1
00:00:09,300 --> 00:00:13,010
OK, last time we were together, we talked about the methodology.

2
00:00:13,410 --> 00:00:15,290
Now we're taking notes.

3
00:00:15,330 --> 00:00:23,760
So, you know, when you're either playing the CTF or you are trying to compile a report for a penetration

4
00:00:23,760 --> 00:00:29,820
testing engagement or writing exercise, you want to make sure that you are able to sort of coalesce

5
00:00:29,820 --> 00:00:34,800
all of your thoughts over screenshots, all the key points and data, the one place so that you can

6
00:00:34,800 --> 00:00:42,900
then after the engagement finishes, turn it into a report which can provide high value to your customer.

7
00:00:43,170 --> 00:00:45,820
So, you know, what we do here is there's a couple of different ways you can do it.

8
00:00:45,820 --> 00:00:50,130
Why some people just take notes in notepad, which I don't think is very effective.

9
00:00:50,790 --> 00:00:52,320
You can also use like Microsoft Word.

10
00:00:52,930 --> 00:00:56,550
I have the best way of taking notes is actually using something called Churchie.

11
00:00:57,120 --> 00:01:00,500
So I'm actually logged into callisthenics.

12
00:01:00,520 --> 00:01:03,570
This is an offensive penetration testing Linux framework.

13
00:01:03,570 --> 00:01:05,370
It's based on Debian is very popular.

14
00:01:06,000 --> 00:01:09,090
And we're going to show you how to set this up and install a little bit later.

15
00:01:09,300 --> 00:01:13,530
But right now, I just want to show you how you can watch this notetaking application, right?

16
00:01:13,540 --> 00:01:21,060
So if we go to the top and we just type Cherrix, you see tree shows up here, quick cherry tree and

17
00:01:21,060 --> 00:01:21,780
then we get this app.

18
00:01:22,350 --> 00:01:24,210
Now, the cool thing is in Linux.

19
00:01:25,550 --> 00:01:30,090
If you just press control shift print screen, you can put the screen, so let's pick up an application

20
00:01:30,090 --> 00:01:30,710
that we want to run.

21
00:01:31,130 --> 00:01:31,930
Let's say.

22
00:01:33,500 --> 00:01:34,550
Information gathering.

23
00:01:38,780 --> 00:01:42,260
Let's type them up on them map.

24
00:01:43,380 --> 00:01:43,800
It's crazy.

25
00:01:45,780 --> 00:01:50,820
So I don't have this map, which is strange, that the map is just different and gooey for in map,

26
00:01:51,570 --> 00:01:53,670
let's see if I can type in to find another application.

27
00:01:53,710 --> 00:01:54,360
Has a gooey.

28
00:01:59,510 --> 00:02:01,080
I'll take you to get one.

29
00:02:02,330 --> 00:02:03,890
So let's say we're running a.

30
00:02:05,050 --> 00:02:12,520
Control shift, print screen, and we can simply drag across the screen and copy it to the clipboard.

31
00:02:13,980 --> 00:02:18,030
I don't know if I captured it in time, let's see if I flip over to the territory and control the.

32
00:02:19,830 --> 00:02:23,070
We're right, click and paste, oh, that's right, we can't actually do anything until we create a

33
00:02:23,100 --> 00:02:23,460
node.

34
00:02:24,030 --> 00:02:29,490
So if we move over to the left, you can see it says out of node in here, it says that we can add a

35
00:02:29,910 --> 00:02:30,590
child node.

36
00:02:31,320 --> 00:02:35,000
So first we need to do is add a node so we can press control and to do that.

37
00:02:35,370 --> 00:02:36,990
So I'm going to press control.

38
00:02:37,890 --> 00:02:41,370
I'm going to name this basically the name of this particular engagement.

39
00:02:41,370 --> 00:02:43,040
So let's say you were testing me.

40
00:02:43,650 --> 00:02:45,480
I put me up there right.

41
00:02:46,020 --> 00:02:50,980
Then you would add your subnet shift controller so I can press shift and fill in.

42
00:02:51,900 --> 00:02:57,210
And typically, you want your seven nodes to map to the miter attack framework if you can.

43
00:02:59,730 --> 00:03:04,290
So recons the first one for press control, the which you pasting in whatever I have on my clipboard,

44
00:03:05,070 --> 00:03:08,130
which right now it looks like it's absolutely nothing useful.

45
00:03:08,970 --> 00:03:09,780
So let's delete that.

46
00:03:10,320 --> 00:03:14,550
That's minimizes more press control shift print screen.

47
00:03:16,500 --> 00:03:17,260
Screen darkens.

48
00:03:17,280 --> 00:03:19,620
I'm just going to drag a nice little box over here.

49
00:03:20,560 --> 00:03:20,990
Like a.

50
00:03:22,290 --> 00:03:28,560
And it should have copy that to the clipboard jobi yes they we go and you can see the scroll bar down

51
00:03:28,560 --> 00:03:28,850
here.

52
00:03:28,860 --> 00:03:30,780
It's kind of big so what we can do is right click.

53
00:03:31,440 --> 00:03:34,320
We can edit the image to make it a little bit smaller.

54
00:03:36,320 --> 00:03:37,730
So let's change it down to 500.

55
00:03:39,540 --> 00:03:43,900
You can see the dimensions are proportional, like, OK, and that looks a lot better, right?

56
00:03:46,710 --> 00:03:55,330
So then we can say something like fired up now Tego, to begin the second phase, right.

57
00:03:55,370 --> 00:03:56,790
We can do even some really fun things here.

58
00:03:56,790 --> 00:03:56,940
Right.

59
00:03:56,960 --> 00:04:01,320
So you could select this and then you can change it to an one graphic.

60
00:04:01,320 --> 00:04:14,230
And then below that you can say, um, I'll take a is in a free open source recon tool included in Calli

61
00:04:14,250 --> 00:04:14,850
clinics.

62
00:04:15,490 --> 00:04:15,840
Right.

63
00:04:16,380 --> 00:04:20,820
You can even, like, select the line and you can change the background to make it look, to make it

64
00:04:20,820 --> 00:04:22,350
pop out if you have something important.

65
00:04:24,550 --> 00:04:28,720
So that we can, of course, change this color from white to black.

66
00:04:32,100 --> 00:04:34,370
We're going to cover this black.

67
00:04:35,390 --> 00:04:39,380
Then once you fill out everything here, you would just add a new note, right, so control shift in

68
00:04:41,180 --> 00:04:43,880
and maybe it would be resource development.

69
00:04:46,210 --> 00:04:50,170
They see this one would became a child of the seventh grade so we can move it back up.

70
00:04:52,360 --> 00:04:57,040
You can go to Noad move and then you can just say note up where you can shift up up.

71
00:04:58,290 --> 00:05:00,330
Or no left ship left.

72
00:05:03,340 --> 00:05:05,370
You can see that we've got this new note here, right?

73
00:05:06,190 --> 00:05:17,070
We might say stood up digital ocean depths due to host Cobalt Strike Team several.

74
00:05:17,590 --> 00:05:17,870
Right.

75
00:05:18,130 --> 00:05:19,450
And then you put your notes about that here.

76
00:05:19,880 --> 00:05:22,530
And once you have everything here, you have everything you want it to be.

77
00:05:22,540 --> 00:05:25,540
You can just click file and then you can actually save this document.

78
00:05:26,540 --> 00:05:32,540
As a sequel I database, or you can even Password-Protected now, I usually just use the the XML that

79
00:05:32,540 --> 00:05:34,460
protected format because it's the easiest to use.

80
00:05:34,460 --> 00:05:36,110
But you can see have other formats here too.

81
00:05:36,620 --> 00:05:37,660
You can type your password here.

82
00:05:37,690 --> 00:05:39,200
You want it to click.

83
00:05:39,200 --> 00:05:39,530
OK.

84
00:05:40,680 --> 00:05:42,690
It's going to bit it, Acme.

85
00:05:44,270 --> 00:05:45,590
Put it in my documents.

86
00:05:47,590 --> 00:05:48,460
Close this guy up.

87
00:05:50,430 --> 00:05:52,320
Open the folder and then you should see it there.

88
00:05:53,490 --> 00:05:56,150
Typically, this should open more territory.

89
00:05:58,210 --> 00:06:02,820
So this is a windows, right, so you have to go the extra step of tapping cherry tree

90
00:06:05,760 --> 00:06:10,020
and then what was already open here, but if you needed to open it from scratch, you would you say

91
00:06:10,020 --> 00:06:13,030
file open file, find it and then you click open.

92
00:06:14,280 --> 00:06:19,810
This is also a good way, you know, to take notes if you're taking an exam with OCP or CDH.

93
00:06:20,010 --> 00:06:21,330
It's really important to stay organized.

94
00:06:21,330 --> 00:06:22,350
Keep your notes in one place.

95
00:06:22,710 --> 00:06:27,450
You remember that cool trick control shift screen to take a screenshot.

96
00:06:28,400 --> 00:06:33,440
And then control the toothpaste, very nice, right, very cool.

97
00:06:33,470 --> 00:06:34,990
So that's it for this lecture.

98
00:06:35,000 --> 00:06:37,770
I want to keep it really, really straightforward in the next lecture.

99
00:06:37,790 --> 00:06:41,440
We're going to dig into a networking refresher.

100
00:06:41,630 --> 00:06:45,380
So we're going to give you just, you know, a basic background on networking.

101
00:06:45,380 --> 00:06:46,190
In case you forgot, I.

102
00:06:46,830 --> 00:06:51,090
By the presence of three shaking, she like that, and then once we get through that section, we're

103
00:06:51,090 --> 00:06:56,600
going to dig into our laps, which is good to see you guys in the next elections.