gitea-mirror/hacktricks-cloud
1
0
Fork 0
mirror of https://github.com/HackTricks-wiki/hacktricks-cloud.git synced 2025-12-12 07:40:49 -08:00
Code Issues Packages Projects Releases Wiki Activity
580 Commits 18 Branches 17 Tags
d373f62166cd130c6c8d7db09641ffc99869c017
Commit Graph

580 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
carlospolop
d373f62166 Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud 2025-08-21 01:59:00 +02:00
carlospolop
c2c232fd46 f 2025-08-21 01:58:58 +02:00
SirBroccoli
f3fd4b9294 Update README.md 2025-08-21 01:56:10 +02:00
SirBroccoli
dd2c5af442 Merge pull request #198 from HackTricks-wiki/update_How_we_exploited_CodeRabbit__from_a_simple_PR_to_R_20250819_183743 
How we exploited CodeRabbit from a simple PR to RCE and writ...
 2025-08-21 01:52:41 +02:00
carlospolop
ee4da87049 improve workflows 2025-08-21 01:51:45 +02:00
carlospolop
3b1f434a66 f 2025-08-21 01:07:22 +02:00
carlospolop
8db7266efb f 2025-08-21 00:40:51 +02:00
carlospolop
59437b9b32 Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud 2025-08-21 00:23:53 +02:00
carlospolop
ea3041d9a2 fix refs 2025-08-21 00:23:50 +02:00
HackTricks News Bot
f171d1a97d Add content from: How we exploited CodeRabbit: from a simple PR to RCE and wri... 2025-08-19 18:40:49 +00:00
SirBroccoli
855ef5fd9e Merge pull request #197 from HackTricks-wiki/update_Terraform_Cloud_token_abuse_turns_speculative_plan_20250815_124146 
Terraform Cloud token abuse turns speculative plan into remo...
 2025-08-19 17:22:17 +02:00
SirBroccoli
3ff0c8a86f Update terraform-security.md 2025-08-19 17:22:04 +02:00
carlospolop
414eeda035 Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud 2025-08-18 16:51:47 +02:00
carlospolop
dac7b0f906 fix? 2025-08-18 16:51:43 +02:00
SirBroccoli
3b456ebc2e Merge pull request #195 from HackTricks-wiki/update_How_to_transfer_files_in_AWS_using_SSM_20250806_013457 
How to transfer files in AWS using SSM
 2025-08-18 16:48:47 +02:00
SirBroccoli
f0df70528a Update README.md 2025-08-18 16:48:30 +02:00
SirBroccoli
f705477774 Merge pull request #193 from hasshido/master 
grte-mightocho
 2025-08-18 16:37:29 +02:00
carlospolop
aff8ab0252 Merge branch 'master' of github.com:HackTricks-wiki/hacktricks-cloud 2025-08-18 16:36:42 +02:00
carlospolop
06b577d42f f 2025-08-18 16:36:38 +02:00
SirBroccoli
14e986b2a7 Merge pull request #196 from lambdasawa/master 
grte-lambdasawa
 2025-08-18 16:06:12 +02:00
SirBroccoli
581f09f904 Merge pull request #194 from afaq1337/patch-1 
arte-afaq
 2025-08-18 16:05:08 +02:00
HackTricks News Bot
c76cc24a59 Add content from: Terraform Cloud token abuse turns speculative plan into remo... 2025-08-15 12:46:29 +00:00
Tsubasa Irisawa
15bde67918 Add GCP Cloud Tasks privesc page 2025-08-14 23:47:19 +09:00
HackTricks News Bot
3f16d3c5f3 Add content from: How to transfer files in AWS using SSM 2025-08-06 01:38:30 +00:00
afaq
82a44ea4c0 Updated Cognito Identity CLI Command Format 
Replaced outdated key=value syntax with JSON-based in "--logins" format, keeping the old format for preserved legacy.
 2025-08-04 23:56:55 +05:00
hasshido
839f139795 Merge branch 'HackTricks-wiki:master' into master 2025-08-04 12:41:01 +02:00
carlospolop
b82a88252c f 2025-08-04 11:37:34 +02:00
carlospolop
c3cfb95b87 f 2025-08-04 11:29:20 +02:00
carlospolop
e0b92e3b7a f 2025-08-01 12:04:42 +02:00
SirBroccoli
f521c0d95a Merge pull request #192 from HackTricks-wiki/update_AnsibleHound___BloodHound_Collector_for_Ansible_Wo_20250801_015104 
AnsibleHound – BloodHound Collector for Ansible WorX and Tow...
 2025-08-01 11:55:14 +02:00
SirBroccoli
96b0de9ec9 Update kubernetes-basics.md 2025-08-01 11:53:55 +02:00
SirBroccoli
6b96bae348 Update README.md 2025-08-01 11:53:20 +02:00
SirBroccoli
5fd9ed5048 Update gcp-add-custom-ssh-metadata.md 2025-08-01 11:52:52 +02:00
SirBroccoli
3157069bde Update az-static-web-apps.md 2025-08-01 11:51:49 +02:00
SirBroccoli
ccd50a451d Update eventbridgescheduler-enum.md 2025-08-01 11:50:45 +02:00
SirBroccoli
0a1f3dea22 Update aws-ecr-enum.md 2025-08-01 11:50:28 +02:00
SirBroccoli
e1bc13c19c Update aws-waf-enum.md 2025-08-01 11:49:21 +02:00
SirBroccoli
58c7ae8399 Update aws-trusted-advisor-enum.md 2025-08-01 11:49:00 +02:00
SirBroccoli
0ba0d247a8 Update aws-inspector-enum.md 2025-08-01 11:48:43 +02:00
SirBroccoli
6f8738f34f Update aws-sagemaker-persistence.md 2025-08-01 11:47:18 +02:00
SirBroccoli
5a6cd9a85c Merge pull request #191 from lambdasawa/master 
arte-lambdasawa
 2025-08-01 11:43:36 +02:00
HackTricks News Bot
ed2ae1e58f Add content from: AnsibleHound – BloodHound Collector for Ansible WorX and Tow... 2025-08-01 01:52:00 +00:00
Tsubasa Irisawa
dbe2969386 Add AWS AppRunner privesc page 2025-08-01 10:09:11 +09:00
carlospolop
97759b6cec rm discount 2025-07-31 11:58:39 +02:00
hasshido
95f380db6b Update gcp-cloudbuild-privesc.md removing cloudbuild.builds.update 
### `cloudbuild.builds.update`

Currently this permission is listed to **only** be able to be used to use the api method `builds.cancel()` which cannot be abused to change the parameters of an ongoing build

References:
- https://cloud.google.com/build/docs/iam-roles-permissions#permissions
- https://cloud.google.com/build/docs/api/reference/rest/v1/projects.builds/cancel
 2025-07-30 21:13:32 +02:00
hasshido
65da889db0 Update cloudbuild.builds.create exploitation method 
Includes direct gcloud command descriptioon to exploit this permission.
 2025-07-30 21:00:52 +02:00
carlospolop
45a7b74a0f f 2025-07-30 12:39:44 +02:00
carlospolop
4d2fa75b55 f 2025-07-30 06:52:07 +02:00
carlospolop
84bc28f8bb f 2025-07-30 06:48:21 +02:00
carlospolop
ebd15ccb63 f 2025-07-30 06:27:12 +02:00