hacktricks/pentesting-web/account-takeover.md

# Kuchukua Udhibiti wa Akaunti

<details>

<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>

Njia nyingine za kusaidia HackTricks:

* Ikiwa unataka kuona **kampuni yako ikionekana kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa kipekee wa [**NFTs**](https://opensea.io/collection/the-peass-family)
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.

</details>

## **Tatizo la Uthibitisho**

Barua pepe ya akaunti inapaswa kujaribiwa kubadilishwa, na mchakato wa uthibitisho **unapaswa kuchunguzwa**. Ikiwa itagundulika kuwa **dhaifu**, barua pepe inapaswa kubadilishwa kuwa ile ya muhanga anayetarajiwa kisha kuthibitishwa.

## **Tatizo la Ufananuzi wa Unicode**

1. Akaunti ya muhanga anayetarajiwa `victim@gmail.com`
2. Akaunti inapaswa kuundwa kwa kutumia Unicode\
kwa mfano: `vićtim@gmail.com`

Kwa maelezo zaidi, tazama hati kuhusu Ufananuzi wa Unicode:

[unicode-normalization.md](unicode-injection/unicode-normalization.md)

## **Kutumia Upya Kiungo cha Kurejesha**

Ikiwa mfumo wa lengo unaruhusu **kiungo cha kurejesha kutumika tena**, juhudi zinapaswa kufanywa kutafuta **viungo vingine vya kurejesha** kwa kutumia zana kama vile `gau`, `wayback`, au `scan.io`.

## **Kabla ya Kuchukua Udhibiti wa Akaunti**

1. Barua pepe ya muhanga inapaswa kutumika kujiandikisha kwenye jukwaa, na nenosiri linapaswa kuwekwa (jaribio la kuthibitisha linapaswa kufanywa, ingawa kukosa ufikiaji wa barua pepe za muhanga kunaweza kufanya hili kuwa gumu).
2. Mtu anapaswa kusubiri hadi muhanga ajisajili kwa kutumia OAuth na kuthibitisha akaunti.
3. Inatumainiwa kwamba usajili wa kawaida utathibitishwa, kuruhusu ufikiaji wa akaunti ya muhanga.

## **Kosa la Mipangilio ya CORS kwa Kuchukua Udhibiti wa Akaunti**

Ikiwa ukurasa una **makosa ya mipangilio ya CORS** unaweza kuwa na uwezo wa **kuiba habari nyeti** kutoka kwa mtumiaji ili **kuchukua udhibiti wa akaunti yake** au kumfanya abadilishe habari ya uthibitisho kwa lengo hilo:

{% content-ref url="cors-bypass.md" %}
[cors-bypass.md](cors-bypass.md)
{% endcontent-ref %}

## **Csrf kwa Kuchukua Udhibiti wa Akaunti**

Ikiwa ukurasa una kasoro ya CSRF unaweza kuweza kufanya mtumiaji **abadilishe nenosiri lake**, barua pepe au uthibitisho ili kisha uweze kufikia:

{% content-ref url="csrf-cross-site-request-forgery.md" %}
[csrf-cross-site-request-forgery.md](csrf-cross-site-request-forgery.md)
{% endcontent-ref %}

## **XSS kwa Kuchukua Udhibiti wa Akaunti**

Ikiwa unapata XSS kwenye programu unaweza kuweza kuiba vidakuzi, uhifadhi wa ndani, au habari kutoka kwenye ukurasa wa wavuti ambayo inaweza kuruhusu kuchukua udhibiti wa akaunti:

{% content-ref url="xss-cross-site-scripting/" %}
[xss-cross-site-scripting](xss-cross-site-scripting/)
{% endcontent-ref %}

## **Asili Sawa + Vidakuzi**

Ikiwa unapata XSS iliyozuiwa au unachukua jina la subdomain, unaweza kucheza na vidakuzi (kuvifunga kwa mfano) kujaribu kudhoofisha akaunti ya muhanga:

{% content-ref url="hacking-with-cookies/" %}
[hacking-with-cookies](hacking-with-cookies/)
{% endcontent-ref %}

## **Kushambulia Mfumo wa Kurejesha Nenosiri**

{% content-ref url="reset-password.md" %}
[reset-password.md](reset-password.md)
{% endcontent-ref %}

## **Udanganyifu wa Majibu**

Ikiwa jibu la uthibitisho linaweza **kupunguzwa kuwa boolean rahisi jaribu kubadilisha uwongo kuwa kweli** na uone ikiwa unapata ufikiaji wowote.

## OAuth kwa Kuchukua Udhibiti wa Akaunti

{% content-ref url="oauth-to-account-takeover.md" %}
[oauth-to-account-takeover.md](oauth-to-account-takeover.md)
{% endcontent-ref %}

## Uingizaji wa Kichwa cha Mwenyeji

1. Kichwa cha Mwenyeji kinabadilishwa baada ya kuanzisha ombi la kurejesha nenosiri.
2. Kichwa cha mbele cha proksi `X-Forwarded-For` kinabadilishwa kuwa `attacker.com`.
3. Kichwa cha Mwenyeji, Kielekezi, na Asili vinabadilishwa wakati mmoja kuwa `attacker.com`.
4. Baada ya kuanzisha ombi la kurejesha nenosiri na kisha kuchagua kutuma tena barua pepe, njia zote tatu zilizotajwa hapo juu zinatumika.

## Udanganyifu wa Majibu

1. **Ubadilishaji wa Nambari**: Nambari ya hali inabadilishwa kuwa `200 OK`.
2. **Ubadilishaji wa Nambari na Mwili**:
* Nambari ya hali inabadilishwa kuwa `200 OK`.
* Mwili wa jibu unabadilishwa kuwa `{"mafanikio":kweli}` au kitu tupu `{}`.

Mbinu hizi za udanganyifu ni muhimu katika hali ambapo JSON inatumika kwa usafirishaji na upokeaji wa data.

## Badilisha barua pepe ya kikao cha sasa

Kutoka [ripoti hii](https://dynnyd20.medium.com/one-click-account-take-over-e500929656ea):

* Mshambuliaji anaomba kubadilisha barua pepe yake na mpya
* Mshambuliaji anapokea kiungo cha kuthibitisha mabadiliko ya barua pepe
* Mshambuliaji anamtumia muhanga kiungo ili aibonyeze
* Barua pepe ya muhanga inabadilishwa kuwa ile iliyotajwa na mshambuliaji
* Shambulio linaweza kurejesha nenosiri na kuchukua udhibiti wa akaunti

Hii pia ilitokea katika [**ripoti hii**](https://dynnyd20.medium.com/one-click-account-take-over-e500929656ea).

## Marejeo

* [https://infosecwriteups.com/firing-8-account-takeover-methods-77e892099050](https://infosecwriteups.com/firing-8-account-takeover-methods-77e892099050)
* [https://dynnyd20.medium.com/one-click-account-take-over-e500929656ea](https://dynnyd20.medium.com/one-click-account-take-over-e500929656ea)

<details>

<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>

Njia nyingine za kusaidia HackTricks:

* Ikiwa unataka kuona **kampuni yako ikionekana kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa kipekee wa [**NFTs**](https://opensea.io/collection/the-peass-family)
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au [**kikundi cha telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@carlospolopm**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.

</details>
Translated to Swahili 2024-02-11 02:13:58 +00:00			`# Kuchukua Udhibiti wa Akaunti`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
			`<details>`

Translated ['network-services-pentesting/pentesting-web/nginx.md', 'netw 2024-04-27 17:18:55 +00:00			`<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Njia nyingine za kusaidia HackTricks:`
fix 2024-02-03 12:22:53 +00:00
Translated ['network-services-pentesting/pentesting-web/nginx.md', 'netw 2024-04-27 17:18:55 +00:00			`* Ikiwa unataka kuona kampuni yako ikionekana kwenye HackTricks au kupakua HackTricks kwa PDF Angalia [MIPANGO YA KUJIUNGA](https://github.com/sponsors/carlospolop)!`
Translated ['generic-methodologies-and-resources/external-recon-methodol 2024-04-10 13:41:11 +00:00			`* Pata [bidhaa rasmi za PEASS & HackTricks](https://peass.creator-spring.com)`
			`* Gundua [Familia ya PEASS](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa kipekee wa [NFTs](https://opensea.io/collection/the-peass-family)`
Translated ['network-services-pentesting/pentesting-web/nginx.md', 'netw 2024-04-27 17:18:55 +00:00			`* Jiunge na 💬 [Kikundi cha Discord](https://discord.gg/hRep4RUj7f) au [kikundi cha telegram](https://t.me/peass) au tufuate kwenye Twitter 🐦 [@carlospolopm](https://twitter.com/hacktricks\_live).`
Translated ['generic-methodologies-and-resources/external-recon-methodol 2024-04-10 13:41:11 +00:00			`* Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa [HackTricks](https://github.com/carlospolop/hacktricks) na [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) repos za github.`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
			`</details>`

Translated ['generic-methodologies-and-resources/external-recon-methodol 2024-04-10 13:41:11 +00:00			`## Tatizo la Uthibitisho`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
Translated ['network-services-pentesting/pentesting-web/nginx.md', 'netw 2024-04-27 17:18:55 +00:00			`Barua pepe ya akaunti inapaswa kujaribiwa kubadilishwa, na mchakato wa uthibitisho unapaswa kuchunguzwa. Ikiwa itagundulika kuwa dhaifu, barua pepe inapaswa kubadilishwa kuwa ile ya muhanga anayetarajiwa kisha kuthibitishwa.`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
Translated ['generic-methodologies-and-resources/external-recon-methodol 2024-04-10 13:41:11 +00:00			`## Tatizo la Ufananuzi wa Unicode`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
Translated ['generic-methodologies-and-resources/external-recon-methodol 2024-04-10 13:41:11 +00:00			1. Akaunti ya muhanga anayetarajiwa `victim@gmail.com`
Translated to Swahili 2024-02-11 02:13:58 +00:00			`2. Akaunti inapaswa kuundwa kwa kutumia Unicode\`
			kwa mfano: `vićtim@gmail.com`
a 2024-02-06 03:10:38 +00:00
Translated ['generic-methodologies-and-resources/external-recon-methodol 2024-04-10 13:41:11 +00:00			`Kwa maelezo zaidi, tazama hati kuhusu Ufananuzi wa Unicode:`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
			`[unicode-normalization.md](unicode-injection/unicode-normalization.md)`

Translated to Swahili 2024-02-11 02:13:58 +00:00			`## Kutumia Upya Kiungo cha Kurejesha`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
Translated ['network-services-pentesting/pentesting-web/nginx.md', 'netw 2024-04-27 17:18:55 +00:00			Ikiwa mfumo wa lengo unaruhusu kiungo cha kurejesha kutumika tena, juhudi zinapaswa kufanywa kutafuta viungo vingine vya kurejesha kwa kutumia zana kama vile `gau`, `wayback`, au `scan.io`.
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`## Kabla ya Kuchukua Udhibiti wa Akaunti`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
Translated ['generic-methodologies-and-resources/external-recon-methodol 2024-04-10 13:41:11 +00:00			`1. Barua pepe ya muhanga inapaswa kutumika kujiandikisha kwenye jukwaa, na nenosiri linapaswa kuwekwa (jaribio la kuthibitisha linapaswa kufanywa, ingawa kukosa ufikiaji wa barua pepe za muhanga kunaweza kufanya hili kuwa gumu).`
			`2. Mtu anapaswa kusubiri hadi muhanga ajisajili kwa kutumia OAuth na kuthibitisha akaunti.`
Translated ['network-services-pentesting/pentesting-web/nginx.md', 'netw 2024-04-27 17:18:55 +00:00			`3. Inatumainiwa kwamba usajili wa kawaida utathibitishwa, kuruhusu ufikiaji wa akaunti ya muhanga.`
a 2024-02-06 03:10:38 +00:00
Translated ['generic-methodologies-and-resources/external-recon-methodol 2024-04-10 13:41:11 +00:00			`## Kosa la Mipangilio ya CORS kwa Kuchukua Udhibiti wa Akaunti`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
Translated ['network-services-pentesting/pentesting-web/nginx.md', 'netw 2024-04-27 17:18:55 +00:00			`Ikiwa ukurasa una makosa ya mipangilio ya CORS unaweza kuwa na uwezo wa kuiba habari nyeti kutoka kwa mtumiaji ili kuchukua udhibiti wa akaunti yake au kumfanya abadilishe habari ya uthibitisho kwa lengo hilo:`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
			`{% content-ref url="cors-bypass.md" %}`
			`[cors-bypass.md](cors-bypass.md)`
			`{% endcontent-ref %}`

Translated to Swahili 2024-02-11 02:13:58 +00:00			`## Csrf kwa Kuchukua Udhibiti wa Akaunti`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
Translated ['network-services-pentesting/pentesting-web/nginx.md', 'netw 2024-04-27 17:18:55 +00:00			`Ikiwa ukurasa una kasoro ya CSRF unaweza kuweza kufanya mtumiaji abadilishe nenosiri lake, barua pepe au uthibitisho ili kisha uweze kufikia:`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
			`{% content-ref url="csrf-cross-site-request-forgery.md" %}`
			`[csrf-cross-site-request-forgery.md](csrf-cross-site-request-forgery.md)`
			`{% endcontent-ref %}`

Translated to Swahili 2024-02-11 02:13:58 +00:00			`## XSS kwa Kuchukua Udhibiti wa Akaunti`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
Translated ['network-services-pentesting/pentesting-web/nginx.md', 'netw 2024-04-27 17:18:55 +00:00			`Ikiwa unapata XSS kwenye programu unaweza kuweza kuiba vidakuzi, uhifadhi wa ndani, au habari kutoka kwenye ukurasa wa wavuti ambayo inaweza kuruhusu kuchukua udhibiti wa akaunti:`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
			`{% content-ref url="xss-cross-site-scripting/" %}`
			`[xss-cross-site-scripting](xss-cross-site-scripting/)`
			`{% endcontent-ref %}`

Translated ['generic-methodologies-and-resources/external-recon-methodol 2024-04-10 13:41:11 +00:00			`## Asili Sawa + Vidakuzi`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
Translated ['network-services-pentesting/pentesting-web/nginx.md', 'netw 2024-04-27 17:18:55 +00:00			`Ikiwa unapata XSS iliyozuiwa au unachukua jina la subdomain, unaweza kucheza na vidakuzi (kuvifunga kwa mfano) kujaribu kudhoofisha akaunti ya muhanga:`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
			`{% content-ref url="hacking-with-cookies/" %}`
			`[hacking-with-cookies](hacking-with-cookies/)`
			`{% endcontent-ref %}`

Translated to Swahili 2024-02-11 02:13:58 +00:00			`## Kushambulia Mfumo wa Kurejesha Nenosiri`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
			`{% content-ref url="reset-password.md" %}`
			`[reset-password.md](reset-password.md)`
			`{% endcontent-ref %}`

Translated ['generic-methodologies-and-resources/external-recon-methodol 2024-04-10 13:41:11 +00:00			`## Udanganyifu wa Majibu`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
Translated ['generic-methodologies-and-resources/external-recon-methodol 2024-04-10 13:41:11 +00:00			`Ikiwa jibu la uthibitisho linaweza kupunguzwa kuwa boolean rahisi jaribu kubadilisha uwongo kuwa kweli na uone ikiwa unapata ufikiaji wowote.`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`## OAuth kwa Kuchukua Udhibiti wa Akaunti`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
GITBOOK-3788: No subject 2023-02-16 18:26:56 +00:00			`{% content-ref url="oauth-to-account-takeover.md" %}`
			`[oauth-to-account-takeover.md](oauth-to-account-takeover.md)`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00			`{% endcontent-ref %}`

Translated to Swahili 2024-02-11 02:13:58 +00:00			`## Uingizaji wa Kichwa cha Mwenyeji`
a 2024-02-06 03:10:38 +00:00
Translated ['generic-methodologies-and-resources/external-recon-methodol 2024-04-10 13:41:11 +00:00			`1. Kichwa cha Mwenyeji kinabadilishwa baada ya kuanzisha ombi la kurejesha nenosiri.`
Translated ['network-services-pentesting/pentesting-web/nginx.md', 'netw 2024-04-27 17:18:55 +00:00			2. Kichwa cha mbele cha proksi `X-Forwarded-For` kinabadilishwa kuwa `attacker.com`.
			3. Kichwa cha Mwenyeji, Kielekezi, na Asili vinabadilishwa wakati mmoja kuwa `attacker.com`.
			`4. Baada ya kuanzisha ombi la kurejesha nenosiri na kisha kuchagua kutuma tena barua pepe, njia zote tatu zilizotajwa hapo juu zinatumika.`
a 2024-02-06 03:10:38 +00:00
Translated ['generic-methodologies-and-resources/external-recon-methodol 2024-04-10 13:41:11 +00:00			`## Udanganyifu wa Majibu`
a 2024-02-06 03:10:38 +00:00
Translated ['network-services-pentesting/pentesting-web/nginx.md', 'netw 2024-04-27 17:18:55 +00:00			1. Ubadilishaji wa Nambari: Nambari ya hali inabadilishwa kuwa `200 OK`.
			`2. Ubadilishaji wa Nambari na Mwili:`
			* Nambari ya hali inabadilishwa kuwa `200 OK`.
Translated ['generic-methodologies-and-resources/external-recon-methodol 2024-04-10 13:41:11 +00:00			* Mwili wa jibu unabadilishwa kuwa `{"mafanikio":kweli}` au kitu tupu `{}`.
a 2024-02-06 03:10:38 +00:00
Translated ['network-services-pentesting/pentesting-web/nginx.md', 'netw 2024-04-27 17:18:55 +00:00			`Mbinu hizi za udanganyifu ni muhimu katika hali ambapo JSON inatumika kwa usafirishaji na upokeaji wa data.`
Translated ['generic-methodologies-and-resources/external-recon-methodol 2024-04-10 13:41:11 +00:00
			`## Badilisha barua pepe ya kikao cha sasa`

			`Kutoka [ripoti hii](https://dynnyd20.medium.com/one-click-account-take-over-e500929656ea):`

			`* Mshambuliaji anaomba kubadilisha barua pepe yake na mpya`
			`* Mshambuliaji anapokea kiungo cha kuthibitisha mabadiliko ya barua pepe`
			`* Mshambuliaji anamtumia muhanga kiungo ili aibonyeze`
Translated ['network-services-pentesting/pentesting-web/nginx.md', 'netw 2024-04-27 17:18:55 +00:00			`* Barua pepe ya muhanga inabadilishwa kuwa ile iliyotajwa na mshambuliaji`
Translated ['generic-methodologies-and-resources/external-recon-methodol 2024-04-10 13:41:11 +00:00			`* Shambulio linaweza kurejesha nenosiri na kuchukua udhibiti wa akaunti`
a 2024-02-06 03:10:38 +00:00
Translated ['network-services-pentesting/pentesting-web/nginx.md', 'netw 2024-04-27 17:18:55 +00:00			`Hii pia ilitokea katika [ripoti hii](https://dynnyd20.medium.com/one-click-account-take-over-e500929656ea).`

Translated to Swahili 2024-02-11 02:13:58 +00:00			`## Marejeo`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
			`* [https://infosecwriteups.com/firing-8-account-takeover-methods-77e892099050](https://infosecwriteups.com/firing-8-account-takeover-methods-77e892099050)`
Translated ['generic-methodologies-and-resources/external-recon-methodol 2024-04-10 13:41:11 +00:00			`* [https://dynnyd20.medium.com/one-click-account-take-over-e500929656ea](https://dynnyd20.medium.com/one-click-account-take-over-e500929656ea)`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
			`<details>`

Translated ['network-services-pentesting/pentesting-web/nginx.md', 'netw 2024-04-27 17:18:55 +00:00			`<summary><strong>Jifunze kuhusu kudukua AWS kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (Mtaalam wa Timu Nyekundu ya AWS ya HackTricks)</strong></a><strong>!</strong></summary>`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
Translated to Swahili 2024-02-11 02:13:58 +00:00			`Njia nyingine za kusaidia HackTricks:`
fix 2024-02-03 12:22:53 +00:00
Translated ['network-services-pentesting/pentesting-web/nginx.md', 'netw 2024-04-27 17:18:55 +00:00			`* Ikiwa unataka kuona kampuni yako ikionekana kwenye HackTricks au kupakua HackTricks kwa PDF Angalia [MIPANGO YA KUJIUNGA](https://github.com/sponsors/carlospolop)!`
Translated ['generic-methodologies-and-resources/external-recon-methodol 2024-04-10 13:41:11 +00:00			`* Pata [bidhaa rasmi za PEASS & HackTricks](https://peass.creator-spring.com)`
			`* Gundua [Familia ya PEASS](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa kipekee wa [NFTs](https://opensea.io/collection/the-peass-family)`
Translated ['network-services-pentesting/pentesting-web/nginx.md', 'netw 2024-04-27 17:18:55 +00:00			`* Jiunge na 💬 [Kikundi cha Discord](https://discord.gg/hRep4RUj7f) au [kikundi cha telegram](https://t.me/peass) au tufuate kwenye Twitter 🐦 [@carlospolopm](https://twitter.com/hacktricks\_live).`
			`* Shiriki mbinu zako za kudukua kwa kuwasilisha PRs kwa [HackTricks](https://github.com/carlospolop/hacktricks) na [HackTricks Cloud](https://github.com/carlospolop/hacktricks-cloud) repos za github.`
GitBook: [#3641] No subject 2022-11-03 10:18:27 +00:00
			`</details>`