1
00:00:00,390 --> 00:00:05,940
So before we begin in this course and we really start to dive in it's important to cover one of the

2
00:00:05,940 --> 00:00:12,360
topics that I'm going to harp on the most which is effective no keeping if you're going to be successful

3
00:00:12,360 --> 00:00:19,030
in your career and you're going to be successful in this course you really need to take good notes.

4
00:00:19,050 --> 00:00:25,110
Now in this first video I'm going to show you what my notebook kind of looks like not only for my personal

5
00:00:25,110 --> 00:00:31,350
notebook but as a notebook for an assessment and how I might take notes for an assessment and then I'll

6
00:00:31,350 --> 00:00:38,640
also show you some note keeping applications that I prefer or I've heard students prefer in the second

7
00:00:38,640 --> 00:00:41,870
video we're going to cover how to install one of the applications.

8
00:00:41,880 --> 00:00:46,200
And another cool application used for taking screenshots.

9
00:00:46,200 --> 00:00:52,920
So let's take a look at my notebook first so here is my notebook and actually let's click over here.

10
00:00:52,920 --> 00:00:55,530
So this is my notebook and you can see it's really long.

11
00:00:55,530 --> 00:00:59,220
It's got all kinds of stuff in here and it's just something that I build upon.

12
00:00:59,430 --> 00:01:03,490
This one in particular is actually only geared towards active directory.

13
00:01:03,600 --> 00:01:05,370
So I have a few different notebooks.

14
00:01:05,370 --> 00:01:10,340
This one is active directory and it's actually a few different courses that I've taken in the past they've

15
00:01:10,350 --> 00:01:14,400
kind of put together and then just for assessment work et cetera.

16
00:01:14,400 --> 00:01:16,580
I just kind of have a little cheat sheet here.

17
00:01:16,620 --> 00:01:21,760
So I wanted to show you this one in particular because these were built off of courses and you're gonna

18
00:01:21,780 --> 00:01:22,820
be working through a course.

19
00:01:22,850 --> 00:01:26,490
So kind of just get an idea of how maybe to structure it.

20
00:01:27,060 --> 00:01:31,040
So here you can see I structured it and I've got different modules here where.

21
00:01:31,070 --> 00:01:31,310
OK.

22
00:01:31,320 --> 00:01:39,090
Module one might have had this e-mail macro fundamentals model to to here has all these different components

23
00:01:39,090 --> 00:01:39,650
to them right.

24
00:01:39,660 --> 00:01:45,780
And we have we have notes then we have child notes and even sub children to those child notes and I'll

25
00:01:45,780 --> 00:01:50,700
show you how to create that here in a second but let's say for example enumeration which is one of the

26
00:01:50,700 --> 00:01:56,370
most important things that you're going to cover in hacking and we take a look at enumeration you'll

27
00:01:56,370 --> 00:02:02,850
have to understand what any of this means here but you could see if I want to look at a domain and I

28
00:02:02,850 --> 00:02:06,090
want to get the current domain that I'm on here's the command I run.

29
00:02:06,090 --> 00:02:11,940
And here is a picture of what it looks like and here's what comes back when you run that command.

30
00:02:11,940 --> 00:02:12,540
That's great.

31
00:02:12,540 --> 00:02:16,760
That's what I want to see and I have a whole list of commands for all these in here right.

32
00:02:16,770 --> 00:02:24,720
So if I'm confused on a assessment and I want to go and find a command that I'm not sure of I can go

33
00:02:24,720 --> 00:02:26,700
to my little cheat sheet here.

34
00:02:26,700 --> 00:02:32,730
Now again this is really long so you have to create your notes the way it really helps you for a course.

35
00:02:32,730 --> 00:02:34,760
I think it's good to write it all out.

36
00:02:34,800 --> 00:02:38,840
Step by step like this and then go back and make a cheat sheet.

37
00:02:38,850 --> 00:02:40,200
I don't need this pictures anymore.

38
00:02:40,200 --> 00:02:46,200
I've been doing this for a while so maybe I just say hey get current domain is getting that domain and

39
00:02:46,200 --> 00:02:49,210
then I say hey OK get object of another domain.

40
00:02:49,230 --> 00:02:54,300
Here's an example that I don't need the pictures it makes it really long but as an example and over

41
00:02:54,300 --> 00:02:57,150
time you learn with the pictures as well at least I2

42
00:02:59,920 --> 00:03:02,260
so let's build from that.

43
00:03:02,270 --> 00:03:06,800
Here is an example of an actual assessment that I did for a client.

44
00:03:06,920 --> 00:03:08,840
And you can see how I did this.

45
00:03:08,900 --> 00:03:15,080
Now I did an external internal and web application assessment for this client and these were the findings.

46
00:03:15,080 --> 00:03:21,640
Now I'm only going to show you what is master obfuscated already or doesn't reveal client information.

47
00:03:21,800 --> 00:03:25,480
But as you can see here one example is on the internal.

48
00:03:25,520 --> 00:03:27,950
They had something called SMB signing disabled.

49
00:03:27,950 --> 00:03:29,180
You don't need to worry about it.

50
00:03:29,660 --> 00:03:32,560
But here in my picture I've got a nice picture.

51
00:03:32,600 --> 00:03:37,910
The picture has highlighted it says hey message shining disable that signifies SMB signings disabled

52
00:03:38,360 --> 00:03:44,540
and it has the IP address so we identified the machine and we get proof of concept that this SMB signing

53
00:03:44,660 --> 00:03:46,430
is disabled here.

54
00:03:46,430 --> 00:03:49,890
Another example MH 17 0 1 0.

55
00:03:49,910 --> 00:03:54,620
These are both internal exploits that you're going to encounter in this course.

56
00:03:54,620 --> 00:03:55,430
Here's one.

57
00:03:55,430 --> 00:03:56,660
I check this machine.

58
00:03:56,660 --> 00:03:58,810
It says hey this target's not patched.

59
00:03:58,820 --> 00:04:03,890
Now this is one I didn't exploit but it shows that it's actually vulnerable to this attack.

60
00:04:03,890 --> 00:04:06,830
So these are a couple of screenshots that I'll put now.

61
00:04:07,010 --> 00:04:08,750
Your notes could be different than mine.

62
00:04:08,780 --> 00:04:14,600
How I organize is I take a screenshot I put it in here and then I make sure that I have at least the

63
00:04:14,600 --> 00:04:17,600
IP address in the screenshot for reference because I'll remember it.

64
00:04:17,960 --> 00:04:22,120
But if you need to go in here and take detailed notes that's absolutely fine as well.

65
00:04:22,160 --> 00:04:26,030
You always want good notes for your assessments because you never know if a client's going to come back

66
00:04:26,030 --> 00:04:30,640
in six months or even a year and say hey what was that one thing that you did here.

67
00:04:30,740 --> 00:04:36,170
And if you go back to your notes you say oh you know I did this and some people get down really into

68
00:04:36,170 --> 00:04:36,650
the weeds.

69
00:04:36,650 --> 00:04:41,630
They have dates times everything for step by step what they do on an assessment.

70
00:04:41,770 --> 00:04:43,050
And that's completely up to you.

71
00:04:43,160 --> 00:04:45,020
And how well you take your notes.

72
00:04:45,020 --> 00:04:46,510
This is kind of how I lay it out.

73
00:04:46,520 --> 00:04:48,290
And then you see the green checkmark next to it.

74
00:04:48,890 --> 00:04:51,110
I add those green checkmarks when I'm doing my report.

75
00:04:51,190 --> 00:04:56,870
So as I'm building my report out and I cover something in the report I'll just go ahead and right click

76
00:04:56,900 --> 00:05:02,270
and I'll change the no icon to a checkmark meaning that I've written that part of the report for that

77
00:05:02,270 --> 00:05:03,230
finding.

78
00:05:03,230 --> 00:05:06,020
And we just kind of go through over time.

79
00:05:06,020 --> 00:05:11,990
So with that being said I do want to show you some decent applications the one that I'm using here and

80
00:05:11,990 --> 00:05:13,800
that you see is called Keep No.

81
00:05:13,850 --> 00:05:16,550
Now I run on Windows as a base.

82
00:05:16,670 --> 00:05:18,410
So keep no dot org.

83
00:05:18,410 --> 00:05:24,670
That's how you get keep No it is for Linux it is for Mac OS X but this is totally a preference thing.

84
00:05:24,740 --> 00:05:27,380
Me I prefer I've been using it for a long time.

85
00:05:27,380 --> 00:05:28,400
Some people don't like it.

86
00:05:28,690 --> 00:05:29,080
OK.

87
00:05:29,090 --> 00:05:31,850
So I'm going to offer some alternatives as well.

88
00:05:31,910 --> 00:05:36,540
Cherry tree comes built into Kelly Linux as you're going to see here in just a little bit.

89
00:05:36,590 --> 00:05:40,890
Worth looking at worth trying seeing if you like it.

90
00:05:41,000 --> 00:05:46,700
One notes another example if you use Microsoft and if you're a Mac user a lot of students have told

91
00:05:46,700 --> 00:05:48,670
me that Joplin is really good.

92
00:05:48,710 --> 00:05:51,710
Now I've never used this but I keep hearing great things about it.

93
00:05:51,740 --> 00:05:58,070
So what I'm gonna do is I'm going to put all of these into the course resources and you'll be able to

94
00:05:58,070 --> 00:06:00,950
look at them download them decide on your own.

95
00:06:01,040 --> 00:06:06,050
Now you're not limited to these for no keeping applications by any means.

96
00:06:06,140 --> 00:06:10,540
Feel free to use whatever you like to take notes if you want pen and paper.

97
00:06:10,580 --> 00:06:12,400
That's great as well.

98
00:06:12,440 --> 00:06:16,370
So just make sure that you're taking good notes and we're going to we're going to harp on this throughout

99
00:06:16,370 --> 00:06:17,260
the entire course.

100
00:06:17,300 --> 00:06:18,580
Over and over and over again.

101
00:06:18,590 --> 00:06:20,610
So make sure you're taking good notes.

102
00:06:20,750 --> 00:06:26,000
So from here we're we're gonna do is we're going to install keep note in the next video and we're going

103
00:06:26,000 --> 00:06:28,100
to install an awesome tool called Green shot.

104
00:06:28,100 --> 00:06:31,010
I'm sure you screenshot does and why it's so cool.

105
00:06:31,010 --> 00:06:34,050
And I cannot live on any assessment without it.

106
00:06:34,100 --> 00:06:36,200
So let's catch you over in the next video.

107
00:06:36,230 --> 00:06:37,880
When we work on installing those tools.