PowerShell for penetration testers – Introduction
I am not checking them at regular intervals but i hope they still work and are relevant.
Please provide me some feedback if for some reason they are not relevant or working anymore.
- https://lab.pentestit.ru/ (Similar to OSCP labs.)
- https://picoctf.com/ (Designed for high school students)
- https://microcorruption.com/login (introduction to low-level reverse engineering, specifically on an MSP430)
New vulnerability that requires attention from the users that run the apache / tomcat from windows machines.
“When running on Windows with enableCmdLineArguments enabled, the CGI
Servlet is vulnerable to Remote Code Execution due to a bug in the way
the JRE passes command line arguments to Windows. The CGI Servlet is
disabled by default. The CGI option enableCmdLineArguments is disabled
by default in Tomcat 9.0.x (and will be disabled by default in all
versions in response to this vulnerability)”