▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FREE WIFI CRACKER APPLICATION FOR ANDROID:

Step 1: before using this application you have to FORGET your current wifi connection other the scan will not work and you will be unable to attempt a connection.


Step 2: Before you can view any networks around you, you must enable location services through your settings. New android permissions require location services due to the network dealing with IP addresses.

> Download:
https://github.com/trevatk/Wifi-Cracker/tree/master/newAPK
https://github.com/trevatk/Wifi-Cracker/tree/master/oldAPK
https://github.com/trevatk/Wifi-Cracker

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🔍 What process is listening on a port on Windows?

A) Using the command line
Use the following command to find out the process id (pid) listening on port 433 .

You can change this value to look for a different port.

netstat -aon | findstr ": 443" | findstr "LISTENING"
Conclusion:

TCP 0.0.0.0:443 0.0.0.0 0 LISTENING 2180
TCP 127.0.0.1:44312 0.0.0.0 0 LISTENING 4620
TCP [::]: 443 [::]: 0 LISTENING 2180


The last column of the output displays the process ID.

The output shows the pid is 2189 and 4620 for processes listening on port 443.

Use this process ID with the task list command to find the process name.

> tasklist / fi "pid eq 2190"

B) Using PowerShell Get-Process
The second method uses a PowerShell command to identify the process running on a specific port on Windows.

Start a PowerShell terminal and run the following command to find the name of the process running on port 443.

You can change the port number to check for other ports.

Get-Process -Id (Get-NetTCPConnection -LocalPort 443) .OwningProcess

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑RDP HACKING
Script for automatic scanning of the address list for the presence of open 3389 ports, and then selecting the method and starting busting pair login / password.

To work correctly, the script requires the establishment: masscan, curl and FreeRDP.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/getdrive/Lazy-RDP

2) cd Lazy-RDP && chmod +x hydra/configure hydra/hydra src/rdp_brute.sh patator.py start INSTALL

3) Installing dependencies

./INSTALL

4) Running the script

./start

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to operate HNAP :

There are a couple of tools available to operate the HNAP.

Hnap0wn

The Hnap0wn tool was introduced 10 years ago. This is an exploit to bypass the administrative login for HNAP-enabled D-Link routers.

1) Now it can be downloaded from the following links (the versions are not identical! In this tutorial I use the first one):

https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/11101.tar.gz
https://web.archive.org/web/20140727021850/http://www.sourcesec.com/Lab/hnap0wn.tar.gz
Download and unpack from the command line:

2) mkdir hnap0wn

3) cd hnap0wn

4) wget https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/11101.tar.gz

5) tar xvzf 11101.tar.gz

6) This tool allows you to check if there is a vulnerability that allows you to perform actions without specifying a password, as well as view information from a device using a password or without a password if the device is vulnerable.

In the xml folder that comes with this program, there are several .xml files to do typical things.

🦑Example command:


./hnap0wn 172.24.98.25:8080 xml/GetWLanSecurity.xml

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑ISPProtect - a malware scanner for websites:

A) ISPProtect contains 5 scanning engines:

—Malware scanner using signature method.
Heuristic analysis
—Scan to show installation directories for legacy CMS systems.
—A scan that shows you all the legacy WordPress plugins of the entire server.
—Database content scanner that checks MySQL databases for potentially malicious content.
—ISPProtect is not free software, but there is a free trial version that you can use without registration to test it or clean up an infected system.

B) ISPProtect requires PHP and ClamAV to be installed on the server, this should be the case on most hosting systems.

ClamAV is used by ISPProtect in the first scan layer with its own set of ISPProtect malware signatures.

C) If you don't have PHP installed yet run:

# apt-get install php7.0-cli clamav
On debian or Ubuntu:

# apt-get install php7.2-cli clamav
Fedora or CentOS:

yum install php

D) To install ISPProtect run the following commands:

mkdir -p / usr / local / ispprotect
chown -R root: root / usr / local / ispprotect
chmod -R 750 / usr / local / ispprotect
cd / usr / local / ispprotect
wget http://www.ispprotect.com/download/ispp_scan.tar.gz
tar xzf ispp_scan.tar.gz
rm -f ispp_scan.tar.gz
ln -s / usr / local / ispprotect / ispp_scan / usr / local / bin / ispp_scan

E) To start ISPProtect, enter:

ispp_scan
The scanner automatically checks for updates, then prompts you for a key (enter "trial" here) and then prompts you for the path to websites, usually / var / www.

Please enter scan key: <- trial
Please enter path to scan: <- / var / www

The scanner will start scanning. The scanning progress is displayed.

The names of the infected files are displayed on the screen at the end of the scan, and the results are saved in the sin file in the ISPProtect installation directory for later use:

F) After the scan is completed, you will find the results also in the following files:
Malware => /usr/local/ispprotect/found_malware_20180605115005.txt
Wordpress => /usr/local/ispprotect/software_wordpress_20180605115005.txt
Joomla => /usr/local/ispprotect/software_joomla_20180605115005.txt
Drupal => /usr/local/ispprotect/software_drupal_20180605115005.txt
Mediawiki => /usr/local/ispprotect/software_mediawiki_20180605115005.txt
Contao => /usr/local/ispprotect/software_contao_20180605115005.txt
Magentocommerce => /usr/local/ispprotect/software_magentocommerce_20180605115005.txt
Woltlab Burning Board => /usr/local/ispprotect/software_woltlab_burning_board_20180605115005.txt
Cms Made Simple => /usr/local/ispprotect/software_cms_made_simple_20180605115005.txt
Mysqldumper => /usr/local/ispprotect/software_mysqldumper_20180605115005.txt
Starting scan level 1 ...
Scanning 3471 files now ...

G) To start ISPProtect automatically as a night cronjob, create a cron file with nano:

?
nano /etc/cron.d/ispprotect
and insert the following line:

root /usr/local/ispprotect/ispp_scan --update && /usr/local/ispprotect/ispp_scan --path=/var/www --email-results=root@localhost --non-interactive --scan-key=AAA-BBB-CCC-DDD</pre>

<a href="https://ispprotect.com/"></a> ]
<p class="command"> ispp_scan --help

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to prevent WebRTC leaks in browsers?

1) Despite all this, WebRTC also poses a threat to online privacy and security.

So, WebRTC is not very good for online privacy and you should disable it if it's not useful.

In Google Chrome or Chromium browser, the local IP address is automatically allocated by default on all desktop OS platforms, Windows, macOS and Linux.

2) However, in Firefox, the local IP address is provided via WebRTC, however it can be easily fixed with plugins like uBlock Origin.

3) Some less popular browsers for Linux users such as Falkon, Midori, etc. use either WebKit or WebEngine as their rendering engine, are vulnerable to WebRTC leaks, and there is no easy way to fix this problem.

But the real threat to the Android platform, the Android Chrome browser and many other popular browsers are affected by the WebRTC leak.

4) Even worse, there is no easy way to install plugins / add-ons on Android to prevent WebRTC leaks.

This is when you should be especially careful if you truly value your online privacy.

You can use Firefox beta on Android to install plugins like uBlock Origin.

🦑How to disable WebRTC in Firefox browser?

1)Enter in the browser line:

about:config


2) Click “Accept Risk and Continue”

3) Enter in the search bar:

media.peerconnection.enabled


4) Double click on the value true and it becomes false


@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🐧 Bash function for extracting file archives of various types:

A) Open your ~ / .bashrc file:

$ nano ~/.bashrc
Add the following snippet at the end:

# Bash Function To Extract File Archives Of Various Types
extract () {
if [ -f $1 ] ; then
case $1 in
*.tar.bz2) tar xjf $1 ;;
*.tar.gz) tar xzf $1 ;;
*.bz2) bunzip2 $1 ;;
*.rar) rar x $1 ;;
*.gz) gunzip $1 ;;
*.tar) tar xf $1 ;;
*.tbz2) tar xjf $1 ;;
*.tgz) tar xzf $1 ;;
*.zip) unzip $1 ;;
*.Z) uncompress $1 ;;
*.7z) 7z x $1 ;;
*) echo "'$1' cannot be extracted via extract()" ;;
esac
else
echo "'$1' is not a valid file"
fi
}

B) Press Ctrl + o and press ENTER to save the file and then press Ctrl + x to exit the file.


C) Run the following command for the changes to take effect:
$ source ~/.bashrc
From now on, you can simply call this function to extract archives of various types.

For example, I'm going to extract a .7z archive file using the command:

$ extract archive.7z
Output example:

7-Zip [64] 16.02 : Copyright (c) 1999-2016 Igor Pavlov : 2016-05-21
p7zip Version 16.02 (locale=en_IN,Utf16=on,HugeFiles=on,64 bits,4 CPUs Intel(R) Core(TM) i3-2350M CPU @ 2.30GHz (206A7),ASM)

Scanning the drive for archives:
1 file, 16013693 bytes (16 MiB)

Extracting archive: archive.7z
--
Path = archive.7z
Type = 7z
Physical Size = 16013693
Headers Size = 1204
Method = LZMA:23
Solid = +
Blocks = 1

Everything is Ok

Folders: 21
Files: 37
Size: 16625007
Compressed: 16013693
Likewise, to extract .zip files, the command would be:
$ extract archive.zip

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Crypt / Why? / Issue price

Crypt, crypt - the process of hiding your malicious code from antiviruses (hereinafter referred to as AB).

> This is the process of modifying the code of your file (exe / dll) in such a way that the operability of the file itself is preserved and all antiviruses will consider that the file is harmless to the system.

> This is accomplished in a variety of ways. The simplest ones are adding garbage sections or false calls and jumps to the file code.

> This simplest method has long lost its relevance due to the development of antiviruses and logistic methods of file analysis (heuristic analysis).

> Now more complex methods are used, which include a huge complex of file file modifications. And the more sophisticated the methods, the longer your file will remain "clean" for AB.

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁]

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑PUBG HACKING:

Player ESP (2d box, 3d box,skeleton, ignore teammate, identify bot)

Item/Lootbox ESP

Vehicle ESP

Grenade Alert

Player Health/Name/Distance/Line

Simple Aimbot

Enemy State

Enemy Weapon

> Download:

https://github.com/error434/pubghack

> How to use:
https://youtu.be/mcQArbpJEjE

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Windows Hacking resources:

- Empire - PowerShell and Python post-exploitation agent

- Mimikatz - Utility to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory but also perform pass-the-hash, pass-the-ticket or build Golden tickets

- UACME - Defeating Windows User Account Control

- Windows System Internals - (Including Sysmon etc.)

- Hardentools - Collection of simple utilities designed to disable a number of "features" exposed by Windows

- CrackMapExec - A swiss army knife for pentesting Windows/Active Directory environments

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 key points of each level of Android software and related technologies:

(1) Operating system layer (OS)
Android uses Linux 2.6 as the operating system, Linux 2.6 is a standard technology, and Linux is also an open operating system. Android's use of the operating system includes two parts: the core and the driver. Android's Linux core is the standard Linux 2.6 kernel. Android needs more drivers related to mobile devices. The main drivers are as follows:
Display driver (DisplayDriver): commonly used Linux-based frame buffer (Frame Buffer) driver
Flash memory driver (FlashMemory Driver)
Camera driver (CameraDriver): commonly used Linux-based v4l (Video for) driver.
Audio Driver (AudioDriver): commonly used based on ALSA (Advanced Linux Sound Architecture, Advanced Linux Sound Architecture) driver
WiFi driver (CameraDriver): driver based on IEEE 802.11 standard
Keyboard driver (KeyBoardDriver)
Bluetooth Driver (BluetoothDriver)
BinderIPC driver: Andoid is a special driver that has a separate device node and provides the function of inter-process communication.
PowerManagement (energy management)


(2) Various libraries (Libraries) and Android runtime environment (RunTime)
This level corresponds to the general embedded system and is equivalent to the middleware level. This level of Android is divided into two parts, one is various libraries, and the other is the Android runtime environment. The content of this layer is mostly implemented in C++. Among them, various libraries include:
C library: The standard library of C language, which is also one of the lowest level libraries in the system. The C library is implemented through Linux system calls.
Multimedia Framework (MediaFrameword): This part of the content is the core part of Android multimedia, based on PacketVideo (PV) OpenCORE, functionally this library is divided into two parts, one part is the playback of audio and video (PlayBack), and the other One part is audio and video records (Recorder).
SGL: 2D graphics engine.
SSL: The SecureSocket Layer is located between the TCP/IP protocol and various application layer protocols to provide security support for data communication.
OpenGL ES 1.0: This part provides support for 3D.
Interface management tool (Surface Management): This part provides functions such as managing the display subsystem.
SQLite: a general embedded database
WebKit: the core of the web browser
FreeType: The function of bitmap and vector font.

(3) Application Framework (ApplicationFramework)
The Android application framework provides APIs for developers at the application layer. It is actually an application framework. Since the upper-level application is built in JAVA, the first level provided by this level includes the various controls needed in the UI program: for example: Views (view components) include lists (list), grids (grid), textboxes ( Text box), buttons (buttons), etc., and even an embedded Web browser. An Android application can make use of the following parts in the application framework: Activity, Broadcast IntentReceiver, Service, Content Provider.


(4) Application
Android applications are mainly user interface (UserInterface), usually written in JAVA program, which can also contain various resource files (placed in the res directory). After the JAVA program and related resources are compiled, an APK package will be generated. Android itself provides many core applications such as the home screen (Home), contacts (Contact), phone (Phone), browser (Browsers) and so on. At the same time, application developers can also use the API of the application framework layer to implement their own programs.

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Multiple vulnerabilities in Intel products.
#Vulnerabilities

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑STATUS CODES:

100 Continue ("continue");
101 Switching Protocols ("switching protocols");
102 Processing ("in progress");
103 Early Hints ("early meta-information");
2xx: Success:
200 OK ("good");
201 Created;
202 Accepted;
203 Non-Authoritative Information ("information is not authoritative");
204 No Content;
205 Reset Content;
206 Partial Content;
207 Multi-Status ("multi-status");
208 Already Reported;
226 IM Used.
3xx: Redirection:
300 Multiple Choices ("many choices");
301 Moved Permanently ("moved forever");
302 Moved Temporarily ("moved temporarily");
302 Found;
303 See Other;
304 Not Modified;
305 Use Proxy;
306 - reserved (code used only in earlier specifications);
307 Temporary Redirect ("temporary redirect");
308 Permanent Redirect.
4xx: Client Error:
400 Bad Request ("bad, invalid request");
401 Unauthorized ("not authorized (not introduced)");
402 Payment Required;
403 Forbidden ("prohibited (not authorized)");
404 Not Found;
405 Method Not Allowed;
406 Not Acceptable ("unacceptable");
407 Proxy Authentication Required;
408 Request Timeout;
409 Conflict ("conflict");
410 Gone ("deleted");
411 Length Required;
412 Precondition Failed;
413 Payload Too Large;
414 URI Too Long;
415 Unsupported Media Type;
416 Range Not Satisfiable;
417 Expectation Failed;
418 I'm a teapot ("I am a teapot");
419 Authentication Timeout (not in RFC 2616);
421 Misdirected Request;
422 Unprocessable Entity ("unprocessed instance");
423 Locked;
424 Failed Dependency;
425 Too Early ("too early");
426 Upgrade Required;
428 Precondition Required;
429 Too Many Requests ("too many requests");
431 Request Header Fields Too Large;
449 Retry With ("repeat with");
451 Unavailable For Legal Reasons ("not available for legal reasons").
499 Client Closed Request (client closed the connection);
5xx: Server Error:
500 Internal Server Error;
501 Not Implemented;
502 Bad Gateway ("bad, erroneous gateway");
503 Service Unavailable;
504 Gateway Timeout;
505 HTTP Version Not Supported;
506 Variant Also Negotiates;
507 Insufficient Storage ("storage overflow");
508 Loop Detected;
509 Bandwidth Limit Exceeded;
510 Not Extended;
511 Network Authentication Required;
520 Unknown Error;
521 Web Server Is Down;
522 Connection Timed Out;
523 Origin Is Unreachable;

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Vietnam accuses foreign companies such as Netflix and Apple of evading taxes for unfair domestic companies.
#international

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑📦 ThreatHunt: PowerShell Repository for Teaching Threat Search Skills :

A) Application scenario
Let's say you've just started your threat hunting career, or you've already been hunting for threats, but your organization has implemented Endpoint Detection Response (EDR) or SIEM.

In both cases, you need a safe haven where you can issue safety warnings and start analyzing the data.

This is where ThreatHunt can come in handy, as it doesn't have any malicious files and it just simulates a lot of suspicious activity.

B) 🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :


ThreatHunt has been tested on Windows 10 1809+. However, it is likely that it will work with most versions of Windows 10.

The script is based on the Microsoft Defender ATP (Attack Protection, Antivirus and Endpoint Detection Response (EDR) package).

ThreatHunt doesn't teach you about hacking. Therefore, some scenarios require domain credentials (username, password), IP ranges, and O365 email credentials (email address and password).

> git clone https://github.com/MiladMSFT/ThreatHunt.git

run then choose option from numbers

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁