GITBOOK-568: change request with no subject merged in GitBook

HackTricks-wiki · Feb 10, 2024 · 3a5e146 · 3a5e146
1 parent 99e942b
commit 3a5e146
Show file tree

Hide file tree

Showing 5 changed files with 9 additions and 109 deletions.
diff --git a/pentesting-cloud/aws-pentesting/aws-persistence/README.md b/pentesting-cloud/aws-pentesting/aws-persistence/README.md
@@ -1,3 +1,2 @@
 # AWS - Persistence
 
-PAGE TODO. Get some relevant info from [https://github.com/SummitRoute/aws\_exposable\_resources](https://github.com/SummitRoute/aws\_exposable\_resources)
diff --git a/pentesting-cloud/aws-pentesting/aws-post-exploitation/README.md b/pentesting-cloud/aws-pentesting/aws-post-exploitation/README.md
@@ -1,31 +1,2 @@
 # AWS - Post Exploitation
 
-<details>
-
-<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
-
-Other ways to support HackTricks:
-
-* If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
-* Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-* Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
-* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks_live**](https://twitter.com/hacktricks_live)**.**
-* **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
-
-</details>
-
-
-
-<details>
-
-<summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
-
-Other ways to support HackTricks:
-
-* If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
-* Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
-* Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
-* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks_live**](https://twitter.com/hacktricks_live)**.**
-* **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
-
-</details>
diff --git a/pentesting-cloud/aws-security/aws-privilege-escalation/README.md b/pentesting-cloud/aws-security/aws-privilege-escalation/README.md
@@ -9,7 +9,7 @@ Other ways to support HackTricks:
 * If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
 * Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
 * Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
-* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks_live**](https://twitter.com/hacktricks_live)**.**
+* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
 * **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
 
 </details>
@@ -27,50 +27,13 @@ If an IAM policy has `"Effect": "Allow"` and `"NotAction": "Someaction"` indicat
 So remember that this is another way to **grant privileged permissions** to a principal.
 {% endhint %}
 
-You can find all the **privesc paths divided by services**:
-
-* [**Apigateway Privesc**](aws-apigateway-privesc.md)
-* [**Codebuild Privesc**](aws-codebuild-privesc.md)
-* [**Codepipeline Privesc**](aws-codepipeline-privesc.md)
-* [**Codestar Privesc**](aws-codestar-privesc/)
-* [**Cloudformation Privesc**](aws-cloudformation-privesc/)
-* [**Cognito Privesc**](aws-cognito-privesc.md)
-* [**Datapipeline Privesc**](aws-datapipeline-privesc.md)
-* [**DynamoDB Privesc**](aws-dynamodb-privesc.md)
-* [**EBS Privesc**](aws-ebs-privesc.md)
-* [**EC2 Privesc**](aws-ec2-privesc.md)
-* [**ECR Privesc**](aws-ecr-privesc.md)
-* [**ECS Privesc**](aws-ecs-privesc.md)
-* [**EFS Privesc**](aws-efs-privesc.md)
-* [**EMR Privesc**](aws-emr-privesc.md)
-* [**Glue Privesc**](aws-glue-privesc.md)
-* [**IAM Privesc**](aws-iam-privesc.md)
-* [**KMS Privesc**](aws-kms-privesc.md)
-* [**Lambda Privesc**](../../aws-pentesting/aws-privilege-escalation/aws-lambda-privesc.md)
-* [**Lightsail Privesc**](aws-lightsail-privesc.md)
-* [**MQ Privesc**](aws-mq-privesc.md)
-* [**MSK Privesc**](aws-msk-privesc.md)
-* [**RDS Privesc**](aws-rds-privesc.md)
-* [**Redshift Privesc**](aws-redshift-privesc.md)
-* [**S3 Privesc**](aws-s3-privesc.md)
-* [**Sagemaker Privesc**](aws-sagemaker-privesc.md)
-* [**Secrets Privesc**](aws-secrets-manager-privesc.md)
-* [**SSM Privesc**](aws-ssm-privesc.md)
-* [**STS Privesc**](aws-sts-privesc.md)
-* [**Misc (Other Techniques) Privesc**](broken-reference)
+**The pages of this section are ordered by AWS service. In there you will be able to find permissions that will allow you to escalate privileges.**
 
 ## Tools
 
 * [https://github.com/RhinoSecurityLabs/Security-Research/blob/master/tools/aws-pentest-tools/aws\_escalate.py](https://github.com/RhinoSecurityLabs/Security-Research/blob/master/tools/aws-pentest-tools/aws\_escalate.py)
 * [Pacu](https://github.com/RhinoSecurityLabs/pacu)
 
-## References
-
-* [https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation-part-2/](https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation-part-2/)
-* [https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/](https://rhinosecuritylabs.com/aws/aws-privilege-escalation-methods-mitigation/)
-* [https://bishopfox.com/blog/privilege-escalation-in-aws](https://bishopfox.com/blog/privilege-escalation-in-aws)
-* [https://hackingthe.cloud/aws/exploitation/local-priv-esc-user-data-s3/](https://hackingthe.cloud/aws/exploitation/local-priv-esc-user-data-s3/)
-
 <details>
 
 <summary><strong>Learn AWS hacking from zero to hero with</strong> <a href="https://training.hacktricks.xyz/courses/arte"><strong>htARTE (HackTricks AWS Red Team Expert)</strong></a><strong>!</strong></summary>
@@ -80,7 +43,7 @@ Other ways to support HackTricks:
 * If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
 * Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
 * Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
-* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks_live**](https://twitter.com/hacktricks_live)**.**
+* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
 * **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
 
 </details>
diff --git a/pentesting-cloud/aws-security/aws-services/README.md b/pentesting-cloud/aws-security/aws-services/README.md
@@ -9,7 +9,7 @@ Other ways to support HackTricks:
 * If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
 * Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
 * Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
-* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks_live**](https://twitter.com/hacktricks_live)**.**
+* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
 * **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
 
 </details>
@@ -38,32 +38,7 @@ Services that fall under container services have the following characteristics:
 
 ## Services Enumeration
 
-AWS offers hundreds of different services, here you can find how to **enumerate some of them**, and also **post-exploitation, persistence and detection evasion tricks:**
-
-* [**Security & Detection services**](aws-security-and-detection-services/)
-* [**Databases**](broken-reference)
-* [**API Gateway Enum**](aws-api-gateway-enum.md)
-* [**CloudFormation & Codestar**](aws-cloudformation-and-codestar-enum.md)
-* [**CloudHSM**](aws-cloudhsm-enum.md)
-* [**CloudFront**](aws-cloudfront-enum.md)
-* [**Cognito**](aws-cognito-enum/)
-* [**DataPipeline, CodePipeline & CodeBuild & CodeCommit**](aws-datapipeline-codepipeline-codebuild-and-codecommit.md)
-* [**EC2, EBS, SSM, VPC & VPN**](aws-ec2-ebs-elb-ssm-vpc-and-vpn-enum/)
-* [**ECS, ECR & EKS**](aws-eks-enum.md)
-* [**EMR**](aws-emr-enum.md)
-* [**EFS**](aws-efs-enum.md)
-* [**Kinesis Data Firehouse**](../../aws-pentesting/aws-services/aws-kinesis-data-firehose-enum.md)
-* [**IAM & STS**](aws-iam-enum.md)
-* [**KMS**](aws-kms-enum.md)
-* [**Lambda**](aws-lambda-enum.md)
-* [**Lightsail**](aws-lightsail-enum.md)
-* [**MQ**](aws-mq-enum.md)
-* [**MSK**](aws-msk-enum.md)
-* [**Route53**](aws-route53-enum.md)
-* [**Secrets Manager**](aws-secrets-manager-enum.md)
-* [**SQS & SNS**](aws-sqs-and-sns-enum.md)
-* [**S3, Athena & Glacier Enum**](../../aws-pentesting/aws-services/aws-s3-athena-and-glacier-enum.md)
-* [**Other Services Enum**](broken-reference/)
+**The pages of this section are ordered by AWS service. In there you will be able to find information about the service (how it works and capabilities) and  that will allow you to escalate privileges.**
 
 <details>
 
@@ -74,7 +49,7 @@ Other ways to support HackTricks:
 * If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
 * Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
 * Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
-* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks_live**](https://twitter.com/hacktricks_live)**.**
+* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
 * **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
 
 </details>
diff --git a/pentesting-cloud/azure-security/az-services/README.md b/pentesting-cloud/azure-security/az-services/README.md
@@ -9,7 +9,7 @@ Other ways to support HackTricks:
 * If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
 * Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
 * Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
-* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks_live**](https://twitter.com/hacktricks_live)**.**
+* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
 * **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
 
 </details>
@@ -80,15 +80,7 @@ def main(req: func.HttpRequest) -> func.HttpResponse:
 
 ## List of Services
 
-* [**Azure AD**](../az-azuread/)
-* [**Application Proxy**](az-application-proxy.md)
-* [**Arm Templates / Deployments**](az-arm-templates.md)
-* [**Automation Account**](az-automation-account/)
-* [**App Service & Function Apps**](az-azure-app-service.md)
-* [**Blob Storage**](az-blob-storage.md)
-* [**Intune**](../intune.md)
-* [**Keyvault**](../keyvault.md)
-* [**Virtual Machines**](vms/)
+**The pages of this section are ordered by Azure service. In there you will be able to find information about the service (how it works and capabilities) and also how to enumerate each service.**
 
 <details>
 
@@ -99,7 +91,7 @@ Other ways to support HackTricks:
 * If you want to see your **company advertised in HackTricks** or **download HackTricks in PDF** Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
 * Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
 * Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
-* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks_live**](https://twitter.com/hacktricks_live)**.**
+* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
 * **Share your hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
 
 </details>
Original file line number	Diff line number	Diff line change
		@@ -1,3 +1,2 @@
		# AWS - Persistence

		PAGE TODO. Get some relevant info from [https://github.com/SummitRoute/aws\_exposable\_resources](https://github.com/SummitRoute/aws\_exposable\_resources)