HackTricks
@hacktricks_live
Followers
12,386
Following
198
Media
45
Statuses
408
HackTricks is a project which aims to offer free quality hacking resources to all the world, so people can learn for free the latest techniques in cybersecurity
Joined May 2020
Don't wanna be here?
Send us removal request.
Explore trending content on Musk Viewer
Madonna
• 1276386 Tweets
어린이날
• 381448 Tweets
こどもの日
• 337522 Tweets
Canelo
• 244569 Tweets
NHKマイル
• 125633 Tweets
子供の日
• 97048 Tweets
4TO4 ENGLOT GAME SHOW
• 91709 Tweets
鯉のぼり
• 76597 Tweets
#マリカにじさんじ杯
• 69046 Tweets
GW最終日
• 48640 Tweets
ジャンタルマンタル
• 41012 Tweets
TOP10Worldwide MOONLIGHTiTunes
• 37386 Tweets
アスコリピチェーノ
• 37350 Tweets
マリカ杯
• 26005 Tweets
#ユーフォ3期
• 25796 Tweets
予選突破
• 22106 Tweets
#ไขข้อขึ้นใจไปกับนุนิว
• 21457 Tweets
ボンドガール
• 21407 Tweets
ルメール
• 21045 Tweets
Happy Easter
• 19582 Tweets
Patrick Drinks Milk
• 17103 Tweets
ロジリオン
• 15780 Tweets
新潟大賞典
• 15174 Tweets
Χριστος Ανεστη
• 13577 Tweets
#bbclaurak
• 11335 Tweets
महाराणा प्रताप
• 10988 Tweets
JR京都駅
• 10529 Tweets
Pinned Tweet
HackTricks Repos are now located in:
-
-
PEASS-ng Repo is now located in:
-
Previous locations will redirect there also!
0
15
77
Yes, there is a NEW HACKTRICKS. Yes, I want to make it public.
We just need to reach 10.000 points:
- Like this = 1 point
- Retweet this = 3 points
- Buy Hacktricks PDF = 20 points ()
1/3
17
292
739
HackTricksGPT:
It should be a GPT with HackTricks knowledge, give it a try and let me know what you think!
11
133
651
HackTricks Cloud (or CloudTrick) is finally public:
-
-
Thank you again to all the supporters!
#hacktricks
#cloud
47
226
628
Considering learning AWS hacking??
In a month we are releasing HackTricks AWS Red Team Expert cert.
You will learn from the basics how to:
- (ab)use more 25 AWS services
- Perform White and Black box (Red Team) AWS pentests
- Bypass aws defenses
More info:
10
67
441
Some good news: HackTricks is NOT going to be private
You can access the latest content in (as always).
But I'm looking for a few good cybersecurity companies that want to announce their services there (20% discount for the first one!)
30
77
366
I'm very proud to announce that Hacktricks has the first ad sponsor!
Thank you very much
@intigriti
!
You can check one of the ads in
If your company is interested in having ads in HackTricks just contact me!
11
46
324
HackTricks has been rebranded!
Check the new logos at and and let me know what you think.
Follow the new Linkedin page for the latests news about HackTricks (big things coming)
#hacktricks
#cybersecurity
6
56
314
Last week I changed Hacktricks () to a dark theme.
Some people has asked me to go back to the light theme, but I know other people that prefers the new dark one.
Let me know what you prefer!
#hacktricks
55
23
299
Carlos is the 1st one passing HackTricks ARTE (AWS Red Team Expert) cert.
Interested in learning AWS hacking from zero to perform White Box reviews and Red Teams?
Check
I guess this counts as a self-signed certificate?
#hacktricks
#training
#aws
#hacking
8
29
290
This Summer the PEASS-ng repo () reached the 10K stars!
As promised, I added checks from the private version into the public version in both WinPEAS and LinPEAS.
1/3
3
45
197
Since last year,
#HackTricks
has been available in Spanish, Portuguese, French, Chinese, Hindi, and Japanese, enhancing accessibility for our diverse users.
And every new addition is being translated to those languages.
This is because HackTricks aims to provide high-quality…
8
12
191
I'm very excited to announce that
@ly4k_
, creator of certipy, the AD CS privesc techniques ECS9&ECS10, researcher of the Windows AD privesc Certifried(CVE-2022–26923)... will be joining me this Wed on to explain AD CS techniques with demos!
#hacktricks
1
30
190
If you used HackTricks in 2022 smash that like/retweet button!
Thank you very much to all the sponsors that HackTricks had during 2022, and to all the people using it. Let's make 2023 even greater!
If your company would like to be part of HackTricks' sponsors, dm me!
3
34
172
Do you want to learn how to perform browser extension pentests?
New HackTricks page:
#hacktricks
0
49
163
Awesome talk from
@ly4k_
in HackTricks Track at RootedCON 2023.
He gave a great introduction to Windows 0 days researching, don't miss it:
#hacktricks
0
50
160
HackTricks live is coming!
I'm thinking about creating Twitch to explain concepts from HackTricks & HackTricks cloud, solve CTFs, and talk about cybersecurity in general.
Like, retweet and/or comment what you would like to learn!
#hacktricks
#live
#cybersecurity
#cloud
4
18
139
Have you already use HackTricks Cloud ()?
What are your thoughts? What are you missing?
2
39
141
Congratulations to Marcos L., the first student successfully completing the HackTricks Training AWS Red Team Expert (htARTE - ) course and exam!
Well done!
#hacktricks
#training
#aws
#cloud
#cybersecurity
1
12
110
HackTricks just got a new sponsor!!
Thank you very much Security Hubs for supporting Hacktricks!
You can check one of the ads in
If your company is interested in having ads in HackTricks just contact me!
#thankyou
#hacktricks
2
18
102
Can you find anything wrong in this AWS Trust Policy??
(AWS - Easy level)
9
9
100
The day has finally arrived! HackTricks ARTE (AWS Red Team Expert) cert is now available at !
We've opened 100 spots with an early bird discount, don't miss yours!
#hacktricks
#training
2
24
97
Hi guys! I'm looking for awesome Cloud & Infra pentesters to work with me in
@HalbornSecurity
. We will be auditing cloud envs (mainly GCP and AWS), K8s envs, infrastructure (blackbox & whitebox), and Red Teams (zero trust networks with a lot of SaaS and Cloud without Active D).
3
17
85
Did you know about ?
It's a repository of Regular Expressions to search for API keys, secrets, sensitive info...
It's maintained by us and open for PRs. The PEASS-ng suite has been using for months.
Take a look and smash that ⭐ if you find it useful!
1
19
81
Found some AWS credentials in a Red Team and want to enumerate while being stealth? Here are some ideas:
- BF your permissions by trying to use them with (you can set a sleep time and the AWS services to enumerate to do this under the radar)
- If you have…
0
13
78
After a few days having fun with it I have added an intro to Flipper Zero (from
@flipper_zero
) in HackTricks:
I hope you find it useful!
#hacktricks
3
14
74
Tools to find your permissions in AWS from a black box perspective:
-
-
-
-
-
1
19
72
Google Cloud Platforms uses thousands of permissions, but only a few can be useful for privilege escalation.
In you can find the ones that are known to be useful to privesc.
0
21
68
Last week I had the chance to give 2 talks in the great
@rootedcon
.
Me and Yago Gutiérrez presented a novel technique to load binaries in memory in linux we called DDexec (github: carlospolop/DDexec and arget13/DDexec).
I also presented my tool PurplePanda to privesc in the cloud
2
12
63
Quick research on the current status of Github Leaks and tools to automate the findings using great
@trick3st
workflows. Enjoy!
1
14
61
Learn AWS hacking from zero with the HackTricks Training AWS Red Team Expert Certification which will be released on December 4th!
More info about the pricing and laboratories in
#hacktricks
#training
#hacking
#cloud
#aws
2
17
60
We just got a little more than 6500 points in a week!
I'm very happy about all the support received so I will be releasing the new HackTricks this Wednesday.
Thank you to everyone that supported the new HackTricks to make this possible!
You are awesome!
#HackTricks
0
2
57
0
26
53
Why should pentesters be interested in cloud hacking??
First stream about cloud hacking in this Wednesday at 5.30pm (UTC)
#hacktricks
#live
#hacking
#cloud
0
4
52
First cloud hacking twitch session scheduled next Wednesday (7th) at 5.30pm(UTC)!
If you want to learn about hacking cloud, k8s, web and interesting CTFs feel free to follow!
Twitch:
Youtube:
#cloud
#hacking
#hacktricks
#live
0
12
51
Awesome talk of
@giulia__martino
at HackTricks Track in
@rootedcon
2023 about binary exploitation (SROP and ret2dlresolve), don't miss it:
#hacktricks
1
14
51
Next Wed 24th Jan at 19.00 CET Ignacio Dominguez and I are going to be presenting new HackTricks Training Certification and Course ARTE () at HackTricks twitch:
If you're interested in mastering AWS penetration testing and Red Team…
3
7
50
I'm very proud to announce that INE() is going to be sponsoring Hacktricks!!
Find more about them in the Corporate Sponsors section of the main page of Hacktricks ()
3
5
49
Today
@_JohnHammond
and
@Congon4tor
will be joining me in to solve some challenges from the CTF at 5pm (UTC), 6pm (CET), 12pm (ET).
Don't miss it! Although if you do, videos will then be posted in youtube:
@hacktricks_LIVE
0
8
46
Exciting news! We're thrilled to announce the amazing speakers for HackTricks track at
@rootedcon
!
Get ready to hear from some of the brightest minds in the industry:
@_johnhammond
@ly4k_
@urruts
@patowc
@arget1313
@giulia__martino
@Congon4tor
@sickrov
Luis Buendía
@Bea_GilG
1
10
43
Check out the new GCP pentesting methodology of HackTricks in !
As always, if you know a trick that isn't listed there feel free to share it via PR in
1
14
47
Check how Carlos used
@trick3st
to parse almost 15TB of public Github logs to obtain a bast amount of OSINT (users & repo) information:
#osint
#cybersecurity
#github
0
7
45
Thank you to
@HalbornSecurity
and
@hackthebox_eu
for the opportunity of doing the Hailstorm Prolab (AWS).
It's fun to practice Cloud red teaming, although I have to say that I had already done most of the AWS cloud tricks from this cert while writing
2
3
42
Amazing talk of
@patowc
in HackTricks Track at
@rootedcon
2023.
He explained several tricks on how to use Frida in Red Team Assignments, don't miss it:
#hacktricks
0
13
42
0
10
36
New section about MacOS security in Hacktricks: .
And you can enumerate a MacOS system using MacPEAS:
0
11
32
Check out the highly improved Kubernetes pentesting methodology of hacktricks and discover things like how to enumerate K8s from a pod, privesc, escape and enumerate the node, and how to escape from K8s to other clouds like GCP or AWS.
0
11
31
You can still use linpeas in the OSCP :)
4
4
28
HackTricks will have a track in
#RootedCON
2023 (Madrid)!
🚨 Alerta, ¡notición!
Hacktricks, también llamada la Biblia del
#hacker
, ¡tendrá un track adicional en
#RootedCON
2023!
¡Encantados de teneros en nuestro barco,
@carlospolopm
y
@Bea_GilG
!
👇 ¡Registro abierto! 👇
0
7
24
3
6
29
Last week I had the honour to participate in the European Cybersecurity Challenge in Prague as the captain of the Spanish team.
It was a wonderful experience and even if it could have gone better for us we had lots of fun and learned new stuff.
Go
#ECSCTeamSpain
!
0
2
27
Latest version of linpeas () checks for vulnerable log4j-core versions in the system.
Moreover, find how to exploit Log4Shell in Hacktricks in
JNDI - Java Naming and Directory Interface & Log4Shell | HackTricks | HackTricks
book.hacktricks.xyz
1
6
27
Tomorrow (Wed 24th Jan) at 19.00 CET Carlos and
@Congon4tor
are going to present the ARTE (AWS Red Team Expert) Certification in
Don't miss it if you are interested in finding out what you can learn from the best certification in AWS offensive security!…
0
9
27
winPEASv2 has been released: 40+ checks, 10 checks improved, faster, automatically launch linPEAS from it if wsl is present... and a PS onliner to launch it form memory!
This possible thanks to makikvues an awesome C# programmer!
5
6
25
You a cloud pentester?
I'll leave this CTF cloud chall open 1 week:
Title: Smoke in the Cloud... and fire in the sky!
Go to
All the cloud resources of this chall are in eu-west-1 region. There are processes restoring some resources every X second/minutes.
1
3
26
Tickets are for sale for
#RootedCON2023
(Madrid, 9-11th March)!
The awesome
@criptored
and
#HackTricks
tracks are giving away a pack of 2 tickets to attend it.
Retweet and/or comment to participate!
(Do both for double opportunity ;)
Winner will be announced next Tuesday
17
33
26
Magnificent talk from
@Congon4tor
at HackTricks Track at
@rootedcon
2023 exploiting & compromising several scenarios of CI/CD, Kubernetes and AWS:
Don't miss it!
#hacktricks
0
8
26
Review of the last student that successfully passed HackTricks Training ARTE (AWS Red Team Expert) Certification & Course:
Hey all, I just finished the HackTricks ARTE exam. This was a great course and exam, OSCP style (despite a small reset issue at the beginning, quickly…
0
3
26
Find a summary of the talk
@arget1313
and Carlos gave at DEFCON in and slides in
Talk title: Exploring Linux Memory Manipulation for Stealth and Evasion
Enjoy!
0
3
24
I'll be giving a talk with
@arget1313
at
#defcon
tomorrow Sunday at 1pm in track 4 about abusing Linux memory to bypass file system based protections and distroless envs.
The technique can also be used to execute anything in a very stealth way.
Don't miss it if you are around!
0
5
24
@_JohnHammond
If you want to go next level check final form of a research by
@arget1313
and me presented in
@rootedcon
(You can load entire binaries just from sh)
1
5
24
New HackTricks Training course released!!
ARTA - AWS Red Team Apprentice.
Start your journey in AWS hacking by learning from the basics how AWS environments work, how to detect and exploit common misconfigurations in the most used AWS services and how to perform proper hardening…
0
7
24
Incredible talk from
@_JohnHammond
at HackTricks Track at
@rootedcon
2023 titled: All Aboard The Supply Chain! Vulnerabilities & Exploits Throughout the Proverbial Pipeline.
Don't miss it!
#hacktricks
0
12
24
For now on you can download the latest linpeas/winpeas versions from the releases page:
And moreover, you can now find linpeas in binary format for different platforms! (it's just linpeas script embed inside a binary)
2
9
23
Have you checked the new community version of
@trick3st
?
You can create your workflows in Trickest and run them almost for free!
This is going to change how bug hunters and pentesters launch their tools, no more ugly shell scripts!
Check for more info!
0
7
23
I recently changed the name from PEASS to PEASS-ng, this is because some big changes have occurred recently in the repo and more are coming!
If you want to know which ones don't miss my talk about PEASS-ng in DEFCON29 Adversary Village! ()
0
2
23
I received this a while ago... Me and
@arget1313
talk got accepted at DEF CON!
See you all in there!
0
3
23
You can now transform the PEASS output to HTML and PDF with
0
9
22
If you want to learn AWS Pentesting and Red Team from zero to do complete assessments by yourself at the best price note that the AWS Red Team Expert Certification early bird discount will expire the 9th of Feb!
IMPORTANT: You can buy a voucher and redeem it within 1 year!
Get…
0
7
22
Some "ugly" scripts useful for external sensitive information recon . Let me know if you would have added something else:
-
-
-
0
2
20
Awesome talk of
@arget1313
at HackTricks Track in
@rootedcon
2023 about stealthiness in Linux titled: Stealth intrusions with DDexec-ng & in-memory dlopen()
Don't miss it:
#hacktricks
0
7
21
Today in at 5.30pm (UTC)
@arget1313
will be joining to talk about techniques to load in memory shellcodes and binaries from sh using techniques such as DDexec, TailExec...
We will do demos and also disclose how to avoid EDRs.
#hacktricks
#live
#ddexec
1
2
21
This auto-exploit capability of linpeas has been replaced for a simple check:
So folks I failed OSCP because linpeas was flagged as auto exploit. F*ck it. Cannot share more details. RIP
104
112
703
2
6
20
The private HackTricks book contains hacking tricks about Cloud & SaaS applications. Things like:
- Privilege Escalation + Post Exploitation in AWS
- Privilege Escalation + Post Exploitation in GCP
- Pentesting Kubernetes
- Pentesting Github/Jenkins/Airflow...
- More...
0
2
20
Did you know that Github Secrets aren't that "secret" at all? Do you know how to bypass branch protections with the default Github Actions GITHUB_TOKEN?
Discover how to Pentest/Red Team a Github Organization in Hacktricks
1
4
18
Did you know that you can find information about Pentesting Wifi in Hacktricks?
#pentesting
#wifi
#hacktricks
0
3
18
Merry Christmas and/or Happy Holidays to one and all!
As we merrily jingle our way towards the end of another year, it's a heartwarming delight to share with you that the HackTricks community has grown even more vibrant and bustling! 🎄🌟
Here's a sprinkle of 2023 cheer with…
1
0
19
New PDFs of HackTricks and HackTricks Cloud accessible from
Thank you to all the HackTricks sponsors!
1
1
17
I created 2 web challs (medium and hard) and 1 cloud chall (hard) for the
#NahamCon2022
()
Have fun solving them and the best of luck to all the participants!
0
1
18
🌍 We're looking to make
#HackTricks
more accessible globally! Leave in a comment the language(s) you would like to see both HackTricks books translated into!
#hacktricks
#cybersecurity
13
1
17
Weekly HackTricks links. This time to learn about Pentesting Elasticsearch, Formula Injection & wmiexec.
-
-
-
#hacktricks
1
2
17
@_superhero1
Hi mate, thanks for letting know the community about this issue.
The "auto-exploit" capability of linpeas has been there for several months, and until now no-one had troubles with linpeas.
This auto-exploit capability has been replaced for a simple check:
0
0
17
This Wednesday (17:35 UTC)
@PinkDraconian
will join me in to talk about his favourite Intigriti XSS challenges and solve them!
#hacktricks
#live
0
1
16
New linpeas output is cleaner and some info enumeration checks (not related to privesc) aren't launched now by default.
To launch all the enumeration checks you can use the flag `-e`. The flag `-a` will also launch everything, including new regex searches to find API keys & pwds
0
2
16
The great conference
@DragonJARCon
(by
@DragonJAR
) has started sponsoring Hacktricks!
You can find one of their ads to learn more about them in
Don't miss it!
#hacktricks
#thankyou
0
5
16
Hacktricks just got a new ad sponsor!!
Thank you very much
@Securityb0at
for supporting Hacktricks!
You can check one of the ads in
If your company is interested in having ads in HackTricks just contact me!
#thankyou
#hacktricks
0
1
16
Latest versions of PEASS-ng & HackTricks are now available through
You can find more checks in win/linpeas, more stable versions and several new tricks in HackTricks (new being added everyday!)
4
3
16
Today at 1pm I'll be presenting live at
@Rootedcon
my newest tool for Privilege Escalation in the Cloud, Purple Panda. Don't miss it if you're around and stay tuned to my Twitter for when it becomes available online!
0
0
16
Thank you to
@intruder_io
who has started sponsoring HackTricks!
Intruder makes vulnerability management easy, tracking your attack surface and monitoring it for vulnerabilities.
Find more info about them in
#hacktricks
#sponsors
#cybersecurity
1
0
16
It was possible to leak Github & Bitbucket configured tokens in AWS CodeBuild as post-exploitation vector.
More info in HackTricks Cloud:
#hacktricks
#cloud
#cybersecurity
0
3
15