No description
Find a file
2024-08-21 08:50:14 +00:00
.gitbook/assets Translated ['network-services-pentesting/pentesting-smtp/smtp-smuggling. 2024-08-18 11:01:13 +00:00
.github Translated ['.github/pull_request_template.md'] to cn 2024-02-04 11:00:20 +00:00
a.i.-exploiting/bra.i.nsmasher-presentation Translated ['a.i.-exploiting/bra.i.nsmasher-presentation/README.md', 'a. 2024-02-04 16:26:04 +00:00
backdoors Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:17:52 +00:00
binary-exploitation Translated ['binary-exploitation/libc-heap/double-free.md'] to cn 2024-08-13 18:55:41 +00:00
blockchain/blockchain-and-crypto-currencies Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:17:52 +00:00
c2 Translated ['binary-exploitation/basic-stack-binary-exploitation-methodo 2024-07-18 22:08:20 +00:00
courses-and-certifications-reviews Translated to Chinese 2023-08-03 19:12:22 +00:00
crypto-and-stego Translated ['crypto-and-stego/cryptographic-algorithms/unpacking-binarie 2024-07-19 04:51:22 +00:00
cryptography Translated ['binary-exploitation/basic-stack-binary-exploitation-methodo 2024-07-18 22:08:20 +00:00
ctf-write-ups Translated ['ctf-write-ups/challenge-0521.intigriti.io.md', 'ctf-write-u 2024-02-07 04:49:09 +00:00
exploiting Translated ['binary-exploitation/basic-stack-binary-exploitation-methodo 2024-07-18 22:08:20 +00:00
forensics/basic-forensic-methodology Translated ['crypto-and-stego/cryptographic-algorithms/unpacking-binarie 2024-07-19 04:51:22 +00:00
generic-methodologies-and-resources Translated ['generic-methodologies-and-resources/pentesting-network/READ 2024-08-21 08:50:14 +00:00
hardware-physical-access Translated ['crypto-and-stego/cryptographic-algorithms/unpacking-binarie 2024-07-19 04:51:22 +00:00
linux-hardening Translated ['linux-hardening/privilege-escalation/docker-security/namesp 2024-07-30 11:15:41 +00:00
linux-unix/privilege-escalation Translated ['crypto-and-stego/cryptographic-algorithms/unpacking-binarie 2024-07-19 04:51:22 +00:00
macos-hardening Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-08-15 22:34:05 +00:00
misc Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 05:18:31 +00:00
mobile-pentesting Translated ['generic-methodologies-and-resources/pentesting-network/webr 2024-07-29 11:04:58 +00:00
network-services-pentesting Translated ['network-services-pentesting/pentesting-web/apache.md', 'pen 2024-08-19 11:11:27 +00:00
pentesting-web Translated ['pentesting-web/email-injections.md', 'todo/emails-vulns.md' 2024-08-19 15:46:18 +00:00
physical-attacks Translated ['generic-methodologies-and-resources/basic-forensic-methodol 2024-07-19 10:11:43 +00:00
radio-hacking Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 16:08:50 +00:00
reversing Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00
reversing-and-exploiting Translated ['binary-exploitation/basic-stack-binary-exploitation-methodo 2024-07-18 22:08:20 +00:00
stego Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00
todo Translated ['macos-hardening/macos-security-and-privilege-escalation/mac 2024-07-19 16:08:50 +00:00
welcome Translated ['pentesting-web/browser-extension-pentesting-methodology/REA 2024-07-19 15:59:20 +00:00
windows-hardening Translated ['windows-hardening/active-directory-methodology/laps.md'] to 2024-08-13 18:57:32 +00:00
.gitignore Update .gitignore 2023-06-25 15:55:55 +02:00
1911-pentesting-fox.md Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:17:52 +00:00
6881-udp-pentesting-bittorrent.md Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:17:52 +00:00
android-forensics.md Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:17:52 +00:00
burp-suite.md Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:17:52 +00:00
emails-vulns.md Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:17:52 +00:00
interesting-http.md Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:17:52 +00:00
LICENSE.md Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:17:52 +00:00
online-platforms-with-api.md Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:17:52 +00:00
other-web-tricks.md Translated ['network-services-pentesting/512-pentesting-rexec.md', 'netw 2024-08-04 15:17:39 +00:00
pentesting-dns.md Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:17:52 +00:00
post-exploitation.md Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:17:52 +00:00
README.md Translated ['README.md'] to cn 2024-08-04 15:01:11 +00:00
stealing-sensitive-information-disclosure-from-a-web.md Translated ['1911-pentesting-fox.md', '6881-udp-pentesting-bittorrent.md 2024-07-18 18:17:52 +00:00
SUMMARY.md Translated ['pentesting-web/email-injections.md', 'todo/emails-vulns.md' 2024-08-19 15:46:18 +00:00

HackTricks

Hacktricks logos & motion design by @ppiernacho.

{% hint style="success" %} 欢迎来到这个维基在这里你将找到我从CTF、现实生活应用、阅读研究和新闻中学到的每一个黑客技巧/技术/无论什么。 {% endhint %}

要开始,请遵循此页面,在这里你将找到你在进行一个或多个机器的渗透测试时应该遵循的典型流程:

{% content-ref url="generic-methodologies-and-resources/pentesting-methodology.md" %} pentesting-methodology.md {% endcontent-ref %}

Corporate Sponsors

STM Cyber

STM Cyber 是一家优秀的网络安全公司,其口号是HACK THE UNHACKABLE。他们进行自己的研究并开发自己的黑客工具,以提供多种有价值的网络安全服务,如渗透测试、红队和培训。

你可以在https://blog.stmcyber.com查看他们的博客

STM Cyber 还支持网络安全开源项目,如 HackTricks :)


RootedCON

RootedCON西班牙最重要的网络安全事件之一,也是欧洲最重要的活动之一。该大会的使命是促进技术知识,是技术和网络安全专业人士在各个学科的一个热闹的交流平台。

{% embed url="https://www.rootedcon.com/" %}


Intigriti

Intigriti欧洲第一的道德黑客和漏洞赏金平台

漏洞赏金提示注册 Intigriti,这是一个由黑客为黑客创建的高级漏洞赏金平台!今天就加入我们,访问https://go.intigriti.com/hacktricks,开始赚取高达**$100,000**的赏金!

{% embed url="https://go.intigriti.com/hacktricks" %}


Trickest


使用Trickest轻松构建和自动化工作流程,由世界上最先进的社区工具提供支持。

今天就获取访问权限:

{% embed url="https://trickest.com/?utm_campaign=hacktrics&utm_medium=banner&utm_source=hacktricks" %}


HACKENPROOF

加入HackenProof Discord服务器,与经验丰富的黑客和漏洞赏金猎人交流!

  • 黑客见解:参与深入探讨黑客的刺激和挑战的内容
  • 实时黑客新闻:通过实时新闻和见解,跟上快速变化的黑客世界
  • 最新公告:了解最新的漏洞赏金发布和重要平台更新

加入我们 Discord,今天就开始与顶级黑客合作!


即时可用的漏洞评估和渗透测试设置。使用20多个工具和功能从侦察到报告随时进行全面的渗透测试。我们不替代渗透测试人员 - 我们开发自定义工具、检测和利用模块以便让他们有更多时间深入挖掘、获取shell并享受乐趣。

{% embed url="https://pentest-tools.com/?utm_term=jul2024&utm_medium=link&utm_source=hacktricks&utm_campaign=spons" %}


SerpApi

SerpApi 提供快速且简单的实时API访问搜索引擎结果。他们抓取搜索引擎,处理代理,解决验证码,并为你解析所有丰富的结构化数据。

订阅SerpApi的计划之一包括访问50多个不同的API用于抓取不同的搜索引擎包括Google、Bing、百度、Yahoo、Yandex等。
与其他提供商不同,SerpApi不仅仅抓取自然结果。SerpApi的响应始终包括所有广告、内联图像和视频、知识图谱以及搜索结果中存在的其他元素和功能。

当前的SerpApi客户包括Apple、Shopify和GrubHub
有关更多信息,请查看他们的博客****或在他们的游乐场中尝试示例。
你可以在这里创建一个免费账户。


Try Hard Security Group

{% embed url="https://discord.gg/tryhardsecurity" %}


WebSec

WebSec 是一家总部位于阿姆斯特丹的专业网络安全公司,帮助保护全球企业免受最新网络安全威胁,通过提供进攻性安全服务现代的方式。

WebSec 是一家一体化安全公司,这意味着他们做所有事情;渗透测试、安全审计、意识培训、网络钓鱼活动、代码审查、漏洞开发、安全专家外包等等。

WebSec的另一个酷点是与行业平均水平不同WebSec对他们的技能非常自信,以至于他们保证最佳质量结果,他们在网站上声明“如果我们无法攻破它,你就不需要支付!”。有关更多信息,请查看他们的网站博客

除了上述内容WebSec 还是HackTricks的坚定支持者

{% embed url="https://www.youtube.com/watch?v=Zq2JycGDCPM" %}

WhiteIntel

WhiteIntel 是一个暗网驱动的搜索引擎,提供免费功能,以检查公司或其客户是否被窃取恶意软件入侵

WhiteIntel的主要目标是打击由于信息窃取恶意软件导致的账户接管和勒索软件攻击。

你可以在以下网址查看他们的网站并免费尝试他们的引擎:

{% embed url="https://whiteintel.io" %}

License & Disclaimer

查看它们在:

{% content-ref url="welcome/hacktricks-values-and-faq.md" %} hacktricks-values-and-faq.md {% endcontent-ref %}

Github Stats

HackTricks Github Stats

{% hint style="success" %} 学习和实践AWS黑客技术HackTricks Training AWS Red Team Expert (ARTE)
学习和实践GCP黑客技术HackTricks Training GCP Red Team Expert (GRTE)

支持HackTricks
{% endhint %}