Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
28 hours of battery life IPX7 waterproof quality revealed to Samsung Galaxy Buds Pro specs.
#Technologies
#Technologies
Forwarded from UNDERCODE NEWS
To contend directly with Google and Microsoft, Zoom will launch email services and calendar applications.
#Updates
#Updates
β β β Uππ»βΊπ«Δπ¬πβ β β β
dos_ssh Hacking Guide :
Use BIOS ram hacks to make a SSH server out of any INT 10 13h app (MS-DOS is one of those)
1) Get a DOS compatible floppy disk image (e.g. from here: http://www.allbootdisks.com/download/dos.html)
2) Install golang and qemu, e.g. sudo apt-get install qemu golang
3) Compile dos_ssh: go get;
4) go build
5) Start qemu with this image: qemu-system-i386 -fda Dos6.22.img
6) -boot a -vnc :0 -s
7) Run dos_ssh: ./dos_ssh
8) Connect to ssh server: ssh localhost -p 2222
β β β Uππ»βΊπ«Δπ¬πβ β β β
dos_ssh Hacking Guide :
Use BIOS ram hacks to make a SSH server out of any INT 10 13h app (MS-DOS is one of those)
1) Get a DOS compatible floppy disk image (e.g. from here: http://www.allbootdisks.com/download/dos.html)
2) Install golang and qemu, e.g. sudo apt-get install qemu golang
3) Compile dos_ssh: go get;
4) go build
5) Start qemu with this image: qemu-system-i386 -fda Dos6.22.img
6) -boot a -vnc :0 -s
7) Run dos_ssh: ./dos_ssh
8) Connect to ssh server: ssh localhost -p 2222
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
The head of Voentelecom is charged with fraud and extortion. This is the third consecutive director under a criminal case.
#International
#International
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
COding courses/empire :
- >>Code Intelligence(https://www.code-intelligence.com) :copyright: - CI/CD-agnostic DevSecOps platform which combines industry-leading fuzzing engines for finding bugs and visualizing code coverage
- >>Codeac(https://www.codeac.io/?ref=awesome-static-analysis) :copyright: - Automated code review tool integrates with GitHub, Bitbucket and GitLab (even self-hosted). Available for JavaScript, TypeScript, Python, Ruby, Go, PHP, Java, Docker, and more. (open-source free)
- >>codeburner(http://groupon.github.io/codeburner) - Provides a unified interface to sort and act on the issues it finds.
- >>codechecker(https://codechecker.readthedocs.io/en/latest) - A defect database and viewer extension for the Clang Static Analyzer with web GUI.
- >>CodeFactor(https://codefactor.io) :copyright: - Automated Code Analysis for repos on GitHub or BitBucket.
- >>CodeFlow(https://www.getcodeflow.com) :copyright: - Automated code analysis tool to deal with technical depth. Integrates with Bitbucket and Gitlab. (free for Open Source Projects)
- >>CodeIt.Right(https://submain.com/products/codeit.right.aspx) :copyright: - CodeIt.Right™ provides a fast, automated way to ensure that your source code adheres to (your) predefined design and style guidelines as well as best coding practices.
- >>CodePatrol(https://cyber-security.claranet.fr/en/codepatrol) :copyright: - Automated SAST code reviews driven by security, supports 15+ languages and includes security training.
- >>codeql(https://github.com/github/codeql) - Deep code analysis
- semantic queries and dataflow for several languages with VSCode plugin support.
- >>CodeRush(https://www.devexpress.com/products/coderush) :copyright: - Code creation, debugging, navigation, refactoring, analysis and visualization tools that use the Roslyn engine in Visual Studio 2015 and up.
- >>CodeScan(https://www.codescan.io/) :copyright: - Code Quality and Security for Salesforce Developers. Made exclusively for the Salesforce platform, CodeScanβs code analysis solutions provide you with total visibility into your code health.
β β β Uππ»βΊπ«Δπ¬πβ β β β
COding courses/empire :
- >>Code Intelligence(https://www.code-intelligence.com) :copyright: - CI/CD-agnostic DevSecOps platform which combines industry-leading fuzzing engines for finding bugs and visualizing code coverage
- >>Codeac(https://www.codeac.io/?ref=awesome-static-analysis) :copyright: - Automated code review tool integrates with GitHub, Bitbucket and GitLab (even self-hosted). Available for JavaScript, TypeScript, Python, Ruby, Go, PHP, Java, Docker, and more. (open-source free)
- >>codeburner(http://groupon.github.io/codeburner) - Provides a unified interface to sort and act on the issues it finds.
- >>codechecker(https://codechecker.readthedocs.io/en/latest) - A defect database and viewer extension for the Clang Static Analyzer with web GUI.
- >>CodeFactor(https://codefactor.io) :copyright: - Automated Code Analysis for repos on GitHub or BitBucket.
- >>CodeFlow(https://www.getcodeflow.com) :copyright: - Automated code analysis tool to deal with technical depth. Integrates with Bitbucket and Gitlab. (free for Open Source Projects)
- >>CodeIt.Right(https://submain.com/products/codeit.right.aspx) :copyright: - CodeIt.Right™ provides a fast, automated way to ensure that your source code adheres to (your) predefined design and style guidelines as well as best coding practices.
- >>CodePatrol(https://cyber-security.claranet.fr/en/codepatrol) :copyright: - Automated SAST code reviews driven by security, supports 15+ languages and includes security training.
- >>codeql(https://github.com/github/codeql) - Deep code analysis
- semantic queries and dataflow for several languages with VSCode plugin support.
- >>CodeRush(https://www.devexpress.com/products/coderush) :copyright: - Code creation, debugging, navigation, refactoring, analysis and visualization tools that use the Roslyn engine in Visual Studio 2015 and up.
- >>CodeScan(https://www.codescan.io/) :copyright: - Code Quality and Security for Salesforce Developers. Made exclusively for the Salesforce platform, CodeScanβs code analysis solutions provide you with total visibility into your code health.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Code-Intelligence
AI-Automated Software Security Testing | Code Intelligence
Find bugs and vulnerabilities missed by other security tools with a single command
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Web browser "Smooz" ends service, burns due to suspicion of external transmission of browsing information.
#Updates
#Updates
β β β Uππ»βΊπ«Δπ¬πβ β β β
Identify IoT devices/Discovery phase GUIDE
1) Use WebRTC to obtain a local IP address.
Send requests to all IP addresses in the IP range through port 81. Since port 81 is usually not occupied, the active device will immediately respond to a TCP RST packet. For inactive devices in the IP range, the request packet will time out.
2) Each active IP address received the initial request collected using HTML5 for 35 GET endpoints. Based on the returned error message information, the attack script will identify whether the IP address matches any of the seven devices.
3) The research project uses three different operating systems (Windows 10, MacOS and Ubuntu) and four different browsers (Chrome, Firefox, Safari, MicrosoftEdge). However, only two browsers, Chrome and Firefox, are suitable for this study. Therefore, Safari and Edge browsers are not used, because according to (Web-based attacks on the discovery and control of local IoT devices):
> On Safari, all FETCH requests timed out, causing the attack script to identify all IP addresses as inactive. On the Edge browser, the script can use the FETCH request to correctly identify the active IP address, but Edge did not disclose the detailed HTML5 error message, so the attack script could not identify any devices on Edge.
Identify IoT devices/Discovery phase GUIDE
1) Use WebRTC to obtain a local IP address.
Send requests to all IP addresses in the IP range through port 81. Since port 81 is usually not occupied, the active device will immediately respond to a TCP RST packet. For inactive devices in the IP range, the request packet will time out.
2) Each active IP address received the initial request collected using HTML5 for 35 GET endpoints. Based on the returned error message information, the attack script will identify whether the IP address matches any of the seven devices.
3) The research project uses three different operating systems (Windows 10, MacOS and Ubuntu) and four different browsers (Chrome, Firefox, Safari, MicrosoftEdge). However, only two browsers, Chrome and Firefox, are suitable for this study. Therefore, Safari and Edge browsers are not used, because according to (Web-based attacks on the discovery and control of local IoT devices):
> On Safari, all FETCH requests timed out, causing the attack script to identify all IP addresses as inactive. On the Edge browser, the script can use the FETCH request to correctly identify the active IP address, but Edge did not disclose the detailed HTML5 error message, so the attack script could not identify any devices on Edge.
(don't clone our tips:()β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
A free collection of unofficial api libraries. Designed to inspire your next Friday night hack. Use at your own discretion.
If you're interested in being notified of newly added unofficial APIs and other featured projects sign here
https://forms.gle/e8nCivpTBNftNtgGA
Download:
https://github.com/Rolstenhouse/unofficial-apis
A free collection of unofficial api libraries. Designed to inspire your next Friday night hack. Use at your own discretion.
If you're interested in being notified of newly added unofficial APIs and other featured projects sign here
https://forms.gle/e8nCivpTBNftNtgGA
Download:
https://github.com/Rolstenhouse/unofficial-apis
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
AMD confirms a new generation of Ryzen Thread Ripper processor Zen3 architecture: see you next year.
#Technologies
#Technologies
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Saved your files on linuxβ>Backup and restore package selections with apt/dpkg :
Backup package list:
A) # dpkg --get-selections > pkg.list
Restore:
# dpkg --set-selections < pkg.list
# apt-get -u dselect-upgrade # this will pull and install all missing packages
see dpkg(1)
B) Sources.list
# To add an CD-ROM, use apt-cdrom
deb file:///debian jessie main contrib non-free
deb http://ftp.cn.debian.org/debian jessie main contrib non-free
deb http://ftp.cn.debian.org/debian jessie-backports main contrib non-free
deb http://ftp.cn.debian.org/debian jessie-proposed-updates main contrib non-free
deb http://ftp.cn.debian.org/debian-security jessie/updates main contrib
deb http://ftp.cn.debian.org/debian unstable main contrib non-free
deb http://ftp.cn.debian.org/debian experimental main contrib non-free
deb-src http://ftp.cn.debian.org/debian jessie main contrib non-free
deb-src http://ftp.cn.debian.org/debian unstable main contrib non-free
deb http://ftp.cn.debian.org/debian jessie main contrib non-free
deb-src http://ftp.cn.debian.org/debian jessie main
APT preferences
see apt_preferences (5)
C) List and Search package contents
$ dpkg -S pkg # to search installed package content
$ dpkg -L pkg # to list installed package content
$ apt-file sesarch file # search file among both installed and uninstalled packages
Package dependency
$ apt-cache depends pkg
$ apt-cache rdepends pkg
D) # aptitude can resolve some tough dependency situation
$ aptitude install pkg-with-dependency-trouble
Purge packages that are not completely removed
$ dpkg -l | grep ^rc | awk '{print $2}' | sudo xargs dpkg --purge
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Saved your files on linuxβ>Backup and restore package selections with apt/dpkg :
Backup package list:
A) # dpkg --get-selections > pkg.list
Restore:
# dpkg --set-selections < pkg.list
# apt-get -u dselect-upgrade # this will pull and install all missing packages
see dpkg(1)
B) Sources.list
# To add an CD-ROM, use apt-cdrom
deb file:///debian jessie main contrib non-free
deb http://ftp.cn.debian.org/debian jessie main contrib non-free
deb http://ftp.cn.debian.org/debian jessie-backports main contrib non-free
deb http://ftp.cn.debian.org/debian jessie-proposed-updates main contrib non-free
deb http://ftp.cn.debian.org/debian-security jessie/updates main contrib
deb http://ftp.cn.debian.org/debian unstable main contrib non-free
deb http://ftp.cn.debian.org/debian experimental main contrib non-free
deb-src http://ftp.cn.debian.org/debian jessie main contrib non-free
deb-src http://ftp.cn.debian.org/debian unstable main contrib non-free
deb http://ftp.cn.debian.org/debian jessie main contrib non-free
deb-src http://ftp.cn.debian.org/debian jessie main
APT preferences
see apt_preferences (5)
C) List and Search package contents
$ dpkg -S pkg # to search installed package content
$ dpkg -L pkg # to list installed package content
$ apt-file sesarch file # search file among both installed and uninstalled packages
Package dependency
$ apt-cache depends pkg
$ apt-cache rdepends pkg
D) # aptitude can resolve some tough dependency situation
$ aptitude install pkg-with-dependency-trouble
Purge packages that are not completely removed
$ dpkg -l | grep ^rc | awk '{print $2}' | sudo xargs dpkg --purge
β β β Uππ»βΊπ«Δπ¬πβ β β β