gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2026-06-12 19:11:44 -07:00
Code Issues Packages Projects Releases Wiki Activity
1,007 Commits 21 Branches 17 Tags
97af0f500585b1533f98ec79092b63d37696e8bc
Commit Graph

624 Commits

Author SHA1 Message Date
Christian Barral 97af0f5005 Added access entry abuse info 
Added sections on abusing configmap (existing) and access entries (new) for AWS EKS, including commands for creating access entries and associating access policies.
 2026-05-28 09:06:51 +02:00
SirBroccoli 2aea30dad8 Merge pull request #295 from HackTricks-wiki/teamcity-security-section 
Add TeamCity CI/CD pentesting section
 2026-05-26 21:32:53 +02:00
Carlos Polop e9b5f23f8a Add TeamCity CI/CD pentesting section 2026-05-26 21:31:37 +02:00
SirBroccoli 23530050c5 Merge pull request #293 from HackTricks-wiki/update_Navigating_Lax_Load_Balancers__When_an_Intersectio_20260525_145126 
Navigating Lax Load Balancers When an Intersection Gets You ...
 2026-05-26 21:11:31 +02:00
SirBroccoli af48369ba7 Merge pull request #292 from HackTricks-wiki/update_Paved_With_Intent__ROADtools_and_Nation-State_Tact_20260522_143732 
Paved With Intent ROADtools and Nation-State Tactics in the ...
 2026-05-26 21:09:38 +02:00
SirBroccoli ae1056fe51 Merge pull request #290 from HackTricks-wiki/update_Mini_Shai-Hulud__FAQ_on_the_TeamPCP_npm_and_PyPI_s_20260521_195353 
Mini Shai-Hulud FAQ on the TeamPCP npm and PyPI supply-chain...
 2026-05-26 21:04:47 +02:00
SirBroccoli b4424204e9 Update README.md 2026-05-26 21:04:31 +02:00
Jacob-Ham 3963a1ef8a Fixed virtual mfa device creation command, add example TOTP tool, add command for getting mfa backed session 2026-05-26 12:54:52 -05:00
Carlos Polop 06a089227c f 2026-05-26 17:55:54 +02:00
HackTricks News Bot aa93024621 Add content from: Navigating Lax Load Balancers: When an Intersection Gets You... 2026-05-25 14:55:45 +00:00
HackTricks News Bot 28650f17b4 Add content from: Paved With Intent: ROADtools and Nation-State Tactics in the... 2026-05-22 14:43:02 +00:00
HackTricks News Bot 5704b992d8 Add content from: Red-Teaming Cloud Infrastructure with Neo 2026-05-22 09:06:12 +00:00
HackTricks News Bot 1484d713ec Add content from: Mini Shai-Hulud: FAQ on the TeamPCP npm and PyPI supply-chai... 2026-05-21 19:57:44 +00:00
Jimmy 51f602b871 a 2026-05-18 17:10:42 +02:00
SirBroccoli d13c270d7f Merge pull request #286 from JaimePolop/master 
Add WireServer & GoalState
 2026-05-05 18:18:44 +02:00
Carlos Polop 2fe01e873a Mention WireServer MI selector fallback 2026-05-05 17:50:24 +02:00
Carlos Polop 2a4cc7c428 Document Azure MI token discovery limits 2026-05-05 17:45:43 +02:00
Carlos Polop 406b2549aa Replace brittle managed identity enumeration examples 2026-05-05 16:27:01 +02:00
Carlos Polop 393c6997b1 Clarify Azure WireServer access contexts 2026-05-05 16:16:00 +02:00
SirBroccoli 2f2df45366 Update README.md 2026-05-05 15:31:53 +02:00
SirBroccoli 28a5f23cd9 Merge pull request #279 from HackTricks-wiki/update_IAM_the_Captain_Now___Hijacking_Azure_Identity_Acc_20260409_132358 
IAM the Captain Now – Hijacking Azure Identity Access
 2026-05-05 15:17:16 +02:00
Jimmy 6f461640c2 Add WireServer & GoalState 2026-05-05 14:33:29 +02:00
Jimmy b0cd651c8d Add WireServer & GoalState 2026-05-05 14:25:14 +02:00
SirBroccoli a80e28427b Merge pull request #285 from ZoneMix/master 
Update User Password Addition
 2026-05-03 10:45:20 +02:00
SirBroccoli 7f789f1bc1 Merge pull request #284 from 0x1347/arte-veue 
arte-veue
 2026-05-03 10:44:53 +02:00
ZoneMix cee4c97967 Update user password update privilege escalation technique 2026-05-02 17:05:49 -05:00
Carlos Polop 6447449ade Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud 2026-04-30 21:29:49 +02:00
Carlos Polop bc899d4b0b f 2026-04-30 21:29:35 +02:00
SirBroccoli c27dd45393 Merge pull request #283 from HackTricks-wiki/update_The_npm_Threat_Landscape__Attack_Surface_and_Mitig_20260425_021054 
The npm Threat Landscape Attack Surface and Mitigations
 2026-04-28 01:25:02 +02:00
SirBroccoli 627ae260b8 Merge pull request #277 from HackTricks-wiki/update_Cracks_in_the_Bedrock__Escaping_the_AWS_AgentCore__20260408_020957 
Cracks in the Bedrock Escaping the AWS AgentCore Sandbox
 2026-04-28 01:23:06 +02:00
0x1337 2e66838b27 arte-veue 2026-04-28 00:10:52 +02:00
HackTricks News Bot 7ca12b41ef Add content from: The npm Threat Landscape: Attack Surface and Mitigations 2026-04-25 02:14:06 +00:00
SirBroccoli 979375b432 Merge pull request #280 from Local-Guy-123/local-guy-ssm-update-doc-privesc-persist 
arte-Hex-Editor
 2026-04-21 10:19:44 +02:00
Jonas Friedli cda5427488 add some corrections 2026-04-21 08:56:09 +02:00
Jonas Friedli 6cdf2b2e14 Add Bedrock agent Lambda tool hijacking privilege escalation technique 2026-04-21 08:42:31 +02:00
Local-Guy-123 2008a8e33e Adding 2 additional SSM PrivEsc and Persistence Paths 2026-04-20 21:03:08 -04:00
HackTricks News Bot 8d313ae50b Add content from: IAM the Captain Now – Hijacking Azure Identity Access 2026-04-09 13:37:19 +00:00
HackTricks News Bot f0d0e56d5a Add content from: Cracks in the Bedrock: Escaping the AWS AgentCore Sandbox 2026-04-08 02:16:50 +00:00
SirBroccoli 36d8f39a65 Merge pull request #274 from HackTricks-wiki/update_When_an_Attacker_Meets_a_Group_of_Agents__Navigati_20260404_020203 
When an Attacker Meets a Group of Agents Navigating Amazon B...
 2026-04-07 17:20:05 +02:00
SirBroccoli 10e13b14bd Merge pull request #276 from HackTricks-wiki/pr-271 
Expand GitHub Actions cache poisoning docs with Angular 2026 + Cacheract demo
 2026-04-07 14:59:12 +02:00
Carlos Polop d5a2d0c59a f 2026-04-07 14:57:48 +02:00
SirBroccoli cccacb7ee1 Merge pull request #271 from HackTricks-wiki/update_Double_Agents__Exposing_Security_Blind_Spots_in_GC_20260331_131528 
Double Agents Exposing Security Blind Spots in GCP Vertex AI
 2026-04-07 14:27:51 +02:00
Carlos Polop 6b2c22a0f3 Normalize Vertex AI docs to enum/privesc/post-exploitation structure 2026-04-07 14:24:55 +02:00
SirBroccoli 941e8d69e6 Merge pull request #272 from HackTricks-wiki/update_Weaponizing_the_Protectors__TeamPCP_s_Multi-Stage__20260401_021730 
Weaponizing the Protectors TeamPCP’s Multi-Stage Supply Chai...
 2026-04-07 14:24:20 +02:00
HackTricks News Bot 9be9471b07 Add content from: When an Attacker Meets a Group of Agents: Navigating Amazon ... 2026-04-04 02:05:33 +00:00
Thomas Preece a0ce4e47be Add new CodeBuild Credential leakage technique 2026-04-01 08:01:37 +01:00
HackTricks News Bot 9fe9a78f57 Add content from: Weaponizing the Protectors: TeamPCP’s Multi-Stage Supply Cha... 2026-04-01 02:22:22 +00:00
SirBroccoli 06110601f6 Merge pull request #269 from HackTricks-wiki/update_Full_Disclosure__A_Third__and_Fourth__Azure_Sign-I_20260319_185745 
Full Disclosure A Third (and Fourth) Azure Sign-In Log Bypas...
 2026-03-31 18:46:42 +02:00
HackTricks News Bot f69b96a436 Add content from: Double Agents: Exposing Security Blind Spots in GCP Vertex A... 2026-03-31 13:21:35 +00:00
thug-gamer 5abaa4136c arte-leobalt - fix saml_forge.py script; fix typo 2026-03-31 11:36:49 +02:00