WEBVTT 00:01.480 --> 00:01.920 Okay. 00:01.960 --> 00:04.360 So in this video we're going to take a look at Cherry Tree. 00:05.040 --> 00:09.760 Now Cherry tree is a program that I've used in the past for templates. 00:09.760 --> 00:15.840 And I use a couple different programs for reports and templates and such. 00:16.120 --> 00:19.240 Um, cherry trees, sometimes word documents. 00:20.560 --> 00:22.080 Uh, it's good to have some flexibility. 00:22.120 --> 00:24.440 Now, Cherry Tree is an interesting program. 00:24.440 --> 00:28.760 We'll take a look at it in that we could convert this to HTML. 00:28.800 --> 00:30.240 We can convert it to a PDF. 00:30.240 --> 00:34.120 We can convert we can embed things in there like images and such. 00:34.720 --> 00:44.360 And if you're going to embed something like um, if you find a program something suspicious file, and 00:44.360 --> 00:48.000 you want to put in your cherry tree file, you can generally do that. 00:48.000 --> 00:50.040 You can zip it up, put it in there. 00:50.440 --> 00:57.200 But I would say preserve a copy somewhere else, preserve a copy and say, um, a clean USB drive, 00:57.720 --> 01:06.660 a shared folder, whatever, because I'm not 100% sure if Cherry Tree will, uh, change the MD5 hash 01:07.020 --> 01:11.700 or Sha256 hash file of that particular file. 01:12.220 --> 01:19.940 And again, if you have a particular program, um, or file that could potentially be used in a criminal 01:19.940 --> 01:24.860 case or such, then you want to make sure that you do not alter that. 01:24.860 --> 01:30.140 And part of not altering that is making sure that hash value is preserved. 01:30.140 --> 01:36.620 So again, keep it off to the side somewhere, keep it as a stored copy somewhere else. 01:37.540 --> 01:40.220 So I have CSI Linux open here. 01:40.460 --> 01:42.180 And we'll take a quick look at Cherry Tree. 01:42.220 --> 01:48.260 If you click on the Linux up here and go to office you will find Cherry Tree here. 01:49.340 --> 01:50.460 Now I can open this up. 01:50.460 --> 01:56.900 And very nice thing about Cherry Tree is it's obviously works with Linux. 01:57.180 --> 01:59.500 There's also a mac client and a windows client. 01:59.500 --> 02:02.220 So you basically cover all your bases for. 02:03.480 --> 02:06.280 which platform can read this or use this. 02:07.280 --> 02:09.440 So let's get into this. 02:09.440 --> 02:15.240 So I have the template set that are on the course that's available for download. 02:15.840 --> 02:17.440 I'm going to do open file. 02:18.360 --> 02:21.520 We'll do desktop and Osint templates. 02:21.520 --> 02:26.320 And we will take a look at let's just grab the technical template. 02:26.320 --> 02:31.960 I'll double click that and we can see that it's got a hierarchical um system here. 02:31.960 --> 02:45.320 So we have a cover page and we can type in the cover page is is a the report for company X okay. 02:46.240 --> 02:52.880 And then if from the cover page I can right click here I could do add a sub node. 02:52.920 --> 02:56.080 Add a node uh duplicate a node. 02:56.080 --> 02:57.680 And you can see all these different options here. 02:57.680 --> 03:01.800 Copy link toggle change if it's read only. 03:02.840 --> 03:04.470 Now this is a new node. 03:04.470 --> 03:06.990 And within here I created a sub node. 03:07.350 --> 03:11.470 So what that basically means is this is a brand new page. 03:11.470 --> 03:13.390 These are two separate pages. 03:14.030 --> 03:16.630 And this if you click on this this is a sub node. 03:16.630 --> 03:20.110 So this Osint is embedded in this. 03:21.630 --> 03:27.510 And if I click this you can see all the other little things in here I have in here. 03:27.990 --> 03:33.790 So in this basic template here and let me actually expand this out a little bit. 03:34.470 --> 03:35.950 We have a disclaimer. 03:37.110 --> 03:42.470 Um information obtained in here will be shared with the previously specified individuals listing information 03:42.470 --> 03:43.950 page information. 03:43.990 --> 03:49.550 The information obtained will be gathered by publicly available information only. 03:49.910 --> 03:52.590 At no time will any of the techniques be involved. 03:52.630 --> 03:58.030 The use of keyloggers, man in the middle attacks, or other direct pentesting techniques to be used 03:58.030 --> 04:00.230 in the gathering of information. 04:00.270 --> 04:06.330 The final report will be presented to the authorized client at the time of completion or at the request 04:06.330 --> 04:07.130 of the client. 04:07.850 --> 04:12.410 And this is just basically a quick disclaimer that's written. 04:12.410 --> 04:18.530 And in here I have different sections in here as a really a generic template here. 04:19.290 --> 04:24.130 Work done method IP lookup information Maltego information. 04:24.170 --> 04:26.490 Have I been pwned and hashed information. 04:26.930 --> 04:30.370 Phone number lookup and information obtained through search engines. 04:30.370 --> 04:32.930 And within there there are some nodes in there. 04:33.410 --> 04:37.930 So employee details login pages found internet, portals found media. 04:38.370 --> 04:41.850 So say if I found media here I can right click in here. 04:42.490 --> 04:48.090 And I could do insert, insert image, insert table, etc. etc.. 04:48.130 --> 04:50.730 Let's insert an image here and I can grab something. 04:50.770 --> 04:52.850 I think I have a picture on the desktop here. 04:54.250 --> 04:54.690 Yeah. 04:55.330 --> 04:56.930 Uh here's an image here. 04:58.730 --> 04:59.130 Okay. 04:59.170 --> 05:01.930 We'll we'll embed that in there okay. 05:01.970 --> 05:04.450 And we have this image here. 05:05.470 --> 05:12.070 And we have other information or information obtained to people searches, date of birth, contact details, 05:12.070 --> 05:15.910 emails, photos, locations, other information, so on and so forth. 05:15.910 --> 05:19.670 So you can see that you could do quite a bit with this. 05:20.030 --> 05:25.750 And again it's broken out into a nice easy to read format. 05:26.910 --> 05:29.710 So all the person needs to do is click on here and just go okay. 05:29.710 --> 05:36.350 Well I want to see information that they obtained through search engines. 05:36.350 --> 05:39.910 Click on there and go okay well let's see I'm looking for media. 05:39.910 --> 05:41.150 So they can click here. 05:41.190 --> 05:42.350 And they can see the media file. 05:42.350 --> 05:44.430 And of course you have the media file. 05:44.430 --> 05:46.390 I would recommend putting the information there. 05:46.430 --> 05:51.390 Why that particular media file is important and where you got it from. 05:53.270 --> 06:00.590 So when it comes time to exporting your results. 06:00.590 --> 06:04.270 So I can click on file here and we can do export. 06:04.270 --> 06:11.210 So we can see export to PDF, export to HTML, export plain text file, export to a cherry tree document 06:11.810 --> 06:17.130 and you can't expect whoever is going to read your report to have this loaded up. 06:17.690 --> 06:24.930 Another great thing about this program is if you have a USB drive, you can create a portable toolkit. 06:24.930 --> 06:34.010 You can put Cherry Tree on a USB, what's called portable apps, great program, portable applications, 06:34.010 --> 06:34.530 whatnot. 06:34.570 --> 06:39.010 But getting back to this, let's export in two different formats. 06:39.010 --> 06:41.610 So we'll we'll export as PDF and HTML. 06:41.610 --> 06:43.210 So we'll do the PDF first. 06:44.050 --> 06:51.450 And you could do this selected node which means only this node text only select nodes and sub nodes 06:52.210 --> 06:57.890 I will do the whole tree normally, unless there's a really specific reason that you only want a certain 06:57.890 --> 06:59.610 section exported out. 07:00.970 --> 07:03.090 I always do the all the tree. 07:03.130 --> 07:04.090 I'll click okay. 07:06.130 --> 07:10.230 And we'll, we'll put on the desktop here and I'll click save. 07:12.430 --> 07:12.870 Okay. 07:12.910 --> 07:14.630 Now let me minimize this. 07:14.670 --> 07:16.710 Actually that was the wrong one here. 07:17.350 --> 07:18.510 Minimize this. 07:21.270 --> 07:23.510 And we could take a look at. 07:26.310 --> 07:27.590 Our cherry tree. 07:27.630 --> 07:28.590 Let's see here. 07:30.350 --> 07:35.510 We actually create a folder here because I don't think that came out right. 07:38.670 --> 07:39.110 Okay. 07:40.030 --> 07:40.830 Do that. 07:40.870 --> 07:42.390 Go back to our template here. 07:45.230 --> 07:47.390 Export export as PDF. 07:47.430 --> 07:50.430 Actually we minimize that again sorry. 07:51.750 --> 07:54.790 So there's our doc. 08:03.750 --> 08:04.070 Okay. 08:04.110 --> 08:05.070 That's interesting. 08:05.070 --> 08:06.430 That didn't come up okay. 08:06.470 --> 08:08.010 So let's try that again. 08:08.050 --> 08:15.250 Export desktop and we'll select Cherry Tree Export to PDF file. 08:15.250 --> 08:16.930 And we'll do save. 08:19.570 --> 08:20.010 Okay. 08:20.170 --> 08:22.650 And let's see if that saved it this time. 08:23.130 --> 08:23.410 Okay. 08:23.450 --> 08:24.050 There we go. 08:24.090 --> 08:25.290 There's our PDF. 08:27.010 --> 08:29.810 And this will open up as a PDF file. 08:31.250 --> 08:33.490 Now of course you're not going to be able to do. 08:35.850 --> 08:40.410 The click through like you do normally. 08:40.410 --> 08:41.970 And that's going to be a problem. 08:42.810 --> 08:50.970 So the best way if you have things embedded in a fashion like I have, let me close that out. 08:50.970 --> 08:54.130 You want to actually export it as a HTML. 08:55.170 --> 09:04.250 So if I go export export HTML, I could do all the tree, include node names, link tree and everything 09:04.250 --> 09:06.650 else and we'll export that out. 09:06.690 --> 09:09.080 Now if you just have a very simple one. 09:09.080 --> 09:13.320 You don't have a bunch of stuff embedded, you don't have pictures and then embedded either. 09:13.520 --> 09:19.600 Go in and do a PDF, but if you have something very broken down and detailed like this and you have 09:19.640 --> 09:22.960 pictures and whatnot in there, don't do it as a PDF. 09:22.960 --> 09:24.280 Do it as a HTML. 09:25.160 --> 09:25.560 Okay. 09:25.600 --> 09:27.280 So we'll do that. 09:28.080 --> 09:29.800 We'll put it in the same folder here. 09:30.240 --> 09:30.960 Let's see. 09:33.720 --> 09:34.240 Okay. 09:40.680 --> 09:44.280 Desktop cherry tree okay. 09:46.400 --> 09:47.360 Close that out. 09:48.480 --> 09:52.360 File export as HTML. 09:53.600 --> 09:54.720 Select the whole tree. 09:55.040 --> 09:56.760 Now we could try to do it as single file. 09:56.760 --> 10:01.400 Also to make things easier we'll do okay and okay. 10:03.480 --> 10:03.880 Okay. 10:04.240 --> 10:06.240 And there's our file here. 10:06.240 --> 10:12.540 And if I click on index here we can see it comes out kind of similar. 10:12.540 --> 10:14.420 Cover page disclaimer. 10:15.100 --> 10:19.700 And you can see it kind of trying to break out everything in different sections here. 10:20.060 --> 10:22.940 Still not not like our cherry. 10:23.220 --> 10:25.740 Like our if we have cherry tree looking at it. 10:25.740 --> 10:29.020 But this gives you an idea of kind of how it breaks things out here. 10:30.300 --> 10:35.780 So still better than a PDF, but not perfect. 10:35.780 --> 10:42.300 And again, this program isn't going to be for everyone depending on how you want your report to be. 10:43.300 --> 10:46.340 But this is kind of fun if you have a lot of stuff. 10:46.340 --> 10:51.860 And this might be just an internal thing too, that you use, uh, for your own personal notations. 10:52.740 --> 10:54.220 But this is Cherry Tree. 10:54.260 --> 10:58.500 And also again, uh, if you use cherry tree, use a word document. 10:58.500 --> 10:59.940 You use other programs. 11:00.580 --> 11:06.180 Always make sure that you have good documentation, both for yourself and for your client. 11:06.620 --> 11:08.620 And this particular example was Cherry Tree. 11:08.660 --> 11:09.780 Thank you so much for watching. 11:09.780 --> 11:10.940 I'll see you next video.