383 Commits

Author	SHA1	Message	Date
SirBroccoli	78767e199c	Merge pull request #207 from HackTricks-wiki/update_GitHub_Actions__A_Cloudy_Day_for_Security_-_Part_1_20250909_013245 ... GitHub Actions A Cloudy Day for Security - Part 1	2025-09-29 23:05:37 +02:00
SirBroccoli	65816a9798	Merge pull request #206 from HackTricks-wiki/update_Model_Namespace_Reuse__An_AI_Supply-Chain_Attack_E_20250904_125657 ... Model Namespace Reuse An AI Supply-Chain Attack Exploiting M...	2025-09-29 23:04:02 +02:00
SirBroccoli	fc5e23269c	Update pentesting-cloud-methodology.md	2025-09-29 23:03:41 +02:00
SirBroccoli	89a2ab54ae	Update pentesting-cloud-methodology.md	2025-09-29 23:03:04 +02:00
HackTricks News Bot	b9b20e4567	Add content from: GitHub Actions: A Cloudy Day for Security - Part 1 ... - Remove searchindex.js (auto-generated file)	2025-09-09 01:35:49 +00:00
carlospolop	7f435558c4	Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud	2025-09-05 01:35:13 +02:00
carlospolop	a7ce58fa25	tf	2025-09-05 01:34:02 +02:00
HackTricks News Bot	5b5e339f96	Add content from: Model Namespace Reuse: An AI Supply-Chain Attack Exploiting ... ... - Remove searchindex.js (auto-generated file)	2025-09-04 13:00:46 +00:00
SirBroccoli	5bd2aafc8e	Merge pull request #204 from HackTricks-wiki/update_Gitblit_CVE-2024-28080__SSH_public_key_fallback_to_20250829_182811 ... Gitblit CVE-2024-28080 SSH public‑key fallback to password a...	2025-08-31 10:17:05 +02:00
SirBroccoli	00730ca794	Add Gitblit Security section to SUMMARY.md	2025-08-31 10:16:44 +02:00
SirBroccoli	923f510164	Refactor pentesting CI/CD methodology document ... Removed redundant sections on CI/CD pipelines and VCS pentesting methodology. Updated references and streamlined content for clarity.	2025-08-31 10:15:04 +02:00
SirBroccoli	fec9bfb986	Update pentesting-ci-cd-methodology.md	2025-08-31 10:12:16 +02:00
SirBroccoli	6a11053885	Remove CVE-2024-28080 details from documentation ... Removed detailed explanation of CVE-2024-28080, including summary, root cause, exploitation steps, impact, detection ideas, and mitigations.	2025-08-31 10:11:39 +02:00
SirBroccoli	fd19dc2304	Update aws-ecs-privesc.md	2025-08-31 10:06:24 +02:00
Fake1Sback	599d45c50a	Added a separate section about the ecs run-task privesc method, since it was only briefly mentioned in the iam:PassRole, (ecs:UpdateService|ecs:CreateService) section	2025-08-30 18:52:59 +03:00
HackTricks News Bot	5b2a228050	Add content from: Gitblit CVE-2024-28080: SSH public‑key fallback to password ... ... - Remove searchindex.js (auto-generated file)	2025-08-29 18:31:33 +00:00
carlospolop	c09016a56f	Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud	2025-08-29 11:47:04 +02:00
carlospolop	77b76bfb00	a	2025-08-29 11:45:00 +02:00
carlospolop	3883d1a74e	clean	2025-08-29 11:42:28 +02:00
carlospolop	d761716a28	f	2025-08-28 19:51:53 +02:00
carlospolop	d05d94d995	f	2025-08-25 23:20:13 +02:00
carlospolop	15ff9a7d1c	f	2025-08-24 13:22:10 +02:00
SirBroccoli	33ca677b86	Update README.md	2025-08-21 02:19:10 +02:00
SirBroccoli	07a16af4ec	Update README.md	2025-08-21 02:12:04 +02:00
SirBroccoli	d7c57cba6e	Update accessible-deleted-data-in-github.md	2025-08-21 02:05:51 +02:00
SirBroccoli	236a8a2cec	Update README.md	2025-08-21 01:59:20 +02:00
SirBroccoli	f3fd4b9294	Update README.md	2025-08-21 01:56:10 +02:00
HackTricks News Bot	f171d1a97d	Add content from: How we exploited CodeRabbit: from a simple PR to RCE and wri...	2025-08-19 18:40:49 +00:00
SirBroccoli	855ef5fd9e	Merge pull request #197 from HackTricks-wiki/update_Terraform_Cloud_token_abuse_turns_speculative_plan_20250815_124146 ... Terraform Cloud token abuse turns speculative plan into remo...	2025-08-19 17:22:17 +02:00
SirBroccoli	3ff0c8a86f	Update terraform-security.md	2025-08-19 17:22:04 +02:00
carlospolop	414eeda035	Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud	2025-08-18 16:51:47 +02:00
carlospolop	dac7b0f906	fix?	2025-08-18 16:51:43 +02:00
SirBroccoli	3b456ebc2e	Merge pull request #195 from HackTricks-wiki/update_How_to_transfer_files_in_AWS_using_SSM_20250806_013457 ... How to transfer files in AWS using SSM	2025-08-18 16:48:47 +02:00
SirBroccoli	f0df70528a	Update README.md	2025-08-18 16:48:30 +02:00
SirBroccoli	f705477774	Merge pull request #193 from hasshido/master ... grte-mightocho	2025-08-18 16:37:29 +02:00
carlospolop	aff8ab0252	Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud	2025-08-18 16:36:42 +02:00
carlospolop	06b577d42f	f	2025-08-18 16:36:38 +02:00
SirBroccoli	14e986b2a7	Merge pull request #196 from lambdasawa/master ... grte-lambdasawa	2025-08-18 16:06:12 +02:00
HackTricks News Bot	c76cc24a59	Add content from: Terraform Cloud token abuse turns speculative plan into remo...	2025-08-15 12:46:29 +00:00
Tsubasa Irisawa	15bde67918	Add GCP Cloud Tasks privesc page	2025-08-14 23:47:19 +09:00
HackTricks News Bot	3f16d3c5f3	Add content from: How to transfer files in AWS using SSM	2025-08-06 01:38:30 +00:00
afaq	82a44ea4c0	Updated Cognito Identity CLI Command Format ... Replaced outdated key=value syntax with JSON-based in "--logins" format, keeping the old format for preserved legacy.	2025-08-04 23:56:55 +05:00
hasshido	839f139795	Merge branch 'HackTricks-wiki:master' into master	2025-08-04 12:41:01 +02:00
carlospolop	b82a88252c	f	2025-08-04 11:37:34 +02:00
carlospolop	c3cfb95b87	f	2025-08-04 11:29:20 +02:00
carlospolop	e0b92e3b7a	f	2025-08-01 12:04:42 +02:00
SirBroccoli	f521c0d95a	Merge pull request #192 from HackTricks-wiki/update_AnsibleHound___BloodHound_Collector_for_Ansible_Wo_20250801_015104 ... AnsibleHound – BloodHound Collector for Ansible WorX and Tow...	2025-08-01 11:55:14 +02:00
SirBroccoli	96b0de9ec9	Update kubernetes-basics.md	2025-08-01 11:53:55 +02:00
SirBroccoli	6b96bae348	Update README.md	2025-08-01 11:53:20 +02:00
SirBroccoli	5fd9ed5048	Update gcp-add-custom-ssh-metadata.md	2025-08-01 11:52:52 +02:00