From 23d3f5017d7dcd753f9e2c6836b5c25554cb49aa Mon Sep 17 00:00:00 2001 From: carlospolop Date: Sat, 12 Jul 2025 10:48:33 +0200 Subject: [PATCH] a --- src/AI/AI-llm-architecture/0.-basic-llm-concepts.md | 4 ++-- src/AI/AI-llm-architecture/1.-tokenizing.md | 4 ++-- src/AI/AI-llm-architecture/2.-data-sampling.md | 4 ++-- src/AI/AI-llm-architecture/3.-token-embeddings.md | 4 ++-- src/AI/AI-llm-architecture/4.-attention-mechanisms.md | 4 ++-- src/AI/AI-llm-architecture/5.-llm-architecture.md | 4 ++-- .../AI-llm-architecture/6.-pre-training-and-loading-models.md | 4 ++-- .../7.0.-lora-improvements-in-fine-tuning.md | 4 ++-- .../7.1.-fine-tuning-for-classification.md | 4 ++-- .../7.2.-fine-tuning-to-follow-instructions.md | 4 ++-- src/AI/AI-llm-architecture/README.md | 4 ++-- src/binary-exploitation/arbitrary-write-2-exec/README.md | 2 +- .../arbitrary-write-2-exec/aw2exec-sips-icc-profile.md | 2 +- src/binary-exploitation/array-indexing.md | 2 +- .../stack-canaries/bf-forked-stack-canaries.md | 2 +- src/binary-exploitation/ios-exploiting.md | 4 ++-- src/binary-exploitation/libc-heap/README.md | 4 ++-- src/binary-exploitation/libc-heap/use-after-free/first-fit.md | 2 +- .../phishing-methodology/discord-invite-hijacking.md | 2 +- src/generic-methodologies-and-resources/threat-modeling.md | 4 ++-- .../macos-dangerous-entitlements.md | 2 +- src/mobile-pentesting/android-app-pentesting/flutter.md | 2 +- src/network-services-pentesting/1414-pentesting-ibmmq.md | 2 +- src/network-services-pentesting/pentesting-ntp.md | 2 +- src/network-services-pentesting/pentesting-web/angular.md | 4 ++-- src/network-services-pentesting/pentesting-web/django.md | 4 ++-- src/network-services-pentesting/pentesting-web/laravel.md | 2 +- .../pentesting-web/nodejs-express.md | 4 ++-- .../pentesting-web/spring-actuators.md | 2 +- .../file-inclusion/lfi2rce-via-nginx-temp-files.md | 2 +- src/pentesting-web/idor.md | 2 +- src/pentesting-web/xss-cross-site-scripting/README.md | 2 +- src/todo/hardware-hacking/fault_injection_attacks.md | 4 ++-- src/todo/hardware-hacking/side_channel_analysis.md | 4 ++-- src/todo/industrial-control-systems-hacking/README.md | 4 ++-- src/todo/industrial-control-systems-hacking/modbus.md | 4 ++-- src/todo/investment-terms.md | 4 ++-- src/todo/radio-hacking/README.md | 2 +- src/todo/radio-hacking/fissure-the-rf-framework.md | 4 ++-- src/todo/rust-basics.md | 4 ++-- src/todo/test-llms.md | 4 ++-- .../active-directory-methodology/TimeRoasting.md | 4 ++-- src/windows-hardening/cobalt-strike.md | 4 ++-- 43 files changed, 70 insertions(+), 70 deletions(-) diff --git a/src/AI/AI-llm-architecture/0.-basic-llm-concepts.md b/src/AI/AI-llm-architecture/0.-basic-llm-concepts.md index c25339647..83ce8371c 100644 --- a/src/AI/AI-llm-architecture/0.-basic-llm-concepts.md +++ b/src/AI/AI-llm-architecture/0.-basic-llm-concepts.md @@ -1,6 +1,6 @@ # 0. Basic LLM Concepts -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## Pretraining @@ -300,4 +300,4 @@ During the backward pass: - **Accuracy:** Provides exact derivatives up to machine precision. - **Ease of Use:** Eliminates manual computation of derivatives. -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/AI/AI-llm-architecture/1.-tokenizing.md b/src/AI/AI-llm-architecture/1.-tokenizing.md index b8712ad67..7e4ae9818 100644 --- a/src/AI/AI-llm-architecture/1.-tokenizing.md +++ b/src/AI/AI-llm-architecture/1.-tokenizing.md @@ -1,6 +1,6 @@ # 1. Tokenizing -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## Tokenizing @@ -99,4 +99,4 @@ print(token_ids[:50]) - [https://www.manning.com/books/build-a-large-language-model-from-scratch](https://www.manning.com/books/build-a-large-language-model-from-scratch) -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/AI/AI-llm-architecture/2.-data-sampling.md b/src/AI/AI-llm-architecture/2.-data-sampling.md index dd990c0ba..42d43f051 100644 --- a/src/AI/AI-llm-architecture/2.-data-sampling.md +++ b/src/AI/AI-llm-architecture/2.-data-sampling.md @@ -1,6 +1,6 @@ # 2. Data Sampling -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## **Data Sampling** @@ -241,4 +241,4 @@ tensor([[ 367, 2885, 1464, 1807], - [https://www.manning.com/books/build-a-large-language-model-from-scratch](https://www.manning.com/books/build-a-large-language-model-from-scratch) -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/AI/AI-llm-architecture/3.-token-embeddings.md b/src/AI/AI-llm-architecture/3.-token-embeddings.md index afaccba6f..b0d34dc2e 100644 --- a/src/AI/AI-llm-architecture/3.-token-embeddings.md +++ b/src/AI/AI-llm-architecture/3.-token-embeddings.md @@ -1,6 +1,6 @@ # 3. Token Embeddings -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## Token Embeddings @@ -219,4 +219,4 @@ print(input_embeddings.shape) # torch.Size([8, 4, 256]) - [https://www.manning.com/books/build-a-large-language-model-from-scratch](https://www.manning.com/books/build-a-large-language-model-from-scratch) -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/AI/AI-llm-architecture/4.-attention-mechanisms.md b/src/AI/AI-llm-architecture/4.-attention-mechanisms.md index e779d26a9..9f73a4eec 100644 --- a/src/AI/AI-llm-architecture/4.-attention-mechanisms.md +++ b/src/AI/AI-llm-architecture/4.-attention-mechanisms.md @@ -1,6 +1,6 @@ # 4. Attention Mechanisms -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## Attention Mechanisms and Self-Attention in Neural Networks @@ -430,5 +430,5 @@ For another compact and efficient implementation you could use the [`torch.nn.Mu - [https://www.manning.com/books/build-a-large-language-model-from-scratch](https://www.manning.com/books/build-a-large-language-model-from-scratch) -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/AI/AI-llm-architecture/5.-llm-architecture.md b/src/AI/AI-llm-architecture/5.-llm-architecture.md index 107f09543..7e375b6f6 100644 --- a/src/AI/AI-llm-architecture/5.-llm-architecture.md +++ b/src/AI/AI-llm-architecture/5.-llm-architecture.md @@ -1,6 +1,6 @@ # 5. LLM Architecture -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## LLM Architecture @@ -702,4 +702,4 @@ print("Output length:", len(out[0])) - [https://www.manning.com/books/build-a-large-language-model-from-scratch](https://www.manning.com/books/build-a-large-language-model-from-scratch) -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/AI/AI-llm-architecture/6.-pre-training-and-loading-models.md b/src/AI/AI-llm-architecture/6.-pre-training-and-loading-models.md index dc0705aa0..4ebc737e9 100644 --- a/src/AI/AI-llm-architecture/6.-pre-training-and-loading-models.md +++ b/src/AI/AI-llm-architecture/6.-pre-training-and-loading-models.md @@ -1,6 +1,6 @@ # 6. Pre-training & Loading models -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## Text Generation @@ -971,4 +971,4 @@ There 2 quick scripts to load the GPT2 weights locally. For both you can clone t - [https://www.manning.com/books/build-a-large-language-model-from-scratch](https://www.manning.com/books/build-a-large-language-model-from-scratch) -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/AI/AI-llm-architecture/7.0.-lora-improvements-in-fine-tuning.md b/src/AI/AI-llm-architecture/7.0.-lora-improvements-in-fine-tuning.md index d1feef344..24d1f900d 100644 --- a/src/AI/AI-llm-architecture/7.0.-lora-improvements-in-fine-tuning.md +++ b/src/AI/AI-llm-architecture/7.0.-lora-improvements-in-fine-tuning.md @@ -1,6 +1,6 @@ # 7.0. LoRA Improvements in fine-tuning -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## LoRA Improvements @@ -64,4 +64,4 @@ def replace_linear_with_lora(model, rank, alpha): - [https://www.manning.com/books/build-a-large-language-model-from-scratch](https://www.manning.com/books/build-a-large-language-model-from-scratch) -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/AI/AI-llm-architecture/7.1.-fine-tuning-for-classification.md b/src/AI/AI-llm-architecture/7.1.-fine-tuning-for-classification.md index 67caa9bb5..98df3b564 100644 --- a/src/AI/AI-llm-architecture/7.1.-fine-tuning-for-classification.md +++ b/src/AI/AI-llm-architecture/7.1.-fine-tuning-for-classification.md @@ -1,6 +1,6 @@ # 7.1. Fine-Tuning for Classification -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## What is @@ -117,4 +117,4 @@ You can find all the code to fine-tune GPT2 to be a spam classifier in [https:// - [https://www.manning.com/books/build-a-large-language-model-from-scratch](https://www.manning.com/books/build-a-large-language-model-from-scratch) -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/AI/AI-llm-architecture/7.2.-fine-tuning-to-follow-instructions.md b/src/AI/AI-llm-architecture/7.2.-fine-tuning-to-follow-instructions.md index 69328b25b..1398b73d5 100644 --- a/src/AI/AI-llm-architecture/7.2.-fine-tuning-to-follow-instructions.md +++ b/src/AI/AI-llm-architecture/7.2.-fine-tuning-to-follow-instructions.md @@ -1,6 +1,6 @@ # 7.2. Fine-Tuning to follow instructions -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} > [!TIP] > The goal of this section is to show how to **fine-tune an already pre-trained model to follow instructions** rather than just generating text, for example, responding to tasks as a chat bot. @@ -107,4 +107,4 @@ You can find an example of the code to perform this fine tuning in [https://gith - [https://www.manning.com/books/build-a-large-language-model-from-scratch](https://www.manning.com/books/build-a-large-language-model-from-scratch) -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/AI/AI-llm-architecture/README.md b/src/AI/AI-llm-architecture/README.md index 86925f2b5..8d18bf89d 100644 --- a/src/AI/AI-llm-architecture/README.md +++ b/src/AI/AI-llm-architecture/README.md @@ -1,6 +1,6 @@ # LLM Training - Data Preparation -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} **These are my notes from the very recommended book** [**https://www.manning.com/books/build-a-large-language-model-from-scratch**](https://www.manning.com/books/build-a-large-language-model-from-scratch) **with some extra information.** @@ -99,4 +99,4 @@ You should start by reading this post for some basic concepts you should know ab 7.2.-fine-tuning-to-follow-instructions.md {{#endref}} -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/binary-exploitation/arbitrary-write-2-exec/README.md b/src/binary-exploitation/arbitrary-write-2-exec/README.md index 590c7c6f8..207dbba64 100644 --- a/src/binary-exploitation/arbitrary-write-2-exec/README.md +++ b/src/binary-exploitation/arbitrary-write-2-exec/README.md @@ -1,6 +1,6 @@ # Arbitrary Write 2 Exec -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/binary-exploitation/arbitrary-write-2-exec/aw2exec-sips-icc-profile.md b/src/binary-exploitation/arbitrary-write-2-exec/aw2exec-sips-icc-profile.md index 9e5354d6b..bc6d6480a 100644 --- a/src/binary-exploitation/arbitrary-write-2-exec/aw2exec-sips-icc-profile.md +++ b/src/binary-exploitation/arbitrary-write-2-exec/aw2exec-sips-icc-profile.md @@ -52,4 +52,4 @@ Successful exploitation results in remote arbitrary code execution at user privi - Apple October 2024 Security Update (patch shipping CVE-2024-44236) https://support.apple.com/en-us/121564 -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/binary-exploitation/array-indexing.md b/src/binary-exploitation/array-indexing.md index 77a067dbf..12c30102b 100644 --- a/src/binary-exploitation/array-indexing.md +++ b/src/binary-exploitation/array-indexing.md @@ -20,4 +20,4 @@ However he you can find some nice **examples**: -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/binary-exploitation/common-binary-protections-and-bypasses/stack-canaries/bf-forked-stack-canaries.md b/src/binary-exploitation/common-binary-protections-and-bypasses/stack-canaries/bf-forked-stack-canaries.md index ea5a33186..0ec3de2d3 100644 --- a/src/binary-exploitation/common-binary-protections-and-bypasses/stack-canaries/bf-forked-stack-canaries.md +++ b/src/binary-exploitation/common-binary-protections-and-bypasses/stack-canaries/bf-forked-stack-canaries.md @@ -123,4 +123,4 @@ Check also the presentation of [https://www.slideshare.net/codeblue_jp/master-ca -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/binary-exploitation/ios-exploiting.md b/src/binary-exploitation/ios-exploiting.md index 1b9b61739..d97f353f8 100644 --- a/src/binary-exploitation/ios-exploiting.md +++ b/src/binary-exploitation/ios-exploiting.md @@ -1,6 +1,6 @@ # iOS Exploiting -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## Physical use-after-free @@ -213,4 +213,4 @@ void iosurface_kwrite64(uint64_t addr, uint64_t value) { With these primitives, the exploit provides controlled **32-bit reads** and **64-bit writes** to kernel memory. Further jailbreak steps could involve more stable read/write primitives, which may require bypassing additional protections (e.g., PPL on newer arm64e devices). -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/binary-exploitation/libc-heap/README.md b/src/binary-exploitation/libc-heap/README.md index 98b5cc160..7ebab0f69 100644 --- a/src/binary-exploitation/libc-heap/README.md +++ b/src/binary-exploitation/libc-heap/README.md @@ -1,6 +1,6 @@ # Libc Heap -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## Heap Basics @@ -531,4 +531,4 @@ heap-memory-functions/heap-functions-security-checks.md - [https://azeria-labs.com/heap-exploitation-part-2-glibc-heap-free-bins/](https://azeria-labs.com/heap-exploitation-part-2-glibc-heap-free-bins/) -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/binary-exploitation/libc-heap/use-after-free/first-fit.md b/src/binary-exploitation/libc-heap/use-after-free/first-fit.md index fe4a96cb7..c90112b42 100644 --- a/src/binary-exploitation/libc-heap/use-after-free/first-fit.md +++ b/src/binary-exploitation/libc-heap/use-after-free/first-fit.md @@ -66,4 +66,4 @@ d = malloc(20); // a -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/generic-methodologies-and-resources/phishing-methodology/discord-invite-hijacking.md b/src/generic-methodologies-and-resources/phishing-methodology/discord-invite-hijacking.md index 866afea3c..5fa7203cf 100644 --- a/src/generic-methodologies-and-resources/phishing-methodology/discord-invite-hijacking.md +++ b/src/generic-methodologies-and-resources/phishing-methodology/discord-invite-hijacking.md @@ -60,4 +60,4 @@ This approach avoids direct file downloads and leverages familiar UI elements to - From Trust to Threat: Hijacked Discord Invites Used for Multi-Stage Malware Delivery – https://research.checkpoint.com/2025/from-trust-to-threat-hijacked-discord-invites-used-for-multi-stage-malware-delivery/ - Discord Custom Invite Link Documentation – https://support.discord.com/hc/en-us/articles/115001542132-Custom-Invite-Link -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/generic-methodologies-and-resources/threat-modeling.md b/src/generic-methodologies-and-resources/threat-modeling.md index b42de9625..3ed08bd94 100644 --- a/src/generic-methodologies-and-resources/threat-modeling.md +++ b/src/generic-methodologies-and-resources/threat-modeling.md @@ -1,6 +1,6 @@ # Threat Modeling -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## Threat Modeling @@ -113,5 +113,5 @@ Now your finished model should look something like this. And this is how you mak This is a free tool from Microsoft that helps in finding threats in the design phase of software projects. It uses the STRIDE methodology and is particularly suitable for those developing on Microsoft's stack. -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-dangerous-entitlements.md b/src/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-dangerous-entitlements.md index f2b3a0202..cf4dd992e 100644 --- a/src/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-dangerous-entitlements.md +++ b/src/macos-hardening/macos-security-and-privilege-escalation/macos-security-protections/macos-dangerous-entitlements.md @@ -173,4 +173,4 @@ Allow the process to **ask for all the TCC permissions**. -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/mobile-pentesting/android-app-pentesting/flutter.md b/src/mobile-pentesting/android-app-pentesting/flutter.md index 581712421..907176652 100644 --- a/src/mobile-pentesting/android-app-pentesting/flutter.md +++ b/src/mobile-pentesting/android-app-pentesting/flutter.md @@ -80,4 +80,4 @@ Flutter itself **ignores device proxy settings**. Easiest options: - [https://sensepost.com/blog/2025/intercepting-https-communication-in-flutter-going-full-hardcore-mode-with-frida/](https://sensepost.com/blog/2025/intercepting-https-communication-in-flutter-going-full-hardcore-mode-with-frida/) -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/network-services-pentesting/1414-pentesting-ibmmq.md b/src/network-services-pentesting/1414-pentesting-ibmmq.md index f1536f038..68aab11f2 100644 --- a/src/network-services-pentesting/1414-pentesting-ibmmq.md +++ b/src/network-services-pentesting/1414-pentesting-ibmmq.md @@ -364,4 +364,4 @@ CONTAINER ID IMAGE COMMAND CRE -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/network-services-pentesting/pentesting-ntp.md b/src/network-services-pentesting/pentesting-ntp.md index abf43fe68..c330fe2e9 100644 --- a/src/network-services-pentesting/pentesting-ntp.md +++ b/src/network-services-pentesting/pentesting-ntp.md @@ -195,4 +195,4 @@ Entry_2: - Khronos/Chronos draft (time-shift mitigation) - chronyc manual/examples for remote monitoring - zgrab2 ntp module docs -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/network-services-pentesting/pentesting-web/angular.md b/src/network-services-pentesting/pentesting-web/angular.md index 0e2fa7917..ff1648acb 100644 --- a/src/network-services-pentesting/pentesting-web/angular.md +++ b/src/network-services-pentesting/pentesting-web/angular.md @@ -1,6 +1,6 @@ # Angular -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## The Checklist @@ -616,5 +616,5 @@ According to the W3C documentation, the `window.location` and `document.location -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/network-services-pentesting/pentesting-web/django.md b/src/network-services-pentesting/pentesting-web/django.md index a279c59f8..946fd634f 100644 --- a/src/network-services-pentesting/pentesting-web/django.md +++ b/src/network-services-pentesting/pentesting-web/django.md @@ -1,6 +1,6 @@ # Django -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## Cache Manipulation to RCE Django's default cache storage method is [Python pickles](https://docs.python.org/3/library/pickle.html), which can lead to RCE if [untrusted input is unpickled](https://media.blackhat.com/bh-us-11/Slaviero/BH_US_11_Slaviero_Sour_Pickles_Slides.pdf). **If an attacker can gain write access to the cache, they can escalate this vulnerability to RCE on the underlying server**. @@ -76,4 +76,4 @@ Always fingerprint the exact framework version via the `X-Frame-Options` error p * Django security release – "Django 5.2.2, 5.1.10, 4.2.22 address CVE-2025-48432" – 4 Jun 2025. citeturn0search0 * OP-Innovate: "Django releases security updates to address SQL injection flaw CVE-2024-42005" – 11 Aug 2024. citeturn1search2 -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/network-services-pentesting/pentesting-web/laravel.md b/src/network-services-pentesting/pentesting-web/laravel.md index 0763e46f8..ecf2c580d 100644 --- a/src/network-services-pentesting/pentesting-web/laravel.md +++ b/src/network-services-pentesting/pentesting-web/laravel.md @@ -1,6 +1,6 @@ # Laravel -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ### Laravel SQLInjection diff --git a/src/network-services-pentesting/pentesting-web/nodejs-express.md b/src/network-services-pentesting/pentesting-web/nodejs-express.md index ee11bcafb..cd0d1c66b 100644 --- a/src/network-services-pentesting/pentesting-web/nodejs-express.md +++ b/src/network-services-pentesting/pentesting-web/nodejs-express.md @@ -1,6 +1,6 @@ # NodeJS Express -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## Cookie Signature @@ -39,5 +39,5 @@ cookie-monster -e -f new_cookie.json -k secret ``` -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/network-services-pentesting/pentesting-web/spring-actuators.md b/src/network-services-pentesting/pentesting-web/spring-actuators.md index 8bdaabc31..164be26bf 100644 --- a/src/network-services-pentesting/pentesting-web/spring-actuators.md +++ b/src/network-services-pentesting/pentesting-web/spring-actuators.md @@ -68,4 +68,4 @@ Connection: close -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/pentesting-web/file-inclusion/lfi2rce-via-nginx-temp-files.md b/src/pentesting-web/file-inclusion/lfi2rce-via-nginx-temp-files.md index 3d3e304b7..4ba103e46 100644 --- a/src/pentesting-web/file-inclusion/lfi2rce-via-nginx-temp-files.md +++ b/src/pentesting-web/file-inclusion/lfi2rce-via-nginx-temp-files.md @@ -56,4 +56,4 @@ if **name** == "**main**": print('\[DEBUG] Creating requests session') requests\ -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/pentesting-web/idor.md b/src/pentesting-web/idor.md index 821eee470..32ef75d5d 100644 --- a/src/pentesting-web/idor.md +++ b/src/pentesting-web/idor.md @@ -86,4 +86,4 @@ Combined with **default admin credentials** (`123456:123456`) that granted acces * [McHire Chatbot Platform: Default Credentials and IDOR Expose 64M Applicants’ PII](https://ian.sh/mcdonalds) * [OWASP Top 10 – Broken Access Control](https://owasp.org/Top10/A01_2021-Broken_Access_Control/) * [How to Find More IDORs – Vickie Li](https://medium.com/@vickieli/how-to-find-more-idors-ae2db67c9489) -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/pentesting-web/xss-cross-site-scripting/README.md b/src/pentesting-web/xss-cross-site-scripting/README.md index fd189e10d..d690529aa 100644 --- a/src/pentesting-web/xss-cross-site-scripting/README.md +++ b/src/pentesting-web/xss-cross-site-scripting/README.md @@ -1,6 +1,6 @@ # XSS (Cross Site Scripting) -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## Methodology diff --git a/src/todo/hardware-hacking/fault_injection_attacks.md b/src/todo/hardware-hacking/fault_injection_attacks.md index 16ddab263..96ff08913 100644 --- a/src/todo/hardware-hacking/fault_injection_attacks.md +++ b/src/todo/hardware-hacking/fault_injection_attacks.md @@ -1,6 +1,6 @@ # Fault Injection Attacks -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} Fault injections attacks includes introducing external distrubance in electronic circuits to influence it's behaviour, resulting to disclose information or even bypass certian restrictions in the circuit. This attacks opens a lot of possibilities for attacking electronic circuits. This attack is also referred as glitching of electronic circuits. @@ -8,4 +8,4 @@ There are a lot of methods and mediums for injecting fault into an electronic ci -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/todo/hardware-hacking/side_channel_analysis.md b/src/todo/hardware-hacking/side_channel_analysis.md index 8eaaac3e6..6ac9fa741 100644 --- a/src/todo/hardware-hacking/side_channel_analysis.md +++ b/src/todo/hardware-hacking/side_channel_analysis.md @@ -1,6 +1,6 @@ # Side Channel Analysis Attacks -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} Side Channel Analysis Attacks refers to determining the information from a device or entity by some other channel or source that has an indirect influence on it and information can be extracted from it. This can be explained better with an example: @@ -10,4 +10,4 @@ These attacks are very popular in case of leaking data such as private keys or f -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/todo/industrial-control-systems-hacking/README.md b/src/todo/industrial-control-systems-hacking/README.md index 103246196..a09ea2c1f 100644 --- a/src/todo/industrial-control-systems-hacking/README.md +++ b/src/todo/industrial-control-systems-hacking/README.md @@ -1,6 +1,6 @@ # Industrial Control Systems Hacking -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## About this Section @@ -18,5 +18,5 @@ These techniques can also be used to protect against attacks and blue teaming fo -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/todo/industrial-control-systems-hacking/modbus.md b/src/todo/industrial-control-systems-hacking/modbus.md index 711d6618a..9f044e573 100644 --- a/src/todo/industrial-control-systems-hacking/modbus.md +++ b/src/todo/industrial-control-systems-hacking/modbus.md @@ -1,6 +1,6 @@ # The Modbus Protocol -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## Introduction to Modbus Protocol @@ -34,6 +34,6 @@ Due to it's large scale use and lack of upgradations, attacking Modbus provides -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/todo/investment-terms.md b/src/todo/investment-terms.md index 1978773b1..2added321 100644 --- a/src/todo/investment-terms.md +++ b/src/todo/investment-terms.md @@ -1,6 +1,6 @@ # Investment Terms -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## Spot @@ -71,4 +71,4 @@ However, the buyer will be paying some fee to the seller for opening the option -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/todo/radio-hacking/README.md b/src/todo/radio-hacking/README.md index f49b99426..42011e5a4 100644 --- a/src/todo/radio-hacking/README.md +++ b/src/todo/radio-hacking/README.md @@ -1,6 +1,6 @@ # Radio Hacking -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/todo/radio-hacking/fissure-the-rf-framework.md b/src/todo/radio-hacking/fissure-the-rf-framework.md index 5aff81ce1..f9cfc1334 100644 --- a/src/todo/radio-hacking/fissure-the-rf-framework.md +++ b/src/todo/radio-hacking/fissure-the-rf-framework.md @@ -1,6 +1,6 @@ # FISSURE - The RF Framework -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} **Frequency Independent SDR-based Signal Understanding and Reverse Engineering** @@ -187,5 +187,5 @@ Special thanks to Dr. Samuel Mantravadi and Joseph Reith for their contributions -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/todo/rust-basics.md b/src/todo/rust-basics.md index 47acd042d..5f78a9154 100644 --- a/src/todo/rust-basics.md +++ b/src/todo/rust-basics.md @@ -1,6 +1,6 @@ # Rust Basics -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ### Generic Types @@ -320,5 +320,5 @@ fn main() { ``` -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/todo/test-llms.md b/src/todo/test-llms.md index aadf1ff19..751db9fd9 100644 --- a/src/todo/test-llms.md +++ b/src/todo/test-llms.md @@ -1,6 +1,6 @@ # Test LLMs -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ## Run & train models locally @@ -52,5 +52,5 @@ It offers several sections like: * **API Access:** Simple APIs for running models the enable developers to deploy and scale models effortlessly within their own applications. -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/windows-hardening/active-directory-methodology/TimeRoasting.md b/src/windows-hardening/active-directory-methodology/TimeRoasting.md index 6311a1c89..d92f0064b 100644 --- a/src/windows-hardening/active-directory-methodology/TimeRoasting.md +++ b/src/windows-hardening/active-directory-methodology/TimeRoasting.md @@ -1,6 +1,6 @@ # TimeRoasting -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} timeRoasting, the main cause is the outdated authentication mechanism left by Microsoft in its extension to NTP servers, known as MS-SNTP. In this mechanism, clients can directly use any computer account's Relative Identifier (RID), and the domain controller will use the computer account's NTLM hash (generated by MD4) as the key to generate the **Message Authentication Code (MAC)** of the response packet. @@ -39,4 +39,4 @@ sudo ./timeroast.py 10.0.0.42 | tee ntp-hashes.txt hashcat -m 31300 ntp-hashes.txt ``` -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} diff --git a/src/windows-hardening/cobalt-strike.md b/src/windows-hardening/cobalt-strike.md index 69ccc8cc6..94e4cf8a3 100644 --- a/src/windows-hardening/cobalt-strike.md +++ b/src/windows-hardening/cobalt-strike.md @@ -1,6 +1,6 @@ # Cobalt Strike -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}} ### Listeners @@ -371,5 +371,5 @@ pscp -r root@kali:/opt/cobaltstrike/artifact-kit/dist-pipe . ``` -{{#include /banners/hacktricks-training.md}} +{{#include /src/banners/hacktricks-training.md}}