The reporting phase is often underestimated in its importance and considered as the boring, though necessary, part of a penetration test. Of course, the discovery and attack phases are the core and most exciting parts as it is when the penetration tester's technical skills are applied in practice. Penetration testers could be very skilled and might do an excellent job, but if they somehow fail to communicate their achievements to the customer effectively, their job is (at least in part) in vain.
Writing good reports is a required ability, almost an art, for penetration testers, and as for all the skills, can be improved through practice.
The process of writing a professional penetration test report comprises four stages:
Report planning
Information collection
Writing the first draft
Reviewing and finalization