# Penetration Testing Report

**Client:** [Client Name]
**Assessment Type:** External / Internal / Web Application Pentest
**Date:** [YYYY-MM-DD]
**Tester:** [Your Name / Company]

---

## Executive Summary

[Brief overview: scope, methodology, overall risk posture, and count of findings by severity.]

| Severity | Count |
|----------|-------|
| Critical | 0 |
| High     | 0 |
| Medium   | 0 |
| Low      | 0 |
| Info     | 0 |

---

## Scope

- **In scope:** [URLs, IP ranges, applications]
- **Out of scope:** [Excluded systems]
- **Methodology:** OWASP Testing Guide, PTES

---

## Finding 1: [Vulnerability Title]

**Severity:** [Critical / High / Medium / Low]
**CVSS 3.1:** [X.X] — `CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N`
**CWE:** [CWE-XXX]
**Affected asset:** [URL or component]

### Description
[What the vulnerability is and where it exists.]

### Steps to Reproduce
1. [Step one]
2. [Step two]
3. [Observe result]

### Proof of Concept
```
[HTTP request, screenshot reference, or exploit output]
```

### Impact
[Business and technical impact if exploited.]

### Remediation
[Specific fix recommendations.]

---

## Appendix

- Testing tools used
- Raw scan output (if applicable)

*Generated with PoCcraft — https://poccraft.com*
