Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: How do you take notes when you're Bug Hunting or Pentesting?
12 points by garthhumphreys on Oct 27, 2017 | hide | past | favorite | 12 comments
I'm working on a note-taking desktop application to help with keeping track of all your notes and findings.

https://bigtruck.io/atlas

What is your biggest problem when taking notes when you’re Bug Hunting or Pentesting?

Please let me know your feedback. Thanks.




Oct 30 2017 8:14pm #HN, #notes

I take notes with vim when programming, in this form with a text file. I write them my thoughts. I can search the file by date. I can search it by tag /#notes. It's simple works and the only challenge is that I can't add my doodle. If need be, I'll draw it out on piece of paper. I need to find a simple way to import it. If something simple I do stuff such as A<--->B---->C<----D


Thanks for describing your workflow.


Would be nice to see screenshots of your app on the site before I download it. Don't just want to download an app in the blind.

My biggest issue is that while I'm taking notes, I just want to write notes down quickly in one place without distracting me from the task, but when I get back to them, I want them neatly organized by date, client, part of project, etc.


Animated screenshots (gifs, not YouTube videos) in the repo's readme or landing docs can be the difference between "this could actually be what I'm looking for, I'll try it" and "this probably isn't what I'm looking for, I'm not going to download just to find out what it actually is".


Truth be told, it was more of a landing page to gather feedback and determine if note-taking is a true pain, I don't want to build the wrong thing, I want to build something useful.

So I take your point, as we get closer to launch there will be more screens. With that said do you mind sharing how you take notes and what's the biggest pain for you?

Thanks again.


Thanks, no problem, we're working on that.

Can you tell me more about 'organizing the notes by date, client, part of the project, etc'?


I usually use OneNote or Markdown in sublime. I use it in conjunction with http://getgreenshot.org/.

I think a huge pain point is timestamping notes. So you generally start a pentest and it would be helpful to add a timestamp at each place you take a note. If you could then export it as a timeline of when events occurred that'd be awesome. The reason why you want to see the timeline is so you can hand it to the blue team and be like this is when we were doing bad stuff.


Thanks! Fantastic feedback. Can you tell me more details about the timeline export format? How would that format look?


Keepnote - great platform support, and allows importing of images, and is a WYSIWYG editor


Thanks for the feedback. Can you tell me what your workflow is when you're using Keepnote?


There's a blog post on Bugcrowd about note taking techniques. Might be helpful for you! :) https://blog.bugcrowd.com/the-importance-of-notes-session-tr...


Thanks, I've actually seen it and I've added to my research. I just looking for more feedback I want to make sure I'm helping improve a real problem. Can I post on the Bug crowd's forums to gather more feedback?

* Edit *

I also sent a tweet to @ZephrFish to get his input too :)




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: