Today we are announcing the release of PenTest.WS Version 1.8.0 and with it comes the General Command Library!
The General Command Library (GCL) is a place to store all your frequently used, and not so frequently used, general system commands. Much like how the Service Command Library works for services, the GCL works for:
- System enumeration
- Privilege escalation
- Shell escapes
- File transfer shortcuts
- Powershell download cradles
- Pivot tunnels
- … and anything else!!
Each command can be organized by Operating System, Category, and Sub-Category values. These filters are user-created and self-populated as more and more commands are entered into your GCL system. Additionally, you can quickly search for keywords such as “wmic” or “iex” if you’re looking for a specific functionality.
Filters are sticky, so you can navigate away from the GCL screen and when you return later, you’re dropped right back into the list of commands you were previously viewing.
Availability: the General Command Library has been pushed to all platforms and is ready for immediate use.
– Free Tier: currently limited to five commands
– Hobby & Pro Tier: unlimited command capacity
– Pro Tier: run your Software Update from the Admin Panel
Service Command Library – Free Tier Availability Update
The Service Command Library (SCL) is now accessible on the Free Tier. The SCL is one of the most popular features of the PenTest.WS platform and its usefulness has proven to be an incredible time saver.
SCL on the Free Tier includes up to two commands per service.
New Template List Format
All template list pages have been updated to a more compact table format. This allows more commands per screen real estate.
Misc Improvements & Bug Fixes
SCL Notes: requested on the Support Forums, SCL records now include a Notes field. These notes will appear on the Port page alongside the service command entry.
Note Pages Clobber Bug: in certain circumstances, it was possible for Note Pages to overwrite the wrong Note Page. However, the content could be recovered through the History functionality. This bug has been fixed.
Note Page Rename Bug: tab renaming functionality has been restored. Double click on a Note Page tab to rename each tab.
Coming soon… IP » Target
An exciting change is coming to the PTWS system. Currently, Hosts are tracked by IP Address. After the IP->Target mod included in the next release, it will be possible to enter a fully qualified domain name (FQDN) as the Host’s primary identifier.
All tools will be updated to support a Target in addition to an IP Address. Import an Nmap XML scan based on a FQDN? No problem. Need to launch a dirsearch command against a FQDN? Sure!
This change will be a big boost for all the Bug Bounty Hunters in our community. Each sub-domain in the program’s scope could have its own Host record, with separate port lists, notes and findings.
Thanks for reading!
PenTest.WS Development Team