HackTricks is a project which aims to offer free quality hacking resources to all the world, so people can learn for free the latest techniques in cybersecurity
Yes, there is a NEW HACKTRICKS. Yes, I want to make it public.
We just need to reach 10.000 points:
- Like this = 1 point
- Retweet this = 3 points
- Buy Hacktricks PDF = 20 points ()
1/3
From HackTricks we work on getting hacking closer to people, so both HackTricks and HackTricks Cloud books have been translated to Spanish, French and Portuguese, using
@OpenAI
gtp-3.5-turbo API and
@trick3st
.
Check:
Considering learning AWS hacking??
In a month we are releasing HackTricks AWS Red Team Expert cert.
You will learn from the basics how to:
- (ab)use more 25 AWS services
- Perform White and Black box (Red Team) AWS pentests
- Bypass aws defenses
More info:
Some good news: HackTricks is NOT going to be private
You can access the latest content in (as always).
But I'm looking for a few good cybersecurity companies that want to announce their services there (20% discount for the first one!)
I'm very proud to announce that Hacktricks has the first ad sponsor!
Thank you very much
@intigriti
!
You can check one of the ads in
If your company is interested in having ads in HackTricks just contact me!
HackTricks has been rebranded!
Check the new logos at and and let me know what you think.
Follow the new Linkedin page for the latests news about HackTricks (big things coming)
#hacktricks
#cybersecurity
Last week I changed Hacktricks () to a dark theme.
Some people has asked me to go back to the light theme, but I know other people that prefers the new dark one.
Let me know what you prefer!
#hacktricks
Carlos is the 1st one passing HackTricks ARTE (AWS Red Team Expert) cert.
Interested in learning AWS hacking from zero to perform White Box reviews and Red Teams?
Check
I guess this counts as a self-signed certificate?
#hacktricks
#training
#aws
#hacking
This Summer the PEASS-ng repo () reached the 10K stars!
As promised, I added checks from the private version into the public version in both WinPEAS and LinPEAS.
1/3
Since last year,
#HackTricks
has been available in Spanish, Portuguese, French, Chinese, Hindi, and Japanese, enhancing accessibility for our diverse users.
And every new addition is being translated to those languages.
This is because HackTricks aims to provide high-quality…
I'm very excited to announce that
@ly4k_
, creator of certipy, the AD CS privesc techniques ECS9&ECS10, researcher of the Windows AD privesc Certifried(CVE-2022–26923)... will be joining me this Wed on to explain AD CS techniques with demos!
#hacktricks
If you used HackTricks in 2022 smash that like/retweet button!
Thank you very much to all the sponsors that HackTricks had during 2022, and to all the people using it. Let's make 2023 even greater!
If your company would like to be part of HackTricks' sponsors, dm me!
HackTricks live is coming!
I'm thinking about creating Twitch to explain concepts from HackTricks & HackTricks cloud, solve CTFs, and talk about cybersecurity in general.
Like, retweet and/or comment what you would like to learn!
#hacktricks
#live
#cybersecurity
#cloud
HackTricks just got a new sponsor!!
Thank you very much Security Hubs for supporting Hacktricks!
You can check one of the ads in
If your company is interested in having ads in HackTricks just contact me!
#thankyou
#hacktricks
The day has finally arrived! HackTricks ARTE (AWS Red Team Expert) cert is now available at !
We've opened 100 spots with an early bird discount, don't miss yours!
#hacktricks
#training
Hi guys! I'm looking for awesome Cloud & Infra pentesters to work with me in
@HalbornSecurity
. We will be auditing cloud envs (mainly GCP and AWS), K8s envs, infrastructure (blackbox & whitebox), and Red Teams (zero trust networks with a lot of SaaS and Cloud without Active D).
Did you know about ?
It's a repository of Regular Expressions to search for API keys, secrets, sensitive info...
It's maintained by us and open for PRs. The PEASS-ng suite has been using for months.
Take a look and smash that ⭐ if you find it useful!
Found some AWS credentials in a Red Team and want to enumerate while being stealth? Here are some ideas:
- BF your permissions by trying to use them with (you can set a sleep time and the AWS services to enumerate to do this under the radar)
- If you have…
Google Cloud Platforms uses thousands of permissions, but only a few can be useful for privilege escalation.
In you can find the ones that are known to be useful to privesc.
Last week I had the chance to give 2 talks in the great
@rootedcon
.
Me and Yago Gutiérrez presented a novel technique to load binaries in memory in linux we called DDexec (github: carlospolop/DDexec and arget13/DDexec).
I also presented my tool PurplePanda to privesc in the cloud
Learn AWS hacking from zero with the HackTricks Training AWS Red Team Expert Certification which will be released on December 4th!
More info about the pricing and laboratories in
#hacktricks
#training
#hacking
#cloud
#aws
We just got a little more than 6500 points in a week!
I'm very happy about all the support received so I will be releasing the new HackTricks this Wednesday.
Thank you to everyone that supported the new HackTricks to make this possible!
You are awesome!
#HackTricks
Why should pentesters be interested in cloud hacking??
First stream about cloud hacking in this Wednesday at 5.30pm (UTC)
#hacktricks
#live
#hacking
#cloud
First cloud hacking twitch session scheduled next Wednesday (7th) at 5.30pm(UTC)!
If you want to learn about hacking cloud, k8s, web and interesting CTFs feel free to follow!
Twitch:
Youtube:
#cloud
#hacking
#hacktricks
#live
Next Wed 24th Jan at 19.00 CET Ignacio Dominguez and I are going to be presenting new HackTricks Training Certification and Course ARTE () at HackTricks twitch:
If you're interested in mastering AWS penetration testing and Red Team…
I'm very proud to announce that INE() is going to be sponsoring Hacktricks!!
Find more about them in the Corporate Sponsors section of the main page of Hacktricks ()
Today
@_JohnHammond
and
@Congon4tor
will be joining me in to solve some challenges from the CTF at 5pm (UTC), 6pm (CET), 12pm (ET).
Don't miss it! Although if you do, videos will then be posted in youtube:
@hacktricks_LIVE
Thank you to
@HalbornSecurity
and
@hackthebox_eu
for the opportunity of doing the Hailstorm Prolab (AWS).
It's fun to practice Cloud red teaming, although I have to say that I had already done most of the AWS cloud tricks from this cert while writing
Amazing talk of
@patowc
in HackTricks Track at
@rootedcon
2023.
He explained several tricks on how to use Frida in Red Team Assignments, don't miss it:
#hacktricks
Check out the highly improved Kubernetes pentesting methodology of hacktricks and discover things like how to enumerate K8s from a pod, privesc, escape and enumerate the node, and how to escape from K8s to other clouds like GCP or AWS.
🚨 Alerta, ¡notición!
Hacktricks, también llamada la Biblia del
#hacker
, ¡tendrá un track adicional en
#RootedCON
2023!
¡Encantados de teneros en nuestro barco,
@carlospolopm
y
@Bea_GilG
!
👇 ¡Registro abierto! 👇
Last week I had the honour to participate in the European Cybersecurity Challenge in Prague as the captain of the Spanish team.
It was a wonderful experience and even if it could have gone better for us we had lots of fun and learned new stuff.
Go
#ECSCTeamSpain
!
Tomorrow (Wed 24th Jan) at 19.00 CET Carlos and
@Congon4tor
are going to present the ARTE (AWS Red Team Expert) Certification in
Don't miss it if you are interested in finding out what you can learn from the best certification in AWS offensive security!…
winPEASv2 has been released: 40+ checks, 10 checks improved, faster, automatically launch linPEAS from it if wsl is present... and a PS onliner to launch it form memory!
This possible thanks to makikvues an awesome C# programmer!
Last week TeamEU was the winner of the first edition of the ICC where the teams EU, USA, Asia, LATAM, Africa, Oceania and Canada participated.
It was amazing to play this CTF with such an awesome team!
#TeamEU
#ICC2022
You a cloud pentester?
I'll leave this CTF cloud chall open 1 week:
Title: Smoke in the Cloud... and fire in the sky!
Go to
All the cloud resources of this chall are in eu-west-1 region. There are processes restoring some resources every X second/minutes.
Tickets are for sale for
#RootedCON2023
(Madrid, 9-11th March)!
The awesome
@criptored
and
#HackTricks
tracks are giving away a pack of 2 tickets to attend it.
Retweet and/or comment to participate!
(Do both for double opportunity ;)
Winner will be announced next Tuesday
Magnificent talk from
@Congon4tor
at HackTricks Track at
@rootedcon
2023 exploiting & compromising several scenarios of CI/CD, Kubernetes and AWS:
Don't miss it!
#hacktricks
Review of the last student that successfully passed HackTricks Training ARTE (AWS Red Team Expert) Certification & Course:
Hey all, I just finished the HackTricks ARTE exam. This was a great course and exam, OSCP style (despite a small reset issue at the beginning, quickly…
Find a summary of the talk
@arget1313
and Carlos gave at DEFCON in and slides in
Talk title: Exploring Linux Memory Manipulation for Stealth and Evasion
Enjoy!
I'll be giving a talk with
@arget1313
at
#defcon
tomorrow Sunday at 1pm in track 4 about abusing Linux memory to bypass file system based protections and distroless envs.
The technique can also be used to execute anything in a very stealth way.
Don't miss it if you are around!
@_JohnHammond
If you want to go next level check final form of a research by
@arget1313
and me presented in
@rootedcon
(You can load entire binaries just from sh)
New HackTricks Training course released!!
ARTA - AWS Red Team Apprentice.
Start your journey in AWS hacking by learning from the basics how AWS environments work, how to detect and exploit common misconfigurations in the most used AWS services and how to perform proper hardening…
Incredible talk from
@_JohnHammond
at HackTricks Track at
@rootedcon
2023 titled: All Aboard The Supply Chain! Vulnerabilities & Exploits Throughout the Proverbial Pipeline.
Don't miss it!
#hacktricks
For now on you can download the latest linpeas/winpeas versions from the releases page:
And moreover, you can now find linpeas in binary format for different platforms! (it's just linpeas script embed inside a binary)
Have you checked the new community version of
@trick3st
?
You can create your workflows in Trickest and run them almost for free!
This is going to change how bug hunters and pentesters launch their tools, no more ugly shell scripts!
Check for more info!
I recently changed the name from PEASS to PEASS-ng, this is because some big changes have occurred recently in the repo and more are coming!
If you want to know which ones don't miss my talk about PEASS-ng in DEFCON29 Adversary Village! ()
If you want to learn AWS Pentesting and Red Team from zero to do complete assessments by yourself at the best price note that the AWS Red Team Expert Certification early bird discount will expire the 9th of Feb!
IMPORTANT: You can buy a voucher and redeem it within 1 year!
Get…
Awesome talk of
@arget1313
at HackTricks Track in
@rootedcon
2023 about stealthiness in Linux titled: Stealth intrusions with DDexec-ng & in-memory dlopen()
Don't miss it:
#hacktricks
Today in at 5.30pm (UTC)
@arget1313
will be joining to talk about techniques to load in memory shellcodes and binaries from sh using techniques such as DDexec, TailExec...
We will do demos and also disclose how to avoid EDRs.
#hacktricks
#live
#ddexec
The private HackTricks book contains hacking tricks about Cloud & SaaS applications. Things like:
- Privilege Escalation + Post Exploitation in AWS
- Privilege Escalation + Post Exploitation in GCP
- Pentesting Kubernetes
- Pentesting Github/Jenkins/Airflow...
- More...
Did you know that Github Secrets aren't that "secret" at all? Do you know how to bypass branch protections with the default Github Actions GITHUB_TOKEN?
Discover how to Pentest/Red Team a Github Organization in Hacktricks
Merry Christmas and/or Happy Holidays to one and all!
As we merrily jingle our way towards the end of another year, it's a heartwarming delight to share with you that the HackTricks community has grown even more vibrant and bustling! 🎄🌟
Here's a sprinkle of 2023 cheer with…
I created 2 web challs (medium and hard) and 1 cloud chall (hard) for the
#NahamCon2022
()
Have fun solving them and the best of luck to all the participants!
🌍 We're looking to make
#HackTricks
more accessible globally! Leave in a comment the language(s) you would like to see both HackTricks books translated into!
#hacktricks
#cybersecurity
@_superhero1
Hi mate, thanks for letting know the community about this issue.
The "auto-exploit" capability of linpeas has been there for several months, and until now no-one had troubles with linpeas.
This auto-exploit capability has been replaced for a simple check:
New linpeas output is cleaner and some info enumeration checks (not related to privesc) aren't launched now by default.
To launch all the enumeration checks you can use the flag `-e`. The flag `-a` will also launch everything, including new regex searches to find API keys & pwds
Hacktricks just got a new ad sponsor!!
Thank you very much
@Securityb0at
for supporting Hacktricks!
You can check one of the ads in
If your company is interested in having ads in HackTricks just contact me!
#thankyou
#hacktricks
Latest versions of PEASS-ng & HackTricks are now available through
You can find more checks in win/linpeas, more stable versions and several new tricks in HackTricks (new being added everyday!)
Today at 1pm I'll be presenting live at
@Rootedcon
my newest tool for Privilege Escalation in the Cloud, Purple Panda. Don't miss it if you're around and stay tuned to my Twitter for when it becomes available online!
Thank you to
@intruder_io
who has started sponsoring HackTricks!
Intruder makes vulnerability management easy, tracking your attack surface and monitoring it for vulnerabilities.
Find more info about them in
#hacktricks
#sponsors
#cybersecurity
It was possible to leak Github & Bitbucket configured tokens in AWS CodeBuild as post-exploitation vector.
More info in HackTricks Cloud:
#hacktricks
#cloud
#cybersecurity