# HackTricks
_Hacktricks logos & motion design by_ [_@ppiernacho_](https://www.instagram.com/ppieranacho/)_._ {% hint style="success" %} **Welcome to the wiki where you will find each hacking trick/technique/whatever I have learnt from CTFs, real life apps, reading researches, and news.** {% endhint %} To get started follow this page where you will find the **typical flow** that **you should follow when pentesting** one or more **machines:** {% content-ref url="generic-methodologies-and-resources/pentesting-methodology.md" %} [pentesting-methodology.md](generic-methodologies-and-resources/pentesting-methodology.md) {% endcontent-ref %} ## Corporate Sponsors ### [STM Cyber](https://www.stmcyber.com)
[**STM Cyber**](https://www.stmcyber.com) is a great cybersecurity company whose slogan is **HACK THE UNHACKABLE**. They perform their own research and develop their own hacking tools to **offer several valuable cybersecurity services** like pentesting, Red teams and training. You can check their **blog** in [**https://blog.stmcyber.com**](https://blog.stmcyber.com) **STM Cyber** also support cybersecurity open source projects like HackTricks :) *** ### [RootedCON](https://www.rootedcon.com/)
[**RootedCON**](https://www.rootedcon.com) is the most relevant cybersecurity event in **Spain** and one of the most important in **Europe**. With **the mission of promoting technical knowledge**, this congress is a boiling meeting point for technology and cybersecurity professionals in every discipline. {% embed url="https://www.rootedcon.com/" %} *** ### [Intigriti](https://www.intigriti.com)
**Intigriti** is the **Europe's #1** ethical hacking and **bug bounty platform.** **Bug bounty tip**: **sign up** for **Intigriti**, a premium **bug bounty platform created by hackers, for hackers**! Join us at [**https://go.intigriti.com/hacktricks**](https://go.intigriti.com/hacktricks) today, and start earning bounties up to **$100,000**! {% embed url="https://go.intigriti.com/hacktricks" %} *** ### [Trickest](https://trickest.com/?utm_campaign=hacktrics\&utm_medium=banner\&utm_source=hacktricks)
\ Use [**Trickest**](https://trickest.com/?utm_campaign=hacktrics\&utm_medium=banner\&utm_source=hacktricks) to easily build and **automate workflows** powered by the world's **most advanced** community tools. Get Access Today: {% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %} *** ### [HACKENPROOF](https://bit.ly/3xrrDrL)
Join [**HackenProof Discord**](https://discord.com/invite/N3FrSbmwdy) server to communicate with experienced hackers and bug bounty hunters! * **Hacking Insights:** Engage with content that delves into the thrill and challenges of hacking * **Real-Time Hack News:** Keep up-to-date with fast-paced hacking world through real-time news and insights * **Latest Announcements:** Stay informed with the newest bug bounties launching and crucial platform updates **Join us on** [**Discord**](https://discord.com/invite/N3FrSbmwdy) and start collaborating with top hackers today! *** ### [Pentest-Tools.com](https://pentest-tools.com/?utm_term=jul2024\&utm_medium=link\&utm_source=hacktricks\&utm_campaign=spons) - The essential penetration testing toolkit
**Get a hacker's perspective on your web apps, network, and cloud** **Find and report critical, exploitable vulnerabilities with real business impact.** Use our 20+ custom tools to map the attack surface, find security issues that let you escalate privileges, and use automated exploits to collect essential evidence, turning your hard work into persuasive reports. {% embed url="https://pentest-tools.com/?utm_term=jul2024&utm_medium=link&utm_source=hacktricks&utm_campaign=spons" %} *** ### [SerpApi](https://serpapi.com/)
**SerpApi** offers fast and easy real-time APIs to **access search engine results**. They scrape search engines, handle proxies, solve captchas, and parse all rich structured data for you. A subscription to one of SerpApi’s plans includes access to over 50 different APIs for scraping different search engines, including Google, Bing, Baidu, Yahoo, Yandex, and more.\ Unlike other providers, **SerpApi doesn’t just scrape organic results**. SerpApi responses consistently include all ads, inline images and videos, knowledge graphs, and other elements and features present in the search results. Current SerpApi customers include **Apple, Shopify, and GrubHub**.\ For more information check out their [**blog**](https://serpapi.com/blog/)**,** or try an example in their [**playground**](https://serpapi.com/playground)**.**\ You can **create a free account** [**here**](https://serpapi.com/users/sign_up)**.** *** ### 8kSec Academy – In-Depth Mobile Security Courses
Learn the technologies and skills required to perform vulnerability research, penetration testing, and reverse engineering to protect mobile applications and devices. **Master iOS and Android security** through our on-demand courses and **get certified**: {% embed url="https://academy.8ksec.io/" %} *** ### [WebSec](https://websec.nl/)
[**WebSec**](https://websec.nl) is a professional cybersecurity company based in **Amsterdam** which helps **protecting** businesses **all over the world** against the latest cybersecurity threats by providing **offensive-security services** with a **modern** approach. WebSec is an **all-in-one security company** which means they do it all; Pentesting, **Security** Audits, Awareness Trainings, Phishing Campagnes, Code Review, Exploit Development, Security Experts Outsourcing and much more. Another cool thing about WebSec is that unlike the industry average WebSec is **very confident in their skills**, to such an extent that they **guarantee the best quality results**, it states on their website "**If we can't hack it, You don't pay it!**". For more info take a look at their [**website**](https://websec.nl/en/) and [**blog**](https://websec.nl/blog/)! In addition to the above WebSec is also a **committed supporter of HackTricks.** {% embed url="https://www.youtube.com/watch?v=Zq2JycGDCPM" %} ## License & Disclaimer Check them in: {% content-ref url="welcome/hacktricks-values-and-faq.md" %} [hacktricks-values-and-faq.md](welcome/hacktricks-values-and-faq.md) {% endcontent-ref %} ## Github Stats ![HackTricks Github Stats](https://repobeats.axiom.co/api/embed/68f8746802bcf1c8462e889e6e9302d4384f164b.svg) {% hint style="success" %} Learn & practice AWS Hacking:[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)\ Learn & practice GCP Hacking: [**HackTricks Training GCP Red Team Expert (GRTE)**](https://training.hacktricks.xyz/courses/grte)
Support HackTricks * Check the [**subscription plans**](https://github.com/sponsors/carlospolop)! * **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks_live)**.** * **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
{% endhint %}