Staying Organized

organization is always crucial

1. Make sure that your project folders are well organized

2. Have a clear folder structure in your attack machine to save data

Projects/
└── Acme Company
    ├── EPT [ external penetration test ]
    │   ├── evidence
    │   │   ├── credentials
    │   │   ├── data
    │   │   └── screenshots
    │   ├── logs
    │   ├── scans
    │   ├── scope
    │   └── tools
    └── IPT [ internal penetration test ]
        ├── evidence
        │   ├── credentials
        │   ├── data
        │   └── screenshots
        ├── logs
        ├── scans
        ├── scope
        └── tools

Keeping penetration testing structured can save time.

1. Create a folder for each target host and save screenshots within it

2. Organize notes by host or network and save screenshots directly into the note-taking tool.

Note-taking tools:

• https://www.giuspen.com/cherrytree

• https://www.notion.so/

• https://notepad-plus-plus.org/downloads

• https://code.visualstudio.com/

• https://www.gitbook.com/

• https://evernote.com/

• https://www.sublimetext.com/

build a findings/vulnerability database include a finding title, description, impact, remediation advice, and references.

1. Aggregating every payload, command

2. Maintain checklists

3. Maintain report templates for various assessment types

4. Build a findings/vulnerability database