public-pentesting-reports VS TJ-JPT

You might find https://github.com/juliocesarfort/public-pentesting-reports repository useful if you need to see how reports are generally structured and written.

As for templates, to be honest, I haven't come across many templates floating around. You could look through public pentest reports (https://github.com/juliocesarfort/public-pentesting-reports) and borrow the bits that you prefer and drop them into TCM's template and make it your own.

I know of this site https://redteam.guide/docs/Templates/report_template/ which for me is down but maybe that is temporary, otherwise seek the cached or wayback version. There are also these https://github.com/juliocesarfort/public-pentesting-reports which are pentesting reports but you may find a number that are more about red teaming or have elements of red teaming which you can refer to.

A repository of pentest reports. Writing reports is the most important component of pentesting and redteaming. A pentester who cannot explain what they did, what they found and what the recipient should do to fix their issues is of limited value.

If you're anything like me, examples help tremendously and so: https://github.com/juliocesarfort/public-pentesting-reports

For good examples, look here. I'd do a test with most of the firms on that list.

I'd say don't let yourself be discouraged by GP. Just look into a company before you apply. Many have public reports you could look at or security research they publish, both of which you could use as indicators.

Here's a repo with lots of public audit reports by various companies, you could use that as a starting point: https://github.com/juliocesarfort/public-pentesting-reports

For building notes, I suggest using TJNULL's joplin repo: https://github.com/tjnull/TJ-JPT

If you are looking to switch to Joplin take a look at TjNulls template repo. https://github.com/tjnull/TJ-JPT