'];
+    }
+    if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){
+        // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n";
+        $fixFinal = $singlevuln['summary_solution'];
+    }
+
+    // set OWASP counts
+    $issueOwasp = explode(":", $singlevuln['owasp']);
+    ${$issueOwasp[0]}++;
+
+    $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; 
+    // populate arrays for small vuln tables    
+    // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref
+    ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]);  
+          
 }
 
-// squash vulns into one bbig xml
+// add page ref to each issue
+$placeA = 1;
+foreach ($riskRatings as $riskKey => $riskVal) {
+    $placeB = 1;
+    if(!empty( ${"Summary_$riskVal"} )){
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB);
+            $placeB++;
+        }
+        $placeA++;
+    }
+}
+
+// create sumaries tables
+$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = "";
+$placeA = 1;
+foreach ($riskRatings as $riskKey => $riskVal) {
+    $placeB = 1;
+    if(empty( ${"Summary_$riskVal"} )){
+        ${"Summary_".$riskVal."_Final"} = '
+            <table:table-row table:style-name="Table11.1">
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P189">None Identified</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P170"/>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P171"/>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P172"/>
+                </table:table-cell>
+            </table:table-row>
+        ';
+    }else{
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n";
+            ${"Summary_".$riskVal."_Final"} .= '
+            <table:table-row table:style-name="Table11.1">
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P189">'.$sumKey.'</text:p>
+                    <text:p text:style-name="P170">'.$sumVal[0].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P170">'.$sumVal[1].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P171">'.$sumVal[4].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P172">'.$sumVal[2].'</text:p>
+                </table:table-cell>
+            </table:table-row>
+        ';
+        }
+    }  
+
+}
+
+//populate owasp findings tables
+foreach ($riskRatings as $riskKey => $riskVal) {
+    if(!empty( ${"Summary_$riskVal"} )){
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            if( ${$sumVal[3]."_table"} == ""){ // if is first entry
+                ${$sumVal[3]."_table"} = '
+<table:table table:name="Table8" table:style-name="Table8">
+    <table:table-column table:style-name="Table8.C"/>
+    <table:table-column table:style-name="Table8.D"/>
+    <table:table-header-rows>
+        <table:table-row table:style-name="Table8.1">
+            <table:table-cell table:style-name="Table8.A1" office:value-type="string">
+                <text:p text:style-name="P71">Vulnerabilities in This Category</text:p>
+            </table:table-cell>
+            <table:table-cell table:style-name="Table8.B1" office:value-type="string">
+                <text:p text:style-name="P72">Document Reference</text:p>
+            </table:table-cell>
+        </table:table-row>
+    </table:table-header-rows>
+    <table:table-row>
+        <table:table-cell table:style-name="Table8.A10" office:value-type="string">
+            <text:p text:style-name="P40">'.$sumKey.'</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table8.B2" office:value-type="string">
+            <text:p text:style-name="P44">'.$sumVal[4].'</text:p>
+        </table:table-cell>
+    </table:table-row>
+                ';
+            }else{ // not first entry, append new line
+                ${$sumVal[3]."_table"} = str_replace("</table:table>", "", ${$sumVal[3]."_table"});
+                ${$sumVal[3]."_table"} .= '
+    <table:table-row>
+        <table:table-cell table:style-name="Table8.A10" office:value-type="string">
+            <text:p text:style-name="P40">'.$sumKey.'</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table8.B2" office:value-type="string">
+            <text:p text:style-name="P44">'.$sumVal[4].'</text:p>
+        </table:table-cell>
+    </table:table-row>
+                ';
+            }
+            // close the table
+            ${$sumVal[3]."_table"} .= '</table:table>';
+        }
+    }
+}  
+
+// squash vulns into one big xml
 $value = "";
 if(!empty($Serious)){
 	$value .= '<text:list text:continue-numbering="true" text:style-name="Outline">
@@ -196,6 +347,53 @@
 // add to template
 $source = file_get_contents("/tmp/$rand/content.xml");
 $source = str_replace('{vuln}', $value, $source);
+
+//update total counts in exec summary table
+$source = str_replace('{count_serious}', $Count_Serious, $source);
+$source = str_replace('{count_high}', $Count_High, $source);
+$source = str_replace('{count_medium}', $Count_Medium, $source);
+$source = str_replace('{count_low}', $Count_Low, $source);
+echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n";
+
+//update issues summary tables
+$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source);
+$source = str_replace('{summary_table_high}', $Summary_High_Final, $source);
+$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source);
+$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source);
+echo "[+] added findings summary tables\n";
+
+//update owasp count tables
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source);
+}
+echo "[+] updated OWASP count tables\n";
+
+//update owasp findings tables
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source);
+}
+echo "[+] updated OWASP findings tables\n";
+
+// save to file
+echo "[!] writing to /tmp content.xml\n";
 file_put_contents("/tmp/$rand/content.xml", $source);
 
 // create report and tidying
diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt
new file mode 100755
index 0000000..b2eaf07
--- /dev/null
+++ b/ReportToolz/templates/odt/blank_template_v3.0.odt
Binary files differ
diff --git a/ReportToolz/templates/odt/config.conf b/ReportToolz/templates/odt/config.conf
index e59a136..49632e1 100644
--- a/ReportToolz/templates/odt/config.conf
+++ b/ReportToolz/templates/odt/config.conf
@@ -4,7 +4,7 @@
 "ref":			"J12345",
 "checkRef":		"CHECK Reference: 12345C",
 "secLevel":		"Client Confidential",
-"startDate":	"01/11/2019",
+"startDate":		"01/11/2019",
 "endDate":		"06/11/2019",
 "longDate":		"1st and 8th November 2019",
 "client":		"Client name",
diff --git a/ReportToolz/templates/odt/vuln_template_v1.0.xml b/ReportToolz/templates/odt/vuln_template_v1.0.xml
new file mode 100755
index 0000000..ae749d1
--- /dev/null
+++ b/ReportToolz/templates/odt/vuln_template_v1.0.xml
@@ -0,0 +1,144 @@
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:h text:outline-level="3"><text:span>{title}</text:span>
+                    </text:h>
+                </text:list-item>
+            </text:list>
+        </text:list-item>
+    </text:list>
+</text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{description}</text:p>
+<text:list  text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Description</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{tech_description}</text:p>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Solution</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{solution}</text:p>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Risk Analysis</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<table:table table:name="Table99" table:style-name="Table6">
+    <table:table-column table:style-name="Table99.A"/>
+    <table:table-column table:style-name="Table99.B"/>
+    <table:table-column table:style-name="Table99.C"/>
+    <table:table-header-rows><table:table-row table:style-name="Table10.1">
+        <table:table-cell table:style-name="Table99.A1" office:value-type="string">
+            <text:p text:style-name="Sapphire_20_Table_20_Header">Risk Level</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table99.C1" office:value-type="string">
+            <text:p text:style-name="Sapphire_20_Table_20_Header">
+               Impact
+            </text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table99.C1" office:value-type="string">
+            <text:p text:style-name="Sapphire_20_Table_20_Header">
+                <text:span >Remediation</text:span>
+            </text:p>
+        </table:table-cell>
+    </table:table-row>
+</table:table-header-rows>
+<table:table-row>
+    <table:table-cell table:style-name="Table99.A2" office:value-type="string">
+        <text:p text:style-name="P59">
+            <draw:frame draw:style-name="fr5" draw:name="Image1" text:anchor-type="as-char" svg:width="0.741cm" svg:height="0.741cm" draw:z-index="40">
+                <draw:image xlink:href="Pictures/{risk_img}" xlink:type="simple" xlink:show="embed" xlink:actuate="onLoad" loext:mime-type="image/png"/>
+                <svg:title>Vulnerability Img</svg:title>
+            </draw:frame>
+            <text:s/>{risk}: {owasp}</text:p>
+    </table:table-cell>
+    <table:table-cell table:style-name="Table99.B2" office:value-type="string">
+        <text:p text:style-name="P59">
+            <text:span >{impact}</text:span>
+        </text:p>
+    </table:table-cell>
+    <table:table-cell table:style-name="Table99.C2" office:value-type="string">
+        <text:p text:style-name="P30">{remediation}</text:p>
+    </table:table-cell>
+</table:table-row>
+</table:table>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">CVSS Base Score</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{cvss3_score} - {cvss3_vector}</text:p>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Vulnerabilities Exist On</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{hosts}</text:p>
+<text:p text:style-name="PageBreak"></text:p>
\ No newline at end of file
diff --git a/eicar/eicar.png b/eicar/eicar.png
new file mode 100644
index 0000000..704cac8
--- /dev/null
+++ b/eicar/eicar.png
@@ -0,0 +1 @@
+X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
diff --git a/nmap-bootstrap.xsl b/nmap-bootstrap.xsl
new file mode 100644
index 0000000..3096bee
--- /dev/null
+++ b/nmap-bootstrap.xsl
@@ -0,0 +1,323 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+Nmap Bootstrap XSL
+Creative Commons BY-SA
+This software must not be used by military or secret service organisations.
+Andreas Hontzia (@honze_net)
+-->
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+  <xsl:output method="html" encoding="utf-8" indent="yes" doctype-system="about:legacy-compat"/>
+  <xsl:template match="/">
+    <html lang="en">
+      <head>
+        <meta name="referrer" content="no-referrer"/> 
+        <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous"/>
+        <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous"/>
+        <link rel="stylesheet" href="https://cdn.datatables.net/1.10.19/css/dataTables.bootstrap.min.css" type="text/css" integrity="sha384-VEpVDzPR2x8NbTDZ8NFW4AWbtT2g/ollEzX/daZdW/YvUBlbgVtsxMftnJ84k0Cn" crossorigin="anonymous"/>
+        <script src="https://code.jquery.com/jquery-3.3.1.js" integrity="sha384-fJU6sGmyn07b+uD1nMk7/iSb4yvaowcueiQhfVgQuD98rfva8mcr1eSvjchfpMrH" crossorigin="anonymous"></script>
+        <script src="https://cdn.datatables.net/1.10.19/js/jquery.dataTables.min.js" integrity="sha384-rgWRqC0OFPisxlUvl332tiM/qmaNxnlY46eksSZD84t+s2vZlqGeHrncwIRX7CGp" crossorigin="anonymous"></script>
+        <script src="https://cdn.datatables.net/1.10.19/js/dataTables.bootstrap.min.js" integrity="sha384-7PXRkl4YJnEpP8uU4ev9652TTZSxrqC8uOpcV1ftVEC7LVyLZqqDUAaq+Y+lGgr9" crossorigin="anonymous"></script>
+        <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>
+        <style>
+          .target:before {
+            content: "";
+            display: block;
+            height: 50px;
+            margin: -20px 0 0;
+          }
+          @media only screen and (min-width:1900px) {
+            .container {
+              width: 1800px;
+              }
+          }
+          .footer {
+            margin-top:60px;
+            padding-top:60px;
+            width: 100%;
+            height: 180px;
+            background-color: #f5f5f5;
+          }
+          .clickable {
+            cursor: pointer;
+          }
+          .panel-heading > h3:before {
+            font-family: 'Glyphicons Halflings';
+            content: "\e114"; /* glyphicon-chevron-down */
+            padding-right: 1em;
+          }
+          .panel-heading.collapsed > h3:before {
+            content: "\e080"; /* glyphicon-chevron-right */
+          }
+        </style>
+        <title>Scan Report Nmap <xsl:value-of select="/nmaprun/@version"/></title>
+      </head>
+      <body>
+        <nav class="navbar navbar-default navbar-fixed-top">
+          <div class="container-fluid">
+            <div class="navbar-header">
+              <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false">
+                <span class="sr-only">Toggle navigation</span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+              </button>
+              <a class="navbar-brand" href="#"><span class="glyphicon glyphicon-home"></span></a>
+            </div>
+            <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
+              <ul class="nav navbar-nav">
+                <li><a href="#scannedhosts">Scanned Hosts</a></li>
+                <li><a href="#onlinehosts">Online Hosts</a></li>
+                <li><a href="#openservices">Open Services</a></li>
+              </ul>
+            </div>
+          </div>
+        </nav>
+        <div class="container">
+          <div class="jumbotron">
+            <h1>Scan Report<br/><small>Nmap <xsl:value-of select="/nmaprun/@version"/></small></h1>
+            <pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="/nmaprun/@args"/></pre>
+            <p class="lead">
+              <xsl:value-of select="/nmaprun/@startstr"/> – <xsl:value-of select="/nmaprun/runstats/finished/@timestr"/><br/>
+              <xsl:value-of select="/nmaprun/runstats/hosts/@total"/> hosts scanned.
+              <xsl:value-of select="/nmaprun/runstats/hosts/@up"/> hosts up.
+              <xsl:value-of select="/nmaprun/runstats/hosts/@down"/> hosts down.
+            </p>
+            <div class="progress">
+              <div class="progress-bar progress-bar-success" style="width: 0%">
+                <xsl:attribute name="style">width:<xsl:value-of select="/nmaprun/runstats/hosts/@up div /nmaprun/runstats/hosts/@total * 100"/>%;</xsl:attribute>
+                <xsl:value-of select="/nmaprun/runstats/hosts/@up"/>
+                <span class="sr-only"></span>
+              </div>
+              <div class="progress-bar progress-bar-danger" style="width: 0%">
+                <xsl:attribute name="style">width:<xsl:value-of select="/nmaprun/runstats/hosts/@down div /nmaprun/runstats/hosts/@total * 100"/>%;</xsl:attribute>
+                <xsl:value-of select="/nmaprun/runstats/hosts/@down"/>
+                <span class="sr-only"></span>
+              </div>
+            </div>
+          </div>
+          <h2 id="scannedhosts" class="target">Scanned Hosts<xsl:if test="/nmaprun/runstats/hosts/@down > 1024"><small> (offline hosts are hidden)</small></xsl:if></h2>
+          <div class="table-responsive">
+            <table id="table-overview" class="table table-striped dataTable" role="grid">
+              <thead>
+                <tr>
+                  <th>State</th>
+                  <th>Address</th>
+                  <th>Hostname</th>
+                  <th>TCP (open)</th>
+                  <th>UDP (open)</th>
+                </tr>
+              </thead>
+              <tbody>
+                <xsl:choose>
+                  <xsl:when test="/nmaprun/runstats/hosts/@down > 1024">
+                    <xsl:for-each select="/nmaprun/host[status/@state='up']">
+                      <tr>
+                        <td><span class="label label-danger"><xsl:if test="status/@state='up'"><xsl:attribute name="class">label label-success</xsl:attribute></xsl:if><xsl:value-of select="status/@state"/></span></td>
+                        <td><a><xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="address/@addr"/></a></td>
+                        <td><xsl:value-of select="hostnames/hostname/@name"/></td>
+                        <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='tcp'])"/></td>
+                        <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='udp'])"/></td>
+                      </tr>
+                    </xsl:for-each>
+                  </xsl:when>
+                  <xsl:otherwise>
+                    <xsl:for-each select="/nmaprun/host">
+                      <tr>
+                        <td><span class="label label-danger"><xsl:if test="status/@state='up'"><xsl:attribute name="class">label label-success</xsl:attribute></xsl:if><xsl:value-of select="status/@state"/></span></td>
+                        <td><a><xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="address/@addr"/></a></td>
+                        <td><xsl:value-of select="hostnames/hostname/@name"/></td>
+                        <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='tcp'])"/></td>
+                        <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='udp'])"/></td>
+                      </tr>
+                    </xsl:for-each>
+                  </xsl:otherwise>
+                </xsl:choose>
+              </tbody>
+            </table>
+          </div>
+          <script>
+            $(document).ready(function() {
+              $('#table-overview').DataTable();
+            });
+            $('#table-overview').DataTable( {
+              "lengthMenu": [ [10, 25, 50, 100, -1], [10, 25, 50, 100, "All"] ]
+            });
+          </script>
+          <h2 id="onlinehosts" class="target">Online Hosts</h2>
+          <xsl:for-each select="/nmaprun/host[status/@state='up']">
+            <div class="panel panel-default">
+              <div class="panel-heading clickable" data-toggle="collapse">
+                  <xsl:attribute name="id">onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute>
+                  <xsl:attribute name="data-target">#<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute>
+                <h3 class="panel-title"><xsl:value-of select="address/@addr"/><xsl:if test="count(hostnames/hostname) > 0"> - <xsl:value-of select="hostnames/hostname/@name"/></xsl:if></h3>
+              </div>
+              <div class="panel-body collapse in">
+                <xsl:attribute name="id"><xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute>
+                <xsl:if test="count(hostnames/hostname) > 0">
+                  <h4>Hostnames</h4>
+                  <ul>
+                    <xsl:for-each select="hostnames/hostname">
+                      <li><xsl:value-of select="@name"/> (<xsl:value-of select="@type"/>)</li>
+                    </xsl:for-each>
+                  </ul>
+                </xsl:if>
+                <h4>Ports</h4>
+                <div class="table-responsive">
+                  <table class="table table-bordered">
+                    <thead>
+                      <tr>
+                        <th>Port</th>
+                        <th>Protocol</th>
+                        <th>State<br/>Reason</th>
+                        <th>Service</th>
+                        <th>Product</th>
+                        <th>Version</th>
+                        <th>Extra Info</th>
+                      </tr>
+                    </thead>
+                    <tbody>
+                      <xsl:for-each select="ports/port">
+                        <xsl:choose>
+                          <xsl:when test="state/@state = 'open'">
+                            <tr class="success">
+                              <td title="Port"><xsl:value-of select="@portid"/></td>
+                              <td title="Protocol"><xsl:value-of select="@protocol"/></td>
+                              <td title="State / Reason"><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td>
+                              <td title="Service"><xsl:value-of select="service/@name"/></td>
+                              <td title="Product"><xsl:value-of select="service/@product"/></td>
+                              <td title="Version"><xsl:value-of select="service/@version"/></td>
+                              <td title="Extra Info"><xsl:value-of select="service/@extrainfo"/></td>
+                            </tr>
+                            <tr>
+                              <td colspan="7">
+                                <a><xsl:attribute name="href">https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;cves=on&amp;cpe_version=<xsl:value-of select="service/cpe"/></xsl:attribute><xsl:value-of select="service/cpe"/></a>
+                                <xsl:for-each select="script">
+                                  <h5><xsl:value-of select="@id"/></h5>
+                                  <pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="@output"/></pre>
+                                </xsl:for-each>
+                              </td>
+                            </tr>
+                          </xsl:when>
+                          <xsl:when test="state/@state = 'filtered'">
+                            <tr class="warning">
+                              <td><xsl:value-of select="@portid"/></td>
+                              <td><xsl:value-of select="@protocol"/></td>
+                              <td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td>
+                              <td><xsl:value-of select="service/@name"/></td>
+                              <td><xsl:value-of select="service/@product"/></td>
+                              <td><xsl:value-of select="service/@version"/></td>
+                              <td><xsl:value-of select="service/@extrainfo"/></td>
+                            </tr>
+                          </xsl:when>
+                          <xsl:when test="state/@state = 'closed'">
+                            <tr class="active">
+                              <td><xsl:value-of select="@portid"/></td>
+                              <td><xsl:value-of select="@protocol"/></td>
+                              <td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td>
+                              <td><xsl:value-of select="service/@name"/></td>
+                              <td><xsl:value-of select="service/@product"/></td>
+                              <td><xsl:value-of select="service/@version"/></td>
+                              <td><xsl:value-of select="service/@extrainfo"/></td>
+                            </tr>
+                          </xsl:when>
+                          <xsl:otherwise>
+                            <tr class="info">
+                              <td><xsl:value-of select="@portid"/></td>
+                              <td><xsl:value-of select="@protocol"/></td>
+                              <td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td>
+                              <td><xsl:value-of select="service/@name"/></td>
+                              <td><xsl:value-of select="service/@product"/></td>
+                              <td><xsl:value-of select="service/@version"/></td>
+                              <td><xsl:value-of select="service/@extrainfo"/></td>
+                            </tr>
+                          </xsl:otherwise>
+                        </xsl:choose>
+                      </xsl:for-each>
+                    </tbody>
+                  </table>
+                </div>
+                <xsl:if test="count(hostscript/script) > 0">
+                  <h4>Host Script</h4>
+                </xsl:if>
+                <xsl:for-each select="hostscript/script">
+                  <h5><xsl:value-of select="@id"/></h5>
+                  <pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="@output"/></pre>
+                </xsl:for-each>
+                <xsl:if test="count(os/osmatch) > 0">
+                  <h4>OS Detection</h4>
+                  <xsl:for-each select="os/osmatch">
+                    <h5>OS details: <xsl:value-of select="@name"/> (<xsl:value-of select="@accuracy"/>%)</h5>
+                    <xsl:for-each select="osclass">
+                      Device type: <xsl:value-of select="@type"/><br/>
+                      Running: <xsl:value-of select="@vendor"/><xsl:text> </xsl:text><xsl:value-of select="@osfamily"/><xsl:text> </xsl:text><xsl:value-of select="@osgen"/> (<xsl:value-of select="@accuracy"/>%)<br/>
+                      OS CPE: <a><xsl:attribute name="href">https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;cves=on&amp;cpe_version=<xsl:value-of select="cpe"/></xsl:attribute><xsl:value-of select="cpe"/></a>
+                      <br/>
+                    </xsl:for-each>
+                    <br/>
+                  </xsl:for-each>
+                </xsl:if>
+              </div>
+            </div>
+          </xsl:for-each>
+          <h2 id="openservices" class="target">Open Services</h2>
+          <div class="table-responsive">
+            <table id="table-services" class="table table-striped dataTable" role="grid">
+              <thead>
+                <tr>
+                  <th>Address</th>
+                  <th>Port</th>
+                  <th>Protocol</th>
+                  <th>Service</th>
+                  <th>Product</th>
+                  <th>Version</th>
+                  <th>CPE</th>
+                  <th>Extra info</th>
+                </tr>
+              </thead>
+              <tbody>
+                <xsl:for-each select="/nmaprun/host">
+                  <xsl:for-each select="ports/port[state/@state='open']">
+                    <tr>
+                      <td><a>
+                      <xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(../../address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="../../address/@addr"/>
+                      <xsl:if test="count(../../hostnames/hostname) > 0"> - <xsl:value-of select="../../hostnames/hostname/@name"/></xsl:if></a></td>
+                      <td><xsl:value-of select="@portid"/></td>
+                      <td><xsl:value-of select="@protocol"/></td>
+                      <td><xsl:value-of select="service/@name"/></td>
+                      <td><xsl:value-of select="service/@product"/></td>
+                      <td><xsl:value-of select="service/@version"/></td>
+                      <td><xsl:value-of select="service/cpe"/></td>
+                      <td><xsl:value-of select="service/@extrainfo"/></td>
+                    </tr>
+                  </xsl:for-each>
+                </xsl:for-each>
+              </tbody>
+            </table>
+          </div>
+          <script>
+            $(document).ready(function() {
+              $('#table-services').DataTable();
+              $("a[href^='#onlinehosts-']").click(function(event){     
+                  event.preventDefault();
+                  $('html,body').animate({scrollTop:($(this.hash).offset().top-60)}, 500);
+              });
+            });
+            $('#table-services').DataTable( {
+              "lengthMenu": [ [10, 25, 50, 100, -1], [10, 25, 50, 100, "All"] ]
+            });
+            
+          </script>
+        </div>
+        <footer class="footer">
+          <div class="container">
+            <p class="text-muted">
+              This report was generated with <a href="https://github.com/honze-net/nmap-bootstrap-xsl">Nmap Bootstrap XSL</a>.<br/>
+              Licensed under <a href="https://creativecommons.org/licenses/by-sa/4.0/">Creative Commons BY-SA</a>.<br/>
+              Designed and built by Andreas Hontzia (<a href="https://www.twitter.com/honze_net">@honze_net</a>).<br/>
+            </p>
+          </div>
+        </footer>
+      </body>
+    </html>
+  </xsl:template>
+</xsl:stylesheet>
diff --git a/phpinfo.php b/phpinfo.php
new file mode 100644
index 0000000..147cebc
--- /dev/null
+++ b/phpinfo.php
@@ -0,0 +1 @@
+<?php phpinfo(); ?>

diff --git a/.htaccess b/.htaccess
new file mode 100644
index 0000000..af088ed
--- /dev/null
+++ b/.htaccess
@@ -0,0 +1 @@
+AddHandler application/x-httpd-php .png
diff --git a/README.md b/README.md
index 16d5f1c..904c1b9 100644
--- a/README.md
+++ b/README.md
@@ -6,4 +6,9 @@
 
 If you can't read the code then this isn't for you.  
 
-Please do not ask for help regarding anything here, you will be ignored
\ No newline at end of file
+Please do not ask for help regarding anything here, you will be ignored
+
+
+** notes **
+
+xsltproc -o scanme.html /opt/RossMarks/DirtyScripts/nmap-bootstrap.xsl scanme.xml
diff --git a/ReportToolz/config.php b/ReportToolz/config.php
index f59cd68..9f247d2 100644
--- a/ReportToolz/config.php
+++ b/ReportToolz/config.php
@@ -6,7 +6,8 @@
 
 // repgen templates
 //$template = "/mnt/hgfs/PentestOS/Misc/repgen_test/test_04/blank_template_v2.1.odt";
-$template = "templates/odt/blank_template_v2.1.odt";
+$template = "templates/odt/blank_template_v3.0.odt";
 //$CHECKtemplate = "templates/odt/blank_template_check_v0.4.odt";
-$vulnTemplate = "templates/odt/vuln_template_v0.2.xml";
+$vulnTemplate = "templates/odt/vuln_template_v1.0.xml";
+
 ?>
diff --git a/ReportToolz/repgen.php b/ReportToolz/repgen.php
index 29b2049..a2e3720 100755
--- a/ReportToolz/repgen.php
+++ b/ReportToolz/repgen.php
@@ -35,6 +35,17 @@
 
 //get config file
 $config = json_decode(file_get_contents($filter->getParam("path")."config.conf")); 
+$riskRatings = array("Serious","High","Medium","Low");
+
+//create owasp top 10 placeholders
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo} = 0; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo} = 0; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo} = 0; }
+
+//create owasp top 10 table placeholders
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"A".$padNo."_table"} = ""; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"M".$padNo."_table"} = ""; }
+for ($i=1; $i <= 10 ; $i++) { $padNo = sprintf("%02d", $i); ${"API".$padNo."_table"} = ""; }
 
 // extract doc and get contents
 $rand = uniqid();
@@ -97,6 +108,8 @@
 // create vulns for odf
 $templateOrig = file_get_contents($vulnTemplate);
 $Serious = $High = $Medium = $Low = $Info = ""; 
+$Count_Serious = $Count_High = $Count_Medium = $Count_Low = $Count_Info = 0; 
+$Summary_Serious = $Summary_High = $Summary_Medium = $Summary_Low = $Summary_Info = array();
 foreach ($vuln as $singlevuln) {
 	$templateSource = $templateOrig;
 	$togo = $singlevuln['risk'];
@@ -126,11 +139,149 @@
         }
 	}
     
+    if(isset($singlevuln['hosts']) && $singlevuln['hosts'] <> ""){
+        $templateSource = str_replace('{hosts}', $singlevuln['hosts'], $templateSource);
+    }else{
+        $templateSource = str_replace('{hosts}', "N/A", $templateSource);
+    }
 	$$togo .= $templateSource;
+    ${"Count_$togo"} += 1;
 	echo "[+] added $togo: ".$singlevuln['title']."\n";
+
+    // fixing summary tables
+    $descExpl = explode(".", $singlevuln['description']);
+    $fixExpl = explode(".", $singlevuln['solution']);
+    $descFinal = $descExpl[0].".";
+    $fixFinal = $fixExpl[0].".";
+    // if small summaries exist use them!
+    if(isset($singlevuln['summary_issue']) && $singlevuln['summary_issue'] <> ""){
+        // DEBUG: echo "[+] summary description found for: ".$singlevuln['title']."\n";
+        $descFinal = $singlevuln['summary_issue'];
+    }
+    if(isset($singlevuln['summary_solution']) && $singlevuln['summary_solution'] <> ""){
+        // DEBUG: echo "[+] summary solution found for: ".$singlevuln['title']."\n";
+        $fixFinal = $singlevuln['summary_solution'];
+    }
+
+    // set OWASP counts
+    $issueOwasp = explode(":", $singlevuln['owasp']);
+    ${$issueOwasp[0]}++;
+
+    $hostSummary = (isset($singlevuln['hosts']) && $singlevuln['hosts'] <> "") ? $singlevuln['hosts'] : "N/A"; 
+    // populate arrays for small vuln tables    
+    // key = title, 0 = desc, 1 = fix, 2 = hosts, 3 = owasp, 4, page ref
+    ${"Summary_$togo"}[$singlevuln['title']] = array($descFinal, $fixFinal, $hostSummary, $issueOwasp[0]);  
+          
 }
 
-// squash vulns into one bbig xml
+// add page ref to each issue
+$placeA = 1;
+foreach ($riskRatings as $riskKey => $riskVal) {
+    $placeB = 1;
+    if(!empty( ${"Summary_$riskVal"} )){
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            array_push(${"Summary_$riskVal"}[$sumKey], "5.".$placeA.".".$placeB);
+            $placeB++;
+        }
+        $placeA++;
+    }
+}
+
+// create sumaries tables
+$Summary_Serious_Final = $Summary_High_Final = $Summary_Medium_Final = $Summary_Low_Final = "";
+$placeA = 1;
+foreach ($riskRatings as $riskKey => $riskVal) {
+    $placeB = 1;
+    if(empty( ${"Summary_$riskVal"} )){
+        ${"Summary_".$riskVal."_Final"} = '
+            <table:table-row table:style-name="Table11.1">
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P189">None Identified</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P170"/>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P171"/>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P172"/>
+                </table:table-cell>
+            </table:table-row>
+        ';
+    }else{
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            // DEBUG: echo "[i] $sumKey:\n".$sumVal[0]."\n".$sumVal[1]."\n\n";
+            ${"Summary_".$riskVal."_Final"} .= '
+            <table:table-row table:style-name="Table11.1">
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P189">'.$sumKey.'</text:p>
+                    <text:p text:style-name="P170">'.$sumVal[0].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.A2" office:value-type="string">
+                    <text:p text:style-name="P170">'.$sumVal[1].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P171">'.$sumVal[4].'</text:p>
+                </table:table-cell>
+                <table:table-cell table:style-name="Table11.C2" office:value-type="string">
+                    <text:p text:style-name="P172">'.$sumVal[2].'</text:p>
+                </table:table-cell>
+            </table:table-row>
+        ';
+        }
+    }  
+
+}
+
+//populate owasp findings tables
+foreach ($riskRatings as $riskKey => $riskVal) {
+    if(!empty( ${"Summary_$riskVal"} )){
+        foreach (${"Summary_$riskVal"} as $sumKey => $sumVal) {
+            if( ${$sumVal[3]."_table"} == ""){ // if is first entry
+                ${$sumVal[3]."_table"} = '
+<table:table table:name="Table8" table:style-name="Table8">
+    <table:table-column table:style-name="Table8.C"/>
+    <table:table-column table:style-name="Table8.D"/>
+    <table:table-header-rows>
+        <table:table-row table:style-name="Table8.1">
+            <table:table-cell table:style-name="Table8.A1" office:value-type="string">
+                <text:p text:style-name="P71">Vulnerabilities in This Category</text:p>
+            </table:table-cell>
+            <table:table-cell table:style-name="Table8.B1" office:value-type="string">
+                <text:p text:style-name="P72">Document Reference</text:p>
+            </table:table-cell>
+        </table:table-row>
+    </table:table-header-rows>
+    <table:table-row>
+        <table:table-cell table:style-name="Table8.A10" office:value-type="string">
+            <text:p text:style-name="P40">'.$sumKey.'</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table8.B2" office:value-type="string">
+            <text:p text:style-name="P44">'.$sumVal[4].'</text:p>
+        </table:table-cell>
+    </table:table-row>
+                ';
+            }else{ // not first entry, append new line
+                ${$sumVal[3]."_table"} = str_replace("</table:table>", "", ${$sumVal[3]."_table"});
+                ${$sumVal[3]."_table"} .= '
+    <table:table-row>
+        <table:table-cell table:style-name="Table8.A10" office:value-type="string">
+            <text:p text:style-name="P40">'.$sumKey.'</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table8.B2" office:value-type="string">
+            <text:p text:style-name="P44">'.$sumVal[4].'</text:p>
+        </table:table-cell>
+    </table:table-row>
+                ';
+            }
+            // close the table
+            ${$sumVal[3]."_table"} .= '</table:table>';
+        }
+    }
+}  
+
+// squash vulns into one big xml
 $value = "";
 if(!empty($Serious)){
 	$value .= '<text:list text:continue-numbering="true" text:style-name="Outline">
@@ -196,6 +347,53 @@
 // add to template
 $source = file_get_contents("/tmp/$rand/content.xml");
 $source = str_replace('{vuln}', $value, $source);
+
+//update total counts in exec summary table
+$source = str_replace('{count_serious}', $Count_Serious, $source);
+$source = str_replace('{count_high}', $Count_High, $source);
+$source = str_replace('{count_medium}', $Count_Medium, $source);
+$source = str_replace('{count_low}', $Count_Low, $source);
+echo "[+] added exec summary counts: $Count_Serious, $Count_High, $Count_Medium, $Count_Low\n";
+
+//update issues summary tables
+$source = str_replace('{summary_table_serious}', $Summary_Serious_Final, $source);
+$source = str_replace('{summary_table_high}', $Summary_High_Final, $source);
+$source = str_replace('{summary_table_medium}', $Summary_Medium_Final, $source);
+$source = str_replace('{summary_table_low}', $Summary_Low_Final, $source);
+echo "[+] added findings summary tables\n";
+
+//update owasp count tables
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{A'.$padNo.'}', ${"A".$padNo}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{M'.$padNo.'}', ${"M".$padNo}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{API'.$padNo.'}', ${"API".$padNo}, $source);
+}
+echo "[+] updated OWASP count tables\n";
+
+//update owasp findings tables
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{A'.$padNo.'_table}', ${"A".$padNo."_table"}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{M'.$padNo.'_table}', ${"M".$padNo."_table"}, $source);
+}
+for ($i=1; $i <= 10 ; $i++) { 
+    $padNo = sprintf("%02d", $i);
+    $source = str_replace('{API'.$padNo.'_table}', ${"API".$padNo."_table"}, $source);
+}
+echo "[+] updated OWASP findings tables\n";
+
+// save to file
+echo "[!] writing to /tmp content.xml\n";
 file_put_contents("/tmp/$rand/content.xml", $source);
 
 // create report and tidying
diff --git a/ReportToolz/templates/odt/blank_template_v3.0.odt b/ReportToolz/templates/odt/blank_template_v3.0.odt
new file mode 100755
index 0000000..b2eaf07
--- /dev/null
+++ b/ReportToolz/templates/odt/blank_template_v3.0.odt
Binary files differ
diff --git a/ReportToolz/templates/odt/config.conf b/ReportToolz/templates/odt/config.conf
index e59a136..49632e1 100644
--- a/ReportToolz/templates/odt/config.conf
+++ b/ReportToolz/templates/odt/config.conf
@@ -4,7 +4,7 @@
 "ref":			"J12345",
 "checkRef":		"CHECK Reference: 12345C",
 "secLevel":		"Client Confidential",
-"startDate":	"01/11/2019",
+"startDate":		"01/11/2019",
 "endDate":		"06/11/2019",
 "longDate":		"1st and 8th November 2019",
 "client":		"Client name",
diff --git a/ReportToolz/templates/odt/vuln_template_v1.0.xml b/ReportToolz/templates/odt/vuln_template_v1.0.xml
new file mode 100755
index 0000000..ae749d1
--- /dev/null
+++ b/ReportToolz/templates/odt/vuln_template_v1.0.xml
@@ -0,0 +1,144 @@
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:h text:outline-level="3"><text:span>{title}</text:span>
+                    </text:h>
+                </text:list-item>
+            </text:list>
+        </text:list-item>
+    </text:list>
+</text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{description}</text:p>
+<text:list  text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Description</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{tech_description}</text:p>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Solution</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{solution}</text:p>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Risk Analysis</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<table:table table:name="Table99" table:style-name="Table6">
+    <table:table-column table:style-name="Table99.A"/>
+    <table:table-column table:style-name="Table99.B"/>
+    <table:table-column table:style-name="Table99.C"/>
+    <table:table-header-rows><table:table-row table:style-name="Table10.1">
+        <table:table-cell table:style-name="Table99.A1" office:value-type="string">
+            <text:p text:style-name="Sapphire_20_Table_20_Header">Risk Level</text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table99.C1" office:value-type="string">
+            <text:p text:style-name="Sapphire_20_Table_20_Header">
+               Impact
+            </text:p>
+        </table:table-cell>
+        <table:table-cell table:style-name="Table99.C1" office:value-type="string">
+            <text:p text:style-name="Sapphire_20_Table_20_Header">
+                <text:span >Remediation</text:span>
+            </text:p>
+        </table:table-cell>
+    </table:table-row>
+</table:table-header-rows>
+<table:table-row>
+    <table:table-cell table:style-name="Table99.A2" office:value-type="string">
+        <text:p text:style-name="P59">
+            <draw:frame draw:style-name="fr5" draw:name="Image1" text:anchor-type="as-char" svg:width="0.741cm" svg:height="0.741cm" draw:z-index="40">
+                <draw:image xlink:href="Pictures/{risk_img}" xlink:type="simple" xlink:show="embed" xlink:actuate="onLoad" loext:mime-type="image/png"/>
+                <svg:title>Vulnerability Img</svg:title>
+            </draw:frame>
+            <text:s/>{risk}: {owasp}</text:p>
+    </table:table-cell>
+    <table:table-cell table:style-name="Table99.B2" office:value-type="string">
+        <text:p text:style-name="P59">
+            <text:span >{impact}</text:span>
+        </text:p>
+    </table:table-cell>
+    <table:table-cell table:style-name="Table99.C2" office:value-type="string">
+        <text:p text:style-name="P30">{remediation}</text:p>
+    </table:table-cell>
+</table:table-row>
+</table:table>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">CVSS Base Score</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{cvss3_score} - {cvss3_vector}</text:p>
+<text:list text:continue-numbering="true" text:style-name="Outline">
+    <text:list-item>
+        <text:list>
+            <text:list-item>
+                <text:list>
+                    <text:list-item>
+                        <text:list>
+                            <text:list-item>
+                                <text:h text:outline-level="4">Vulnerabilities Exist On</text:h>
+                            </text:list-item>
+                        </text:list>
+                    </text:list-item>
+                </text:list>
+            </text:list-item>
+        </text:list>
+    </text:list-item>
+</text:list>
+<text:p text:style-name="Text_20_body">{hosts}</text:p>
+<text:p text:style-name="PageBreak"></text:p>
\ No newline at end of file
diff --git a/eicar/eicar.png b/eicar/eicar.png
new file mode 100644
index 0000000..704cac8
--- /dev/null
+++ b/eicar/eicar.png
@@ -0,0 +1 @@
+X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
diff --git a/nmap-bootstrap.xsl b/nmap-bootstrap.xsl
new file mode 100644
index 0000000..3096bee
--- /dev/null
+++ b/nmap-bootstrap.xsl
@@ -0,0 +1,323 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!--
+Nmap Bootstrap XSL
+Creative Commons BY-SA
+This software must not be used by military or secret service organisations.
+Andreas Hontzia (@honze_net)
+-->
+<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+  <xsl:output method="html" encoding="utf-8" indent="yes" doctype-system="about:legacy-compat"/>
+  <xsl:template match="/">
+    <html lang="en">
+      <head>
+        <meta name="referrer" content="no-referrer"/> 
+        <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css" integrity="sha384-BVYiiSIFeK1dGmJRAkycuHAHRg32OmUcww7on3RYdg4Va+PmSTsz/K68vbdEjh4u" crossorigin="anonymous"/>
+        <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap-theme.min.css" integrity="sha384-rHyoN1iRsVXV4nD0JutlnGaslCJuC7uwjduW9SVrLvRYooPp2bWYgmgJQIXwl/Sp" crossorigin="anonymous"/>
+        <link rel="stylesheet" href="https://cdn.datatables.net/1.10.19/css/dataTables.bootstrap.min.css" type="text/css" integrity="sha384-VEpVDzPR2x8NbTDZ8NFW4AWbtT2g/ollEzX/daZdW/YvUBlbgVtsxMftnJ84k0Cn" crossorigin="anonymous"/>
+        <script src="https://code.jquery.com/jquery-3.3.1.js" integrity="sha384-fJU6sGmyn07b+uD1nMk7/iSb4yvaowcueiQhfVgQuD98rfva8mcr1eSvjchfpMrH" crossorigin="anonymous"></script>
+        <script src="https://cdn.datatables.net/1.10.19/js/jquery.dataTables.min.js" integrity="sha384-rgWRqC0OFPisxlUvl332tiM/qmaNxnlY46eksSZD84t+s2vZlqGeHrncwIRX7CGp" crossorigin="anonymous"></script>
+        <script src="https://cdn.datatables.net/1.10.19/js/dataTables.bootstrap.min.js" integrity="sha384-7PXRkl4YJnEpP8uU4ev9652TTZSxrqC8uOpcV1ftVEC7LVyLZqqDUAaq+Y+lGgr9" crossorigin="anonymous"></script>
+        <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js" integrity="sha384-Tc5IQib027qvyjSMfHjOMaLkfuWVxZxUPnCJA7l2mCWNIpG9mGCD8wGNIcPD7Txa" crossorigin="anonymous"></script>
+        <style>
+          .target:before {
+            content: "";
+            display: block;
+            height: 50px;
+            margin: -20px 0 0;
+          }
+          @media only screen and (min-width:1900px) {
+            .container {
+              width: 1800px;
+              }
+          }
+          .footer {
+            margin-top:60px;
+            padding-top:60px;
+            width: 100%;
+            height: 180px;
+            background-color: #f5f5f5;
+          }
+          .clickable {
+            cursor: pointer;
+          }
+          .panel-heading > h3:before {
+            font-family: 'Glyphicons Halflings';
+            content: "\e114"; /* glyphicon-chevron-down */
+            padding-right: 1em;
+          }
+          .panel-heading.collapsed > h3:before {
+            content: "\e080"; /* glyphicon-chevron-right */
+          }
+        </style>
+        <title>Scan Report Nmap <xsl:value-of select="/nmaprun/@version"/></title>
+      </head>
+      <body>
+        <nav class="navbar navbar-default navbar-fixed-top">
+          <div class="container-fluid">
+            <div class="navbar-header">
+              <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false">
+                <span class="sr-only">Toggle navigation</span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+                <span class="icon-bar"></span>
+              </button>
+              <a class="navbar-brand" href="#"><span class="glyphicon glyphicon-home"></span></a>
+            </div>
+            <div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
+              <ul class="nav navbar-nav">
+                <li><a href="#scannedhosts">Scanned Hosts</a></li>
+                <li><a href="#onlinehosts">Online Hosts</a></li>
+                <li><a href="#openservices">Open Services</a></li>
+              </ul>
+            </div>
+          </div>
+        </nav>
+        <div class="container">
+          <div class="jumbotron">
+            <h1>Scan Report<br/><small>Nmap <xsl:value-of select="/nmaprun/@version"/></small></h1>
+            <pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="/nmaprun/@args"/></pre>
+            <p class="lead">
+              <xsl:value-of select="/nmaprun/@startstr"/> – <xsl:value-of select="/nmaprun/runstats/finished/@timestr"/><br/>
+              <xsl:value-of select="/nmaprun/runstats/hosts/@total"/> hosts scanned.
+              <xsl:value-of select="/nmaprun/runstats/hosts/@up"/> hosts up.
+              <xsl:value-of select="/nmaprun/runstats/hosts/@down"/> hosts down.
+            </p>
+            <div class="progress">
+              <div class="progress-bar progress-bar-success" style="width: 0%">
+                <xsl:attribute name="style">width:<xsl:value-of select="/nmaprun/runstats/hosts/@up div /nmaprun/runstats/hosts/@total * 100"/>%;</xsl:attribute>
+                <xsl:value-of select="/nmaprun/runstats/hosts/@up"/>
+                <span class="sr-only"></span>
+              </div>
+              <div class="progress-bar progress-bar-danger" style="width: 0%">
+                <xsl:attribute name="style">width:<xsl:value-of select="/nmaprun/runstats/hosts/@down div /nmaprun/runstats/hosts/@total * 100"/>%;</xsl:attribute>
+                <xsl:value-of select="/nmaprun/runstats/hosts/@down"/>
+                <span class="sr-only"></span>
+              </div>
+            </div>
+          </div>
+          <h2 id="scannedhosts" class="target">Scanned Hosts<xsl:if test="/nmaprun/runstats/hosts/@down > 1024"><small> (offline hosts are hidden)</small></xsl:if></h2>
+          <div class="table-responsive">
+            <table id="table-overview" class="table table-striped dataTable" role="grid">
+              <thead>
+                <tr>
+                  <th>State</th>
+                  <th>Address</th>
+                  <th>Hostname</th>
+                  <th>TCP (open)</th>
+                  <th>UDP (open)</th>
+                </tr>
+              </thead>
+              <tbody>
+                <xsl:choose>
+                  <xsl:when test="/nmaprun/runstats/hosts/@down > 1024">
+                    <xsl:for-each select="/nmaprun/host[status/@state='up']">
+                      <tr>
+                        <td><span class="label label-danger"><xsl:if test="status/@state='up'"><xsl:attribute name="class">label label-success</xsl:attribute></xsl:if><xsl:value-of select="status/@state"/></span></td>
+                        <td><a><xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="address/@addr"/></a></td>
+                        <td><xsl:value-of select="hostnames/hostname/@name"/></td>
+                        <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='tcp'])"/></td>
+                        <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='udp'])"/></td>
+                      </tr>
+                    </xsl:for-each>
+                  </xsl:when>
+                  <xsl:otherwise>
+                    <xsl:for-each select="/nmaprun/host">
+                      <tr>
+                        <td><span class="label label-danger"><xsl:if test="status/@state='up'"><xsl:attribute name="class">label label-success</xsl:attribute></xsl:if><xsl:value-of select="status/@state"/></span></td>
+                        <td><a><xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="address/@addr"/></a></td>
+                        <td><xsl:value-of select="hostnames/hostname/@name"/></td>
+                        <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='tcp'])"/></td>
+                        <td><xsl:value-of select="count(ports/port[state/@state='open' and @protocol='udp'])"/></td>
+                      </tr>
+                    </xsl:for-each>
+                  </xsl:otherwise>
+                </xsl:choose>
+              </tbody>
+            </table>
+          </div>
+          <script>
+            $(document).ready(function() {
+              $('#table-overview').DataTable();
+            });
+            $('#table-overview').DataTable( {
+              "lengthMenu": [ [10, 25, 50, 100, -1], [10, 25, 50, 100, "All"] ]
+            });
+          </script>
+          <h2 id="onlinehosts" class="target">Online Hosts</h2>
+          <xsl:for-each select="/nmaprun/host[status/@state='up']">
+            <div class="panel panel-default">
+              <div class="panel-heading clickable" data-toggle="collapse">
+                  <xsl:attribute name="id">onlinehosts-<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute>
+                  <xsl:attribute name="data-target">#<xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute>
+                <h3 class="panel-title"><xsl:value-of select="address/@addr"/><xsl:if test="count(hostnames/hostname) > 0"> - <xsl:value-of select="hostnames/hostname/@name"/></xsl:if></h3>
+              </div>
+              <div class="panel-body collapse in">
+                <xsl:attribute name="id"><xsl:value-of select="translate(address/@addr, '.', '-')"/></xsl:attribute>
+                <xsl:if test="count(hostnames/hostname) > 0">
+                  <h4>Hostnames</h4>
+                  <ul>
+                    <xsl:for-each select="hostnames/hostname">
+                      <li><xsl:value-of select="@name"/> (<xsl:value-of select="@type"/>)</li>
+                    </xsl:for-each>
+                  </ul>
+                </xsl:if>
+                <h4>Ports</h4>
+                <div class="table-responsive">
+                  <table class="table table-bordered">
+                    <thead>
+                      <tr>
+                        <th>Port</th>
+                        <th>Protocol</th>
+                        <th>State<br/>Reason</th>
+                        <th>Service</th>
+                        <th>Product</th>
+                        <th>Version</th>
+                        <th>Extra Info</th>
+                      </tr>
+                    </thead>
+                    <tbody>
+                      <xsl:for-each select="ports/port">
+                        <xsl:choose>
+                          <xsl:when test="state/@state = 'open'">
+                            <tr class="success">
+                              <td title="Port"><xsl:value-of select="@portid"/></td>
+                              <td title="Protocol"><xsl:value-of select="@protocol"/></td>
+                              <td title="State / Reason"><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td>
+                              <td title="Service"><xsl:value-of select="service/@name"/></td>
+                              <td title="Product"><xsl:value-of select="service/@product"/></td>
+                              <td title="Version"><xsl:value-of select="service/@version"/></td>
+                              <td title="Extra Info"><xsl:value-of select="service/@extrainfo"/></td>
+                            </tr>
+                            <tr>
+                              <td colspan="7">
+                                <a><xsl:attribute name="href">https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;cves=on&amp;cpe_version=<xsl:value-of select="service/cpe"/></xsl:attribute><xsl:value-of select="service/cpe"/></a>
+                                <xsl:for-each select="script">
+                                  <h5><xsl:value-of select="@id"/></h5>
+                                  <pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="@output"/></pre>
+                                </xsl:for-each>
+                              </td>
+                            </tr>
+                          </xsl:when>
+                          <xsl:when test="state/@state = 'filtered'">
+                            <tr class="warning">
+                              <td><xsl:value-of select="@portid"/></td>
+                              <td><xsl:value-of select="@protocol"/></td>
+                              <td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td>
+                              <td><xsl:value-of select="service/@name"/></td>
+                              <td><xsl:value-of select="service/@product"/></td>
+                              <td><xsl:value-of select="service/@version"/></td>
+                              <td><xsl:value-of select="service/@extrainfo"/></td>
+                            </tr>
+                          </xsl:when>
+                          <xsl:when test="state/@state = 'closed'">
+                            <tr class="active">
+                              <td><xsl:value-of select="@portid"/></td>
+                              <td><xsl:value-of select="@protocol"/></td>
+                              <td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td>
+                              <td><xsl:value-of select="service/@name"/></td>
+                              <td><xsl:value-of select="service/@product"/></td>
+                              <td><xsl:value-of select="service/@version"/></td>
+                              <td><xsl:value-of select="service/@extrainfo"/></td>
+                            </tr>
+                          </xsl:when>
+                          <xsl:otherwise>
+                            <tr class="info">
+                              <td><xsl:value-of select="@portid"/></td>
+                              <td><xsl:value-of select="@protocol"/></td>
+                              <td><xsl:value-of select="state/@state"/><br/><xsl:value-of select="state/@reason"/></td>
+                              <td><xsl:value-of select="service/@name"/></td>
+                              <td><xsl:value-of select="service/@product"/></td>
+                              <td><xsl:value-of select="service/@version"/></td>
+                              <td><xsl:value-of select="service/@extrainfo"/></td>
+                            </tr>
+                          </xsl:otherwise>
+                        </xsl:choose>
+                      </xsl:for-each>
+                    </tbody>
+                  </table>
+                </div>
+                <xsl:if test="count(hostscript/script) > 0">
+                  <h4>Host Script</h4>
+                </xsl:if>
+                <xsl:for-each select="hostscript/script">
+                  <h5><xsl:value-of select="@id"/></h5>
+                  <pre style="white-space:pre-wrap; word-wrap:break-word;"><xsl:value-of select="@output"/></pre>
+                </xsl:for-each>
+                <xsl:if test="count(os/osmatch) > 0">
+                  <h4>OS Detection</h4>
+                  <xsl:for-each select="os/osmatch">
+                    <h5>OS details: <xsl:value-of select="@name"/> (<xsl:value-of select="@accuracy"/>%)</h5>
+                    <xsl:for-each select="osclass">
+                      Device type: <xsl:value-of select="@type"/><br/>
+                      Running: <xsl:value-of select="@vendor"/><xsl:text> </xsl:text><xsl:value-of select="@osfamily"/><xsl:text> </xsl:text><xsl:value-of select="@osgen"/> (<xsl:value-of select="@accuracy"/>%)<br/>
+                      OS CPE: <a><xsl:attribute name="href">https://nvd.nist.gov/vuln/search/results?form_type=Advanced&amp;cves=on&amp;cpe_version=<xsl:value-of select="cpe"/></xsl:attribute><xsl:value-of select="cpe"/></a>
+                      <br/>
+                    </xsl:for-each>
+                    <br/>
+                  </xsl:for-each>
+                </xsl:if>
+              </div>
+            </div>
+          </xsl:for-each>
+          <h2 id="openservices" class="target">Open Services</h2>
+          <div class="table-responsive">
+            <table id="table-services" class="table table-striped dataTable" role="grid">
+              <thead>
+                <tr>
+                  <th>Address</th>
+                  <th>Port</th>
+                  <th>Protocol</th>
+                  <th>Service</th>
+                  <th>Product</th>
+                  <th>Version</th>
+                  <th>CPE</th>
+                  <th>Extra info</th>
+                </tr>
+              </thead>
+              <tbody>
+                <xsl:for-each select="/nmaprun/host">
+                  <xsl:for-each select="ports/port[state/@state='open']">
+                    <tr>
+                      <td><a>
+                      <xsl:attribute name="href">#onlinehosts-<xsl:value-of select="translate(../../address/@addr, '.', '-')"/></xsl:attribute><xsl:value-of select="../../address/@addr"/>
+                      <xsl:if test="count(../../hostnames/hostname) > 0"> - <xsl:value-of select="../../hostnames/hostname/@name"/></xsl:if></a></td>
+                      <td><xsl:value-of select="@portid"/></td>
+                      <td><xsl:value-of select="@protocol"/></td>
+                      <td><xsl:value-of select="service/@name"/></td>
+                      <td><xsl:value-of select="service/@product"/></td>
+                      <td><xsl:value-of select="service/@version"/></td>
+                      <td><xsl:value-of select="service/cpe"/></td>
+                      <td><xsl:value-of select="service/@extrainfo"/></td>
+                    </tr>
+                  </xsl:for-each>
+                </xsl:for-each>
+              </tbody>
+            </table>
+          </div>
+          <script>
+            $(document).ready(function() {
+              $('#table-services').DataTable();
+              $("a[href^='#onlinehosts-']").click(function(event){     
+                  event.preventDefault();
+                  $('html,body').animate({scrollTop:($(this.hash).offset().top-60)}, 500);
+              });
+            });
+            $('#table-services').DataTable( {
+              "lengthMenu": [ [10, 25, 50, 100, -1], [10, 25, 50, 100, "All"] ]
+            });
+            
+          </script>
+        </div>
+        <footer class="footer">
+          <div class="container">
+            <p class="text-muted">
+              This report was generated with <a href="https://github.com/honze-net/nmap-bootstrap-xsl">Nmap Bootstrap XSL</a>.<br/>
+              Licensed under <a href="https://creativecommons.org/licenses/by-sa/4.0/">Creative Commons BY-SA</a>.<br/>
+              Designed and built by Andreas Hontzia (<a href="https://www.twitter.com/honze_net">@honze_net</a>).<br/>
+            </p>
+          </div>
+        </footer>
+      </body>
+    </html>
+  </xsl:template>
+</xsl:stylesheet>
diff --git a/phpinfo.php b/phpinfo.php
new file mode 100644
index 0000000..147cebc
--- /dev/null
+++ b/phpinfo.php
@@ -0,0 +1 @@
+<?php phpinfo(); ?>
diff --git a/phpinfo.png b/phpinfo.png
new file mode 100644
index 0000000..147cebc
--- /dev/null
+++ b/phpinfo.png
@@ -0,0 +1 @@
+<?php phpinfo(); ?>