HackTricks

Logo za Hacktricks na muundo wa mwendo na @ppieranacho.

Endesha HackTricks Kwenye Kompyuta Ya Ndani

# Download latest version of hacktricks
git clone https://github.com/HackTricks-wiki/hacktricks

# Select the language you want to use
export LANG="master" # Leave master for english
# "af" for Afrikaans
# "de" for German
# "el" for Greek
# "es" for Spanish
# "fr" for French
# "hi" for HindiP
# "it" for Italian
# "ja" for Japanese
# "ko" for Korean
# "pl" for Polish
# "pt" for Portuguese
# "sr" for Serbian
# "sw" for Swahili
# "tr" for Turkish
# "uk" for Ukrainian
# "zh" for Chinese

# Run the docker container indicating the path to the hacktricks folder
docker run -d --rm --platform linux/amd64 -p 3337:3000 --name hacktricks -v $(pwd)/hacktricks:/app ghcr.io/hacktricks-wiki/hacktricks-cloud/translator-image bash -c "mkdir -p ~/.ssh && ssh-keyscan -H github.com >> ~/.ssh/known_hosts && cd /app && git config --global --add safe.directory /app && git checkout $LANG && git pull && MDBOOK_PREPROCESSOR__HACKTRICKS__ENV=dev mdbook serve --hostname 0.0.0.0"

Your local copy of HackTricks itakuwa inapatikana katika http://localhost:3337 baada ya <5 dakika (inahitaji ku-build kitabu, kuwa na subira).

Corporate Sponsors

STM Cyber

STM Cyber ni kampuni bora ya cybersecurity ambayo kaulimbiu yake ni HACK THE UNHACKABLE. Wanafanya utafiti wao wenyewe na kuendeleza own hacking tools zao ili kutoa huduma kadhaa muhimu za cybersecurity kama pentesting, Red teams na training.

Unaweza kuangalia blog yao katika https://blog.stmcyber.com

STM Cyber pia huunga mkono miradi ya open source ya cybersecurity kama HackTricks :)

Intigriti

Intigriti ni Europe’s #1 ethical hacking na bug bounty platform.

Bug bounty tip: jiandikishe kwa Intigriti, premium bug bounty platform iliyoundwa na hackers, kwa hackers! Jiunge nasi katika https://go.intigriti.com/hacktricks leo, na anza kupata bounties hadi $100,000!

Register - Intigriti

HACKENPROOF

Jiunge na server ya HackenProof Discord ili kuwasiliana na hackers wenye uzoefu na bug bounty hunters!

• Hacking Insights: Shirikiana na maudhui yanayoingia ndani ya msisimko na changamoto za hacking
• Real-Time Hack News: Endelea kupata taarifa za kisasa kuhusu ulimwengu wa hacking kupitia habari na insights za wakati halisi
• Latest Announcements: Endelea kufahamu bug bounties mpya zinazozinduliwa na masasisho muhimu ya platform

Jiunge nasi kwenye Discord na anza kushirikiana na hackers wakuu leo!

Modern Security – AI & Application Security Training Platform

Modern Security inatoa mafunzo ya vitendo ya AI Security kwa mbinu ya engineering-first, hands-on lab approach. Kozi zetu zimejengwa kwa ajili ya security engineers, AppSec professionals, na developers wanaotaka kujenga, kuvunja, na kulinda real AI/LLM-powered applications.

AI Security Certification inalenga ujuzi wa ulimwengu halisi, ikijumuisha:

• Kulinda LLM na AI-powered applications
• Threat modeling kwa AI systems
• Embeddings, vector databases, na RAG security
• LLM attacks, abuse scenarios, na practical defenses
• Secure design patterns na deployment considerations

Kozi zote ni on-demand, lab-driven, na zimeundwa kuzunguka real-world security tradeoffs, si nadharia tu.

👉 Maelezo zaidi kuhusu kozi ya AI Security: https://www.modernsecurity.io/courses/ai-security-certification

https://modernsecurity.io/

SerpApi

SerpApi inatoa APIs za haraka na rahisi za real-time ili kupata search engine results. Wanacrawl search engines, kushughulikia proxies, kutatua captchas, na kuchambua rich structured data yote kwa ajili yako.

Usajili wa mojawapo ya plans za SerpApi unajumuisha access kwa zaidi ya APIs 50 tofauti za kuchambua tofauti search engines, zikiwemo Google, Bing, Baidu, Yahoo, Yandex, na nyinginezo.
Tofauti na providers wengine, SerpApi haichambui tu organic results. Majibu ya SerpApi kwa uthabiti hujumuisha ads zote, inline images na videos, knowledge graphs, na vipengele vingine vilivyopo katika search results.

Wateja wa sasa wa SerpApi ni pamoja na Apple, Shopify, na GrubHub.
Kwa maelezo zaidi angalia blog** yao,** au jaribu mfano katika playground** yao.
Unaweza kuunda akaunti ya bure hapa.**

8kSec Academy – In-Depth Mobile Security Courses

Jifunze teknolojia na ujuzi unaohitajika ili kufanya vulnerability research, penetration testing, na reverse engineering kulinda mobile applications na devices. Bobea katika iOS na Android security kupitia kozi zetu za on-demand na pata certification:

On-demand Mobile & AI Security Trainings | 8kSec Academy

WebSec

WebSec ni kampuni ya kitaalamu ya cybersecurity iliyoko Amsterdam ambayo husaidia kulinda biashara duniani kote dhidi ya vitisho vipya vya cybersecurity kwa kutoa offensive-security services kwa mbinu ya kisasa.

WebSec ni kampuni ya usalama ya kimataifa yenye ofisi Amsterdam na Wyoming. Wanatoa all-in-one security services ambayo ina maana wanafanya yote; Pentesting, Security Audits, Awareness Trainings, Phishing Campagnes, Code Review, Exploit Development, Security Experts Outsourcing na mengi zaidi.

Jambo lingine zuri kuhusu WebSec ni kwamba tofauti na wastani wa industry WebSec ina imani kubwa sana katika skills zao, hadi kiasi kwamba wanahakikisha matokeo bora zaidi, kwenye website yao inasema “If we can’t hack it, You don’t pay it!”. Kwa taarifa zaidi angalia website yao na blog!

Mbali na hayo, WebSec pia ni mfuasi aliyejitolea wa HackTricks.

- YouTube

CyberHelmets

Built for the field. Built around you.
Cyber Helmets inatengeneza na kutoa mafunzo madhubuti ya cybersecurity yaliyojengwa na kuendeshwa na industry experts. Programu zao huenda zaidi ya nadharia ili kuandaa teams kwa ufahamu wa kina na skills zinazoweza kutekelezwa, kwa kutumia custom environments zinazoakisi real-world threats. Kwa maswali ya custom training, wasiliana nasi hapa.

Kinachotofautisha mafunzo yao:

• Custom-built content na labs
• Yakiungwa mkono na top-tier tools na platforms
• Yameundwa na kufundishwa na practitioners

Cybersecurity Courses & Certifications | Cyber Helmets

Last Tower Solutions

Last Tower Solutions inatoa specialized cybersecurity services kwa taasisi za Education na FinTech , kwa kuzingatia penetration testing, cloud security assessments, na compliance readiness (SOC 2, PCI-DSS, NIST). Timu yetu ina OSCP na CISSP certified professionals, ikileta utaalamu wa kina wa kiufundi na uelewa wa viwango vya industry kwenye kila ushirikiano.

Tunaenda zaidi ya automated scans kwa manual, intelligence-driven testing iliyoandaliwa mahususi kwa mazingira yenye umuhimu mkubwa. Kuanzia kulinda student records hadi kulinda financial transactions, tunasaidia organizations kutetea kilicho muhimu zaidi.

“Ulinzi wa ubora unahitaji kujua shambulio, tunatoa security kupitia uelewa.”

Endelea kufahamu na kupata updates za hivi karibuni katika cybersecurity kwa kutembelea blog yetu.

Last Tower Solutions | Cybersecurity Consulting for Educational Institutions

K8Studio - The Smarter GUI to Manage Kubernetes.

K8Studio IDE huwawezesha DevOps, DevSecOps, na developers kusimamia, kufuatilia, na kulinda Kubernetes clusters kwa ufanisi. Tumia AI-driven insights zetu, advanced security framework, na intuitive CloudMaps GUI ili kuona clusters zako, kuelewa hali yake, na kuchukua hatua kwa kujiamini.

Zaidi ya hayo, K8Studio inaendana na major kubernetes distributions zote (AWS, GCP, Azure, DO, Rancher, K3s, Openshift na zaidi).

K8Studio: Kubernetes UI for DevOps & DevSecOps Teams

License & Disclaimer

Zikague katika:

HackTricks Values & FAQ

Github Stats

Tip

Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Jifunze na fanya mazoezi ya Azure Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Support HackTricks

• Angalia mpango wa usajili!
• Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
• Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.