gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-03-12 21:22:57 -07:00
Code Issues Packages Projects Releases Wiki Activity
920 Commits 19 Branches 17 Tags
6a9b95fe96ce38ad56428ef416cd98d845bff608
Commit Graph

570 Commits

Author SHA1 Message Date
Carlos Polop
6a9b95fe96 Add SEO post-processing for cloud wiki 2026-03-11 21:25:52 +01:00
Carlos Polop
9e39e77d6e f 2026-03-04 12:21:21 +01:00
Carlos Polop
53d29a8805 Merge branch 'add-ad-entra-pivot-techniques' into master 2026-03-03 18:55:26 +01:00
Carlos Polop
36ea0d12e4 f 2026-03-03 18:53:49 +01:00
SirBroccoli
99f3c09476 Merge pull request #264 from HackTricks-wiki/update_ChatGPT_in_your_inbox__Investigating_Entra_apps_th_20260224_144948 
ChatGPT in your inbox? Investigating Entra apps that request...
 2026-03-03 16:32:28 +01:00
SirBroccoli
92afcc419d Update SUMMARY.md 2026-03-03 16:32:15 +01:00
Carlos Polop
8148555ca5 Remove outdated Connect Sync Policy Abuse technique 2026-03-03 00:49:59 +01:00
Carlos Polop
9bb45f07b4 Refine hybrid pivot docs with current exploitability status 2026-03-03 00:30:14 +01:00
chack
9c61bb2811 Add technical details for AD-to-Entra pivot techniques 2026-03-02 23:24:08 +00:00
chack
93c2d43192 Add AD to Entra pivot techniques from recent talk 2026-03-02 23:03:22 +00:00
Carlos Polop
9ebb2d956e f 2026-03-01 21:18:03 +01:00
Carlos Polop
d847f32cc5 f 2026-03-01 20:50:31 +01:00
Carlos Polop
0e45e2e2c7 Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud 2026-02-27 15:07:10 +01:00
Carlos Polop
d95f15f03e f 2026-02-27 15:07:09 +01:00
HackTricks News Bot
aa12679ea7 Add content from: ChatGPT in your inbox? Investigating Entra apps that request... 2026-02-24 14:49:51 +00:00
Marmeus
17397a0144 Fixed typos 2026-02-23 13:52:13 -05:00
Carlos Polop
202d0fe86c f robots 2026-02-23 11:53:26 +01:00
SirBroccoli
25552f6898 Merge pull request #260 from Marmeus/patch-1 
Add command for EC2 console screenshot retrieval
 2026-02-23 11:13:53 +01:00
Jaime Polop
a05e50758b Update gcp-storage-privesc.md 2026-02-23 11:11:37 +01:00
Jaime Polop
0cfe8fc87d Update README.md 2026-02-20 16:28:54 +01:00
Jaime Polop
633b608c29 Update README.md 2026-02-20 14:12:21 +01:00
Jaime Polop
005ab23773 Update README for IAM privilege escalation example 2026-02-20 14:10:28 +01:00
Marmeus
c35f2ca89b Add command for EC2 console screenshot retrieval 
Added command to retrieve a JPG-format screenshot of a running instance.
 2026-02-19 01:07:16 +00:00
SirBroccoli
1685887efa Merge pull request #259 from Tamirye/dataflowrider 
grte-ye-ti
 2026-02-16 12:06:38 +01:00
Carlos Polop
cd9939def6 f 2026-02-16 12:04:08 +01:00
Carlos Polop
fd262d744f f 2026-02-16 11:02:25 +01:00
Carlos Polop
0c445121d5 f 2026-02-15 22:17:38 +01:00
Tamir Yehuda
936fbc4285 added new GCP Dataflow exploitation, privilege escalation, and enumeration sections 2026-02-15 21:34:08 +02:00
Carlos Polop
3724e2729a f 2026-02-14 20:47:09 +01:00
Carlos Polop
616d1255a8 f 2026-02-14 17:54:58 +01:00
Carlos Polop
1829b6f80d f 2026-02-14 17:54:48 +01:00
Carlos Polop
967a945aa3 f 2026-02-14 15:50:33 +01:00
SirBroccoli
d5284abf61 Merge pull request #257 from AI-redteam/gcp-workstations-privesc 
Gcp workstations privesc & container escape [grte-bstevens]
 2026-02-12 20:36:18 +01:00
SirBroccoli
08ca5b601d Merge pull request #258 from AMOussama/bedrock-agentcore-code-interpreter 
arte-Oussama - Bedrock agentcore code interpreter
 2026-02-12 20:36:02 +01:00
Oussama Ait Manssour
4557349141 docs(aws): add AgentCore Code Interpreter role pivot privesc 2026-02-12 18:35:30 +01:00
Carlos Polop
745851f56d f ht url 2026-02-12 14:18:33 +01:00
SirBroccoli
d319c5283b Merge pull request #254 from HackTricks-wiki/update_GatewayToHeaven__Finding_a_Cross-Tenant_Vulnerabil_20260203_185749 
GatewayToHeaven Finding a Cross-Tenant Vulnerability in GCP'...
 2026-02-12 14:10:09 +01:00
Carlos Polop
9b923592af Move Apigee post-exploitation technique into its own page 2026-02-12 14:06:56 +01:00
SirBroccoli
6d8fa0c2fc Merge pull request #256 from HackTricks-wiki/update_Trusting_Claude_With_a_Knife__Unauthorized_Prompt__20260206_184722 
Trusting Claude With a Knife Unauthorized Prompt Injection t...
 2026-02-12 14:04:54 +01:00
SirBroccoli
c8bd0b86fd Merge pull request #255 from MAAYTHM/patch-1 
Fix typo in S3 encryption method
 2026-02-12 14:01:52 +01:00
SirBroccoli
3c05bcfbf2 Merge pull request #253 from HackTricks-wiki/update_Threat_Actors_Using_AWS_WorkMail_in_Phishing_Campa_20260127_183842 
Threat Actors Using AWS WorkMail in Phishing Campaigns
 2026-02-12 13:30:45 +01:00
SirBroccoli
9f30d3f8e8 Merge pull request #252 from HackTricks-wiki/update_nodes_proxy_GET___Kubelet__exec_RCE_via_WebSocket__20260127_014641 
nodes/proxy GET → Kubelet /exec RCE via WebSocket handshake ...
 2026-02-12 13:20:29 +01:00
SirBroccoli
d4b7c719ea Merge pull request #251 from HackTricks-wiki/update_SharePointDumper_20260127_014432 
SharePointDumper
 2026-02-12 13:09:08 +01:00
Oussama Ait Manssour
9f57fc7119 Rename src/pentesting-cloud/aws-security/aws-privilege-escalation/src/pentesting-cloud/aws-security /aws-bedrock-agentcore-privesc.md to src/pentesting-cloud/aws-security/aws-privilege-escalation/aws-bedrock-agentcore-privesc/README.md 2026-02-12 11:04:17 +01:00
Oussama Ait Manssour
70738d211e Revise AWS Bedrock AgentCore Code Interpreter documentation 
Updated the AWS Bedrock AgentCore documentation to clarify the Code Interpreter Role Pivot technique, including details on preconditions, required IAM actions, exploitation flow, and mitigation strategies.
 2026-02-12 00:06:33 +01:00
Ben
2bb1292912 Remove countermeasures from GCP privilege escalation doc 
Removed countermeasures section from GCP privilege escalation documentation.
 2026-02-09 16:16:44 -06:00
Ben
0be98dc154 Remove hacktricks-training banner from documentation 
Removed the inclusion of hacktricks-training banner from the GCP privilege escalation documentation.
 2026-02-09 16:12:22 -06:00
Ben
6b1b2329c2 Clean up GCP Cloud Workstations privilege escalation doc 
Removed introductory content and references related to Cloud Workstations.
 2026-02-09 16:10:20 -06:00
Ben
4a16d25bfe Add GCP Cloud Workstations privesc guide 
Add a new guide documenting privilege escalation paths for GCP Cloud Workstations. Covers Docker-in-Docker container breakout via /var/run/docker.sock, step-by-step escape to the host VM, stealing the VM service account token from IMDS, persistence by backdooring the host home, network pivot techniques, and recommended countermeasures. Includes reference to an automation script and training banners.
 2026-02-09 16:08:37 -06:00
HackTricks News Bot
0d72508bc8 Add content from: Trusting Claude With a Knife: Unauthorized Prompt Injection ... 2026-02-06 18:53:46 +00:00