OSCP - Taking Notes & Resources

John Hammond · Intermediate ·🔐 Cybersecurity ·6y ago

Key Takeaways

The video demonstrates the use of various tools such as GitLab, Vim, Pandoc, and LaTeX for note-taking, report creation, and PDF generation in the context of OSCP exam preparation. It also covers basic enumeration for Windows privilege escalation and provides tips for documentation and backup.

Full Transcript

hey what's going on everybody my name is John Hammond and a few people asked me if I would be willing and able and I am both of those things to share my note-taking process and some of the procedures that I did while I was taking my osep or offensive security certified professional so I want to put together a quick haphazard video like all my videos are and showcase some of that stuff so the first thing I'm gonna do is just fire up a little github or get lab repository I'm gonna use git lab because I like it to be private and I think you should too especially if these are gonna be your notes here so I'm just gonna go to get lab comm I'll quickly sign in I'm using LastPass so it'll just crank through username and password super simple super easy that's good stuff and I want to hit that new project button up on the top right I've seen this take a little bit of time to load and I don't know why right now that makes no sense to me okay cool here we are on get lab comm slash projects slash new so we can give a name to our project I'll just call mine o SCP with two E's so it's cool and clever and that way it's not the same as one that I already have so you can get a little project description these are my notes and resources for wow I I don't know why my mouse is like flashing is that doing that for you guys too sorry well I was taking osep cool and we can go ahead and create that project super easy cool so now we have that URL and we can work with it on the command line which is where the better stuff actually happens so I'm gonna do is I'm just going to get cloned that repository if you don't have get if you're on arch you should just be able to attack s install don't actually use the word install but yeh tak s get or sudo pac-man if you have any sudden a set up any aliases for that blah blah blah or if you're all new bun to or some other maybe debian-based with install distribution or you just have apt as your package vendor you can app the install kit so now I will CD into that directory and now we just have this as our workspace so I'm gonna use vim as my editor here I'll just create a little OS CP notes and what I like to do when I create things like this I'll just put my name and the dates was it October 6th yeah sometimes here come be like these are all my notes and we crank through that okay so I could just do a little get ad get commit added initial readme save that and let's pump that at the repository I'll just do a little git push here I don't have my SSH keys put together with git lab and I totally should I'm kind of a failure in that regard but okay now the vibra refresh that we could see my commit and my notes are in there and i could fill that out as i need it to that's super handy because that way now any pictures screenshots that you save just throw in this repository get add get commit throw it up there and then you have a cloud backup right in the sense that now all of your notes are in another remote location so if you happen to be working elsewhere and you've got some opportunity you've got some time you can just crank through some work and you have a backup right now we can go back a little bit of version control see some other notes you may have left there previously so another individuals I think it asked me for how do I actually convert my markdown into a PDF and the way that I had done that was with osep markdown to PDF I think I shared the link in that previous video no Raj had a little template for it and this was super awesome and I shared this and one of the showcase it this is a good template for creating the your exam report or lab report whatever you want to end up creating just keep it simple keep it easy and markdown and being able to work with it so you'll need pan doc and you need latex and this e is Vogel or ice Vogel dot Tech I think it's a little styling there I'm not entirely too hot on some of the pan doc stuff but then you could just run this command to quickly generate your PDF so I will show you how I set that up and I'll try and showcase some of my notes here but that all all that stuff comes from this ice Vogel repository here so you need that ice vocal tech file present in what you're going to actually be working with so I will show you that in what my old set up I'll go to pwk osep and there are my notes in some information that I kept track of here so I would work with pan dock and again yeh tat capital s to install that and then I needed text live tech most and the case of arch I think I don't know if that we'll go ahead and install core and bin but I added those before I added most so I'm not sure which of those is particularly necessary to be able to make my quick symbol generate report not a safe script run quickly and easily let me actually just go take this example repository here so I don't accidentally show you anything that I didn't want to previously let me I'll just get cloning in this current directory so that works just fine nice and easy now I have that o SCP exam report markdown directory here okay so I could take one of these example markdown files which I'll check out here and you can see nice give a little title good little author give some information there and fill out between the paragraphs and the sections that you would want to fill out according to the machines that you broke into write it quarterly exercises and the questions that you wanted to showcase I'm not actually gonna showcase mine because obviously that still has the actual content in there and I'm going to respect offensive security switches and not leak that information fingers crossed so that's how you can do this super simple super easy in markdown just type as you need to add whatever information you want these are more explanations and details blah blah blah and then we can actually go ahead and generate that output yeah let me out Jim so what I'm gonna do is just move my generate report script into that directory and I'll show you that in action exam okay cool great what this generate report script is is super small super simple just a wrapper around that pan dot command because they didn't want to keep typing that and running that over and over and over again I just take the argument and bring it out to a PDF file and I know in some usage up here so input markdown and output PDF and I move that ice Vogel latex file into the directory that needs to be an if for whatever reason that's not already in place on the machine because that I had that issue when I was working on another work machine that I want to get spun up on and then if that command to generate the PDF ran successfully I would simply show the PDF with evidence so let's try that what I'm going to do is just run my generate report script let's use the osep exam report templates who is Flynn because I like that one better at markdown and let's just say example dot PDF so give a little bit of some time just a quick second here and suddenly that will just pop out here's your penetration test here's your lab report here's your exam report whatever you want to put together and it's all of that same text that you've already seen now just in that beautiful easy breezy beautiful covergirl display so you can submit that over to offensive security nice and easy right that's super cool let me close out a lot and I'll show you some of the other stuff that I had in here because originally you do need to submit your exam report in lab report as part of a 7-zip AK a-- j-- and with your password offensive security ID all bundled in there and i didn't want to get any of that wrong so i made a quick little script that would do that bundled it all in and it would include the files that i created as necessary that way it runs the sevens of command with all those variables and passwords and everything in place and i don't need to accidentally get that wrong or have a typo because that would be devastating and they would not grade my not grade the exam and i would have completely failed so that sucks trying to avoid that so that is my generate report dot sh script that is the markdown PDF thing that i used that is how to create it in a simple text editor I used to use sublime now I'm trying to get into vim T MUX and Arch Linux and all that fancy stuff now I want to showcase some of the other notes that I took because those might be handy to you one thing that I noted was I had a Windows W get that I had found online it's just a simple visual basic script that I wanted to take note of and keep track of it in case you ever got on a Windows machine and you needed to be able to download things or download some stuff from your host or other privilege escalation scripts that you might be using etc etc that's this syntax right here I'm happy to share that and you would just simply run it with C script which you would normally be able to run and use just fine I didn't end up using this all that much because I was on low bins and that is you've probably seen it before in the GTFO bin side and you may very well have seen this one low bass the living off the land binaries and scripts this one is strictly for Windows and that you have a better website for this now you can check this out if you were to search for any of the commands that you're able to run on that target machine or the victim that you're working with you might be able to do interesting things with them like download files or encode and decode some different data streams or read files or write to files etc etc so normally I use cert util which is pretty handy dandy for getting us a quick download they have a simple syntax here to be able to download files if you're on that Windows host sometimes this wouldn't work for me so another one that I found was actually extract I think extract 32 that will still download as well take a look at that guy issue is that needs to be kind of hosted that file that you need to be able to download needs to be available on an SMB share so you could spin that up with in packet if you wanted to and I can showcase that if you guys particularly need me to but it's a good quick and easy way download that file and impac it can you can host it from your Kali machine or whatever attacker machine you're using so that's that but that came from my notion of this Windows double you get that I try to keep track of so other notes that I had things that I was just trying to keep in the back of my mind as part of my preparation some windows privilege escalations stuff a lot of these resources I found with YouTube and some information or some other people's writings and articles and blogs I tried to follow that /r o SCP or that r slash OSAP subreddit there's a lot of good information that flows through there all the time so I monitored that and some of these repositories were pretty great for actually keeping track of that information let me just show you that real quick this guy had some good notes and it would honestly always boil down to just basic enumeration basic hey what programs are installed at cetera cetera but this youtube series was phenomenal and i always forget this guy's name and i always fail at pronouncing it one way or the other but he has phenomenal videos quick super super short super simple i'm saying lots of s words tripping over my tongue here forward quick techniques and tactics for windows privilege escalation which you might want in the back your head but a lot of times it just kind of boils down to the basic enumeration so handy i would showcase that as well and i took notes unlike each section of this like one of these how do i do this in reality house my quick notes and reference that i can just copy and face commands or tweak and adjust as needed and i'd do that with a lot of things vim linux for this ok i didn't actually have really anything worthwhile in here dirty cow rational love some simple like kernel exploits things that you could take advantage of again i didn't have as much mileage with that what i got to game time but for maybe the practice environment those could come in handy if you're if you're scraping at straws so that's handy that's good for us and that is how I would simply generate things I would showcase the cover I guess of my PDF here for us oscy p OS that guy and these are the labs that I worked through right but I'm not going to show you this entire document but you can see there's 243 pages there I had a huge lab report and my exam page I think that one was also hefty oh I opened that with I have known my bad I literally yelled at myself in my head for doing that earlier so and I just had a little bit of a different display for the exam so that's that that's all that I really ended up doing use vim or sublime text or whatever tech center that you know and love through your stuff like jam out whatever you've been working with because it's in a simple text editor it's nice and easy to just write everything they already working on document as you go and then use that simple maybe uh generate report script and did I move that thing I may I may have moved that like a fool this is super duper handy and I found that really simple and easy just wrapping around that Panda command and being able to generate that PDF as quickly as I can so I'm happy to share this code I hope this kind of helps showcase a little bit of my methodology and some other resources and assets that I would use and work with so please let me know if there's more you want to see that I can realistically show you right I'm not I'm not trying to do anything bad here but I want to let you into my mind in my methodology for how I was able to burn through some of this stuff so markdown to PDF use a text editor document as you go along write down everything you can take screenshots throw it in your nice cloud backup and simple repository to keep track of stuff OSC PE so thank you guys for watching I hope you enjoyed this if you did please do like comment subscribe I'd love to see you guys in the next video I love to see you on discord join the server there's a link in the description I love to see one patron loves you on paypal just would love to see you at a conference at b-sides at Def Con thanks for watching everybody I'll see in the next video

Original Description

If you would like to support me, please like, comment & subscribe, and check me out on Patreon: https://patreon.com/johnhammond010 E-mail: johnhammond010@gmail.com PayPal: http://paypal.me/johnhammond010 GitHub: https://github.com/JohnHammond Site: http://www.johnhammond.org Twitter: https://twitter.com/_johnhammond
Watch on YouTube ↗ (saves to browser)
Sign in to unlock AI tutor explanation · ⚡30

Playlist

Uploads from John Hammond · John Hammond · 0 of 60

← Previous Next →
1 Code Commentaries? PHP to JavaScript in Bash and PHP!
Code Commentaries? PHP to JavaScript in Bash and PHP!
John Hammond
2 Tutorials? MySQL connection with PHP and Bash!
Tutorials? MySQL connection with PHP and Bash!
John Hammond
3 Variable Naming in Python! Happy Birthday, Linux! Nokia N900!
Variable Naming in Python! Happy Birthday, Linux! Nokia N900!
John Hammond
4 JavaScript Splits The URL!
JavaScript Splits The URL!
John Hammond
5 HTML Tables in Python!
HTML Tables in Python!
John Hammond
6 HTML, Net Shares, GML!
HTML, Net Shares, GML!
John Hammond
7 Python 08 Programming Style and Comments
Python 08 Programming Style and Comments
John Hammond
8 Python 26 Object Oriented Programming
Python 26 Object Oriented Programming
John Hammond
9 75 Python Tutorials, Out Now!
75 Python Tutorials, Out Now!
John Hammond
10 Batch 14 Mathematical Expressions
Batch 14 Mathematical Expressions
John Hammond
11 Batch 85 Array Append
Batch 85 Array Append
John Hammond
12 Batch 86 Array Count
Batch 86 Array Count
John Hammond
13 Batch 87 Array Index
Batch 87 Array Index
John Hammond
14 Batch 88 Array Insert
Batch 88 Array Insert
John Hammond
15 Batch 89 Array Remove
Batch 89 Array Remove
John Hammond
16 Batch 90 Array Reverse
Batch 90 Array Reverse
John Hammond
17 Python [colorama] 00 Installing on Linux
Python [colorama] 00 Installing on Linux
John Hammond
18 Python [colorama] 09 Cursor Position
Python [colorama] 09 Cursor Position
John Hammond
19 Python [hashlib] 02 Algorithms
Python [hashlib] 02 Algorithms
John Hammond
20 Python 00 Installing IDLE on Linux
Python 00 Installing IDLE on Linux
John Hammond
21 Python [pygame] 11 Rectangular Collision Detection
Python [pygame] 11 Rectangular Collision Detection
John Hammond
22 Python [pygame] 12 Platforming Rectangular Collision Resolution
Python [pygame] 12 Platforming Rectangular Collision Resolution
John Hammond
23 Python [XML-RPC] 01 Research
Python [XML-RPC] 01 Research
John Hammond
24 Python [pyenchant] 03 Personal Word Lists
Python [pyenchant] 03 Personal Word Lists
John Hammond
25 FancyURLopener Authentication and User-Agent [urllib] 03
FancyURLopener Authentication and User-Agent [urllib] 03
John Hammond
26 Python 04: PEP8 Coding
Python 04: PEP8 Coding
John Hammond
27 Python Challenge! 17 COOKIES
Python Challenge! 17 COOKIES
John Hammond
28 Google CTF 2016: Ernst Echidna
Google CTF 2016: Ernst Echidna
John Hammond
29 Google CTF 2016: Spotted Quoll
Google CTF 2016: Spotted Quoll
John Hammond
30 Google CTF 2016: Can you Repo It?
Google CTF 2016: Can you Repo It?
John Hammond
31 Google CTF 2016: No Big Deal
Google CTF 2016: No Big Deal
John Hammond
32 Google CTF 2016: In Recorded Conversation
Google CTF 2016: In Recorded Conversation
John Hammond
33 Homemade CTF Challenge: 01 "Orchestra"
Homemade CTF Challenge: 01 "Orchestra"
John Hammond
34 Homemade CTF Challenge: 02 "Bae's Base"
Homemade CTF Challenge: 02 "Bae's Base"
John Hammond
35 Homemade CTF Challenge: 03 "Web Hunt"
Homemade CTF Challenge: 03 "Web Hunt"
John Hammond
36 Homemade CTF Challenge: 04 "UPX"
Homemade CTF Challenge: 04 "UPX"
John Hammond
37 Homemade CTF Challenge: 05 "The Assumption Song"
Homemade CTF Challenge: 05 "The Assumption Song"
John Hammond
38 Homemade CTF Challenge: 06 "A Brisk Stroll"
Homemade CTF Challenge: 06 "A Brisk Stroll"
John Hammond
39 Homemade CTF Challenge: 06 "I lost my password!"
Homemade CTF Challenge: 06 "I lost my password!"
John Hammond
40 web25 :: Mr. Robot : EKOPARTY CTF 2016
web25 :: Mr. Robot : EKOPARTY CTF 2016
John Hammond
41 web50 : RFC 7230 :: EKOPARTY CTF 2016
web50 : RFC 7230 :: EKOPARTY CTF 2016
John Hammond
42 misc50 : Hidden inside EKO :: EKOPARTY CTF 2016
misc50 : Hidden inside EKO :: EKOPARTY CTF 2016
John Hammond
43 Hack The Vote 2016 CTF: Sander's Fan Club [web100]
Hack The Vote 2016 CTF: Sander's Fan Club [web100]
John Hammond
44 Hack The Vote 2016 CTF Warpspeed [forensics150]
Hack The Vote 2016 CTF Warpspeed [forensics150]
John Hammond
45 Juniors CTF 2016 :: Black Suprematic Square
Juniors CTF 2016 :: Black Suprematic Square
John Hammond
46 Juniors CTF 2016 :: Six Strange Tales
Juniors CTF 2016 :: Six Strange Tales
John Hammond
47 Juniors CTF 2016 :: Lost Code
Juniors CTF 2016 :: Lost Code
John Hammond
48 Juniors CTF 2016 :: Here Goes!
Juniors CTF 2016 :: Here Goes!
John Hammond
49 Juniors CTF 2016 :: Southern Cross
Juniors CTF 2016 :: Southern Cross
John Hammond
50 Juniors CTF 2016 :: Clone Attack
Juniors CTF 2016 :: Clone Attack
John Hammond
51 Juniors CTF 2016 :: Dirty Repo
Juniors CTF 2016 :: Dirty Repo
John Hammond
52 Juniors CTF 2016 :: Hackers Blog
Juniors CTF 2016 :: Hackers Blog
John Hammond
53 Juniors CTF 2016 :: Voting!!!
Juniors CTF 2016 :: Voting!!!
John Hammond
54 Juniors CTF 2016 :: The Good, The Bad and The Junkman
Juniors CTF 2016 :: The Good, The Bad and The Junkman
John Hammond
55 Juniors CTF 2016 :: Stop Thief!
Juniors CTF 2016 :: Stop Thief!
John Hammond
56 Juniors CTF 2016 :: ROFL
Juniors CTF 2016 :: ROFL
John Hammond
57 Juniors CTF 2016 :: Restriced Area
Juniors CTF 2016 :: Restriced Area
John Hammond
58 Juniors CTF 2016 :: Oh SSH!
Juniors CTF 2016 :: Oh SSH!
John Hammond
59 HackCon CTF 2017 TRIVIA and BONUS Challenges
HackCon CTF 2017 TRIVIA and BONUS Challenges
John Hammond
60 HackCon CTF 2017 "Bacche" Challenges
HackCon CTF 2017 "Bacche" Challenges
John Hammond

This video teaches viewers how to use various tools for note-taking, report creation, and PDF generation in the context of OSCP exam preparation. It also provides tips for documentation and backup, and covers basic enumeration for Windows privilege escalation.

Key Takeaways
  1. Create a new project on GitLab
  2. Clone the repository to the command line
  3. Create a README file with Vim
  4. Commit and push the changes to the repository
  5. Use a template to convert markdown to PDF
  6. Install pan doc and latex
  7. Set up script to generate PDF from markdown
  8. Run script to generate PDF
  9. Submit report in 7-zip archive
💡 Using a version control system like GitLab and a markup language like Markdown can help streamline note-taking and report creation, while also providing a secure way to store and share files.

Related Reads

📰
Designing trust after the Quantum Shock stripped away our digital armor
Learn how to design trust in a post-quantum world where traditional digital security measures are no longer effective
Medium · Cybersecurity
📰
6 Cybersecurity Mistakes Small Businesses Make Without Realizing
Learn the 6 common cybersecurity mistakes small businesses make and how to avoid them to protect your business from cyber threats
Medium · Cybersecurity
📰
The Server Room Is Not a Museum, Stop Preserving Ancient Systems
Learn to modernize outdated server systems to improve cybersecurity and efficiency
Medium · Cybersecurity
📰
Applying SAST Tools to Real Applications — A Hands-On Look at Bandit
Learn to apply SAST tools like Bandit to real applications for enhanced security
Dev.to · Mauricio Choqueña Choque
Up next
NordVPN Vs ExpressVPN 2026 | Which VPN Should You Choose?
Tutorial Stack
Watch →