ArticlesToolsContact

Art of note-taking in Cybersecurity

09.02.2024

Introduction

Learning technical subjects, including cybersecurity, combines specialized IT knowledge, intensive hands-on practice, and the necessity of programming. In this context, effective learning and note-taking methods become key to achieving success.

Combining Theory with Practice

Learning cybersecurity requires not only understanding the theoretical foundations of data and IT systems security but also practical skills. These skills can be gained by solving challenges on platforms like TDX Arena, Try Hack Me, or Hack the Box.

The HackerU course itself is structured so that by completing the "Final Project" at the end of each module, you get a chance to practically apply the knowledge you've gained. This approach, which blends theory with practice, allows for a deeper understanding of the material and helps you acquire skills that are essential in a real-world work environment.

The Role of Notes in Learning Cybersecurity

In the context of learning cybersecurity, notes play a crucial role. They allow you to save, organize, and later review knowledge and practical experience gained from labs or projects. Writing down code, commands, system configurations, or details about the challenges you solve becomes an indispensable practice. It gives you quick access to necessary information and allows you to use it effectively in the future.

This is especially true since successfully completing the Final Projects in the HackerU course requires you to apply your knowledge in practice. How do you do that? By using your notes!

The Zettelkasten Method

In this context, it's worth looking at the Zettelkasten method, which is an excellent tool for supporting the learning process, especially in fields that demand a deep understanding and the ability to connect diverse pieces of information. Zettelkasten is a knowledge management system that allows you to create links between notes (zettels), forming a dynamic web of knowledge. Each note—whether it's a definition, a code snippet, a diagram, or conclusions from a lab—is an individual element that can be linked to others, creating a structure that mirrors the complexity and multifaceted nature of cybersecurity knowledge.

ℹ️ More about Zettelkasten:

LogoGetting Started • Zettelkasten Methodzettelkasten.de

Your Own Methods

The Zettelkasten method has its fans and is worth exploring, but since everyone is different and learns differently, another method might work better for you.

I personally organize my notes by topic because I find it easier to navigate them that way. I encourage you to experiment and find the best method for yourself!

Note-Taking Apps

Below is my subjective list of the best note-taking applications. Of course, there are other programs out there, but after testing almost all of them, I've selected the ones that, in my opinion, work best for cybersecurity notes.

Let's look at the key features a good app should have and my summary. But remember - these are just tools. The most important thing is to take thorough and thoughtful notes!

Key Features

  1. Security - Does the app host notes in the cloud or locally on your computer?

  • Why is this so important? First, you need to be able to access your notes. If your internet goes down, you won't be able to read your notes from an app like Notion. But let's be honest, without an internet connection, you can't get much learning done anyway. Second, if you're storing sensitive data in your notes, it's better if only you have access to them, right? However, if these are just notes from your learning process, it's not as critical.

  1. Accessibility - Is the app cross-platform? Does it offer synchronization between devices?

  • Fortunately, most apps offer this. The champions here are OneNote and Notion, while Obsidian and Joplin require a bit of configuration.

  1. Ease of Use - This is one of the most important features for me. It includes how easy it is to take notes, how readable they are, the ability to generate a PDF, etc.

Why is it important to learn markdown syntax for notes?

Markdown id a very easy to learn and therefore popular standard of writing documentation as it allows in easy way to split document into paragraphs and add formatting to it - but still the document remains a plain text file.

Markdown is widely used in IT (eg. Github) but also as rules files for AI-driven apps like VSCode, Cursor, etc.

Cheat sheet on markdown syntax:

LogoBasic formatting syntax - Obsidian Helphelp.obsidian.md

1. Obsidian

https://obsidian.md/

Obsidian is the most versatile and probably the most popular app right now. It offers extensive customization options for its appearance and a ton of features, all while making your notes look clean, tidy, and easy to navigate.

Obsidian is a local-first application, meaning all your notes are stored on your device. It's perfect for those who value data security and functionality.

Pros:

  • Clean and organized notes, arranged in folders.

  • Ability to add icons to folders.

  • Huge potential for customizing the look and feel with plugins that add new features.

  • Notes are physically saved as .md (Markdown) files in folders on your computer, so they're easy to copy, back up, or move -> Security.

  • Ability to split the screen into several adjacent windows.

  • A "live preview" mode that lets you edit using Markdown syntax while instantly seeing the final formatted view.

  • An outline of headings within a note (like a "table of contents" for easy navigation). Not every app has this, and it's incredibly helpful in practice.

  • Cross-device sync and a mobile app are available. Pro-tip: save your notes folder in a cloud drive like Dropbox for easy, free synchronization.

  • A "Graph View" to visualize connections between notes. Learn more: https://www.youtube.com/watch?v=ziKGWtlmaFo

  • Ability to create visually distinct callouts for commands, like whoami.

  • Ability to embed larger code blocks or content copied from a terminal:

Cons:

  • It takes some time to learn its features and set it up (though you can start creating notes fairly quickly with the default configuration).

  • Requires learning basic Markdown syntax (a few keyboard shortcuts are enough). However, the effort pays off quickly with how convenient note-taking becomes. A big plus is that Markdown is used in many applications, so knowing the basics is a useful skill.

2. Notion

https://www.notion.so/

Notion is a leader in apps for learning and note-taking. It's a platform that combines notes, databases, project planners, and much more in one place. It works both online and offline and offers strong support for collaboration. Notes can be exported to various formats, including Markdown.

Notion has a fairly steep learning curve. Its wealth of features and customization options can be overwhelming for new users, requiring time to learn how to use the tool effectively. Nevertheless, once you master the basics, you'll appreciate its advantages and how easy it is to create notes.

For me, the biggest downside is the lack of a persistent side panel with an outline of the note's headings (like the one you see on this page in the top-right corner), which makes navigating long and complex notes easier. Instead, Notion offers a "table of contents" block, but it can only be placed in one spot on the page (e.g., at the top) and disappears as you scroll down.

Personally, I like Notion and keep some of my cybersecurity notes there.

Pros:

  • Vast capabilities for generating different types of notes, tasks, tables, etc.

  • A fairly friendly interface, but it takes a moment to learn.

  • Available on desktop and mobile apps with instant sync.

  • Ability to create visually distinct callouts for commands, like whoami.

  • Ability to embed larger code blocks or content copied from a terminal.

  • You can paste website previews or embed YouTube videos directly into your notes.

Cons:

  • Requires a significant amount of time to learn its features and get started.

  • Virtually no appearance customization beyond icons and page banners.

  • Primarily online (you don't have direct access to the note files offline).

3. OneNote

https://www.microsoft.com/pl-pl/microsoft-365/onenote/digital-note-taking-app

Available online and as a desktop app, OneNote offers rich formatting options and is integrated with the Office ecosystem. Notes are stored in the cloud, which provides easy access from anywhere but can raise questions about data security.

A lot of people use OneNote, but in my opinion, Obsidian or Notion are better choices. I started with OneNote myself, and I know it wasn't the best idea. But that's a subjective matter.

Pros:

  • Very easy to use.

  • Good options for creating notebooks, sections, and pages.

  • Easy to paste images.

Cons:

  • No native way to insert a formatted code block or commands (!).

  • The formatting of note pages can be clunky, leading to visual clutter.

  • No option to import or export notes to other formats.

  • Can become slow with a large number of notes.

4. Joplin

https://joplinapp.org/

Joplin is an open-source application that offers great flexibility, including synchronization between devices using various cloud services. Notes are saved in formats like Markdown, which makes them easy to move and share. The notes are also encrypted, which is a big plus for privacy enthusiasts.

Despite its large fan base, I find that while it's not a bad app, it has some annoyances in day-to-day use. For example, notes in the Markdown editor look "raw" and not very appealing—a pasted image appears as a link, not the image itself. To see it, you have to switch to the viewer mode, where you can't easily edit with Markdown anymore. Instead, you have to use toolbar icons to insert things like a code block, which makes creating notes much more difficult compared to Obsidian or Notion.

Still, try it for yourself—maybe Joplin is the app that will meet your expectations better than others.

Edytor markdown i zwykły widoku notatki

Pros:

  • Relatively easy to use.

  • Ability to create hierarchical notes.

  • Supports Markdown.

  • Has the ability to paste code blocks or commands.

  • Security (encryption).

  • Mobile app and synchronization.

Cons:

  • The formatting of Markdown pages is quite "raw."

  • Limited options for customizing the appearance or adding plugins.

5. Typora

https://typora.io/

Typora is a minimalist text editor designed for working with Markdown. It combines the simplicity of plain text editing with a real-time preview of the formatted document. Its goal is to provide a smooth and efficient writing environment that eliminates distracting interface elements, allowing you to focus on creating content.

I personally like it a lot; the notes are simple and clear, and it's quite user-friendly. It's a good, though less powerful, alternative to Obsidian if you don't need such an extensive program. Definitely worth recommending—it only landed at number 5 because it's a paid app. If it were free, it would be much higher on the list!

Przykładowa notatka w Typora

Pros:

  • Simple and clean interface: Typora offers a very clean UI that minimizes distractions.

  • Has the ability to paste code blocks or commands.

  • Real-time preview: Unlike some other Markdown editors (besides Obsidian and Notion), Typora combines editing and preview in one window.

  • Supports export to many formats: Including PDF, HTML, and Word.

  • Customization: Users can customize the app's appearance by choosing from various themes.

  • Built-in organization tools: Offers basic features like a table of contents and search.

Cons:

  • No mobile support: Typora is only available for desktops and laptops.

  • No web version: It works locally, so you can't access documents from anywhere unless you integrate it with a cloud storage service.

  • It's a paid application, unlike the previous ones.

6. Capacities

https://capacities.io/

Capacities is a modern knowledge management platform focused on organizing and finding information. It's designed to help users save ideas, articles, and notes and create connections between them, offering advanced search and analysis features.

The tool is similar to Notion but even more developed, with some features from Obsidian, as if the creators wanted to build a universal, all-in-one powerhouse for knowledge collection.

In my personal opinion, it's too complicated, but perhaps I didn't spend enough time with it. Some advanced users might find it to be the perfect fulfillment of their needs. It's worth giving it a try because it essentially lacks nothing, but be aware of what I consider the steepest learning curve of all the apps, which can be a barrier to entry.

7. CherryTree

https://www.giuspen.net/cherrytree/

CherryTree is an application for storing notes locally, offering a hierarchical organization of entries. It doesn't use Markdown but has its own rich-text formatting system. It comes pre-installed on Kali Linux but can also be downloaded for Windows.

It has basically all the necessary functions (except Markdown syntax), including saving code blocks with syntax highlighting, pasting images, different heading levels, etc., but... it's quite clunky and old-fashioned. Every action requires several clicks, the final note doesn't look great, and writing it takes a lot of time and frustration.

CherryTree is on this list because you can find an OSCP note-taking template online written for CherryTree, and it's clear that some people use it successfully: https://guide.offsecnewbie.com/cherrytree-oscp-template

So, it's another way to do it! 😄

PreviousGitHub Guide for Cybersecurity StudentsNextPowerShell Bible

Last updated