Way to work

It is essential to prioritise clear and accurate documentation from the very beginning. This skill will benefit us no matter what path we take in information security or even other career paths.

As we complete boxes, labs, assessments, training courses, etc., we should be aggregating every payload, command, tip, as we never know when one may come in handy.

We should also maintain checklists, report templates for various assessment types, and build a findings/vulnerability database.

The majority of systems that we encounter during assessments, whether on-premise or in the cloud, will be based on these two operating systems. It is important to understand how to attack and defend these operating systems and how they can each be used as a platform to perform further penetration testing activities.