Pentesting with G0tD4un1k

While it is very important to keep the screenshots and the results of your tools logged and recorded correctly, consistently and extensively, it is equally important to keep your console logs. This is very helpful when you are done with your penetration test and recall later during the results analysis / report writing that - what was the result of 'that' command I ran??? It is very commonly missed out by most pentesters - at least the beginners. While there are many ways in which you can do this: 1] copy paste the console logs and save it in your fav text editor 2] use a systematic approach I am sure method [1] is known to all :) Let's learn method [2] - Use script yes there is in inbuilt tool / script in linux that you can make use of: script usage: script filename.log This will start a process and it will keep logging the console output to this file. Once you are done just 'exit' Not to mention that care must be taken that you do not exit this process in between ...

As a pentester most of the times you work on a linux destro and it important that you have the basics right so that you do not search for the commands every-time you try to do something. Best is to train yourself on linux 1st before you get into this side. I will try to keep this concise and keep updating it as & when I can think of something: ----------------------------------------------------------------------------------- Common Internet Searches from the terminal :) ----------------------------------------------------------------------------------- [A] Google search:     firefox www.google.com/search?q=Harshwardhan\ Kamdi         (Use the '\' seperator to continue the query. If the '\' seperator is not used then each word seperated by space will be treated as a new website. For e.g. in above example if the '\' is not used then firefox will open google and search for Harshwardhan and then it will open another tab and search for Kamdi....