Pen[extraction] testing is ethical hacking where a client gives you an id on a system with the privileges of a regular or restricted user. The goal is to see if you can elevate those privileges to a superuser or access resources that should be protected.
It's a way to beat your head against a wall without the physical pain. It's incredibly frustrating trying things and getting nowhere. The likelihood of finding a backdoor on a well secured system is very low. The systems I've tested have both been done after a full scale security audit and remedial changes.
On the ones I've done on mainframe database systems I've produced violations that have tripped the clients trip-wires and revoked my access to the system.
Failing to break a system is just as satisfying as breaking in.
Note: Having anything remotely humorous in your signature is completely banned on this forum.
Any DMs sent on Twitter will be answered next month.
This is a doctor free zone.