Learning how to get organized and put things in the proper place. I suspect that I’ll come back and add things like naming conventions. But this is what I got so far for organizing the information gathered during a pen test, in a directory.
Customer name
- screenshots
- services
- scans
- nexpose|appscan
- nmap
- xml
- gnmap
- nmap
- pings
- enum
As few nmap scans as possible, and name them after the network or if there is something else that makes sense. So the files may be named 192.168.10.10.gnnmap and so on.
Ping files are named the same way, but are prefixed with ping-
enum files are for enumerating a domain controller. These are prefixed with enum- and end with -dc
Services are IP addresses and the file is named with the service-host
All data is immediately removed and encrypted off the machine and deleted as soon as reasonably possible.