Writing a Penetration Testing Report

Writing a penetration testing report is an art that needs to be learned to make sure that the report has delivered the right message to the right people. The report will be sent to the target organization's senior management and technical team as well. For this reason, we, as penetration testers, need to deliver the report in a way that serves our objective to secure the information. This paper will explain the penetration testing report writing methodology, based on the author's experiences, describing the report content and design. Appendix A shows a detailed example of a penetration testing report based on the described approach.