Bash
&& = AND || = OR { cmd1; cmd2; cmd3 } → Same shell ( cmd1; cmd2; cmd3 ) → Subshell
General vuln infos
Available vuln DB
- CVE Of course
- US-CERT
- Full Disclosure (Forum)
- Packet Storm
- Bugtraq
- Microsoft secu bulletin
- Mozilla foundation security advisories
- Zero Day Initiative
- Vulners
- Offsec (ExploitDB)
- Vulnerability Lab
- Inj3ct0r
Attack classification
five 9s
99,999% Availability, less than five minutes of downtime per year - To achieve this one can:
- Remove single point of failure
- Clustering
- Normalize systems
Sneaker net
Move data around through physical support - Will happen at some point
Docker
To test between two dockers - create a sub net with :
docker network create --driver=bridge --subnet=172.16.238.0/24 zap_subnet
When launching docker run / docker compose add option —net zap_subnet and —ip