gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-03-12 21:22:57 -07:00
Code Issues Packages Projects Releases Wiki Activity
874 Commits 19 Branches 17 Tags
08ca5b601ddf4ab7b81231220fffc63357791b2f
Commit Graph

874 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
SirBroccoli
08ca5b601d Merge pull request #258 from AMOussama/bedrock-agentcore-code-interpreter 
arte-Oussama - Bedrock agentcore code interpreter
 2026-02-12 20:36:02 +01:00
Oussama Ait Manssour
4557349141 docs(aws): add AgentCore Code Interpreter role pivot privesc 2026-02-12 18:35:30 +01:00
Carlos Polop
745851f56d f ht url 2026-02-12 14:18:33 +01:00
SirBroccoli
d319c5283b Merge pull request #254 from HackTricks-wiki/update_GatewayToHeaven__Finding_a_Cross-Tenant_Vulnerabil_20260203_185749 
GatewayToHeaven Finding a Cross-Tenant Vulnerability in GCP'...
 2026-02-12 14:10:09 +01:00
Carlos Polop
9b923592af Move Apigee post-exploitation technique into its own page 2026-02-12 14:06:56 +01:00
SirBroccoli
6d8fa0c2fc Merge pull request #256 from HackTricks-wiki/update_Trusting_Claude_With_a_Knife__Unauthorized_Prompt__20260206_184722 
Trusting Claude With a Knife Unauthorized Prompt Injection t...
 2026-02-12 14:04:54 +01:00
SirBroccoli
c8bd0b86fd Merge pull request #255 from MAAYTHM/patch-1 
Fix typo in S3 encryption method
 2026-02-12 14:01:52 +01:00
SirBroccoli
3c05bcfbf2 Merge pull request #253 from HackTricks-wiki/update_Threat_Actors_Using_AWS_WorkMail_in_Phishing_Campa_20260127_183842 
Threat Actors Using AWS WorkMail in Phishing Campaigns
 2026-02-12 13:30:45 +01:00
SirBroccoli
9f30d3f8e8 Merge pull request #252 from HackTricks-wiki/update_nodes_proxy_GET___Kubelet__exec_RCE_via_WebSocket__20260127_014641 
nodes/proxy GET → Kubelet /exec RCE via WebSocket handshake ...
 2026-02-12 13:20:29 +01:00
SirBroccoli
d4b7c719ea Merge pull request #251 from HackTricks-wiki/update_SharePointDumper_20260127_014432 
SharePointDumper
 2026-02-12 13:09:08 +01:00
Oussama Ait Manssour
9f57fc7119 Rename src/pentesting-cloud/aws-security/aws-privilege-escalation/src/pentesting-cloud/aws-security /aws-bedrock-agentcore-privesc.md to src/pentesting-cloud/aws-security/aws-privilege-escalation/aws-bedrock-agentcore-privesc/README.md 2026-02-12 11:04:17 +01:00
Oussama Ait Manssour
70738d211e Revise AWS Bedrock AgentCore Code Interpreter documentation 
Updated the AWS Bedrock AgentCore documentation to clarify the Code Interpreter Role Pivot technique, including details on preconditions, required IAM actions, exploitation flow, and mitigation strategies.
 2026-02-12 00:06:33 +01:00
Carlos Polop
d3f02fa469 f 2026-02-11 12:56:08 +01:00
HackTricks News Bot
0d72508bc8 Add content from: Trusting Claude With a Knife: Unauthorized Prompt Injection ... 2026-02-06 18:53:46 +00:00
Carlos Polop
6918c5539d f 2026-02-05 13:33:06 +01:00
Carlos Polop
a539034c29 f 2026-02-05 13:15:58 +01:00
Aayush Samriya
ab13130748 Fix typo in S3 encryption method 
This PR fixes a typo in the "Amazon Athena" section regarding supported S3 encryption methods.

The text currently states:
> "SSE-C and CSE-E are not supported."

"CSE-E" is not a valid AWS encryption acronym. The document previously defines **Client-side encryption with customer provided keys** as **CSE-C**.

Since Athena does not support client-side encryption where the key is managed entirely by the customer (without KMS), **CSE-C** is the correct term to pair with SSE-C as unsupported methods.
 2026-02-05 11:29:39 +05:30
Carlos Polop
886bd7bee9 change navbar 2026-02-05 00:44:00 +01:00
Carlos Polop
9e28d1f000 f 2026-02-04 11:27:07 +01:00
Carlos Polop
6e2e489c39 f 2026-02-04 11:17:02 +01:00
HackTricks News Bot
3b110bdefe Add content from: GatewayToHeaven: Finding a Cross-Tenant Vulnerability in GCP... 2026-02-03 19:00:44 +00:00
Carlos Polop
a5e792e60a PRs public codebuild abuse 2026-02-03 13:42:01 +01:00
Carlos Polop
6d17062d44 improve style 2026-01-28 15:05:04 +01:00
Carlos Polop
8c1b0c4522 fix 2026-01-28 10:44:05 +01:00
HackTricks News Bot
6be7ed9238 Add content from: Threat Actors Using AWS WorkMail in Phishing Campaigns 2026-01-27 18:48:13 +00:00
HackTricks News Bot
e19da8e90c Add content from: nodes/proxy GET → Kubelet /exec RCE via WebSocket handshake ... 2026-01-27 01:48:53 +00:00
HackTricks News Bot
41b59810d8 Add content from: SharePointDumper 2026-01-27 01:46:05 +00:00
Carlos Polop
b6082c0f47 Fix CloudFront invalidation globbing 2026-01-26 16:08:11 +01:00
Carlos Polop
583de4835d Test hbs invalidation 2026-01-26 16:06:53 +01:00
Carlos Polop
924282288f Revert cache invalidation test comment 2026-01-26 15:48:18 +01:00
Carlos Polop
17ab1baa9a Fix CloudFront invalidation workflow triggers 2026-01-26 15:47:49 +01:00
Carlos Polop
32e189ed82 Pin mdBook in image and add CloudFront invalidation workflow 2026-01-26 15:46:25 +01:00
Carlos Polop
7ea6486f3f fix expandables on index 2026-01-26 15:28:31 +01:00
Carlos Polop
e359bef3d1 fix ad in mobile version 2026-01-26 11:47:45 +01:00
SirBroccoli
98363bcd9e Merge pull request #250 from SrFlipFlop/stepfunctions-old-cli 
Corrected AWS CLI syntax for Step Functions
 2026-01-26 01:50:18 +01:00
Carlos Polop
39346f3b9e fix ui 2026-01-26 01:44:52 +01:00
SrFlipFlop
26a50a62d0 While I was doing the ARTE lab on Step Functions, I noticed that some Hacktricks commands were incorrect or should be using an earlier version of AWS CLI. Changed aws states for aws stepfunctions. 2026-01-22 17:36:06 +01:00
Carlos Polop
349afe720a Restore enumeration commands in Azure network doc 2026-01-21 21:36:00 +01:00
HackTricks News Bot
5642a68eb9 Add content from: DNS OverDoS: Are Private Endpoints Too Private? 2026-01-21 21:34:34 +01:00
SirBroccoli
4ba2a825c6 Merge pull request #248 from Jacob-Ham/automation-accounts-addition 
Added azure rest command for webhook creation.
 2026-01-21 21:28:23 +01:00
Carlos Polop
58b2dc7621 f 2026-01-21 21:14:36 +01:00
Carlos Polop
12bbfb1041 f 2026-01-21 21:07:17 +01:00
Carlos Polop
8ffaedacfa a 2026-01-21 21:03:44 +01:00
Carlos Polop
7b66f39ce6 Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud 2026-01-18 23:17:19 +01:00
Carlos Polop
ffaced98d4 f 2026-01-18 23:17:17 +01:00
Jacob H
9d5350dc2e Added runOn key for hybrid worker. 
Updated az rest command to specify hybrid worker with runOn
 2026-01-18 10:14:15 -06:00
Jacob H
b782a5ebb8 Added azure rest command for webhook creation. 
Clarified commands for creating webhooks in Azure Automation by adding the Azure CLI REST method.
 2026-01-18 09:50:01 -06:00
SirBroccoli
6ced6574a0 Merge pull request #246 from HackTricks-wiki/update_Infiltrating_the_AWS_Console_Supply_Chain__Hijacki_20260116_124313 
Infiltrating the AWS Console Supply Chain Hijacking Core AWS...
 2026-01-18 15:58:08 +01:00
SirBroccoli
c716f0a3ba Merge pull request #240 from HackTricks-wiki/update_Holiday_Hack_Challenge_2025__Act_1__-_Spare_Key_20260106_124916 
Holiday Hack Challenge 2025 (Act 1) - Spare Key
 2026-01-18 15:57:07 +01:00
SirBroccoli
7f7f8b3183 Merge branch 'master' into update_Holiday_Hack_Challenge_2025__Act_1__-_Spare_Key_20260106_124916 2026-01-18 15:56:29 +01:00