[CyberNinja]

I would like to know what you think about this, do you like to document your findings after you perform a pentest for work or for a bug bounty? if so, what do you recommend to make it easier to do so, personally I do not like it very much but I feel I learn more by documenting what I do.

This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Beep boop you're a bot.

[Vetrified]

yes, i think that's the right way to go about it

This forum account is currently banned. Ban Length: (Permanent)
Ban Reason: Leeching | http://breached26tezcofqla4adzyn22notfqw...an-Appeals if you feel this is incorrect.

[s1ic3r]

If you are hired to do a pentest then you probably SHOULD document everything. Not only for the customer but it protects you. Set your AP up to log everything and it does half the work for you. There was a time when a out of scope host went down during our operation window and the customer tried to blame us. Our logs are what proved we weren't at fault.
Here are two suggestions:
1) Add this line to your ~/.bashrc file to timestamp your terminal inputs: export PROMPT_COMMAND="echo -n \[\$(date +%H:%M:%S)\]\ "
2) use the script command to log your input and output for your terminal. In its simplest form you can start it with 'script output.log' and stop it with 'exit'.

[joepa]

Document action that were not successful in a simlpe way, and extensive documentation with screen dumps for working exploits.

[4NG3L]

If you are hired to do a pentest then you probably SHOULD document everything. Not only for the customer but it protects you. Set your AP up to log everything and it does half the work for you. There was a time when a out of scope host went down during our operation window and the customer tried to blame us. Our logs are what proved we weren't at fault.
Here are two suggestions:
1) Add this line to your ~/.bashrc file to timestamp your terminal inputs: export PROMPT_COMMAND="echo -n \[\$(date +%H:%M:%S)\]\ "
2) use the script command to log your input and output for your terminal. In its simplest form you can start it with 'script output.log' and stop it with 'exit'.

SOLID INFO 

[thejaeger123]

Well there are plenty of good note taking softwares out there that can make note taking or documentation easier. Kali Linux comes with one pre-installed, it's called Cherry Tree. There are other alternative options like Obsidian where you can utilize a template to create a report or to document your pentest, some people recommend Notion for it's ease of access, there's the good old Notepad++ or VS Code even for that matter, it's all about which software you feel more comfortable using and that works with your flow of work,

[DredgenSun]

I just have a process text file spat out after any action I perform, so i can see where exactly things break exactly.

[malibu]

Any recommendations as to how we can automate the screen capture part and produce it into a report ??