Really nice presentation that Chris Gates and Rob Fuller gave at Derbycon 2011  (via IronGeek).

In a nutshell,  the talk exposes how a pen-test should be carried instead of  the simple ‘scan-exploit-report’.

A proper penetration test must be data driven and it will always be costumer dependent. In fact, one of the most complicated parts of a penetration test is deciding with the costumer the objective and the rules of engagement.

The last part explains several post-exploitation techniques and some available tools that are under development.