-
If a device is not rooted you can backup app data if ADB backup is enabled. However you can extract app data from any app remotely if device is rooted using these commands that are not listed. Steps t…
-
This service is not available anymore.
Please fix it.
`InaccessibleContentError: The document cannot be accessed or its content can not be selected: Received HTTP code 403 when trying to fetch…
-
Heya,
I noticed Syncthing complaining about file conflicts and it seems you have two files for the same topic which looks like an oversight:
```
./hacktricks/pentesting/pentesting-SAP.md
./hac…
-
Pingcastle does not check for insecure WSUS configurations (like when using HTTP or allowing the usage of a user-defined proxy after the January 2021 cumulative update). WSUS should be configured to u…
-
#### Issue description
**Before**
An older version of winpeasany.exe correctly detects a modifiable service running on the host machine:
> [+] Modifiable Services(T1007)
[?] Check if yo…
-
So i see that it works and i do get the right tokens, but what can you do with this?
-
As it stands, the check for NFS shares is at level 2 - Which is current reserved for information checks more so than critical ones.
https://github.com/diego-treitos/linux-smart-enumeration/blob/c79…
-
Hi,
thanks for this awesome project, you really did a great work on this. Would it be possible to implement night mode? I'd send a PR for that but there are no actual css sources in the repo so i …
-
Hogan.js can be chained with prototype pollution to gain Remote Code Execution as Hogan.js objects can be easily controlled.
Description:
- This vulnerability is regarding https://github.com/tw…
-
When reading this section: https://github.com/carlospolop/hacktricks/blob/master/pentesting-web/csrf-cross-site-request-forgery.md#content-type-change
I'm not sure if this is correct. It says that:
…