hacktricks/README.md

127 lines
9.4 KiB
Markdown
Raw Normal View History

2022-04-28 23:27:22 +00:00
---
description: >-
Welcome to the page where you will find each hacking trick/technique/whatever
2022-09-09 13:29:02 +00:00
I have learnt from CTFs, real life apps, reading researches, and news.
2022-04-28 23:27:22 +00:00
---
2022-04-28 16:01:33 +00:00
2022-04-28 23:27:22 +00:00
# HackTricks
2022-04-28 16:01:33 +00:00
<details>
<summary><strong>Support HackTricks and get benefits!</strong></summary>
2022-09-09 11:57:02 +00:00
* Do you work in a **cybersecurity company**? Do you want to see your **company advertised in HackTricks**? or do you want to have access to the **latest version of the PEASS or download HackTricks in PDF**? Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
* Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
* Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
* **Join the** [**💬**](https://emojipedia.org/speech-balloon/) [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** me on **Twitter** [**🐦**](https://github.com/carlospolop/hacktricks/tree/7af18b62b3bdc423e11444677a6a73d4043511e9/\[https:/emojipedia.org/bird/README.md)[**@carlospolopm**](https://twitter.com/carlospolopm)**.**
* **Share your hacking tricks by submitting PRs to the** [**hacktricks github repo**](https://github.com/carlospolop/hacktricks)**.**
2022-04-28 16:01:33 +00:00
</details>
2022-04-06 08:57:29 +00:00
![](.gitbook/assets/p.png)
2022-09-09 13:29:02 +00:00
**Welcome to the page where you will find each hacking trick/technique/whatever I have learnt from CTFs, real life apps, reading researches, and news.**
Here you can find a little **introduction:**
2022-05-01 13:25:53 +00:00
## [**Pentesting Methodology**](generic-methodologies-and-resources/pentesting-methodology.md)
Here you will find the **typical flow** that **you should follow when pentesting** one or more **machines**.
2022-09-09 13:29:02 +00:00
**Click on the title to start!**
2022-05-01 12:41:36 +00:00
## Support HackTricks
2022-09-09 11:57:02 +00:00
* Do you work in a **cybersecurity company**? Do you want to see your **company advertised in HackTricks**? or do you want to have access to the **latest version of the PEASS or download HackTricks in PDF**? Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
2022-03-27 18:19:55 +00:00
2022-04-06 09:05:53 +00:00
LinPEAS, WinPEAS and MacPEAS arent enough for you? **Welcome** [**The PEASS Family**](https://opensea.io/collection/the-peass-family), a limited collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family) of our favourite PEASS in disguise, designed by my team. **Go get your favourite and make it yours!** (access to the latest PEASS-ng is also granted buying NFTs)\
And if you are a PEASS & HackTricks enthusiast, you can get your hands now on our [**custom swag**](https://peass.creator-spring.com) **and show how much you like our projects!**
2022-03-27 18:19:55 +00:00
2022-09-09 11:28:04 +00:00
You can also, - **Join the** [**💬**](https://emojipedia.org/speech-balloon/) [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) **to learn about latest news in cybersecurity and meet other cybersecurity enthusiasts**, or **follow** me on **Twitter** [**🐦**](https://github.com/carlospolop/hacktricks/tree/7af18b62b3bdc423e11444677a6a73d4043511e9/\[https:/emojipedia.org/bird/README.md)[**@carlospolopm**](https://twitter.com/carlospolopm)**.**\
2021-05-30 23:25:44 +00:00
If you want to **share some tricks with the community** you can also submit **pull requests** to [**https://github.com/carlospolop/hacktricks**](https://github.com/carlospolop/hacktricks) that will be reflected in this book and don't forget to **give ⭐** on **github** to **motivate** **me** to continue developing this book.
2022-05-01 12:41:36 +00:00
## Corporate Sponsors
2022-05-01 12:41:36 +00:00
### [STM Cyber](https://www.stmcyber.com)
2021-11-26 01:20:02 +00:00
2022-09-18 16:15:52 +00:00
![](<.gitbook/assets/image (642) (1) (1) (1).png>)
2021-11-26 01:20:02 +00:00
2022-09-09 13:29:02 +00:00
[**STM Cyber**](https://www.stmcyber.com) is a great cybersecurity company whose slogan is **HACK THE UNHACKABLE**. They perform their own research and develop their own hacking tools to **offer several valuable cybersecurity services** like pentesting, Red teams and training.
2021-11-26 12:13:08 +00:00
2022-01-31 14:48:24 +00:00
You can check their **blog** in [**https://blog.stmcyber.com**](https://blog.stmcyber.com)
2021-11-26 01:20:02 +00:00
2021-11-30 16:46:07 +00:00
**STM Cyber** also support cybersecurity open source projects like HackTricks :)
2021-11-26 01:20:02 +00:00
2022-06-09 08:38:14 +00:00
### [Security Hubs](https://securityhubs.io/)
2022-04-30 20:31:18 +00:00
2022-07-21 20:01:55 +00:00
![](<.gitbook/assets/image (307).png>)
2022-04-30 20:31:18 +00:00
2022-09-09 13:29:02 +00:00
Through Security Skills as a Service, we help organizations to **defend against the Dark Hacking Arts**. Security Skills as a Service is an offensive cybersecurity consultancy model that combines an Intelligent Platform with top-class, globally distributed, offensive security engineers, delivering **high-quality penetration testing results.** [**Security Hubs**](https://securityhubs.io/) \*\*\*\* bring together offensive penetration testing tactics with human behavioral science, providing real-time insights into threat actors' tradecraft and a **complete assessment of any risks**.
2022-04-30 20:31:18 +00:00
2022-06-09 08:38:14 +00:00
{% embed url="https://securityhubs.io/" %}
2022-04-30 20:31:18 +00:00
2022-06-09 08:38:14 +00:00
### [Intigriti](https://www.intigriti.com)
2022-07-21 20:19:28 +00:00
![](.gitbook/assets/i3.png)
2022-06-09 08:38:14 +00:00
**Intigriti** is the **Europe's #1** ethical hacking and **bug bounty platform.**
**Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**!
{% embed url="https://go.intigriti.com/hacktricks" %}
2022-09-08 15:18:29 +00:00
### [Trickest](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks)
<figure><img src=".gitbook/assets/image (9) (1).png" alt=""><figcaption></figcaption></figure>
\
Use [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) to easily build and **automate workflows** powered by the world's **most advanced** community tools.\
Get Access Today:
{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}
2022-09-21 13:24:22 +00:00
<figure><img src=".gitbook/assets/logo.svg" alt=""><figcaption></figcaption></figure>
****[**WebSec**](https://websec.nl) **** is a professional cybersecurity company based in **Amsterdam** which helps **protecting** businesses **all over the world** against the latest cybersecurity threats by providing **offensive-security services** with a **modern** approach.
WebSec is an **all-in-one security company** which means they do it all; Pentesting, **Security** Audits, Awareness Trainings, Phishing Campagnes, Code Review, Exploit Development, Security Experts Outsourcing and much more.
2022-09-21 15:30:42 +00:00
Another cool thing about WebSec is that unlike the industry average WebSec is **very confident in their skills**, to such an extent that they **guarantee the best quality results**, it states on their website "**If we can't hack it, You don't pay it!**". For more info take a look at their [**website**](https://websec.nl/en/) and [**blog**](https://websec.nl/blog/)!
2022-09-21 13:24:22 +00:00
In addition to the above WebSec is also a **committed supporter of HackTricks.**
{% embed url="https://www.youtube.com/watch?v=Zq2JycGDCPM" %}
2022-05-01 12:41:36 +00:00
### [**INE**](https://ine.com)
2021-07-04 14:58:30 +00:00
2022-09-18 16:15:52 +00:00
![](.gitbook/assets/ine\_logo-3-.jpg)
[**INE**](https://ine.com) is a great platform to start learning or **improve** your **IT knowledge** through their huge range of **courses**. I personally like and have completed many from the [**cybersecurity section**](https://ine.com/pages/cybersecurity). **INE** also provides with the official courses to prepare the **certifications** from [**eLearnSecurity**](https://elearnsecurity.com)**.**
2021-11-30 16:46:07 +00:00
**INE** also support cybersecurity open source projects like HackTricks :)
2021-11-26 01:20:02 +00:00
2022-04-28 23:27:22 +00:00
**Courses and Certifications reviews**
2021-07-04 14:58:30 +00:00
2022-09-09 13:29:02 +00:00
You can find **my reviews of the certifications eMAPT and eWPTXv2** (and their **respective preparation courses**) on the following page:
2021-07-04 14:58:30 +00:00
2022-05-01 16:04:05 +00:00
{% content-ref url="courses-and-certifications-reviews/ine-courses-and-elearnsecurity-certifications-reviews.md" %}
[ine-courses-and-elearnsecurity-certifications-reviews.md](courses-and-certifications-reviews/ine-courses-and-elearnsecurity-certifications-reviews.md)
{% endcontent-ref %}
2021-07-04 14:58:30 +00:00
2022-05-01 12:41:36 +00:00
## License
2021-10-04 11:09:20 +00:00
2021-11-30 16:46:07 +00:00
**Copyright © Carlos Polop 2021. Except where otherwise specified (the external information copied into the book belongs to the original authors), the text on** [**HACK TRICKS**](https://github.com/carlospolop/hacktricks) **by Carlos Polop is licensed under the**[ **Attribution-NonCommercial 4.0 International (CC BY-NC 4.0)**](https://creativecommons.org/licenses/by-nc/4.0/)**.**\
**If you want to use it with commercial purposes, contact me.**
2022-04-28 16:01:33 +00:00
<details>
<summary><strong>Support HackTricks and get benefits!</strong></summary>
2022-09-09 11:57:02 +00:00
* Do you work in a **cybersecurity company**? Do you want to see your **company advertised in HackTricks**? or do you want to have access to the **latest version of the PEASS or download HackTricks in PDF**? Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
* Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
* Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
* **Join the** [**💬**](https://emojipedia.org/speech-balloon/) [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** me on **Twitter** [**🐦**](https://github.com/carlospolop/hacktricks/tree/7af18b62b3bdc423e11444677a6a73d4043511e9/\[https:/emojipedia.org/bird/README.md)[**@carlospolopm**](https://twitter.com/carlospolopm)**.**
* **Share your hacking tricks by submitting PRs to the** [**hacktricks github repo**](https://github.com/carlospolop/hacktricks)**.**
2022-04-28 16:01:33 +00:00
</details>