diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 5e04d31db..772a6a297 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -4,7 +4,7 @@ You can remove this content before sending the PR: We value your knowledge and encourage you to share content. Please ensure that you only upload content that you own or that have permission to share it from the original author (adding a reference to the author in the added text or at the end of the page you are modifying or both). Your respect for intellectual property rights fosters a trustworthy and legal sharing environment for everyone. ## HackTricks Training -If you are adding so you can pass the in the [ARTE certification](https://training.hacktricks.xyz/courses/arte) exam with 2 flags instead of 3, you need to call the PR `arte-`. +If you are sending a PR so you can pass the in the [ARTE certification](https://hacktricks-training.com/courses/arte) exam with 2 flags instead of 3, you need to call the PR `arte-`, `grte-` or `azrte-`, depending on the certification you are doing. Also, remember that grammar/syntax fixes won't be accepted for the exam flag reduction. diff --git a/src/banners/hacktricks-training.md b/src/banners/hacktricks-training.md index fa05e2626..0ca6dd6d0 100644 --- a/src/banners/hacktricks-training.md +++ b/src/banners/hacktricks-training.md @@ -1,7 +1,7 @@ > [!TIP] -> Learn & practice AWS Hacking:[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)\ -> Learn & practice GCP Hacking: [**HackTricks Training GCP Red Team Expert (GRTE)**](https://training.hacktricks.xyz/courses/grte)\ -> Learn & practice Az Hacking: [**HackTricks Training Azure Red Team Expert (AzRTE)**](https://training.hacktricks.xyz/courses/azrte) +> Learn & practice AWS Hacking:[**HackTricks Training AWS Red Team Expert (ARTE)**](https://hacktricks-training.com/courses/arte)\ +> Learn & practice GCP Hacking: [**HackTricks Training GCP Red Team Expert (GRTE)**](https://hacktricks-training.com/courses/grte)\ +> Learn & practice Az Hacking: [**HackTricks Training Azure Red Team Expert (AzRTE)**](https://hacktricks-training.com/courses/azrte) > >
> diff --git a/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-domain-services.md b/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-domain-services.md index d5cb39c57..90f6d053e 100644 --- a/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-domain-services.md +++ b/src/pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-domain-services.md @@ -25,7 +25,7 @@ Members of the generated **`AAD DC Administrators`** group are granted local adm - **`DnsAdmins`**: This group allows to manage the DNS settings and was abused in the past to [escalate privileges and compromise the domain](https://book.hacktricks.wiki/en/windows-hardening/active-directory-methodology/privileged-groups-and-token-privileges.html?highlight=dnsadmin#dnsadmins), however after testing the attack in this environment it was checked that the vulnerability is patched: ```text -dnscmd TDW52Y80ZE26M1K.azure.training.hacktricks.xyz /config /serverlevelplugindll \\10.1.0.6\c$\Windows\Temp\adduser.dll +dnscmd TDW52Y80ZE26M1K.azure.hacktricks-training.com /config /serverlevelplugindll \\10.1.0.6\c$\Windows\Temp\adduser.dll DNS Server failed to reset registry property. Status = 5 (0x00000005) @@ -62,7 +62,7 @@ az rest --method post \ # Get domain configuration az rest --url "https://management.azure.com/subscriptions//resourceGroups/entra-domain-services/providers/Microsoft.AAD/DomainServices/?api-version=2022-12-01&healthdata=true" ## e.g. -az rest --url "https://management.azure.com/subscriptions/0ce1297c-9153-425d-3229-f51093614377/resourceGroups/entra-domain-services/providers/Microsoft.AAD/DomainServices/azure.training.hacktricks.xyz?api-version=2022-12-01&healthdata=true" +az rest --url "https://management.azure.com/subscriptions/0ce1297c-9153-425d-3229-f51093614377/resourceGroups/entra-domain-services/providers/Microsoft.AAD/DomainServices/azure.hacktricks-training.com?api-version=2022-12-01&healthdata=true" # Based on the VNet assigned to the domain services, you can enumerate the VMs in the domain diff --git a/src/pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.md b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.md index 9495c9e2a..a5000161b 100644 --- a/src/pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.md +++ b/src/pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.md @@ -164,7 +164,7 @@ Donkey token is a set of functions which aim to help security consultants who ne **Test each portal** if it's possible to **login without MFA**: ```bash -$username = "conditional-access-app-user@azure.training.hacktricks.xyz" +$username = "conditional-access-app-user@azure.hacktricks-training.com" $password = ConvertTo-SecureString "Poehurgi78633" -AsPlainText -Force $cred = New-Object System.Management.Automation.PSCredential($username, $password) Invoke-MFATest -credential $cred -Verbose -Debug -InformationAction Continue diff --git a/theme/ai.js b/theme/ai.js index 4188b5cdd..f8ac9a30f 100644 --- a/theme/ai.js +++ b/theme/ai.js @@ -14,7 +14,7 @@ * ❶ Markdown rendering + sanitised (same as before) * ❷ ENHANCED: improved drag‑to‑resize panel with better UXdiscount.jpeg'; const TXT = 'Click here for HT Summer Discounts, Last Days!'; - const URL = 'https://training.hacktricks.xyz'; + const URL = 'https://hacktricks-training.com'; // Stop if user already dismissed if (localStorage.getItem(KEY) === 'true') return; diff --git a/theme/index.hbs b/theme/index.hbs index 79030f8c4..fc18767b6 100644 --- a/theme/index.hbs +++ b/theme/index.hbs @@ -151,7 +151,7 @@