u/Own_Bed2074

Hi everyone I recently passed the CPTS and now want to tackle this exam too to make my resume stronger. For those who have taken both, please tell me the definitive differences in difficulty. I’ve heard from the HTB community that the CPTS’s technical side is way harder and that it would over prepare you for the exam. I’ve been doing TJ nulls list for the last 2 days and must say that I tend to miss the low hanging fruit that tends to appear. I’m practicing on building my notes and methodology before even buying the course because 1 try for 1750$ is a pretty risky step ATM. Any advice would be very appreciated

Hi, have you had experience gaining code execution on a sonarqube instance? I have admin credentials on an older instance of sonarqube (Version 7.8 (build 26217)). I've read about a github post saying you can upload a malicious jar archive as a plugin and force a restart with the api but I have to get that figured first. If there is a simpler way to achieve code execution I would be happy to hear it. I couldn't find any resource talking about testing a sonarqube app.

Hi guys, i'm in on day 2 of CPTS found 7 flags so far, super stuck on the AD section but I hope to prevail. Meanwhile if you could give me some tips for the report. Do i need to document any changes I have to revert for example?