Good writeup! Finding bugs is just a portion of a pen tester's responsibilities.<p>- You need to have strong technical writing skills. Reporting for each vulnerability should include:<p><pre><code> * Title
* Two sentence summary explaining the impact of the finding.
* Explanation of the vulnerability.
* Where the bug is (code if available).
* Proof of concept for exploitation. Clients may want a retest, ensure that the person reading the report can find the vulnerability quickly if need be! A quick explanation of how to navigate the app to the vulnerable page is useful.
* Remediation.
</code></pre>
The reporting should also contain an executive summary, summary of overall security posture, and any strategic recommendations.<p>- Report patterns that can lead to exploitation, but are currently not exploitable, as informational findings. Are they copying and pasting security sensitive code throughout application? Recommend a useful abstraction in the remediation! You don't want to play wack-a-mole and try to find all locations to update these scenarios.<p>- Does the client have sufficient logging and monitoring capabilities to detect an attack? The client may be interested in knowing if the security team can detect an intrusion is or has occurred.<p>- Recommend automation when possible! A Continuous Integration System should automatically be scanning for out of date dependencies.<p>- Time management skills are vital. Is a finding really convoluted to exploit, and would take a while to develop a Proof of Concept? Save the proof of concept for the end of the project. Ensure you try and get as much coverage as possible during your available given time.<p>- Project management skills are important. Test credentials early, and request whatever else you may need as soon as possible (buffer up questions to avoid email spam). Double check to ensure information hasn't been given to you already. You don't want to wait until the last couple days to request additional access if possible.