HI guys. I know how to do web pentest theoretically but I don’t have a experience about it. I mean I have worked with just vulnerable machines not real web sites. So what do you recommend me. I don’t even know how to write a report. Where should I start ?