419 Commits

Author	SHA1	Message	Date
carlospolop	47c4cdb89b	f	2025-10-23 12:53:05 +02:00
carlospolop	e09246386b	f	2025-10-23 12:48:56 +02:00
carlospolop	08c2e42b76	f	2025-10-17 17:37:06 +02:00
carlospolop	1719f8ed3c	f	2025-10-13 22:42:54 +02:00
carlospolop	9df8a4ac92	organize aws + new attacks	2025-10-09 12:26:40 +02:00
carlospolop	6dd86b2c9e	rds post recheck	2025-10-07 17:28:10 +02:00
carlospolop	95302db34c	AWS RDS post-exploitation: Out-of-band SQL via Data API + master password reset (Aurora)	2025-10-07 14:04:48 +02:00
SirBroccoli	90bd042880	Merge pull request #219 from JaimePolop/master ... IAM and KMS Post Exploitation extended	2025-10-07 11:02:17 +02:00
SirBroccoli	1077cf6f89	Update AWS KMS post-exploitation documentation ... Clarified KMS policy restrictions and updated ransomware sections.	2025-10-07 11:02:01 +02:00
carlospolop	27fd007fdd	lambda attacks recheck	2025-10-07 00:41:18 +02:00
JaimePolop	29e379d07d	IAM and KMS Post Exploitation extended	2025-10-06 19:01:11 +02:00
carlospolop	83663e4f98	dynamoDB attacks recheck	2025-10-06 13:14:59 +02:00
carlospolop	b5b72b0d26	Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud	2025-10-06 11:53:38 +02:00
carlospolop	0f213ea2db	aws secrets manager recheck	2025-10-06 11:53:33 +02:00
SirBroccoli	9508f50485	Update aws-secrets-manager-privesc.md	2025-10-04 11:03:30 +02:00
SirBroccoli	e188809f70	Update aws-secrets-manager-post-exploitation.md	2025-10-04 11:02:17 +02:00
JaimePolop	03a213fcdd	Secrets manager new attacks	2025-10-02 13:23:37 +02:00
SirBroccoli	e9003a3050	Merge pull request #217 from JaimePolop/master ... KMS DOS explanation	2025-10-01 12:22:35 +02:00
JaimePolop	6411d85ebf	KMS DOS explanation	2025-10-01 11:58:25 +02:00
carlospolop	1b274752fd	f	2025-10-01 11:54:20 +02:00
SirBroccoli	8d39c38b58	Merge pull request #216 from HackTricks-wiki/update_Cooking_an_SQL_Injection_Vulnerability_in_Chef_Aut_20250930_182633 ... Cooking an SQL Injection Vulnerability in Chef Automate	2025-09-30 21:13:40 +02:00
SirBroccoli	7097f55620	Update SUMMARY.md	2025-09-30 21:13:20 +02:00
HackTricks News Bot	21b31a3be3	Add content from: Cooking an SQL Injection Vulnerability in Chef Automate ... - Remove searchindex.js (auto-generated file)	2025-09-30 18:28:35 +00:00
JaimePolop	5d031d4518	Roles Anywhere explanation	2025-09-30 17:50:02 +02:00
SirBroccoli	1e51bb702d	Merge pull request #210 from HackTricks-wiki/update_Forgotten_20250917_063108 ... Forgotten	2025-09-30 01:24:53 +02:00
SirBroccoli	1111212cbb	Update attacking-kubernetes-from-inside-a-pod.md	2025-09-30 01:07:36 +02:00
SirBroccoli	bb763109dc	Merge pull request #209 from HackTricks-wiki/update_GitHub_Actions__A_Cloudy_Day_for_Security_-_Part_2_20250915_124429 ... GitHub Actions A Cloudy Day for Security - Part 2	2025-09-30 01:05:33 +02:00
SirBroccoli	25af34d5a2	Merge pull request #208 from HackTricks-wiki/update_Building_Hacker_Communities__Bug_Bounty_Village__g_20250915_123837 ... Building Hacker Communities Bug Bounty Village, getDisclosed...	2025-09-30 00:57:56 +02:00
carlospolop	c8957b9107	f	2025-09-30 00:39:12 +02:00
SirBroccoli	de064b1b68	Merge pull request #214 from JaimePolop/master ... GetFederatedToken & IAM Roles Anywhere Privesc	2025-09-30 00:23:32 +02:00
SirBroccoli	78767e199c	Merge pull request #207 from HackTricks-wiki/update_GitHub_Actions__A_Cloudy_Day_for_Security_-_Part_1_20250909_013245 ... GitHub Actions A Cloudy Day for Security - Part 1	2025-09-29 23:05:37 +02:00
SirBroccoli	65816a9798	Merge pull request #206 from HackTricks-wiki/update_Model_Namespace_Reuse__An_AI_Supply-Chain_Attack_E_20250904_125657 ... Model Namespace Reuse An AI Supply-Chain Attack Exploiting M...	2025-09-29 23:04:02 +02:00
SirBroccoli	fc5e23269c	Update pentesting-cloud-methodology.md	2025-09-29 23:03:41 +02:00
SirBroccoli	89a2ab54ae	Update pentesting-cloud-methodology.md	2025-09-29 23:03:04 +02:00
JaimePolop	f3afa739ad	Roles Anywhere explanation	2025-09-29 22:53:29 +02:00
JaimePolop	590e54ea9e	stsgetfederatedtoken	2025-09-29 17:15:59 +02:00
JaimePolop	e153dc47b0	stsgetfederatedtoken	2025-09-29 17:14:00 +02:00
HackTricks News Bot	37b03b3517	Add content from: Forgotten ... - Remove searchindex.js (auto-generated file)	2025-09-17 06:34:24 +00:00
HackTricks News Bot	a6491998d2	Add content from: GitHub Actions: A Cloudy Day for Security - Part 2 ... - Remove searchindex.js (auto-generated file)	2025-09-15 12:47:04 +00:00
HackTricks News Bot	dba44c006e	Add content from: Building Hacker Communities: Bug Bounty Village, getDisclose... ... - Remove searchindex.js (auto-generated file)	2025-09-15 12:43:09 +00:00
HackTricks News Bot	b9b20e4567	Add content from: GitHub Actions: A Cloudy Day for Security - Part 1 ... - Remove searchindex.js (auto-generated file)	2025-09-09 01:35:49 +00:00
carlospolop	7f435558c4	Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud	2025-09-05 01:35:13 +02:00
carlospolop	a7ce58fa25	tf	2025-09-05 01:34:02 +02:00
HackTricks News Bot	5b5e339f96	Add content from: Model Namespace Reuse: An AI Supply-Chain Attack Exploiting ... ... - Remove searchindex.js (auto-generated file)	2025-09-04 13:00:46 +00:00
SirBroccoli	5bd2aafc8e	Merge pull request #204 from HackTricks-wiki/update_Gitblit_CVE-2024-28080__SSH_public_key_fallback_to_20250829_182811 ... Gitblit CVE-2024-28080 SSH public‑key fallback to password a...	2025-08-31 10:17:05 +02:00
SirBroccoli	00730ca794	Add Gitblit Security section to SUMMARY.md	2025-08-31 10:16:44 +02:00
SirBroccoli	923f510164	Refactor pentesting CI/CD methodology document ... Removed redundant sections on CI/CD pipelines and VCS pentesting methodology. Updated references and streamlined content for clarity.	2025-08-31 10:15:04 +02:00
SirBroccoli	fec9bfb986	Update pentesting-ci-cd-methodology.md	2025-08-31 10:12:16 +02:00
SirBroccoli	6a11053885	Remove CVE-2024-28080 details from documentation ... Removed detailed explanation of CVE-2024-28080, including summary, root cause, exploitation steps, impact, detection ideas, and mitigations.	2025-08-31 10:11:39 +02:00
SirBroccoli	fd19dc2304	Update aws-ecs-privesc.md	2025-08-31 10:06:24 +02:00