# Common Legal Documents

<figure><img src="/files/6Jg4OreFIOeCGgPLUk0q" alt=""><figcaption></figcaption></figure>

{% hint style="info" %}
You probably wont see too much of the Sales documents unless you're higher up. They contain contract agreements and sales information
{% endhint %}

## Sales Documents

* **Mutual Non-Disclosure Agreement** (NDA)
  * Even before the contract is signed, the client will make you sign an NDA so you cant tell anybody about things specific to their network
  * Will come early on in sales process or right before ROE
  * Find out whats the goal and what they want done
* **Master Service Agreement** (MSA)
  * Contractual Document
  * Specify performance objectives and outline the responsibilities of both parties
  * Blanket agreement that covers multiple contracts; legal mumbo jumbo
* **Statement of Work**
  * Specific to one contract
  * Specify activities, deliverables, timelines, quotes

{% hint style="info" %}
We will do an AD network pentest starting from this day and ending on this day; we will deliver you a findings report at the end and it'll cost this much
{% endhint %}

* **Sample Report, Recommendation Letters**, etc.

## Before you test

* **Rules of Engagement or** CYA (cover yo ass)
  * Covers specifics of the testing
  * Says what you can and can't do
  * Commonly DoS attacks are off the table because you dont want to disrupt their work **(ALWAYS)**
  * Social engineering is usually off the table as well as it is usually its own test by itself

{% hint style="danger" %}
**DO NOT START A PENETRATION TEST UNTIL THE ROE IS REVIEWED AND SIGNED**
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://pnpt.adot8.com/report-writing/common-legal-documents.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.