hacktricks/README.md

155 lines
8 KiB
Markdown
Raw Normal View History

# Mbinu za Kudukua
2022-04-28 16:01:33 +00:00
<figure><img src=".gitbook/assets/hacktricks.gif" alt=""><figcaption></figcaption></figure>
_Majina na muundo wa Hacktricks uliundwa na_ [_@ppiernacho_](https://www.instagram.com/ppieranacho/)_._
{% hint style="success" %}
**Karibu kwenye wiki ambapo utapata kila mbinu ya kudukua/kiufundi/chochote nilichojifunza kutoka kwa CTFs, programu halisi, kusoma utafiti, na habari.**
{% endhint %}
Ili kuanza, fuata ukurasa huu ambapo utapata **mtiririko wa kawaida** ambao **unapaswa kufuata wakati wa kufanya upimaji wa kuingilia** kwenye **mashine moja au zaidi:**
{% content-ref url="generic-methodologies-and-resources/pentesting-methodology.md" %}
[pentesting-methodology.md](generic-methodologies-and-resources/pentesting-methodology.md)
{% endcontent-ref %}
2024-02-11 02:13:58 +00:00
## Wadhamini wa Kampuni
2022-05-01 12:41:36 +00:00
### [STM Cyber](https://www.stmcyber.com)
2021-11-26 01:20:02 +00:00
<figure><img src=".gitbook/assets/stm (1).png" alt=""><figcaption></figcaption></figure>
2021-11-26 01:20:02 +00:00
[**STM Cyber**](https://www.stmcyber.com) ni kampuni kubwa ya usalama wa mtandao ambayo kauli yao mbiu ni **KUDUKUA LISILOWEZEKANA**. Wanafanya utafiti wao wenyewe na kutengeneza zana zao za kudukua ili **kutoa huduma muhimu za usalama wa mtandao** kama upimaji wa kuingilia, Timu Nyekundu na mafunzo.
2021-11-26 12:13:08 +00:00
Unaweza kuangalia **blogi** yao kwenye [**https://blog.stmcyber.com**](https://blog.stmcyber.com)
2021-11-26 01:20:02 +00:00
2024-03-25 15:45:34 +00:00
**STM Cyber** pia inasaidia miradi ya chanzo wazi ya usalama wa mtandao kama HackTricks :)
***
2021-11-26 01:20:02 +00:00
2022-10-25 14:58:43 +00:00
### [RootedCON](https://www.rootedcon.com/)
<figure><img src=".gitbook/assets/image (42).png" alt=""><figcaption></figcaption></figure>
2022-10-25 14:58:43 +00:00
[**RootedCON**](https://www.rootedcon.com) ni tukio muhimu zaidi la usalama wa mtandao nchini **Hispania** na moja ya muhimu zaidi barani **Ulaya**. Kwa lengo la kukuza maarifa ya kiufundi, kongamano hili ni mahali pa kukutana kwa wataalamu wa teknolojia na usalama wa mtandao katika kila nidhamu.
2022-10-25 14:58:43 +00:00
{% embed url="https://www.rootedcon.com/" %}
***
2022-10-25 14:58:43 +00:00
2022-06-09 08:38:14 +00:00
### [Intigriti](https://www.intigriti.com)
<figure><img src=".gitbook/assets/image (44).png" alt=""><figcaption></figcaption></figure>
2022-06-09 08:38:14 +00:00
**Intigriti** ni jukwaa la kwanza la kudukua kimaadili barani Ulaya na **bug bounty**.
2022-06-09 08:38:14 +00:00
**Mbinu ya bug bounty**: **jiandikishe** kwa **Intigriti**, jukwaa la **bug bounty** la malipo ya juu lililoanzishwa na wadukuzi, kwa wadukuzi! Jiunge nasi kwenye [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) leo, na anza kupata zawadi hadi **$100,000**!
2022-06-09 08:38:14 +00:00
{% embed url="https://go.intigriti.com/hacktricks" %}
***
2022-09-08 15:18:29 +00:00
### [Trickest](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks)
<figure><img src=".gitbook/assets/image (45).png" alt=""><figcaption></figcaption></figure>
2022-09-08 15:18:29 +00:00
\
Tumia [**Trickest**](https://trickest.com/?utm\_campaign=hacktrics\&utm\_medium=banner\&utm\_source=hacktricks) kujenga na **kutumia mifumo ya kazi** kwa kutumia zana za jamii za **juu zaidi** duniani.
2022-10-25 19:47:53 +00:00
2024-02-11 02:13:58 +00:00
Pata Ufikiaji Leo:
2022-09-08 15:18:29 +00:00
{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}
***
2023-02-27 10:02:29 +00:00
### [HACKENPROOF](https://bit.ly/3xrrDrL)
2022-10-25 19:47:53 +00:00
<figure><img src=".gitbook/assets/image (47).png" alt=""><figcaption></figcaption></figure>
2022-10-25 19:47:53 +00:00
Jiunge na seva ya [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) ili kuwasiliana na wadukuzi wenye uzoefu na wawindaji wa zawadi za bug!
2023-02-27 09:20:33 +00:00
**Machapisho ya Kudukua**\
Shiriki na yaliyomo yanayochimba kina katika msisimko na changamoto za kudukua
2023-02-27 09:20:33 +00:00
**Habari za Kudukua za Wakati Halisi**\
Kaa sasa na ulimwengu wa kudukua wenye kasi kupitia habari na ufahamu wa wakati halisi
2023-07-14 14:20:34 +00:00
**Matangazo Mapya**\
Baki na taarifa za hivi punde kuhusu bug mpya zinazoanzishwa na sasisho muhimu za jukwaa
2023-07-14 14:20:34 +00:00
2024-02-11 02:13:58 +00:00
**Jiunge nasi kwenye** [**Discord**](https://discord.com/invite/N3FrSbmwdy) na anza kushirikiana na wadukuzi bora leo!
2022-10-25 19:47:53 +00:00
***
### [Pentest-Tools.com](https://pentest-tools.com/) - Jukwaa muhimu la zana za upimaji wa kuingilia
<figure><img src=".gitbook/assets/image (12).png" alt=""><figcaption></figcaption></figure>
**Usanidi wa papo hapo kwa tathmini ya udhaifu & upimaji wa kuingilia**. Tekeleza upimaji kamili kutoka mahali popote na zana na vipengele zaidi ya 20 vinavyoanzia uchunguzi hadi ripoti. Hatuchukui nafasi ya wapimaji wa kuingilia - tunatengeneza zana za desturi, ugunduzi & moduli za kutumia ili kuwarudishia muda wa kuchimba kina, kuvunja makompyuta, na kufurahi.
{% embed url="https://pentest-tools.com/" %}
***
### [SerpApi](https://serpapi.com/)
<figure><img src=".gitbook/assets/image (2).png" alt=""><figcaption></figcaption></figure>
SerpApi inatoa APIs za haraka na rahisi za wakati halisi za **kufikia matokeo ya injini za utaftaji**. Wanachimba injini za utaftaji, kushughulikia proksi, kutatua captchas, na kuchambua data iliyopangwa kwa utajiri kwako.
Usajili kwa moja ya mipango ya SerpApi ni pamoja na ufikiaji wa zaidi ya APIs 50 tofauti za kuchimba injini za utaftaji, ikiwa ni pamoja na Google, Bing, Baidu, Yahoo, Yandex, na zingine.
Tofauti na watoa huduma wengine, majibu ya SerpApi mara kwa mara yanajumuisha matangazo yote, picha na video za ndani, grafu za maarifa, na vipengele vingine vilivyopo kwenye matokeo ya utaftaji.
Wateja wa sasa wa SerpApi ni pamoja na Apple, Shopify, na GrubHub.
Kwa maelezo zaidi tembelea [blogi](https://serpapi.com/blog/)** yao, au jaribu mfano kwenye [**uwanja wa michezo**](https://serpapi.com/playground)** wao.**
Unaweza **kuunda akaunti ya bure** [**hapa**](https://serpapi.com/users/sign\_up)**.**
***
2024-03-25 15:45:34 +00:00
### [Try Hard Security Group](https://discord.gg/tryhardsecurity)
<figure><img src=".gitbook/assets/telegram-cloud-document-1-5159108904864449420.jpg" alt=""><figcaption></figcaption></figure>
{% embed url="https://discord.gg/tryhardsecurity" %}
***
2022-10-05 21:51:12 +00:00
### [WebSec](https://websec.nl/)
<figure><img src=".gitbook/assets/websec (1).svg" alt=""><figcaption></figcaption></figure>
2022-09-21 13:24:22 +00:00
[**WebSec**](https://websec.nl) ni kampuni ya usalama wa mtandao ya kitaalamu iliyoanzishwa huko **Amsterdam** ambayo husaidia kulinda biashara **ulimwenguni kote** dhidi ya vitisho vya usalama wa mtandao vya hivi karibuni kwa kutoa huduma za **usalama wa kuingilia** kwa njia **ya kisasa**.
WebSec ni kampuni ya usalama ya kila kitu ambayo inamaanisha wanafanya yote; Upimaji wa Kuingilia, Ukaguzi wa Usalama, Mafunzo ya Uelewa, Kampeni za Udukuzi, Ukaguzi wa Kanuni, Maendeleo ya Udukuzi, Kutoa Wataalamu wa Usalama na mengi zaidi.
Jambo lingine zuri kuhusu WebSec ni kwamba tofauti na wastani wa tasnia, WebSec wana **imani kubwa katika ujuzi wao**, kwa kiwango ambacho wanahakikisha matokeo bora zaidi, inasemwa kwenye tovuti yao "**Ikiwa hatuwezi kudukua, Hulipi!**". Kwa maelezo zaidi angalia [**tovuti**](https://websec.nl/en/) na [**blogi**](https://websec.nl/blog/) yao!
Pamoja na hayo, WebSec pia ni **msaidizi aliyejitolea wa HackTricks.**
2022-09-21 13:24:22 +00:00
{% embed url="https://www.youtube.com/watch?v=Zq2JycGDCPM" %}
## Leseni & Disclaimer
2022-09-21 13:24:22 +00:00
Angalia hapa:
2022-04-28 16:01:33 +00:00
{% content-ref url="welcome/hacktricks-values-and-faq.md" %}
[hacktricks-values-and-faq.md](welcome/hacktricks-values-and-faq.md)
{% endcontent-ref %}
2023-02-15 11:31:27 +00:00
2022-04-28 16:01:33 +00:00
<details>
<summary><strong>Jifunze AWS hacking kutoka sifuri hadi shujaa na</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
2022-04-28 16:01:33 +00:00
2024-02-11 02:13:58 +00:00
Njia nyingine za kusaidia HackTricks:
2023-12-30 10:12:47 +00:00
* Ikiwa unataka kuona **kampuni yako ikitangazwa kwenye HackTricks** au **kupakua HackTricks kwa PDF** Angalia [**MIPANGO YA KUJIUNGA**](https://github.com/sponsors/carlospolop)!
* Pata [**bidhaa rasmi za PEASS & HackTricks**](https://peass.creator-spring.com)
* Gundua [**Familia ya PEASS**](https://opensea.io/collection/the-peass-family), mkusanyiko wetu wa [**NFTs**](https://opensea.io/collection/the-peass-family) ya kipekee
* **Jiunge na** 💬 [**Kikundi cha Discord**](https://discord.gg/hRep4RUj7f) au kikundi cha [**telegram**](https://t.me/peass) au **tufuate** kwenye **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Shiriki mbinu zako za udukuzi kwa kuwasilisha PRs kwa** [**HackTricks**](https://github.com/carlospolop/hacktricks) na [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) repos za github.
2022-04-28 16:01:33 +00:00
</details>