Information Gathering seems to really be at the front of the list from recent talks and conferences. So I guess everyone has their own way or method when it comes to pen-testing. But I would almost guarantee that information gathering is one of the first things you do. There are a ton of tools out there starting to automate this, link relevant data together and in general make this task faster and more fruitful. Chris Gate’s talk at BruCon is pretty solid and has a great over view of open source tools.

Pick a mirror and his talk is labeled “Open-Source-Information-Gathering_Chris-Gates.ogg”
Brucon Videos
And the presentation is at
Brucon Presentations

Some of my personal favorites:
Robtex.com
And
Serversniff.net

Anyways I’m still toying with the site and trying to figure out what my goals are. But for now, keep hacking