Note taking - Beginners guide to hacking and penetration testing (2017)

Beginners guide to hacking and penetration testing (2017)

Note taking:

Notation is a critical part of ethical hacking and penetration testing. Chances are you will be collecting a lot of data from a number of sources and having a way to keep things organized is critical. Fortunately for us there are a numberof free tools that we can use.

Dradis ( is a free web based tool that can help organize your notes. It allows for collaboration, sharing screenshots, tracking progress, connects with Nessus, Nmap, and other tools. You will need toset up Dradis onto a server (yours or a hosted one) and may be a little tricky to setup for some people, however there are tutorials up on their site.


Microsoft OneNote is available for free (web version) or part of the Office suite. OneNote allows for sharing, attaching screenshots, multiple notebooks, page encryption, and works across a number of devices including mobile.


Maltego ( is back again as we learn this flexible tool is more than just a search tool. One of the free plugins, CaseFile allows us to create an extensive chart that can be exported as an image or a graph.

To install, startup Maltego. On the splash screen you will see the various installed and various plugins. Find the CaseFile

Entities box and click Install (In our case we already have it installed).

Start up a new graph. On the Entity Pallet under People you will see various listings to use. For this example we will be using Female. Simple drag the entity over to our graph to start.

If you double click the Jane Doe icon a new box will open. From here we can change the target name, add in our notes, and add in images.

If we right click Jane Doe we will be able to run our usual transforms

When you finish your chart you can export your report into a table or graph.

BasKet Note Pads:

BasKet Note Pads is a free Linux program that can help you organize, sort, and keep track of all of your notes in a easy to use program. The program allows you to paste images, links, email addresses, files, application launchers, colors, screen grabs, etc. The other great thing is you can also password protect your files.

Once you have BasKet installed starting a new note is as simple as clicking New

The next screen type in the file name that you want to give your note then select the Template.

If you click on any open field you can either start typing in your note or if you click the arrow inside of the box you will be presented with a number of Tag options.

If you right click onto the empty field on the main screen you will be presented with a number of Insert options.

You can also create new BasKets, sub BasKets, or even sibling BasKets by right clicking on any of your notes.