hacktricks/README.md

135 lines
7.6 KiB
Markdown
Raw Normal View History

2022-04-28 23:27:22 +00:00
---
description: >-
Welcome to the page where you will find each hacking trick/technique/whatever
2022-09-09 13:29:02 +00:00
I have learnt from CTFs, real life apps, reading researches, and news.
2022-04-28 23:27:22 +00:00
---
2022-04-28 16:01:33 +00:00
2022-04-28 23:27:22 +00:00
# HackTricks
2022-04-28 16:01:33 +00:00
2022-04-06 08:57:29 +00:00
![](.gitbook/assets/p.png)
2022-09-09 13:29:02 +00:00
**Welcome to the page where you will find each hacking trick/technique/whatever I have learnt from CTFs, real life apps, reading researches, and news.**
Here you can find a little **introduction:**
2022-05-01 13:25:53 +00:00
## [**Pentesting Methodology**](generic-methodologies-and-resources/pentesting-methodology.md)
Here you will find the **typical flow** that **you should follow when pentesting** one or more **machines**.
2022-09-09 13:29:02 +00:00
**Click on the title to start!**
2022-05-01 12:41:36 +00:00
## Corporate Sponsors
2022-05-01 12:41:36 +00:00
### [STM Cyber](https://www.stmcyber.com)
2021-11-26 01:20:02 +00:00
2022-10-08 16:35:25 +00:00
![](<.gitbook/assets/image (638) (2) (1).png>)
2021-11-26 01:20:02 +00:00
2022-09-09 13:29:02 +00:00
[**STM Cyber**](https://www.stmcyber.com) is a great cybersecurity company whose slogan is **HACK THE UNHACKABLE**. They perform their own research and develop their own hacking tools to **offer several valuable cybersecurity services** like pentesting, Red teams and training.
2021-11-26 12:13:08 +00:00
2022-01-31 14:48:24 +00:00
You can check their **blog** in [**https://blog.stmcyber.com**](https://blog.stmcyber.com)
2021-11-26 01:20:02 +00:00
2021-11-30 16:46:07 +00:00
**STM Cyber** also support cybersecurity open source projects like HackTricks :)
2021-11-26 01:20:02 +00:00
2022-09-27 00:14:52 +00:00
### [SYN CUBES](https://www.syncubes.com/)
2022-04-30 20:31:18 +00:00
2022-10-22 15:26:54 +00:00
<figure><img src=".gitbook/assets/image (10).png" alt=""><figcaption></figcaption></figure>
2022-04-30 20:31:18 +00:00
2022-09-27 00:14:52 +00:00
**Security Skills as a Service** platform bridges the current skill set gap by combining **global offensive security talent with smart automation**, providing real-time data you need to make informed decisions.
2022-04-30 20:31:18 +00:00
2022-09-27 00:14:52 +00:00
{% embed url="https://www.syncubes.com/" %}
2022-04-30 20:31:18 +00:00
2022-10-25 14:58:43 +00:00
### [RootedCON](https://www.rootedcon.com/)
2022-11-07 10:43:41 +00:00
<figure><img src=".gitbook/assets/image (1) (3).png" alt=""><figcaption></figcaption></figure>
2022-10-25 14:58:43 +00:00
2022-10-25 15:11:08 +00:00
[**RootedCON**](https://www.rootedcon.com) is the most relevant cybersecurity event in **Spain** and one of the most important in **Europe**. With **the mission of promoting technical knowledge**, this congress is a boiling meeting point for technology and cybersecurity professionals in every discipline.
2022-10-25 14:58:43 +00:00
{% embed url="https://www.rootedcon.com/" %}
2022-06-09 08:38:14 +00:00
### [Intigriti](https://www.intigriti.com)
2022-07-21 20:19:28 +00:00
![](.gitbook/assets/i3.png)
2022-06-09 08:38:14 +00:00
**Intigriti** is the **Europe's #1** ethical hacking and **bug bounty platform.**
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!
{% embed url="https://go.intigriti.com/hacktricks" %}
2022-09-08 15:18:29 +00:00
### [Trickest](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks)
2022-09-30 10:43:59 +00:00
<figure><img src=".gitbook/assets/image (9) (1) (2).png" alt=""><figcaption></figcaption></figure>
2022-09-08 15:18:29 +00:00
\
2022-10-25 19:47:53 +00:00
Use [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) to easily build and **automate workflows** powered by the world's **most advanced** community tools.
2022-09-08 15:18:29 +00:00
Get Access Today:
{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}
2022-10-27 13:23:12 +00:00
### [HACKENPROOF](https://hackenproof.com/)
2022-10-25 19:47:53 +00:00
2022-10-27 14:46:56 +00:00
<figure><img src=".gitbook/assets/image (5).png" alt=""><figcaption></figcaption></figure>
2022-10-25 19:47:53 +00:00
2022-10-26 14:49:25 +00:00
**HackenProof is home to all crypto bug bounties.**
2022-10-25 19:47:53 +00:00
2022-10-27 13:23:12 +00:00
**Get rewarded without delays**\
2022-11-14 09:58:53 +00:00
HackenProof bounties launch only when their customers deposit the reward budget. You'll get the reward after the bug is verified.
2022-10-25 19:47:53 +00:00
2022-10-27 13:23:12 +00:00
**Get experience in web3 pentesting**\
2022-11-14 09:58:53 +00:00
Blockchain protocols and smart contracts are the new Internet! Master web3 security at its rising days.
2022-10-25 19:47:53 +00:00
2022-10-27 13:23:12 +00:00
**Become the web3 hacker legend**\
2022-11-14 09:58:53 +00:00
Gain reputation points with each verified bug and conquer the top of the weekly leaderboard.
2022-10-25 19:47:53 +00:00
2022-11-07 10:43:41 +00:00
[**Sign up on HackenProof**](https://hackenproof.com/register?referral\_code=i\_E6M25i\_Um9gB56o-XsIA) to start earning from your hacks!
2022-10-25 19:47:53 +00:00
2022-11-05 09:07:43 +00:00
{% embed url="https://hackenproof.com/register?referral_code=i_E6M25i_Um9gB56o-XsIA" %}
2022-10-25 19:47:53 +00:00
2022-10-05 21:51:12 +00:00
### [WebSec](https://websec.nl/)
2022-09-21 13:24:22 +00:00
<figure><img src=".gitbook/assets/logo.svg" alt=""><figcaption></figcaption></figure>
2022-09-28 14:34:57 +00:00
[**WebSec**](https://websec.nl) is a professional cybersecurity company based in **Amsterdam** which helps **protecting** businesses **all over the world** against the latest cybersecurity threats by providing **offensive-security services** with a **modern** approach.
2022-09-21 13:24:22 +00:00
WebSec is an **all-in-one security company** which means they do it all; Pentesting, **Security** Audits, Awareness Trainings, Phishing Campagnes, Code Review, Exploit Development, Security Experts Outsourcing and much more.
2022-09-21 15:30:42 +00:00
Another cool thing about WebSec is that unlike the industry average WebSec is **very confident in their skills**, to such an extent that they **guarantee the best quality results**, it states on their website "**If we can't hack it, You don't pay it!**". For more info take a look at their [**website**](https://websec.nl/en/) and [**blog**](https://websec.nl/blog/)!
2022-09-21 13:24:22 +00:00
In addition to the above WebSec is also a **committed supporter of HackTricks.**
{% embed url="https://www.youtube.com/watch?v=Zq2JycGDCPM" %}
2022-05-01 12:41:36 +00:00
### [**INE**](https://ine.com)
2021-07-04 14:58:30 +00:00
2022-10-08 16:35:25 +00:00
![](<.gitbook/assets/INE\_Logo (3).jpg>)
[**INE**](https://ine.com) is a great platform to start learning or **improve** your **IT knowledge** through their huge range of **courses**. I personally like and have completed many from the [**cybersecurity section**](https://ine.com/pages/cybersecurity). **INE** also provides with the official courses to prepare the **certifications** from [**eLearnSecurity**](https://elearnsecurity.com)**.**
2021-11-30 16:46:07 +00:00
**INE** also support cybersecurity open source projects like HackTricks :)
2021-11-26 01:20:02 +00:00
2022-04-28 23:27:22 +00:00
**Courses and Certifications reviews**
2021-07-04 14:58:30 +00:00
2022-09-09 13:29:02 +00:00
You can find **my reviews of the certifications eMAPT and eWPTXv2** (and their **respective preparation courses**) on the following page:
2021-07-04 14:58:30 +00:00
2022-05-01 16:04:05 +00:00
{% content-ref url="courses-and-certifications-reviews/ine-courses-and-elearnsecurity-certifications-reviews.md" %}
[ine-courses-and-elearnsecurity-certifications-reviews.md](courses-and-certifications-reviews/ine-courses-and-elearnsecurity-certifications-reviews.md)
{% endcontent-ref %}
2021-07-04 14:58:30 +00:00
2022-05-01 12:41:36 +00:00
## License
2021-10-04 11:09:20 +00:00
2022-09-28 18:54:27 +00:00
**Copyright © Carlos Polop 2022. Except where otherwise specified (the external information copied into the book belongs to the original authors), the text on** [**HACK TRICKS**](https://github.com/carlospolop/hacktricks) **by Carlos Polop is licensed under the**[ **Attribution-NonCommercial 4.0 International (CC BY-NC 4.0)**](https://creativecommons.org/licenses/by-nc/4.0/)**.**\
**If you want to use it with commercial purposes, contact me.**
2022-04-28 16:01:33 +00:00
<details>
<summary><strong>Support HackTricks and get benefits!</strong></summary>
2022-09-09 11:57:02 +00:00
* Do you work in a **cybersecurity company**? Do you want to see your **company advertised in HackTricks**? or do you want to have access to the **latest version of the PEASS or download HackTricks in PDF**? Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
* Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
* Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
* **Join the** [**💬**](https://emojipedia.org/speech-balloon/) [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** me on **Twitter** [**🐦**](https://github.com/carlospolop/hacktricks/tree/7af18b62b3bdc423e11444677a6a73d4043511e9/\[https:/emojipedia.org/bird/README.md)[**@carlospolopm**](https://twitter.com/carlospolopm)**.**
* **Share your hacking tricks by submitting PRs to the** [**hacktricks github repo**](https://github.com/carlospolop/hacktricks)**.**
2022-04-28 16:01:33 +00:00
</details>