TODAY TOPICS :

Immediate Results!
New Revolutionary CPA Solutions
https://t.me/UnderCodeTesting/11707

Some courses:
https://t.me/UnderCodeTesting/11708

Web hack and more2020 topic
https://t.me/UnderCodeTesting/11709

Sql injection/web hack pdf
https://t.me/UnderCodeTesting/11710

botnet tutorial pdf
https://t.me/UnderCodeTesting/11711

Ip cctv methode pdf
https://t.me/UnderCodeTesting/11712

A simple way for others to prompt for an empty number when they call your phone
https://t.me/UnderCodeTesting/11713

This really a good debugger for windows 64/32
https://t.me/UnderCodeTesting/11714

Does your phone have ROOT? Mobile phone vulnerabilities after ROOT cannot be prevented
https://t.me/UnderCodeTesting/11716

Build application Custom Views and Common Use Cases [1.53 Gb]
https://t.me/UnderCodeTesting/11717

How to block .git in Apache, Nginx and Cloudflare?
https://t.me/UnderCodeTesting/11718

AWESOME FREE API FOR TRACKING (Topic 2020)
https://t.me/UnderCodeTesting/11719

Anonymously Hiding Tools #list / Information gathering tools
https://t.me/UnderCodeTesting/11720

if you are looking for good & helpful tools you should try
https://t.me/UnderCodeTesting/11721

DETAILED PROXIES LIST
https://t.me/UnderCodeTesting/11722

5 ways to ban grabbing (pdf guide)
https://t.me/UnderCodeTesting/11723

50+ encryptions/encodings Topic 2020 tool for any linux/windows
https://t.me/UnderCodeTesting/11725

Strong free coredns
https://t.me/UnderCodeTesting/11726

Encryption algorithm
https://t.me/UnderCodeTesting/11727

Python crawler uses dynamic switching ip to prevent blocking ?
https://t.me/UnderCodeTesting/11728

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 insta hack
#requested
INSTA is a bash based script which is officially made to test password strength of instagram account from termux with bruteforce attack and. This tool works on both rooted Android device and Non-rooted Android device.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) $ apt-get update -y

2) $ apt-get upgrade -y

3) $ pkg install python -y

4) $ pkg install python2 -y

5) $ pkg install git -y

6) $ pip install lolcat

7) $ git clone https://github.com/evildevill/instahack

8) $ ls

9) $ cd instahack

10) $ ls

11) $ bash setup

12) $ bash instahack.sh

Now you need internet connection to continue further process...

13) You can select any option by clicking on your keyboard

Note:- Don't delete any of the scripts included in core files

14) Open new session and start TOR (tor) before starting the attack

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Tips and tricks

Top reversed eng/ malwares in one repo :

https://github.com/ytisf/theZoo/tree/master/malwares/Source/Reversed

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Framework designed to automate various wireless networks attacks:

Capture victims' traffic.

MAC address spoofing.

Set-up honeypot and evil twin attacks.

Show the list of in range access points.

Wireless adapter|card|dongle power amplification.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/aress31/wirespy

2) cd wirespy

3) $ chmod +x wirespy.sh

Run the script with root privileges:

4) $ sudo ./wirespy.sh

Attacks:
eviltwin > launch an evil twin attack
honeypot > launch a rogue access point attack

Commands:
clear > clear the terminal
help > list available commands
quit|exit > exit the program
apscan > show all wireless access points nearby
leases > display DHCP leases
powerup > power wireless interface up (may cause issues)
start capture > start packet capture (tcpdump)
stop capture > stop packet capture (tcpdump)
status > show modules status

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 post login box injection in SQLMAP

(1) The search-test.txt is the package captured by the package capture tool burp suite and the data is saved as this txt file. When
we use Sqlmap for post-type injection, there are often cases where the request is missed and the injection fails. Here is a little trick, that is, to use sqlmap in combination with burpsuite. This method will be more accurate for post injection testing and it is very easy to operate.

1) Open the target address examplesite .com or http://www.UndercodeTesting.com/Login.asp in the browser

2) Configure the burp proxy (127.0.0.1:8080) to intercept the request

3)Click the submit button in the login form

4) At this time Burp will intercept To our login POST request

5) Copy this post request to txt, I named it search-test.txt and put it in the sqlmap directory

6) Run sqlmap and use the following command:

./sqlmap.py -r search-test.txt -p tfUPass

Here the parameter -r is for sqlmap to load our post request rsearch-test.txt, and -p should be familiar to everyone and specify the parameters for injection.

Injection point: http://testasp.vulnweb.com/Login.asp

Several injection methods: ./sqlmap.py -r search-test.txt -p tfUPass

(2) Automatic search

sqlmap -u [url]http://testasp.vulnweb.com/Login.asp[/url] --forms

(3) Specify parameter search

sqlmap -u [url]http://testasp.vulnweb.com/Login.asp[/url] --data "tfUName=321&tfUPass=321"


▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑NEW TWITTER BOT FOR AUTOMATE IN THE CLUB :

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :


1) You will need your own Twitter account for testing, since the bot tweets from this account. Generate your Twitter API keys by creating a new app.

2) CLONE THIS CODE https://github.com/freeCodeCamp/100DaysOfCode-twitter-bot

3) Create an .env file and add in your API keys and Twitter handle,

» like so:
TWITTER_CONSUMER_KEY=xxxxxxxxxxxxxxxxxxxxdMhxg
TWITTER_CONSUMER_SECRET=xxxxxxxxxxxxxxxxxxxxkFNNj1H107PFv1mvWwEM6CZH0fjymV
TWITTER_ACCESS_TOKEN=xxxxxxxxx-xxxxxxxxxxxxxxxxxxxxecKpi90bFhdsGG2N7iII
TWITTER_ACCESS_TOKEN_SECRET=xxxxxxxxxxxxxxxxxxxxZAU8wNKAPU8Qz2c0PhOo43cGO
QUERY_STRING=#someTestHashtag
TWITTER_USERNAME=YourTestTwitterAccountName

4) Make the Change

5) Change any hashtags to #someTestHashtag to avoid spamming the community hashtag.

6) Run npm/yarn test to check all keys are available before you start.

7) Make your suggested change.

8) Ensure code style follows existing code (run npm run format to apply preferred formatting).

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🌐 OWASP APICheck - DevSecOps Toolkit for HTTP API :

APICheck is a set of HTTP API DevSecOps tools, it integrates existing HTTP API tools, easily creates execution chains, and is designed to integrate with third party tools.
APICheck consists of a set of tools that can be linked together to achieve different functions, depending on how they are linked.
It allows you to create chains of execution and can not only integrate self-developed tools, but can also use existing tools to take advantage of them to provide new functionality.

1) Each tool in APICheck is a Docker image.

This means that the tools are a black box that can receive some information on their standard input and write the results to standard output or error output.

2) In addition, the return code can be used to stop the current chain.

🦑Who is the APICheck HTTP API DevSecOps Toolkit for?

3) APICheck focuses on more than just security testing and hacking scenarios, the goal of the project is to become a complete toolbox for DevSecOps loops.

The tools are designed for different user profiles:

Developers

System Administrators

Security Engineers and Penetration Testers

To enable interoperability between teams and tools, they all
share a common JSON data format.

In other words, APICheck commands output JSON documents and also accept them as input.

This allows you to customize your pipelines!

Using the APICheck HTTP API DevSecOps Toolset

After installation, you can start the package manager using the acp command.

https://github.com/OWASP/apicheck

$ acp

Usage : acp [ - h ] [ - w ] { list , info , install , version } . ... ...

APICheck Manager

positional arguments :

{ list , info , install , version }

available actions

list search in A

info show expanded tool info

install install an APICheck tool

version displays version


optional arguments :

- h , - help show this help message and exit

- w , - disable - warning

disable check of RC Shell File

You can download APICheck like this:
pip install apicheck-package-manager


@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is the difference between "5G" and "Wi-Fi 6" and how to use them properly?

1) "5G" (5th generation mobile communication system) and wireless LAN standard "Wi-Fi 6" (standards organization IEEE standard name is "IEEE 802.11ax") have a lot in common.

2) Not only is it a new standard for wireless networks that appeared at about the same time, but it is also the same in that it realizes high-speed data transmission at the gigabit level. With the advent of these two wireless network standards, studies are underway for applications that were unthinkable in the past.

3) In the near future, it is expected that the time for full-scale introduction of networks that adopt these standards will come. What we should consider now for that time is how to utilize these two wireless network standards. The features that realize high-speed data transmission are the same, but each has its own strengths and weaknesses.

4) In addition to using them properly according to the purpose, it may be an option to use the two together in some cases. This document, which is a collection of notable articles from TechTarget Japan, summarizes the differences between 5G and Wi-Fi 6 and introduces the points of utilization.

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Methode for protect yourself from iploggers ?

1) Hosts - a file stored in the system at

C: \ Windows \ System32 \ drivers \ etc
which contains a database of domain names and corresponding network addresses of nodes.

2) Before a query to DNS servers, data from this file is requested, i.e. it takes precedence and is solely controlled by you or your organization's administrators.

Using the hosts file, you can block access to specific sites, block ads by adding specific nodes, block Microsoft telemetry, etc.

3) To set the IP address of your computer, attackers can use IPlogger by sending you links, pictures, etc.

After clicking on this link, the attacker gets your IP.

4) To block iploggers, redirect their domain names to the network address 0.0.0.0 (this is a special non-routable address pointing to a non-existent host ) by specifying the following in the host file and saving:

# This is a sample HOSTS file used by Microsoft TCP / IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost

0.0.0.0 ezstat.ru
0.0.0.0 iplogger.org
0.0.0.0 2no.co
0.0.0.0 iplogger.com
0.0.0.0 iplogger.ru
0.0.0.0 yip.su
0.0.0.0 iplogger.co
0.0.0.0 iplogger.info
0.0.0.0 ipgrabber.ru
0.0.0.0 ipgraber.ru
0.0.0.0 iplis.ru
0.0.0.0 02ip.ru

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Some good New Proxies

https://pastebin.com/ArhDdP2q

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑ways to boot Windows 10 in Safe Mode :

A) Accessing Safe Mode from Windows 10 Settings
This is the most common method for accessing Safe Mode, where you can control the system and access settings.

Here's how to do it:

1) From the Start menu, go to Windows Settings and click Windows Security.

2) Then go to "Recovery"

3) Windows will restart and open Windows Recovery Environment (WinRE).
Here go to Troubleshoot> Advanced options> Startup options> Restart.

4) Your computer will restart and a page with a set of commands to choose from will open.

5) press the 4 key or the f4 key to start Safe Mode.

B) Using commands from the command line
If you only have command prompt access, you can run a command that will reboot your computer into Windows Recovery Environment, where you can access Safe Mode.

1) To access Command Prompt in Windows 10, press Windows Key + R to open the Run dialog and type cmd here to open Command Prompt.

2) enter the command:

> shutdown.exe /r /o

3) After a short delay, Windows will restart into Windows Recovery

C) You can also boot into Safe Mode from the login screen if you cannot login for some reason

All you have to do is press the power button in the lower right corner and then hold down the Shift key and press the restart button.

This will restart your computer and you will enter the Windows recovery environment.

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁