Not gunna lie - this is probably one of the best videos for pen testing out there! I have always struggled making notes as i go along and how to go about doing it!
One note has a feature to copy text from image. I find that very handy. so don't have to double copy . Right click image and select "copy text from image" then can paste below image for both.
Hi! I personally use Windows+Shift+S for snipping. my process would be a quick ctrl+alt to exit from vmware then windows+shift+S, click and drag a square to capture what i want, then ctrl+v in OneNote :D Ever since i found out that windows shortcut, i havent been opening snipping tool
Great Video. Why exactly do we have to change the script line from &target to &target? And how can I know what exactly to fix in other scripts that I will use in the future?
Excellent video. I'm very new to this but why did you wget lineum to your pc then wget from target to your machine. Couldn't you wget the file from github straight onto the target? Thanks
Great question. In a lot of CTF or lab environments you won't have external internet access from the target machines. I picked up the habit of hosting scripts from my attacker machine because of this limitation in a lot of training environments. But if the target allows for external internet access, then you're fine to pull it right from GitHub.
Hey, this is a custom machine I made. You can find the scripts to build it here, as well as a link to download it if you don't want to build it. Enjoy! github.com/C0nd4/vuln-labs
In fact, it will sound weird, I have found Google Docs to be perfectly good for notes. With FlameShot to take screenshot and CodeBlocks extension for pretty code it seems to be really easy to build (along with generating Contents list)
I love your videos, thank you so much for taking the time to help other people out. Quick question, in the pwk lab i saw some machines with the networking package (so ifconfig, netstat, etc..) missing. Do you think it's worth to take the time to maybe upload a binary or a tool just to get the ip for the screenshots? Especially during the exam where time is tight. Thanks in advance :)
Thank you very much! And I'm not sure if offsec still requires the IP info. But if they do, it would certainly be worth it. I don't remember ever having to do that though
You're correct. In the labs that is a thing. Use the "ip a" command. If all else fails, you can reach out to the proctor during the exam for such technical issues.
Hey Conda, great job! Just a question: during your "blind" exploitation of the box, are you taking every single note for every single finding (even if the become useless) or you prefer have a stable foothold and after that you wrote down your notes?
Often times I'll write down as much as possible, even things that don't work. Then I'll take note of the actual path I used and make that apparent in my notes.
@@c0nd4 u doing awesome bro.... I created word press vulnerable machine still o didn't posted it can we do matual If you don't mind, my instagram ID realvilu
![My [Updated] Hacking Methodology for OSCP](/img/n.gif)
Not gunna lie - this is probably one of the best videos for pen testing out there! I have always struggled making notes as i go along and how to go about doing it!
Thank you! I'm glad this strategy helped
I find myself struggling to take effective notes also, this should help.
If somebody Buy web-200 plz reply me
This should just be put in the Pen-200 intro section.... Amazingly well done sir! Thank you!!!
One note has a feature to copy text from image. I find that very handy. so don't have to double copy .
Right click image and select "copy text from image" then can paste below image for both.
Great methodology, it can be implemented through different note tools, Notion is powerful too. Please keep up bro
Thank you! Notion is great too! I don't have much experience with it, but I have seem some amazing stuff done in Notion.
Wow i've been looking for a note taking tutorial like this.
Thanks man appreciated.
Thank you for the support!
If somebody Buy web-200 plz reply me
Very Helpful :) You have eased my anxiety by sharing how to take notes by Doing IT live :)
That's awesome to hear! Thank you!
If somebody Buy web-200 plz reply me
Excellent structure and easy to follow. Thank you!
Thank you!
Great insight and I enjoyed this and so valuable using this for all my HTB ctf boxes and academy
Hi! I personally use Windows+Shift+S for snipping. my process would be a quick ctrl+alt to exit from vmware then windows+shift+S, click and drag a square to capture what i want, then ctrl+v in OneNote :D Ever since i found out that windows shortcut, i havent been opening snipping tool
also, i enjoyed and learned a lot from the video. thank you!
Wow I never knew about that shortcut! Thanks for sharing!
This is awesome thank you. I didn't know this was possible.
If somebody Buy web-200 plz reply me
That shortcut is what makes me use snipping tool in the first place😅 when u do it so much u get so fast at it like a bot
Really helpful because of that demo. That categorization will help save a lot of time. Thank you! Subscribed.
Thank you! I'm glad that you found it helpful. Good luck moving forward!
If somebody Buy web-200 plz reply me
Great Video. Why exactly do we have to change the script line from &target to &target?
And how can I know what exactly to fix in other scripts that I will use in the future?
Quality Content, Sir! Keep it up. God bless!
Thank you!
Thank you. This has been very helpful!
Excellent video. I'm very new to this but why did you wget lineum to your pc then wget from target to your machine. Couldn't you wget the file from github straight onto the target? Thanks
Great question. In a lot of CTF or lab environments you won't have external internet access from the target machines. I picked up the habit of hosting scripts from my attacker machine because of this limitation in a lot of training environments. But if the target allows for external internet access, then you're fine to pull it right from GitHub.
@@c0nd4 really appreciate the reply and explanation. I'm just in the Beginner course of try hack me so plenty to learn still. Thanks
man! that is great!!!
Glad you found it helpful!
Excellent content! Thanks so much!!
Thank you!
Awesome video thanks man!
Thank you!
Thank you for this video!
No problem! Hope it helped
Thanks a lot 🙏 I need to level up my organization skills
No problem, hope the video helped!
Please make a part 2 of this.
I was thinking about showing how to put these notes into the report template. Glad you enjoyed it!
@@c0nd4 PLEASE do that! Would be incredibly useful. Thanks so much! :)
@@c0nd4 Do that! I switched from cherry tree to One Note, it is awsome
hey this is awesome, I dont suppose you have a video going through the box you did this for? Thanks
Thank you! I do have a video doing a walkthrough for that box. You can check it out here:
ua-cam.com/video/jVYohSM473A/v-deo.html
This was amazing thanks for this video 😊
Thanks! Glad you enjoyed it.
Thank you, and which box it is you're working on?
Hey, this is a custom machine I made. You can find the scripts to build it here, as well as a link to download it if you don't want to build it. Enjoy!
github.com/C0nd4/vuln-labs
Thank you man
Amazing info thank you
Thank you very much for this ❤️
No problem, hope it was helpful!
@@c0nd4 definitely! Keep making the good content. Really love your videos! 🌟
Thank you! No plan on stopping any time soon 😁
what kind of study material (books and notes) should i use. plz help me.
Excellent video
In fact, it will sound weird, I have found Google Docs to be perfectly good for notes. With FlameShot to take screenshot and CodeBlocks extension for pretty code it seems to be really easy to build (along with generating Contents list)
I love your videos, thank you so much for taking the time to help other people out.
Quick question, in the pwk lab i saw some machines with the networking package (so ifconfig, netstat, etc..) missing. Do you think it's worth to take the time to maybe upload a binary or a tool just to get the ip for the screenshots?
Especially during the exam where time is tight. Thanks in advance :)
Thank you very much! And I'm not sure if offsec still requires the IP info. But if they do, it would certainly be worth it. I don't remember ever having to do that though
If somebody Buy web-200 plz reply me
@@c0nd4 do you buy web-200
You're correct. In the labs that is a thing. Use the "ip a" command. If all else fails, you can reach out to the proctor during the exam for such technical issues.
hello , why did you add & in the exploit ?!
How do you get the tabs to show on the Left panel instead of on top?
Hmm honestly I'm not too sure. They have always shown that way by default for me on every device.
Wish I could help more.
@@c0nd4 figured it out, apparently OneNote for Windows 10 is an entirely separate app to the outdated OneNote I was using 🤨
Thanks for sharing the solution!
@@c0nd4 no problem thanks for the help!
How did you know which line to exploit and how to exploit it
How did you know what to modify in the moinmoin exploit?
Hey Conda, great job! Just a question: during your "blind" exploitation of the box, are you taking every single note for every single finding (even if the become useless) or you prefer have a stable foothold and after that you wrote down your notes?
Often times I'll write down as much as possible, even things that don't work. Then I'll take note of the actual path I used and make that apparent in my notes.
@@c0nd4 thank you very much!
once you finish, what do you do? export as pdf?
Nope, I just keep my notes in One Note so I can access them from anywhere
Super bro appreciate
Thanks! Glad you liked it.
@@c0nd4 u doing awesome bro.... I created word press vulnerable machine still o didn't posted it can we do matual If you don't mind, my instagram ID realvilu
Useful : )
Glad it was helpful!
@@c0nd4 I am waiting for report writing part.
If somebody Buy web-200 plz reply me