I have created the following Mind Maps for penetration testing. This is part of my methodology. I begin with the Machine template and as I enumerate I am able to verify open ports. As each port and service are ewliminated I remove them from the template. Once all open port/services are identified exploitation candidates are determined.

Machine Template

As I run through exploitation notes and screenshots are attached to the appropriate area and the exploitation path is the only path left.

Machine A

Finally, The outline is copied and used for the final report!

A thank you to all the folks below as these have been assembled from a number of existing pages, repos and articles.

Alex Dib - https://scund00r.com/all/oscp/2018/02/25/passing-oscp.html#privilege-escalation

Fareed Fauzi - https://fareedfauzi.gitbook.io/oscp-cheatsheet/

HighOn.Coffee - https://highon.coffee/blog/

Mark Eldridge - https://gist.github.com/meldridge

ropnop blog - https://blog.ropnop.com/

Tib3rius - https://github.com/Tib3rius