I Have recently studied for the CREST CCT-ACE Exam, I thought I would share some thoughts and my Pre-Exam revision Notes to help other people, as when looked I could not find much about it, much like the CPSA!
A simple Python program which aims to give you a database of helpfull commands, references, cheatsheets and tips in an indexed, easy to search format. You can search using one or more of; The command, Tags, URL references, author, date added, or, Comments to get the information you need. It also comes with an Updater, and multiple output formats to make it as handy as possible!
Due to a logic flaw in Oracle's FlexCube Direct Banking application, it was possible to enumerate usernames, and then reset said user password, and transaction pin, granting full access to the victim user's account.
I always come across contain files such as VHD's, OVA's, XVA's and IMG's during tests, and I always forget the exact procedure for converting, and then mounting them in Nix. I will update this over time with mounting different file types encountered. This post will be updated over time whenever I need to mount something new.
The Password station interface does not disable user search functionality, instead it hides the icon allowing unauthenticated users to grab a list of all users able to reset their passwords and any other information stored along with this in AD, it is also possible to veiw the ldap search path.