PEN Testing

What does MSP’s do for pen testing. we’ve started to roll it out for our customers, wifi cracking, website checking for exploits etc but wondering if anyone else has done any pen testing for their customers?

What tools do you use?