Really nice presentation that Chris Gates and Rob Fuller gave at Derbycon 2011 (via IronGeek).
In a nutshell, the talk exposes how a pen-test should be carried instead of the simple 'scan-exploit-report'.
A proper penetration test must be data driven and it will always be costumer dependent. In fact, one of the most complicated parts of a penetration test is deciding with the costumer the objective and the rules of engagement.
The last part explains several post-exploitation techniques and some available tools that are under development.