hacktricks/network-services-pentesting/pentesting-web/web-api-pentesting.md

# Upimaji wa API ya Wavuti

<details>

<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalamu wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>

Njia nyingine za kusaidia HackTricks:

* Ikiwa unataka kuona **kampuni yako ikionekana kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA USAJILI**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>

<figure><img src="../../.gitbook/assets/image (45).png" alt=""><figcaption></figcaption></figure>

Tumia [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) kujenga na **kutumia mifumo ya kazi** kwa kutumia zana za **jamii za juu zaidi** ulimwenguni.\
Pata Ufikiaji Leo:

{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}

## Muhtasari wa Mbinu ya Upimaji wa API

Upimaji wa APIs unahusisha njia iliyopangwa ya kugundua mapungufu. Mwongozo huu unajumuisha mbinu kamili, ukitilia mkazo mbinu na zana za vitendo.

### **Kuelewa Aina za API**

* **Huduma za Wavuti za SOAP/XML**: Tumia muundo wa WSDL kwa nyaraka, mara nyingi zinapatikana kwenye njia za `?wsdl`. Zana kama **SOAPUI** na **WSDLer** (Kifaa cha Burp Suite) ni muhimu kwa kuchambua na kuzalisha maombi. Nyaraka ya mfano inapatikana kwa [DNE Online](http://www.dneonline.com/calculator.asmx).
* **REST APIs (JSON)**: Nyaraka mara nyingi huja katika faili za WADL, lakini zana kama [Swagger UI](https://swagger.io/tools/swagger-ui/) hutoa kiolesura cha urafiki zaidi kwa mwingiliano. **Postman** ni zana muhimu kwa kuunda na kusimamia maombi ya mfano.
* **GraphQL**: Lugha ya kuuliza kwa APIs inayotoa maelezo kamili na rahisi kueleweka ya data kwenye API yako.

### **Maabara za Mazoezi**

* [**VAmPI**](https://github.com/erev0s/VAmPI): API inayoweza kudhurika kwa makusudi kwa mazoezi ya vitendo, ikijumuisha mapungufu ya juu 10 ya API za OWASP.

### **Mbinu Zenye Ufanisi za Upimaji wa API**

* **Mapungufu ya SOAP/XML**: Chunguza mapungufu ya XXE, ingawa matangazo ya DTD mara nyingi huwa yamezuiliwa. Vitambulisho vya CDATA vinaweza kuruhusu kuingiza mzigo ikiwa XML inabaki kuwa halali.
* **Kupandisha Hadhi**: Jaribu vituo vya mwisho na viwango tofauti vya hadhi kutambua uwezekano wa kupata ufikiaji usioruhusiwa.
* **Mipangilio Mibaya ya CORS**: Chunguza mipangilio ya CORS kwa uwezekano wa kutumia kwa mashambulizi ya CSRF kutoka kwa vikao vilivyothibitishwa.
* **Kugundua Vituo vya Mwisho**: Tumia mifano ya API kugundua vituo vilivyofichwa. Zana kama fuzzers zinaweza kusaidia kiotomatiki mchakato huu.
* **Udanganyifu wa Parameta**: Jaribu kuongeza au kubadilisha parameta katika maombi ili kupata data au kazi zisizoruhusiwa.
* **Upimaji wa Mbinu za HTTP**: Badilisha mbinu za ombi (GET, POST, PUT, DELETE, PATCH) kugundua tabia au kufichua habari isiyotarajiwa.
* **Udhibiti wa Aina ya Yaliyomo**: Badilisha kati ya aina tofauti za yaliyomo (x-www-form-urlencoded, application/xml, application/json) kwa ajili ya kupima matatizo au mapungufu ya uchambuzi.
* **Mbinu za Parameta za Juu**: Jaribu na aina za data zisizotarajiwa katika malipo ya JSON au cheza na data ya XML kwa kuingiza XXE. Pia, jaribu uchafuzi wa parameta na wahusika wa joker kwa upimaji mpana.
* **Upimaji wa Toleo**: Matoleo ya zamani ya API yanaweza kuwa rahisi kushambuliwa. Daima angalia na upime dhidi ya matoleo mengi ya API.

### **Zana na Rasilmali za Upimaji wa API**

* **kiterunner**: Bora kwa kugundua vituo vya API. Tumia kuscan na kufanya nguvu dhidi ya njia na parameta kwenye API ya lengo.
```bash
kr scan https://domain.com/api/ -w routes-large.kite -x 20
kr scan https://domain.com/api/ -A=apiroutes-220828 -x 20
kr brute https://domain.com/api/ -A=raft-large-words -x 20 -d=0
kr brute https://domain.com/api/ -w /tmp/lang-english.txt -x 20 -d=0
```
* Vifaa vingine kama **automatic-api-attack-tool**, **Astra**, na **restler-fuzzer** hutoa utendaji ulioboreshwa kwa ajili ya kupima usalama wa API, kutoka kwa mazoezi ya mashambulizi hadi kufanya fuzzing na uchunguzi wa mapungufu.

### **Vyanzo vya Kujifunza na Mazoezi**

* **OWASP API Security Top 10**: Kusoma muhimu kwa kuelewa mapungufu ya kawaida ya API ([OWASP Top 10](https://github.com/OWASP/API-Security/blob/master/2019/en/dist/owasp-api-security-top-10.pdf)).
* **API Security Checklist**: Orodha kamili ya kuhakikisha usalama wa APIs ([GitHub link](https://github.com/shieldfy/API-Security-Checklist)).
* **Logger++ Filters**: Kwa ajili ya kutafuta mapungufu ya API, Logger++ hutoa vichujio muhimu ([GitHub link](https://github.com/bnematzadeh/LoggerPlusPlus-API-Filters)).
* **API Endpoints List**: Orodha iliyochaguliwa ya vituo vya API vinavyoweza kutumika kwa madhumuni ya majaribio ([GitHub gist](https://gist.github.com/yassineaboukir/8e12adefbd505ef704674ad6ad48743d)).

## Marejeo

* [https://github.com/Cyber-Guy1/API-SecurityEmpire](https://github.com/Cyber-Guy1/API-SecurityEmpire)

<figure><img src="../../.gitbook/assets/image (45).png" alt=""><figcaption></figcaption></figure>

Tumia [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) kujenga na **kutumia kiotomatiki** mifumo ya kazi inayotumia zana za jamii za **juu zaidi** duniani.\
Pata Ufikiaji Leo:

{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}

<details>

<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>

Njia nyingine za kusaidia HackTricks:

* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA USAJILI**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) za kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-17 16:40:00 +00:00			`# Upimaji wa API ya Wavuti`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`<details>`

Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalamu wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Njia nyingine za kusaidia HackTricks:`
arte 2023-12-31 01:24:39 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* Ikiwa unataka kuona kampuni yako ikionekana kwenye HackTricks au kupakua HackTricks kwa PDF Angalia [MIPANGO YA USAJILI](https://github.com/sponsors/carlospolop)!`
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-17 16:40:00 +00:00			`* Pata [bidhaa rasmi za PEASS & HackTricks](https://peass.creator-spring.com)`
Translated to Swahili 2024-02-11 02:13:58 +00:00			`* Gundua [Familia ya PEASS](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [NFTs](https://opensea.io/collection/the-peass-family) ya kipekee`
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-17 16:40:00 +00:00			`* Jiunge na 💬 [Kikundi cha Discord](https://discord.gg/hRep4RUj7f) au kikundi cha [telegram](https://t.me/peass) au tufuate kwenye Twitter 🐦 [@carlospolopm](https://twitter.com/hacktricks\_live).`
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-29 21:14:28 +00:00			`* Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa [HackTricks](https://github.com/carlospolop/hacktricks) na [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`

Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`<figure><img src="../../.gitbook/assets/image (45).png" alt=""><figcaption></figcaption></figure>`
GitBook: [#3240] No subject 2022-06-06 22:28:05 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`Tumia [Trickest](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) kujenga na kutumia mifumo ya kazi kwa kutumia zana za jamii za juu zaidi ulimwenguni.\`
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Pata Ufikiaji Leo:`
GitBook: [#3240] No subject 2022-06-06 22:28:05 +00:00
update 2023-01-01 16:19:07 +00:00			`{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}`
GitBook: [#3240] No subject 2022-06-06 22:28:05 +00:00
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-17 16:40:00 +00:00			`## Muhtasari wa Mbinu ya Upimaji wa API`
GitBook: [master] 4 pages modified 2021-06-08 18:47:44 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`Upimaji wa APIs unahusisha njia iliyopangwa ya kugundua mapungufu. Mwongozo huu unajumuisha mbinu kamili, ukitilia mkazo mbinu na zana za vitendo.`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`### Kuelewa Aina za API`
GitBook: [#3696] No subject 2022-12-21 10:38:32 +00:00
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-17 16:40:00 +00:00			* Huduma za Wavuti za SOAP/XML: Tumia muundo wa WSDL kwa nyaraka, mara nyingi zinapatikana kwenye njia za `?wsdl`. Zana kama SOAPUI na WSDLer (Kifaa cha Burp Suite) ni muhimu kwa kuchambua na kuzalisha maombi. Nyaraka ya mfano inapatikana kwa [DNE Online](http://www.dneonline.com/calculator.asmx).
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* REST APIs (JSON): Nyaraka mara nyingi huja katika faili za WADL, lakini zana kama [Swagger UI](https://swagger.io/tools/swagger-ui/) hutoa kiolesura cha urafiki zaidi kwa mwingiliano. Postman ni zana muhimu kwa kuunda na kusimamia maombi ya mfano.`
			`* GraphQL: Lugha ya kuuliza kwa APIs inayotoa maelezo kamili na rahisi kueleweka ya data kwenye API yako.`
GitBook: [master] 3 pages and one asset modified 2021-06-08 20:38:29 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`### Maabara za Mazoezi`
GitBook: [master] 3 pages and one asset modified 2021-06-08 20:38:29 +00:00
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-17 16:40:00 +00:00			`* [VAmPI](https://github.com/erev0s/VAmPI): API inayoweza kudhurika kwa makusudi kwa mazoezi ya vitendo, ikijumuisha mapungufu ya juu 10 ya API za OWASP.`
GitBook: [master] 6 pages and 3 assets modified 2021-03-04 11:40:50 +00:00
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-17 16:40:00 +00:00			`### Mbinu Zenye Ufanisi za Upimaji wa API`
GitBook: [master] 6 pages and 3 assets modified 2021-03-04 11:40:50 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* Mapungufu ya SOAP/XML: Chunguza mapungufu ya XXE, ingawa matangazo ya DTD mara nyingi huwa yamezuiliwa. Vitambulisho vya CDATA vinaweza kuruhusu kuingiza mzigo ikiwa XML inabaki kuwa halali.`
			`* Kupandisha Hadhi: Jaribu vituo vya mwisho na viwango tofauti vya hadhi kutambua uwezekano wa kupata ufikiaji usioruhusiwa.`
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-29 21:14:28 +00:00			`* Mipangilio Mibaya ya CORS: Chunguza mipangilio ya CORS kwa uwezekano wa kutumia kwa mashambulizi ya CSRF kutoka kwa vikao vilivyothibitishwa.`
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-17 16:40:00 +00:00			`* Kugundua Vituo vya Mwisho: Tumia mifano ya API kugundua vituo vilivyofichwa. Zana kama fuzzers zinaweza kusaidia kiotomatiki mchakato huu.`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* Udanganyifu wa Parameta: Jaribu kuongeza au kubadilisha parameta katika maombi ili kupata data au kazi zisizoruhusiwa.`
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-17 16:40:00 +00:00			`* Upimaji wa Mbinu za HTTP: Badilisha mbinu za ombi (GET, POST, PUT, DELETE, PATCH) kugundua tabia au kufichua habari isiyotarajiwa.`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* Udhibiti wa Aina ya Yaliyomo: Badilisha kati ya aina tofauti za yaliyomo (x-www-form-urlencoded, application/xml, application/json) kwa ajili ya kupima matatizo au mapungufu ya uchambuzi.`
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-17 16:40:00 +00:00			`* Mbinu za Parameta za Juu: Jaribu na aina za data zisizotarajiwa katika malipo ya JSON au cheza na data ya XML kwa kuingiza XXE. Pia, jaribu uchafuzi wa parameta na wahusika wa joker kwa upimaji mpana.`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* Upimaji wa Toleo: Matoleo ya zamani ya API yanaweza kuwa rahisi kushambuliwa. Daima angalia na upime dhidi ya matoleo mengi ya API.`
GitBook: [master] 6 pages and 3 assets modified 2021-03-04 11:40:50 +00:00
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-17 16:40:00 +00:00			`### Zana na Rasilmali za Upimaji wa API`
GitBook: [master] 6 pages and 3 assets modified 2021-03-04 11:40:50 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* kiterunner: Bora kwa kugundua vituo vya API. Tumia kuscan na kufanya nguvu dhidi ya njia na parameta kwenye API ya lengo.`
a 2024-02-08 21:36:15 +00:00			```bash
			`kr scan https://domain.com/api/ -w routes-large.kite -x 20`
			`kr scan https://domain.com/api/ -A=apiroutes-220828 -x 20`
			`kr brute https://domain.com/api/ -A=raft-large-words -x 20 -d=0`
			`kr brute https://domain.com/api/ -w /tmp/lang-english.txt -x 20 -d=0`
			```
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-17 16:40:00 +00:00			`* Vifaa vingine kama automatic-api-attack-tool, Astra, na restler-fuzzer hutoa utendaji ulioboreshwa kwa ajili ya kupima usalama wa API, kutoka kwa mazoezi ya mashambulizi hadi kufanya fuzzing na uchunguzi wa mapungufu.`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`### Vyanzo vya Kujifunza na Mazoezi`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-17 16:40:00 +00:00			`* OWASP API Security Top 10: Kusoma muhimu kwa kuelewa mapungufu ya kawaida ya API ([OWASP Top 10](https://github.com/OWASP/API-Security/blob/master/2019/en/dist/owasp-api-security-top-10.pdf)).`
			`* API Security Checklist: Orodha kamili ya kuhakikisha usalama wa APIs ([GitHub link](https://github.com/shieldfy/API-Security-Checklist)).`
			`* Logger++ Filters: Kwa ajili ya kutafuta mapungufu ya API, Logger++ hutoa vichujio muhimu ([GitHub link](https://github.com/bnematzadeh/LoggerPlusPlus-API-Filters)).`
			`* API Endpoints List: Orodha iliyochaguliwa ya vituo vya API vinavyoweza kutumika kwa madhumuni ya majaribio ([GitHub gist](https://gist.github.com/yassineaboukir/8e12adefbd505ef704674ad6ad48743d)).`
GitBook: [master] 351 pages and 442 assets modified 2020-07-15 15:43:14 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`## Marejeo`
GitBook: [#3460] No subject 2022-09-05 10:17:20 +00:00
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-17 16:40:00 +00:00			`* [https://github.com/Cyber-Guy1/API-SecurityEmpire](https://github.com/Cyber-Guy1/API-SecurityEmpire)`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`<figure><img src="../../.gitbook/assets/image (45).png" alt=""><figcaption></figcaption></figure>`
GitBook: [#3240] No subject 2022-06-06 22:28:05 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`Tumia [Trickest](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) kujenga na kutumia kiotomatiki mifumo ya kazi inayotumia zana za jamii za juu zaidi duniani.\`
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Pata Ufikiaji Leo:`
GitBook: [#3240] No subject 2022-06-06 22:28:05 +00:00
update 2023-01-01 16:19:07 +00:00			`{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}`
GitBook: [#3240] No subject 2022-06-06 22:28:05 +00:00
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00			`<details>`

Translated to Swahili 2024-02-11 02:13:58 +00:00			`<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Njia nyingine za kusaidia HackTricks:`
arte 2023-12-31 01:24:39 +00:00
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* Ikiwa unataka kuona kampuni yako ikitangazwa kwenye HackTricks au kupakua HackTricks kwa PDF Angalia [MIPANGO YA USAJILI](https://github.com/sponsors/carlospolop)!`
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-17 16:40:00 +00:00			`* Pata [bidhaa rasmi za PEASS & HackTricks](https://peass.creator-spring.com)`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* Gundua [Familia ya PEASS](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [NFTs](https://opensea.io/collection/the-peass-family) za kipekee`
Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat 2024-03-17 16:40:00 +00:00			`* Jiunge na 💬 [Kikundi cha Discord](https://discord.gg/hRep4RUj7f) au kikundi cha [telegram](https://t.me/peass) au tufuate kwenye Twitter 🐦 [@carlospolopm](https://twitter.com/hacktricks\_live).`
Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/REA 2024-04-07 03:36:12 +00:00			`* Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa [HackTricks](https://github.com/carlospolop/hacktricks) na [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) github repos.`
Ad hacktricks sponsoring 2022-04-28 16:01:33 +00:00
			`</details>`