This report is intended to define the base criteria for penetration testing reporting. While it is highly encouraged to use your own customized and branded format, the items in the PTES should provide a high level understanding of the items required within a report as well as a structure for the report to provide value to the reader.
For this final deliverable, complete a sample report of sufficient length and depth (pulling from Weeks 1-7 where is makes sense) that is of a quality that one would present to a client Chief Information Security Officer (CISO) who is paying for this service.
http://www.pentest-standard.org/index.php/Reporting
Rubic:
1.Demonstrates a sophisticated understanding of the topic(s) and issue(s)
2.Makes appropriate and powerful connections between the issues identified and the strategic concepts studied in the reading
3.Presents detailed, realistic, and appropriate recommendations clearly supported by the information presented and concepts from the reading
4.Use and Quality of References:All are reliable authorities