
Ask HN: How do you take notes when you're Bug Hunting or Pentesting? - garthhumphreys
I&#x27;m working on a note-taking desktop application to help with keeping track of all your notes and findings.<p>https:&#x2F;&#x2F;bigtruck.io&#x2F;atlas<p>What is your biggest problem when taking notes when you’re Bug Hunting or Pentesting?<p>Please let me know your feedback. Thanks.
======
segmondy
Oct 30 2017 8:14pm #HN, #notes

I take notes with vim when programming, in this form with a text file. I write
them my thoughts. I can search the file by date. I can search it by tag
/#notes. It's simple works and the only challenge is that I can't add my
doodle. If need be, I'll draw it out on piece of paper. I need to find a
simple way to import it. If something simple I do stuff such as
A<\--->B---->C<\----D

~~~
garthhumphreys
Thanks for describing your workflow.

------
axvk
Would be nice to see screenshots of your app on the site before I download it.
Don't just want to download an app in the blind.

My biggest issue is that while I'm taking notes, I just want to write notes
down quickly in one place without distracting me from the task, but when I get
back to them, I want them neatly organized by date, client, part of project,
etc.

~~~
Can_Not
Animated screenshots (gifs, not YouTube videos) in the repo's readme or
landing docs can be the difference between "this could actually be what I'm
looking for, I'll try it" and "this probably isn't what I'm looking for, I'm
not going to download just to find out what it actually is".

~~~
garthhumphreys
Truth be told, it was more of a landing page to gather feedback and determine
if note-taking is a true pain, I don't want to build the wrong thing, I want
to build something useful.

So I take your point, as we get closer to launch there will be more screens.
With that said do you mind sharing how you take notes and what's the biggest
pain for you?

Thanks again.

------
k4ch0w
I usually use OneNote or Markdown in sublime. I use it in conjunction with
[http://getgreenshot.org/](http://getgreenshot.org/).

I think a huge pain point is timestamping notes. So you generally start a
pentest and it would be helpful to add a timestamp at each place you take a
note. If you could then export it as a timeline of when events occurred that'd
be awesome. The reason why you want to see the timeline is so you can hand it
to the blue team and be like this is when we were doing bad stuff.

~~~
garthhumphreys
Thanks! Fantastic feedback. Can you tell me more details about the timeline
export format? How would that format look?

------
a_lifters_life
Keepnote - great platform support, and allows importing of images, and is a
WYSIWYG editor

~~~
garthhumphreys
Thanks for the feedback. Can you tell me what your workflow is when you're
using Keepnote?

------
SamHoustonCM
There's a blog post on Bugcrowd about note taking techniques. Might be helpful
for you! :) [https://blog.bugcrowd.com/the-importance-of-notes-session-
tr...](https://blog.bugcrowd.com/the-importance-of-notes-session-tracking-bug-
bounty-hunter-methodology)

~~~
garthhumphreys
Thanks, I've actually seen it and I've added to my research. I just looking
for more feedback I want to make sure I'm helping improve a real problem. Can
I post on the Bug crowd's forums to gather more feedback?

 __* Edit __*

I also sent a tweet to @ZephrFish to get his input too :)

