I'm working my way through the course material and hoping to take the exam sometime in October or November. I have a question about how everyone organizes their notes, however. It seems to me there are two major categories of notes we take as pentesters who are trying to learn more.
The first category is information about our targets, whether for a pentest we're doing at work or for a specific machine on a CTF or whatever else. This would include hostnames, nmap results, specific URLs where we exploited a vuln or noticed something interesting to investigate later, etc. The second category is more broadly applicable stuff -- for example, that awesome XSS payload we used to get past some input validation or a SQL injection that worked out pretty well, or even just the basics of a topic that's new to us. It seems to me that it's ideal to have two sets of notes, one that's recon stuff about your specific targets and one that's the more broadly-applicable knowledge we've gained.
But what's the most efficient to take and maintain these notes? Is there some better way than taking all the notes I can while in a course chapter or a CTF and then separating and re-organizing them afterwards? (I should say too that I'm not opposed to this method in theory but I'm pretty ADHD and so often I forget to do it or I procrastinate til it just doesn't get done because there's no deadline involved.)
This is quite possibly the most r/KidsAreFuckingStupid thing I've ever seen. Wow.
maybe maybe maybe
maybemaybemaybe