Before you start
Last updated
Last updated
Before we begin hacking, we wish to emphasise the importance of taking notes. You are going to have a hard time when you try to go back to boxes after 6 months, and discover you didn't even bother to jot down the IP address of the machine. You won't remember what you did, and you won't remember the exact commands you used. We have all done this, numerous times and it's the same every time. There is a huge gap in skill level and satisfaction for those that start taking notes from the beginning as opposed to those that don't.
We know taking notes is boring. Because who reads their notes anyway, right? But trust us on this! Even if you have excellent photographic memory, you want to be able to just copypaste your notes over to a buddy that wants to know how you did it or maybe make a beautiful looking writeup to show off to your hacker friends.
We won't force any specific note taking tool upon you, so if you want to use notepad.exe we're cool with that. Finding a good structure and workflow is the most important thing. Try not to let note taking distract you from the creative process of hacking. It's easy to get caught up in formatting and organizing notes, so try to avoid that. Note taking is already boring, don't make it even more boring and time consuming. Just write down the essentials in any form you like and then spend time after you have rooted the box to format and make it neat for later.
I (chryzsh) have recently adopted a method where I write in prosaic form what I did for each command in my notes. I also record every single command by copy-pasting it into my notes. When I'm done with a box I try to make a little write-up for myself. This makes it easier to reference later, especially if the notes are full of scan results from different tools.
For the time being I use VScode with something as plain as txt files in a very simple folder structure saved to a directory in Google Drive. I give the files names on their last octet of the IP address on HTB. Example: Google Drive/Hacking/labs/htb/75-nibbles.txt
You are of course free to take notes however you like!
I've been using OneNote since the beginning, organizing my files like this:
It's also a good idea to create a folder for HTB and making a new folder for each machine, putting all the files you use (scripts, shells, etc) in that folder, to keep it organized. If you start out being organized it'll help you down the road. You'll always go back to your notes and scripts!
Make a new notes file for each box. When you are hacking, put all these things in the file continuously:
Scan results
Commands you used
Important findings
Exploit and vulnerability links
Code snippets
Flags
Keepnote is built in to Kali if you want to take notes there
OneNote is a popular tool for organized note-taking
Take backups of your notes (Kind of boring)
Review your notes after each box and do some basic formatting (Boring)
Make an additional document / note with useful commands and tricks (super important)