Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
DansALLNotes/README.md
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
103 lines (80 sloc)
4.64 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Dans ALL Material Notes | |
| This Repo has my notes, slides and handouts for the material developed | |
| in ALL. It also holds some of my notes on the topics we teach, some of | |
| it may not be as polished as the proper materials, but hopefully its | |
| useful. | |
| ## Why keeping notes is awesome | |
| It's a good habit to keep notes during any of the work you do, not | |
| only will it help you write any reports in the short term, but when | |
| you go back to revisit something a few years down the line having | |
| decent notes is a godsend. Its easy to get caught up in the | |
| excitement of a new exploit, and stop keeping notes. However, if the | |
| process is written down, the next time you come across that issue its | |
| easier to deal with. | |
| Its Like commenting code, yes its a pain, and detracts (for a few | |
| moments) from the interesting stuff, but its worthwhile. You will know | |
| what you intended now, and writing comments is a PITA, but trust me, | |
| you will come back to stuff in a few years time and think "what was I | |
| doing" | |
| > Example: A while ago I did some really nice (but obscure) port | |
| > scanning and forwarding using netcat on HTB. About a year later I | |
| > had a similar issue but couldn't remember the syntax and processes | |
| > used. A quick grep of my notes meant I was back up to speed without | |
| > trying to hunt for the commands again. | |
| ## Markup Languages Rock! And why you should use them. | |
| Our next question is "What format to keep my notes in". There are so | |
| many options, although I (for reasons) try to avoid proprietary | |
| formats. Sticking to plain text gives us the widest range of options | |
| on how we interact with the file. | |
| Having some structure to the notes we keep is really useful, sections | |
| help to keep us organised, and being able to represent other things | |
| like tables or source code is also useful. In the old days I would | |
| have recommended \{LaTeX}, but the rise of formats like Markdown, | |
| means we get similar functionality with a shallower learning curve. | |
| Another advantage of Markdown, is that its naively supported by | |
| GitHub, (which actually renders the files), and supported in most of | |
| the major text editors. There is a nice tutorial on | |
| [Markdown on GitHub](https://guides.github.com/features/mastering-markdown/) | |
| Finally, if we use a tool like Pandoc for converting the raw markdown | |
| files, we can output in a huge number of formats, including PDF, HTML, | |
| Presentations, M$Word etc, without requiring a major rework. | |
| > NOTE: Things like keepnote are excellent ideas, but if you are | |
| > storing data in "the cloud", you need to have an internet connection | |
| > to keep things synced. | |
| > | |
| > Yes I also appreciate that GitHub is "in the cloud", but will | |
| > address that later. | |
| ## Why Git is Awesome for this kind of stuff | |
| - **Version Control** Is a bloody great idea, while we tend to think | |
| of if for keeping track of source code, it can also be really useful | |
| when writing. Firstly, it means we avoid the | |
| *DOCUMENT_3.14_Final_Final.docx* problem. It means we can keep track | |
| of all changes to the document (in something much more accessible | |
| than Words "track changes". Combined with plain text files for the | |
| content, it gives us a powerful way of keeping track of the latest | |
| version of the file, historical versions of text etc. | |
| - **See what progress you have made** This can be a powerful | |
| motivator, being able to see the updates to a document and your | |
| progress towards "finishing" can be interesting, and help you | |
| focus on the task. | |
| - **Works Offline** OK, so we need to use something like GitHub (or | |
| Bitbucket / Gitlab, other central repos are available) to | |
| centralise the work, but using a DVCS means we can make local | |
| changes, stash them in the working area, then sync when ready. | |
| It also means that we can still access the materials, without | |
| needing an internet connection, unlike tools like keepnote, which | |
| may require a constant connection. | |
| - **Opportunity for collaboration** The usual issues with many people | |
| working on one file still exist, but it still makes life a lot | |
| easier than passing around a file for each person to edit. | |
| - **Octocat Stickers** GitHub loves hearing about projects like | |
| this, ask them nicely and they may send you stickers. | |
| # Materials list | |
| ## Pen testing 101 | |
| - [Path Poisoning and SUID](Tutorials/Permissions.md) Walkthrough of level18 of Linux Trainer | |
| ## Cheat Sheets | |
| ## Other Interesting Things. | |
| ### HTB Writup Examples | |
| Exmaples of the types of notes I keep while doing HTB machines. Both are retired, but had some interesting stuff in them. | |
| - [Vault](HTB_Writups/Vault.md): Some nice Tunneling and port scanning using netcat. | |
| - [Frolic](HTB_Writups/Frolic.md): "A descent into encoding madness, with a nice BOF at the end" |