93c2d43192
Add AD to Entra pivot techniques from recent talk
2026-03-02 23:03:22 +00:00
9ebb2d956e
f
2026-03-01 21:18:03 +01:00
d847f32cc5
f
2026-03-01 20:50:31 +01:00
0e45e2e2c7
Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud
2026-02-27 15:07:10 +01:00
d95f15f03e
f
2026-02-27 15:07:09 +01:00
aa12679ea7
Add content from: ChatGPT in your inbox? Investigating Entra apps that request...
2026-02-24 14:49:51 +00:00
84c9455995
Merge pull request #263 from Marmeus/master
...
Fixed typos
2026-02-24 00:52:53 +01:00
17397a0144
Fixed typos
2026-02-23 13:52:13 -05:00
202d0fe86c
f robots
2026-02-23 11:53:26 +01:00
69927889f1
Merge pull request #262 from HackTricks-wiki/fix/robots-txt-upload
...
Upload robots.txt to S3 root
2026-02-23 11:45:57 +01:00
5482d3d651
Upload robots.txt to S3 root
2026-02-23 10:38:26 +00:00
25552f6898
Merge pull request #260 from Marmeus/patch-1
...
Add command for EC2 console screenshot retrieval
2026-02-23 11:13:53 +01:00
26d996b789
Merge pull request #261 from JaimePolop/master
...
Changes Update SAML
2026-02-23 11:13:23 +01:00
a05e50758b
Update gcp-storage-privesc.md
2026-02-23 11:11:37 +01:00
0cfe8fc87d
Update README.md
2026-02-20 16:28:54 +01:00
633b608c29
Update README.md
2026-02-20 14:12:21 +01:00
005ab23773
Update README for IAM privilege escalation example
2026-02-20 14:10:28 +01:00
c35f2ca89b
Add command for EC2 console screenshot retrieval
...
Added command to retrieve a JPG-format screenshot of a running instance.
2026-02-19 01:07:16 +00:00
1685887efa
Merge pull request #259 from Tamirye/dataflowrider
...
grte-ye-ti
2026-02-16 12:06:38 +01:00
cd9939def6
f
2026-02-16 12:04:08 +01:00
fd262d744f
f
2026-02-16 11:02:25 +01:00
0c445121d5
f
2026-02-15 22:17:38 +01:00
936fbc4285
added new GCP Dataflow exploitation, privilege escalation, and enumeration sections
2026-02-15 21:34:08 +02:00
3724e2729a
f
2026-02-14 20:47:09 +01:00
616d1255a8
f
2026-02-14 17:54:58 +01:00
1829b6f80d
f
2026-02-14 17:54:48 +01:00
967a945aa3
f
2026-02-14 15:50:33 +01:00
6e1f62369e
f
2026-02-14 13:19:13 +01:00
7f51bac5af
Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud
2026-02-13 11:15:37 +01:00
07ac612f63
f
2026-02-13 11:15:25 +01:00
d5284abf61
Merge pull request #257 from AI-redteam/gcp-workstations-privesc
...
Gcp workstations privesc & container escape [grte-bstevens]
2026-02-12 20:36:18 +01:00
08ca5b601d
Merge pull request #258 from AMOussama/bedrock-agentcore-code-interpreter
...
arte-Oussama - Bedrock agentcore code interpreter
2026-02-12 20:36:02 +01:00
4557349141
docs(aws): add AgentCore Code Interpreter role pivot privesc
2026-02-12 18:35:30 +01:00
745851f56d
f ht url
2026-02-12 14:18:33 +01:00
d319c5283b
Merge pull request #254 from HackTricks-wiki/update_GatewayToHeaven__Finding_a_Cross-Tenant_Vulnerabil_20260203_185749
...
GatewayToHeaven Finding a Cross-Tenant Vulnerability in GCP'...
2026-02-12 14:10:09 +01:00
9b923592af
Move Apigee post-exploitation technique into its own page
2026-02-12 14:06:56 +01:00
6d8fa0c2fc
Merge pull request #256 from HackTricks-wiki/update_Trusting_Claude_With_a_Knife__Unauthorized_Prompt__20260206_184722
...
Trusting Claude With a Knife Unauthorized Prompt Injection t...
2026-02-12 14:04:54 +01:00
c8bd0b86fd
Merge pull request #255 from MAAYTHM/patch-1
...
Fix typo in S3 encryption method
2026-02-12 14:01:52 +01:00
3c05bcfbf2
Merge pull request #253 from HackTricks-wiki/update_Threat_Actors_Using_AWS_WorkMail_in_Phishing_Campa_20260127_183842
...
Threat Actors Using AWS WorkMail in Phishing Campaigns
2026-02-12 13:30:45 +01:00
9f30d3f8e8
Merge pull request #252 from HackTricks-wiki/update_nodes_proxy_GET___Kubelet__exec_RCE_via_WebSocket__20260127_014641
...
nodes/proxy GET → Kubelet /exec RCE via WebSocket handshake ...
2026-02-12 13:20:29 +01:00
d4b7c719ea
Merge pull request #251 from HackTricks-wiki/update_SharePointDumper_20260127_014432
...
SharePointDumper
2026-02-12 13:09:08 +01:00
9f57fc7119
Rename src/pentesting-cloud/aws-security/aws-privilege-escalation/src/pentesting-cloud/aws-security /aws-bedrock-agentcore-privesc.md to src/pentesting-cloud/aws-security/aws-privilege-escalation/aws-bedrock-agentcore-privesc/README.md
2026-02-12 11:04:17 +01:00
70738d211e
Revise AWS Bedrock AgentCore Code Interpreter documentation
...
Updated the AWS Bedrock AgentCore documentation to clarify the Code Interpreter Role Pivot technique, including details on preconditions, required IAM actions, exploitation flow, and mitigation strategies.
2026-02-12 00:06:33 +01:00
d3f02fa469
f
2026-02-11 12:56:08 +01:00
2bb1292912
Remove countermeasures from GCP privilege escalation doc
...
Removed countermeasures section from GCP privilege escalation documentation.
2026-02-09 16:16:44 -06:00
0be98dc154
Remove hacktricks-training banner from documentation
...
Removed the inclusion of hacktricks-training banner from the GCP privilege escalation documentation.
2026-02-09 16:12:22 -06:00
6b1b2329c2
Clean up GCP Cloud Workstations privilege escalation doc
...
Removed introductory content and references related to Cloud Workstations.
2026-02-09 16:10:20 -06:00
4a16d25bfe
Add GCP Cloud Workstations privesc guide
...
Add a new guide documenting privilege escalation paths for GCP Cloud Workstations. Covers Docker-in-Docker container breakout via /var/run/docker.sock, step-by-step escape to the host VM, stealing the VM service account token from IMDS, persistence by backdooring the host home, network pivot techniques, and recommended countermeasures. Includes reference to an automation script and training banners.
2026-02-09 16:08:37 -06:00
0d72508bc8
Add content from: Trusting Claude With a Knife: Unauthorized Prompt Injection ...
2026-02-06 18:53:46 +00:00
6918c5539d
f
2026-02-05 13:33:06 +01:00
chack