SirBroccoli
|
8d39c38b58
|
Merge pull request #216 from HackTricks-wiki/update_Cooking_an_SQL_Injection_Vulnerability_in_Chef_Aut_20250930_182633
Cooking an SQL Injection Vulnerability in Chef Automate
|
2025-09-30 21:13:40 +02:00 |
|
SirBroccoli
|
7097f55620
|
Update SUMMARY.md
|
2025-09-30 21:13:20 +02:00 |
|
HackTricks News Bot
|
21b31a3be3
|
Add content from: Cooking an SQL Injection Vulnerability in Chef Automate
- Remove searchindex.js (auto-generated file)
|
2025-09-30 18:28:35 +00:00 |
|
JaimePolop
|
5d031d4518
|
Roles Anywhere explanation
|
2025-09-30 17:50:02 +02:00 |
|
SirBroccoli
|
1e51bb702d
|
Merge pull request #210 from HackTricks-wiki/update_Forgotten_20250917_063108
Forgotten
|
2025-09-30 01:24:53 +02:00 |
|
SirBroccoli
|
1111212cbb
|
Update attacking-kubernetes-from-inside-a-pod.md
|
2025-09-30 01:07:36 +02:00 |
|
SirBroccoli
|
bb763109dc
|
Merge pull request #209 from HackTricks-wiki/update_GitHub_Actions__A_Cloudy_Day_for_Security_-_Part_2_20250915_124429
GitHub Actions A Cloudy Day for Security - Part 2
|
2025-09-30 01:05:33 +02:00 |
|
SirBroccoli
|
25af34d5a2
|
Merge pull request #208 from HackTricks-wiki/update_Building_Hacker_Communities__Bug_Bounty_Village__g_20250915_123837
Building Hacker Communities Bug Bounty Village, getDisclosed...
|
2025-09-30 00:57:56 +02:00 |
|
carlospolop
|
c8957b9107
|
f
|
2025-09-30 00:39:12 +02:00 |
|
SirBroccoli
|
de064b1b68
|
Merge pull request #214 from JaimePolop/master
GetFederatedToken & IAM Roles Anywhere Privesc
|
2025-09-30 00:23:32 +02:00 |
|
SirBroccoli
|
78767e199c
|
Merge pull request #207 from HackTricks-wiki/update_GitHub_Actions__A_Cloudy_Day_for_Security_-_Part_1_20250909_013245
GitHub Actions A Cloudy Day for Security - Part 1
|
2025-09-29 23:05:37 +02:00 |
|
SirBroccoli
|
65816a9798
|
Merge pull request #206 from HackTricks-wiki/update_Model_Namespace_Reuse__An_AI_Supply-Chain_Attack_E_20250904_125657
Model Namespace Reuse An AI Supply-Chain Attack Exploiting M...
|
2025-09-29 23:04:02 +02:00 |
|
SirBroccoli
|
fc5e23269c
|
Update pentesting-cloud-methodology.md
|
2025-09-29 23:03:41 +02:00 |
|
SirBroccoli
|
89a2ab54ae
|
Update pentesting-cloud-methodology.md
|
2025-09-29 23:03:04 +02:00 |
|
JaimePolop
|
f3afa739ad
|
Roles Anywhere explanation
|
2025-09-29 22:53:29 +02:00 |
|
JaimePolop
|
590e54ea9e
|
stsgetfederatedtoken
|
2025-09-29 17:15:59 +02:00 |
|
JaimePolop
|
e153dc47b0
|
stsgetfederatedtoken
|
2025-09-29 17:14:00 +02:00 |
|
HackTricks News Bot
|
37b03b3517
|
Add content from: Forgotten
- Remove searchindex.js (auto-generated file)
|
2025-09-17 06:34:24 +00:00 |
|
HackTricks News Bot
|
a6491998d2
|
Add content from: GitHub Actions: A Cloudy Day for Security - Part 2
- Remove searchindex.js (auto-generated file)
|
2025-09-15 12:47:04 +00:00 |
|
HackTricks News Bot
|
dba44c006e
|
Add content from: Building Hacker Communities: Bug Bounty Village, getDisclose...
- Remove searchindex.js (auto-generated file)
|
2025-09-15 12:43:09 +00:00 |
|
HackTricks News Bot
|
b9b20e4567
|
Add content from: GitHub Actions: A Cloudy Day for Security - Part 1
- Remove searchindex.js (auto-generated file)
|
2025-09-09 01:35:49 +00:00 |
|
carlospolop
|
7f435558c4
|
Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud
|
2025-09-05 01:35:13 +02:00 |
|
carlospolop
|
a7ce58fa25
|
tf
|
2025-09-05 01:34:02 +02:00 |
|
HackTricks News Bot
|
5b5e339f96
|
Add content from: Model Namespace Reuse: An AI Supply-Chain Attack Exploiting ...
- Remove searchindex.js (auto-generated file)
|
2025-09-04 13:00:46 +00:00 |
|
SirBroccoli
|
5bd2aafc8e
|
Merge pull request #204 from HackTricks-wiki/update_Gitblit_CVE-2024-28080__SSH_public_key_fallback_to_20250829_182811
Gitblit CVE-2024-28080 SSH public‑key fallback to password a...
|
2025-08-31 10:17:05 +02:00 |
|
SirBroccoli
|
00730ca794
|
Add Gitblit Security section to SUMMARY.md
|
2025-08-31 10:16:44 +02:00 |
|
SirBroccoli
|
923f510164
|
Refactor pentesting CI/CD methodology document
Removed redundant sections on CI/CD pipelines and VCS pentesting methodology. Updated references and streamlined content for clarity.
|
2025-08-31 10:15:04 +02:00 |
|
SirBroccoli
|
fec9bfb986
|
Update pentesting-ci-cd-methodology.md
|
2025-08-31 10:12:16 +02:00 |
|
SirBroccoli
|
6a11053885
|
Remove CVE-2024-28080 details from documentation
Removed detailed explanation of CVE-2024-28080, including summary, root cause, exploitation steps, impact, detection ideas, and mitigations.
|
2025-08-31 10:11:39 +02:00 |
|
SirBroccoli
|
fd19dc2304
|
Update aws-ecs-privesc.md
|
2025-08-31 10:06:24 +02:00 |
|
Fake1Sback
|
599d45c50a
|
Added a separate section about the ecs run-task privesc method, since it was only briefly mentioned in the iam:PassRole, (ecs:UpdateService|ecs:CreateService) section
|
2025-08-30 18:52:59 +03:00 |
|
HackTricks News Bot
|
5b2a228050
|
Add content from: Gitblit CVE-2024-28080: SSH public‑key fallback to password ...
- Remove searchindex.js (auto-generated file)
|
2025-08-29 18:31:33 +00:00 |
|
carlospolop
|
c09016a56f
|
Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud
|
2025-08-29 11:47:04 +02:00 |
|
carlospolop
|
77b76bfb00
|
a
|
2025-08-29 11:45:00 +02:00 |
|
carlospolop
|
3883d1a74e
|
clean
|
2025-08-29 11:42:28 +02:00 |
|
carlospolop
|
d761716a28
|
f
|
2025-08-28 19:51:53 +02:00 |
|
carlospolop
|
d05d94d995
|
f
|
2025-08-25 23:20:13 +02:00 |
|
carlospolop
|
15ff9a7d1c
|
f
|
2025-08-24 13:22:10 +02:00 |
|
SirBroccoli
|
33ca677b86
|
Update README.md
|
2025-08-21 02:19:10 +02:00 |
|
SirBroccoli
|
07a16af4ec
|
Update README.md
|
2025-08-21 02:12:04 +02:00 |
|
SirBroccoli
|
d7c57cba6e
|
Update accessible-deleted-data-in-github.md
|
2025-08-21 02:05:51 +02:00 |
|
SirBroccoli
|
236a8a2cec
|
Update README.md
|
2025-08-21 01:59:20 +02:00 |
|
SirBroccoli
|
f3fd4b9294
|
Update README.md
|
2025-08-21 01:56:10 +02:00 |
|
HackTricks News Bot
|
f171d1a97d
|
Add content from: How we exploited CodeRabbit: from a simple PR to RCE and wri...
|
2025-08-19 18:40:49 +00:00 |
|
SirBroccoli
|
855ef5fd9e
|
Merge pull request #197 from HackTricks-wiki/update_Terraform_Cloud_token_abuse_turns_speculative_plan_20250815_124146
Terraform Cloud token abuse turns speculative plan into remo...
|
2025-08-19 17:22:17 +02:00 |
|
SirBroccoli
|
3ff0c8a86f
|
Update terraform-security.md
|
2025-08-19 17:22:04 +02:00 |
|
carlospolop
|
414eeda035
|
Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud
|
2025-08-18 16:51:47 +02:00 |
|
carlospolop
|
dac7b0f906
|
fix?
|
2025-08-18 16:51:43 +02:00 |
|
SirBroccoli
|
3b456ebc2e
|
Merge pull request #195 from HackTricks-wiki/update_How_to_transfer_files_in_AWS_using_SSM_20250806_013457
How to transfer files in AWS using SSM
|
2025-08-18 16:48:47 +02:00 |
|
SirBroccoli
|
f0df70528a
|
Update README.md
|
2025-08-18 16:48:30 +02:00 |
|