hacktricks/README.md

166 lines
8.5 KiB
Markdown
Raw Normal View History

2022-04-28 23:27:22 +00:00
# HackTricks
2022-04-28 16:01:33 +00:00
<figure><img src=".gitbook/assets/hacktricks.gif" alt=""><figcaption></figcaption></figure>
_Hacktricks logos & motion design by_ [_@ppiernacho_](https://www.instagram.com/ppieranacho/)_._
{% hint style="success" %}
**Welcome to the wiki where you will find each hacking trick/technique/whatever I have learnt from CTFs, real life apps, reading researches, and news.**
{% endhint %}
To get started follow this page where you will find the **typical flow** that **you should follow when pentesting** one or more **machines:**
{% content-ref url="generic-methodologies-and-resources/pentesting-methodology.md" %}
[pentesting-methodology.md](generic-methodologies-and-resources/pentesting-methodology.md)
{% endcontent-ref %}
2022-05-01 12:41:36 +00:00
## Corporate Sponsors
2022-05-01 12:41:36 +00:00
### [STM Cyber](https://www.stmcyber.com)
2021-11-26 01:20:02 +00:00
<figure><img src=".gitbook/assets/stm (1).png" alt=""><figcaption></figcaption></figure>
2021-11-26 01:20:02 +00:00
2022-09-09 13:29:02 +00:00
[**STM Cyber**](https://www.stmcyber.com) is a great cybersecurity company whose slogan is **HACK THE UNHACKABLE**. They perform their own research and develop their own hacking tools to **offer several valuable cybersecurity services** like pentesting, Red teams and training.
2021-11-26 12:13:08 +00:00
2022-01-31 14:48:24 +00:00
You can check their **blog** in [**https://blog.stmcyber.com**](https://blog.stmcyber.com)
2021-11-26 01:20:02 +00:00
2021-11-30 16:46:07 +00:00
**STM Cyber** also support cybersecurity open source projects like HackTricks :)
2021-11-26 01:20:02 +00:00
2024-03-14 23:01:13 +00:00
***
2022-10-25 14:58:43 +00:00
### [RootedCON](https://www.rootedcon.com/)
2024-05-05 17:56:05 +00:00
<figure><img src=".gitbook/assets/image (45).png" alt=""><figcaption></figcaption></figure>
2022-10-25 14:58:43 +00:00
2022-10-25 15:11:08 +00:00
[**RootedCON**](https://www.rootedcon.com) is the most relevant cybersecurity event in **Spain** and one of the most important in **Europe**. With **the mission of promoting technical knowledge**, this congress is a boiling meeting point for technology and cybersecurity professionals in every discipline.
2022-10-25 14:58:43 +00:00
{% embed url="https://www.rootedcon.com/" %}
2024-03-14 23:01:13 +00:00
***
2022-10-25 14:58:43 +00:00
2022-06-09 08:38:14 +00:00
### [Intigriti](https://www.intigriti.com)
2024-05-05 17:56:05 +00:00
<figure><img src=".gitbook/assets/image (47).png" alt=""><figcaption></figcaption></figure>
2022-06-09 08:38:14 +00:00
**Intigriti** is the **Europe's #1** ethical hacking and **bug bounty platform.**
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!
{% embed url="https://go.intigriti.com/hacktricks" %}
2024-03-14 23:01:13 +00:00
***
2022-09-08 15:18:29 +00:00
### [Trickest](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks)
2024-05-05 17:56:05 +00:00
<figure><img src=".gitbook/assets/image (48).png" alt=""><figcaption></figcaption></figure>
2022-09-08 15:18:29 +00:00
\
2022-10-25 19:47:53 +00:00
Use [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) to easily build and **automate workflows** powered by the world's **most advanced** community tools.
2022-09-08 15:18:29 +00:00
Get Access Today:
{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}
2024-03-14 23:01:13 +00:00
***
2023-02-27 10:02:29 +00:00
### [HACKENPROOF](https://bit.ly/3xrrDrL)
2022-10-25 19:47:53 +00:00
2024-05-05 17:56:05 +00:00
<figure><img src=".gitbook/assets/image (50).png" alt=""><figcaption></figcaption></figure>
2022-10-25 19:47:53 +00:00
2023-12-04 15:45:05 +00:00
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters!
2023-02-27 09:20:33 +00:00
2024-04-07 22:19:46 +00:00
* **Hacking Insights:** Engage with content that delves into the thrill and challenges of hacking
* **Real-Time Hack News:** Keep up-to-date with fast-paced hacking world through real-time news and insights
* **Latest Announcements:** Stay informed with the newest bug bounties launching and crucial platform updates
2023-07-14 14:20:34 +00:00
2023-12-04 15:45:05 +00:00
**Join us on** [**Discord**](https://discord.com/invite/N3FrSbmwdy) and start collaborating with top hackers today!
2022-10-25 19:47:53 +00:00
***
### [Pentest-Tools.com](https://pentest-tools.com/) - The essential penetration testing toolkit
2024-05-08 15:46:12 +00:00
<figure><img src=".gitbook/assets/image (15) (1).png" alt=""><figcaption></figcaption></figure>
**Instantly available setup for vulnerability assessment & penetration testing**. Run a full pentest from anywhere with 20+ tools & features that go from recon to reporting. We don't replace pentesters - we develop custom tools, detection & exploitation modules to give them back some time to dig deeper, pop shells, and have fun.
{% embed url="https://pentest-tools.com/" %}
2024-03-14 23:01:13 +00:00
***
### [SerpApi](https://serpapi.com/)
2024-05-08 15:46:12 +00:00
<figure><img src=".gitbook/assets/image (5) (1).png" alt=""><figcaption></figcaption></figure>
SerpApi offers fast and easy real-time APIs to **access search engine results**. They scrape search engines, handle proxies, solve captchas, and parse all rich structured data for you.
2024-04-07 22:19:46 +00:00
A subscription to one of SerpApis plans includes access to over 50 different APIs for scraping different search engines, including Google, Bing, Baidu, Yahoo, Yandex, and more.\
Unlike other providers, **SerpApi doesnt just scrape organic results**. SerpApi responses consistently include all ads, inline images and videos, knowledge graphs, and other elements and features present in the search results.
2024-04-07 22:19:46 +00:00
Current SerpApi customers include **Apple, Shopify, and GrubHub**.\
For more information check out their [**blog**](https://serpapi.com/blog/)**,** or try an example in their [**playground**](https://serpapi.com/playground)**.**\
You can **create a free account** [**here**](https://serpapi.com/users/sign\_up)**.**
***
### [Try Hard Security Group](https://discord.gg/tryhardsecurity)
2024-03-14 23:01:13 +00:00
<figure><img src=".gitbook/assets/telegram-cloud-document-1-5159108904864449420.jpg" alt=""><figcaption></figcaption></figure>
2024-03-14 23:01:13 +00:00
{% embed url="https://discord.gg/tryhardsecurity" %}
***
2022-10-05 21:51:12 +00:00
### [WebSec](https://websec.nl/)
2024-04-09 00:13:56 +00:00
<figure><img src=".gitbook/assets/websec (1).svg" alt=""><figcaption></figcaption></figure>
2022-09-21 13:24:22 +00:00
2022-09-28 14:34:57 +00:00
[**WebSec**](https://websec.nl) is a professional cybersecurity company based in **Amsterdam** which helps **protecting** businesses **all over the world** against the latest cybersecurity threats by providing **offensive-security services** with a **modern** approach.
2022-09-21 13:24:22 +00:00
WebSec is an **all-in-one security company** which means they do it all; Pentesting, **Security** Audits, Awareness Trainings, Phishing Campagnes, Code Review, Exploit Development, Security Experts Outsourcing and much more.
2022-09-21 15:30:42 +00:00
Another cool thing about WebSec is that unlike the industry average WebSec is **very confident in their skills**, to such an extent that they **guarantee the best quality results**, it states on their website "**If we can't hack it, You don't pay it!**". For more info take a look at their [**website**](https://websec.nl/en/) and [**blog**](https://websec.nl/blog/)!
2022-09-21 13:24:22 +00:00
In addition to the above WebSec is also a **committed supporter of HackTricks.**
2024-04-09 00:13:56 +00:00
{% embed url="https://www.youtube.com/watch?v=Zq2JycGDCPM" %}
2022-09-21 13:24:22 +00:00
2024-04-18 03:21:24 +00:00
### [WhiteIntel](https://whiteintel.io)
2024-04-18 02:48:33 +00:00
2024-05-05 17:56:05 +00:00
<figure><img src=".gitbook/assets/image (1227).png" alt=""><figcaption></figcaption></figure>
2024-04-18 02:48:33 +00:00
[**WhiteIntel**](https://whiteintel.io) is a **dark-web** fueled search engine that offers **free** functionalities to check if a company or its customers have been **compromised** by **stealer malwares**.
Their primary goal of WhiteIntel is to combat account takeovers and ransomware attacks resulting from information-stealing malware.
You can check their website and try their engine for **free** at:
{% embed url="https://whiteintel.io" %}
## License & Disclaimer
2021-10-04 11:09:20 +00:00
2024-04-06 19:44:17 +00:00
Check them in:
2022-04-28 16:01:33 +00:00
{% content-ref url="welcome/hacktricks-values-and-faq.md" %}
[hacktricks-values-and-faq.md](welcome/hacktricks-values-and-faq.md)
{% endcontent-ref %}
2023-02-15 11:31:27 +00:00
2024-06-05 12:39:47 +00:00
## Github Stats
![HackTricks Github Stats](https://repobeats.axiom.co/api/embed/68f8746802bcf1c8462e889e6e9302d4384f164b.svg "Repobeats analytics image")
2024-07-18 16:04:36 +00:00
{% hint style="success" %}
2024-07-18 16:14:56 +00:00
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
2022-04-28 16:01:33 +00:00
2024-07-18 16:04:36 +00:00
<details>
2022-04-28 16:01:33 +00:00
2024-07-18 16:04:36 +00:00
<summary>Support HackTricks</summary>
2023-12-30 10:12:47 +00:00
2024-07-18 16:04:36 +00:00
* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
2024-07-18 16:04:36 +00:00
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
2022-04-28 16:01:33 +00:00
</details>
2024-07-18 16:04:36 +00:00
{% endhint %}