Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦MITM ATTACK:
[bettercap](https://github.com/evilsocket/bettercap)
A complete, modular, portable and easily extensible MITM framework
[CopyCat](https://github.com/compewter/CopyCat)
CopyCat is a Node.js based universal MITM web server. Used with DNS spoofing or another redirect attack, this server will act as a MITM for web traffic between the victim and a real server.
[dnschef](https://github.com/iphelix/dnschef)
DNSChef - DNS proxy for Penetration Testers and Malware Analysts
[dnsmitm](https://github.com/SySS-Research/dns-mitm)
A minimal DNS service that can provide spoofed replies
[Ettercap](https://github.com/Ettercap/ettercap)
Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks.
[FakeDns](https://github.com/Crypt0s/FakeDns)
A regular-expression based python MITM DNS server with support for DNS Rebinding attacks
[hyperfox](https://github.com/malfunkt/hyperfox)
HTTP/HTTPs MITM proxy and traffic recorder with on-the-fly TLS cert generation
[mallory](https://github.com/intrepidusgroup/mallory)
An extensible TCP/UDP man in the middle proxy that is designed to be run as a gateway
[MITMf](https://github.com/byt3bl33d3r/MITMf)
Framework for Man-In-The-Middle attacks
[mitmproxy](https://github.com/mitmproxy/mitmproxy)
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers
[node-http-mitm-proxy](https://github.com/joeferner/node-http-mitm-proxy)
HTTP Man In The Middle (MITM) Proxy written in node.js
[postgres-mitm](https://github.com/thusoy/postgres-mitm)
Test whether your Postgres connections are vulnerable to MitM attacks
[tiny-mitm-proxy](https://github.com/floyd-fuh/tiny-mitm-proxy)
Probably one of the smallest SSL MITM proxies you can make
[Seth](https://github.com/SySS-Research/Seth)
Perform a MitM attack and extract clear text credentials from RDP connections
[ssh-mitm](https://github.com/jtesta/ssh-mitm)
SSH man-in-the-middle tool
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦MITM ATTACK:
[bettercap](https://github.com/evilsocket/bettercap)
A complete, modular, portable and easily extensible MITM framework
[CopyCat](https://github.com/compewter/CopyCat)
CopyCat is a Node.js based universal MITM web server. Used with DNS spoofing or another redirect attack, this server will act as a MITM for web traffic between the victim and a real server.
[dnschef](https://github.com/iphelix/dnschef)
DNSChef - DNS proxy for Penetration Testers and Malware Analysts
[dnsmitm](https://github.com/SySS-Research/dns-mitm)
A minimal DNS service that can provide spoofed replies
[Ettercap](https://github.com/Ettercap/ettercap)
Ettercap is a comprehensive suite for man in the middle attacks. It features sniffing of live connections, content filtering on the fly and many other interesting tricks.
[FakeDns](https://github.com/Crypt0s/FakeDns)
A regular-expression based python MITM DNS server with support for DNS Rebinding attacks
[hyperfox](https://github.com/malfunkt/hyperfox)
HTTP/HTTPs MITM proxy and traffic recorder with on-the-fly TLS cert generation
[mallory](https://github.com/intrepidusgroup/mallory)
An extensible TCP/UDP man in the middle proxy that is designed to be run as a gateway
[MITMf](https://github.com/byt3bl33d3r/MITMf)
Framework for Man-In-The-Middle attacks
[mitmproxy](https://github.com/mitmproxy/mitmproxy)
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers
[node-http-mitm-proxy](https://github.com/joeferner/node-http-mitm-proxy)
HTTP Man In The Middle (MITM) Proxy written in node.js
[postgres-mitm](https://github.com/thusoy/postgres-mitm)
Test whether your Postgres connections are vulnerable to MitM attacks
[tiny-mitm-proxy](https://github.com/floyd-fuh/tiny-mitm-proxy)
Probably one of the smallest SSL MITM proxies you can make
[Seth](https://github.com/SySS-Research/Seth)
Perform a MitM attack and extract clear text credentials from RDP connections
[ssh-mitm](https://github.com/jtesta/ssh-mitm)
SSH man-in-the-middle tool
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - evilsocket/bettercap: DEPRECATED, bettercap developement moved here: https://github.com/bettercap/bettercap
DEPRECATED, bettercap developement moved here: https://github.com/bettercap/bettercap - evilsocket/bettercap
Forwarded from UNDERCODE NEWS
"Apple tax" has made concessions again, and Apple allows developers to receive free of charge until June next year
#Updates
#Updates
β β β Uππ»βΊπ«Δπ¬πβ β β β
Unlimited Tethering (TERMUX-LINUX-WINDOWS)
Updated
Bypass tethering caps or throttling on cell phone unlimited data plans. Potentially cancel your internet and route your whole home though your unlimited data plan.
βUnlimited data plan
βAbility to hotspot your phone
βComputer or Router
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Download Termux app, install openssh on it, make sure you have python2 as well and simlink the python2 command to python.
βpkg install python2
βpy2_path=$(which python2)
βpy_path=${py2_path%/*}/python
βln -s "$py2_path" "$py_path"
2) Configure authentication as explained here for SSH. If you don't already have a keypair it explains how to set up an ssh keypair and use it to authenticate to your phone from a PC. I personally used my existing SSH public key and made a folder / file ~/.ssh/authorized_keys on Termux and dropped it in there with something like curl "https://github.com/rifi2k.keys" > ~/.ssh/authorized_keys if you already have your public keys on github .
3) Hotspot your phone.
Run ifconfig inside Termux to get your current tethering local IP. It will be the only 192.x.x.x spit out and generally for andriod will be ending in 192.x.43.x. Save this.
4) Run sshd -dD inside Termux which starts an openssh server in debug mode to audit traffic. Your looking to see something like this as output from the above command.
debug1: Bind to port 8022 on ::.
Server listening on :: port 8022.
debug1: Bind to port 8022 on 0.0.0.0.
Server listening on 0.0.0.0 port 8022.
5) Now pop onto a PC and connect it to your hotspot.
Now SSH tunnel all the traffic from the device back through the openssh server your running on the Termux app. Now that you are on the same local network you can SSH tunnel into our saved IP address and port from earlier 192.x.43.x:8022 or similar.
6) You can use ssh which would look something like this.
If you want to use OpenSSH on Windows my recommendation would be Chocolatey package manager. https://gitlab.com/DarwinJS/ChocoPackages/tree/master/openssh
TERMUX_USER="u0_a249"
TERMUX_IP="192.x.43.x"
TERMUX_PORT="8022"
LOCAL_SOCKS_PORT="8123"
ssh -D $LOCAL_SOCKS_PORT -fqgN $TERMUX_USER@$TERMUX_IP -p $TERMUX_PORT
TERMUX_USER would be your username on the Termux app. TERMUX_IP would be the IP you got from ifconfig in Termux. TERMUX_PORT would be the port sshd is using in Termux. LOCAL_SOCKS_PORT would be the port you want to use for your local proxy.
7) So then once you run the above ssh command you need to configure a system wide or application specific Socks Proxy which would be proxying all traffic to 127.0.0.1 for the Socks Host and whatever LOCAL_SOCKS_PORT is from above for the Socks Port.
I use sshuttle which already handles most of the gotchas with tcp over tcp etc. and which also has a solution for Windows and linux. Also sshuttle generally handles setting up the Socks Proxy for you. A command for sshuttle might look like this.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Unlimited Tethering (TERMUX-LINUX-WINDOWS)
Updated
Bypass tethering caps or throttling on cell phone unlimited data plans. Potentially cancel your internet and route your whole home though your unlimited data plan.
βUnlimited data plan
βAbility to hotspot your phone
βComputer or Router
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Download Termux app, install openssh on it, make sure you have python2 as well and simlink the python2 command to python.
βpkg install python2
βpy2_path=$(which python2)
βpy_path=${py2_path%/*}/python
βln -s "$py2_path" "$py_path"
2) Configure authentication as explained here for SSH. If you don't already have a keypair it explains how to set up an ssh keypair and use it to authenticate to your phone from a PC. I personally used my existing SSH public key and made a folder / file ~/.ssh/authorized_keys on Termux and dropped it in there with something like curl "https://github.com/rifi2k.keys" > ~/.ssh/authorized_keys if you already have your public keys on github .
3) Hotspot your phone.
Run ifconfig inside Termux to get your current tethering local IP. It will be the only 192.x.x.x spit out and generally for andriod will be ending in 192.x.43.x. Save this.
4) Run sshd -dD inside Termux which starts an openssh server in debug mode to audit traffic. Your looking to see something like this as output from the above command.
debug1: Bind to port 8022 on ::.
Server listening on :: port 8022.
debug1: Bind to port 8022 on 0.0.0.0.
Server listening on 0.0.0.0 port 8022.
5) Now pop onto a PC and connect it to your hotspot.
Now SSH tunnel all the traffic from the device back through the openssh server your running on the Termux app. Now that you are on the same local network you can SSH tunnel into our saved IP address and port from earlier 192.x.43.x:8022 or similar.
6) You can use ssh which would look something like this.
If you want to use OpenSSH on Windows my recommendation would be Chocolatey package manager. https://gitlab.com/DarwinJS/ChocoPackages/tree/master/openssh
TERMUX_USER="u0_a249"
TERMUX_IP="192.x.43.x"
TERMUX_PORT="8022"
LOCAL_SOCKS_PORT="8123"
ssh -D $LOCAL_SOCKS_PORT -fqgN $TERMUX_USER@$TERMUX_IP -p $TERMUX_PORT
TERMUX_USER would be your username on the Termux app. TERMUX_IP would be the IP you got from ifconfig in Termux. TERMUX_PORT would be the port sshd is using in Termux. LOCAL_SOCKS_PORT would be the port you want to use for your local proxy.
7) So then once you run the above ssh command you need to configure a system wide or application specific Socks Proxy which would be proxying all traffic to 127.0.0.1 for the Socks Host and whatever LOCAL_SOCKS_PORT is from above for the Socks Port.
I use sshuttle which already handles most of the gotchas with tcp over tcp etc. and which also has a solution for Windows and linux. Also sshuttle generally handles setting up the Socks Proxy for you. A command for sshuttle might look like this.
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitLab
openssh Β· master Β· DarwinJS / ChocoPackages Β· GitLab
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦APPS & TIPS FOR VIEWS & SUBSC YOUTUBE :
https://play.google.com/store/apps/details?id=com.viewgrip.viewgripapp&hl=en&gl=US
(VIEWS)
https://play.google.com/store/apps/details?id=com.fairware.viralmyvideo&hl=en&gl=US
(VIEWS)
https://github.com/mayurkadampro/YouTube-SubBot
(BOT FOR SUBSC)
Part 1 Youtube Subscriber Python Bot - https://youtu.be/xXXryQw6CYc
Part 2 Youtube Subscriber Python Bot - https://youtu.be/M_ZauWVzWKc
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦APPS & TIPS FOR VIEWS & SUBSC YOUTUBE :
https://play.google.com/store/apps/details?id=com.viewgrip.viewgripapp&hl=en&gl=US
(VIEWS)
https://play.google.com/store/apps/details?id=com.fairware.viralmyvideo&hl=en&gl=US
(VIEWS)
https://github.com/mayurkadampro/YouTube-SubBot
(BOT FOR SUBSC)
Part 1 Youtube Subscriber Python Bot - https://youtu.be/xXXryQw6CYc
Part 2 Youtube Subscriber Python Bot - https://youtu.be/M_ZauWVzWKc
β β β Uππ»βΊπ«Δπ¬πβ β β β
Google Play
ViewGrip β Boost Views & Subs - Apps on Google Play
Boost your videos fast! Get views & subscribers now with the ViewGrip app!
Forwarded from UNDERCODE NEWS
Thousands of employees return to Beeline: The operator refused to outsource communication networks.
#international
#international
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Pentest with java..
Leshan provides libraries which help people to develop their own Lightweight M2M server and client.
The project also provides a client, a server and a bootstrap server demonstration as an example of the Leshan API and for testing purpose.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Get and run the last binary of our demo server :
wget https://ci.eclipse.org/leshan/job/leshan/lastSuccessfulBuild/artifact/leshan-server-demo.jar
java -jar ./leshan-server-demo.jar
2) Get and run the last binary of our demo client :
wget https://ci.eclipse.org/leshan/job/leshan/lastSuccessfulBuild/artifact/leshan-client-demo.jar
java -jar ./leshan-client-demo.jar
3) Get and run the last binary of our bootstrap demo server :
wget https://ci.eclipse.org/leshan/job/leshan/lastSuccessfulBuild/artifact/leshan-bsserver-demo.jar
java -jar ./leshan-bsserver-demo.jar
βΉοΈ : All the demos have a --help option.
π¦Compile Leshan & Run Demos
4) Get sources :
#using ssh
git clone git@github.com:eclipse/leshan.git
or
#using https
5) git clone https://github.com/eclipse/leshan.git
Compile it, by running in leshan root folder :
6) mvn clean install
7) Run demo server:
java -jar leshan-server-demo/target/leshan-server-demo-*-SNAPSHOT-jar-with-dependencies.jar
8) Connect on Leshan demo UI: http://localhost:8080
Leshan server Demo provides a very simple UI to get the list of connected clients and interact with clients resources.
9) Now you can register a LWM2M client by running our client demo:
java -jar leshan-client-demo/target/leshan-client-demo-*-SNAPSHOT-jar-with-dependencies.jar
or trying the Eclipse Wakaama test client.
10) You can also try our bootstrap demo server:
java -jar leshan-bsserver-demo/target/leshan-bsserver-demo-*-SNAPSHOT-jar-with-dependencies.jar
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Pentest with java..
Leshan provides libraries which help people to develop their own Lightweight M2M server and client.
The project also provides a client, a server and a bootstrap server demonstration as an example of the Leshan API and for testing purpose.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Get and run the last binary of our demo server :
wget https://ci.eclipse.org/leshan/job/leshan/lastSuccessfulBuild/artifact/leshan-server-demo.jar
java -jar ./leshan-server-demo.jar
2) Get and run the last binary of our demo client :
wget https://ci.eclipse.org/leshan/job/leshan/lastSuccessfulBuild/artifact/leshan-client-demo.jar
java -jar ./leshan-client-demo.jar
3) Get and run the last binary of our bootstrap demo server :
wget https://ci.eclipse.org/leshan/job/leshan/lastSuccessfulBuild/artifact/leshan-bsserver-demo.jar
java -jar ./leshan-bsserver-demo.jar
βΉοΈ : All the demos have a --help option.
π¦Compile Leshan & Run Demos
4) Get sources :
#using ssh
git clone git@github.com:eclipse/leshan.git
or
#using https
5) git clone https://github.com/eclipse/leshan.git
Compile it, by running in leshan root folder :
6) mvn clean install
7) Run demo server:
java -jar leshan-server-demo/target/leshan-server-demo-*-SNAPSHOT-jar-with-dependencies.jar
8) Connect on Leshan demo UI: http://localhost:8080
Leshan server Demo provides a very simple UI to get the list of connected clients and interact with clients resources.
9) Now you can register a LWM2M client by running our client demo:
java -jar leshan-client-demo/target/leshan-client-demo-*-SNAPSHOT-jar-with-dependencies.jar
or trying the Eclipse Wakaama test client.
10) You can also try our bootstrap demo server:
java -jar leshan-bsserver-demo/target/leshan-bsserver-demo-*-SNAPSHOT-jar-with-dependencies.jar
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST WIFI ANALYSING APPS FOR WINDOWS:
https://www.metageek.com/products/inssider/index-2.html
https://www.microsoft.com/en-us/store/p/wifi-analyzer/9nblggh33n0n
https://www.vistumbler.net/
https://www.wireshark.org/
https://www.microsoft.com/en-us/p/wifi-analyzer-tool/9nblggh1nj0s?activetab=pivot%3aoverviewtab
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST WIFI ANALYSING APPS FOR WINDOWS:
https://www.metageek.com/products/inssider/index-2.html
https://www.microsoft.com/en-us/store/p/wifi-analyzer/9nblggh33n0n
https://www.vistumbler.net/
https://www.wireshark.org/
https://www.microsoft.com/en-us/p/wifi-analyzer-tool/9nblggh1nj0s?activetab=pivot%3aoverviewtab
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Xiaomi has released a super-cheap smartphone with a record battery and declared its independence.
#Technologies
#Technologies
Forwarded from UNDERCODE NEWS
A new potential leak of the magic cookie in SUSE Linux Enterprise discovered today, leaving millions of Europ servers vulnerable against attackers
#Vulnerabilities
#Vulnerabilities
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦.onion links:
(ue tor server for opening those links)
DarkZone http://darkzonebry27nxa.onion/ online
Money Market http://moneyd6327quniuo.onion online
Dark Web Hackers Zone http://darkzonebry27nxa.onion/ online
Trusted Market http://trustedb3yde3prf.onion online
GUROchan http://gurochanocizhuhg.onion/ offline
Aktif Haber http://6a3nny6zpg23dj7g.onion/ offline
zmovie β Watch Movies online for free on zmovie.tv http://
zmovietoropzaid3.onion/ online
IW4x http://iw4xcachep26muba.onion/ online
Rent-A-Hacker β Hire a hacker for every job you can imagine,
from DDOS to completely ruining people or destroy reputation of a company or individual http://2ogmrlfzdthnwkez.onion/ online
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦.onion links:
(ue tor server for opening those links)
DarkZone http://darkzonebry27nxa.onion/ online
Money Market http://moneyd6327quniuo.onion online
Dark Web Hackers Zone http://darkzonebry27nxa.onion/ online
Trusted Market http://trustedb3yde3prf.onion online
GUROchan http://gurochanocizhuhg.onion/ offline
Aktif Haber http://6a3nny6zpg23dj7g.onion/ offline
zmovie β Watch Movies online for free on zmovie.tv http://
zmovietoropzaid3.onion/ online
IW4x http://iw4xcachep26muba.onion/ online
Rent-A-Hacker β Hire a hacker for every job you can imagine,
from DDOS to completely ruining people or destroy reputation of a company or individual http://2ogmrlfzdthnwkez.onion/ online
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Beware of malicious code infection and phishing impersonation by the National Tax Service after opening'e-tax invoice'
#Malwares
#Malwares
