- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

🦑let s explain: HTTPS/SSL/TLS ATTacks:
(instagram.com/UnderCodeTestingCompany)

🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

🦑The Secure Sockets Layer (SSL) and the Transport Layer Security (TLS) cryptographic protocols have had their share of flaws like every other technology.

> The following are major vulnerabilities in TLS/SSL protocols. They all affect older versions of the protocol (TLSv1.2 and older). At the time of publication, only one major vulnerability was found that affects TLS 1.3.

> However, like many other attacks also based on a forced this vulnerability is also based on a forced downgrade attack.

Written by @̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

ALL SHARED FREE HERE / PARTICAL + THEORIE + EXERCICES

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑POODLE The Famous Dangerous Attack what is and how it works:
(instagram.com/UnderCodeTestingCompany)

>The Padding Oracle On Downgraded Legacy Encryption (POODLE) attack was published in October 2014 and takes advantage of two factors.

> The first factor is the fact that some servers/clients still support SSL 3.0 for interoperability and compatibility with legacy systems.

>The second factor is a vulnerability that exists in SSL 3.0, which is related to block padding. The POODLE vulnerability is registered in the NIST NVD database as CVE-2014-3566.

> The client initiates the handshake and sends a list of supported SSL/TLS versions. An attacker intercepts the traffic, performing a man-in-the-middle (MITM) attack, and impersonates the server until the client agrees to downgrade the connection to SSL 3.0.

🦑The SSL 3.0 vulnerability is in the Cipher Block Chaining (CBC) mode.

>Block ciphers require blocks of fixed length. If data in the last block is not a multiple of the block size, extra space is filled by padding.

> The server ignores the content of padding. It only checks if padding length is correct and verifies the Message Authentication Code (MAC) of the plaintext.

>That means that the server cannot verify if anyone modified the padding content.

> An attacker can decipher an encrypted block by modifying padding bytes and watching the server response. It takes a maximum of 256 SSL 3.0 requests to decrypt a single byte.

>This means that once every 256 requests, the server will accept the modified value. The attacker does not need to know the encryption method or key. Using automated tools, an attacker can retrieve the plaintext character by character. This could easily be a password, a cookie, a session, or other sensitive data.
Prevention

> Completely disable SSL 3.0 on the server (highly recommended unless you must support Internet Explorer 6.0).

> Upgrade the browser (client) to the latest version. If you must use an older version, disable SSLv2 and SSLv3. Most current browsers/servers use TLS_FALLBACK_SCSV. If a client requests a TLS protocol version that is lower than the highest supported by the server (and client), the server will treat it as an intentional downgrade and drop the connection.

> Some TLS 1.0/1.1 implementations are also vulnerable to POODLE because they accept an incorrect padding structure after decryption.

🦑BEAST

> The Browser Exploit Against SSL/TLS (BEAST) attack was disclosed in September 2011. It applies to SSL 3.0 and TLS 1.0 so it affects browsers that support TLS 1.0 or earlier protocols.

> An attacker can decrypt data exchanged between two parties by taking advantage of a vulnerability in the implementation of the Cipher Block Chaining (CBC) mode in TLS 1.0. The BEAST vulnerability is registered in the NIST NVD database as CVE-2011-3389.

> This is a client-side attack that uses the man-in-the-middle technique. The attacker uses MITM to inject packets into the TLS stream. This allows them to guess the Initialization Vector (IV) used with the injected message and then simply compare the results to the ones of the block that they want to decrypt.

>For the BEAST attack to succeed, an attacker must have some control of the victim’s browser. Therefore, the attacker may choose easier attack vectors instead of this one.

@ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑This is a quick script installation for resilient redirector using nginx reverse proxy and letsencrypt compatible with some popular Post-Ex Tools (Cobalt Strike, Empire, Metasploit, PoshC2).
(t.me/UndercOdeTestingOfficial)

🦑INSTALLISATION & RUN:

> git clone https://github.com/infosecn1nja/ycsm

> cd ycsm

> chmod +x ycsm-setup.sh

1) Setup Nginx Redirector

2) Check Status

3) Blocking Shodan

4) Configure Fail2Ban

5) Quit

> YCSM - Select an Option...

🦑FEATURES:

1) Evade Vendor Sandboxes.

2) Block Shodan Access.

3) Block Vulnerability Scanners & Bots.

4) Auto SSL setup for HTTPS using letsencrypt certbot.

5) Adds original source ip to user-agent header for easy tracking.

6) Auto-Renew for Let's Encrypt SSL Certificates.

7) Nginx Hardening Servers with Fail2Ban.

8) Block Accessing Redirector From Mobile.

9) JQuery profiling users inspired by APT29 useful to sniff tier 1 SOC (https://github.com/samsayen/JQueryingU)

@UnderCodeOfficial

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

--------𝖀𝖓D𝖊𝖗𝕮𝖔D𝖊------

🦑FREE CCAM SERVERS By UndercOde:
(T.me/UnderCodeRepoUpdates)

🦑CCAM LONG LINES ( All scrambel channel)

> HOST s7.cccambird.com

>Port
14400

>User
89833551

> Pass
cccambird

>
Expire On : 21-11-2019 at 00:00 GMT

@ Steave
--------𝖀𝖓D𝖊𝖗𝕮𝖔D𝖊---——

-------𝖀𝖓D𝖊𝖗𝕮𝖔D𝖊-----

🦑(ITWSV- Integrated Tool for Web Security Vulnerability: 2019
ITWSV is automated penetration testing tool which performs information gathering, auditing and reporting.
(T.me/UnderCodetestingOfficial)

🦑Installisation:

1) git clone https://github.com/penetrate2hack/ITWSV.git

2) cd ITWSV

3)chmod +x start.sh

4) chmod +x update.sh (only if required)

5) ./start.sh

6) CHOOSE options via numbers

🦑TESTED ON:

>kali

>debian


@ steave(tm)
--------𝖀𝖓D𝖊𝖗𝕮𝖔D𝖊----

https://m.youtube.com/watch?v=WnN6dbos5u8

15 HOURS FULL 🦑🦑🦑

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - - -

🦑EXPLAINING VISUAL HACKING:
(instagram.com/UnderCodeTestingCompany)

> Your confidential information could be visually hacked from a PC or other electronic device, or it could be hacked from information contained on a paper document left in a print tray, on your desk, or even at your local coffee shop.

>But visual hacking involving sensitive information and criminal intent is not just a transgression or simple annoyance – the stealing of personal information can quickly become a very serious and costly problem.

🦑HOW DANGEROUS IS VISUAL HACKING?

>very dangerous! It takes only one piece of information to leave a company exposed to a data breach, and this can cost companies millions of dollars in legal expenses, regulatory fines, and more importantly, lost business.

🦑ARE YOU VULNERABLE?

>The short answer to this question is – yes you are! If you handle or access sensitive information, you are vulnerable to visual hacking.

>According to researchers, visual hacking has become a pervasive problem that occurs at all levels of an organization and in all industry sectors, and it doesn’t matter whether you’re an intern or a C suite executive.

🦑PROTECTING YOUR SENSITIVE INFORMATION
The following advice will help protect your personal and confidential information

Step 1:
Assess your situation prior to accessing sensitive information, just to see if you’re in a vulnerable situation. Consider relocating to a more private space if you’re currently in a crowded area, like an airplane or coffee shop; or alternatively, work on something else until you become less exposed.

Step 2:
Develop a visual privacy strategy. Talk to senior management with a view to prevention training and implementing organization-wide awareness of visual hacking.

Step 3:
Determine whether visitors, employees, and/or contractors have easy access to sensitive information in both workspaces and off-site locations. If there is a vulnerability, consider setting up internal firewalls or block off office sections from non-department members and visitors.

Step 4:
Invest in products proven to protect your personal and confidential information. A privacy filter screen can protect your private data. You can buy filter for monitors, laptops, and Macbooks. Our privacy filters are affordable and of great quality.

Written by @̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

- - - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑TUTORIAL FOR ADVANCED HACKERS

Code for the CVPR 2019 article "Decoupling Direction and Norm for Efficient Gradient-Based L2 Adversarial Attacks and Defenses"
(instagram.com/UnderCodeTestingCompany)

🦑WHAT IS THIS ATTACK?

>Code for the article "Decoupling Direction and Norm for Efficient Gradient-Based L2 Adversarial Attacks and Defenses" (https://arxiv.org/abs/1811.09600), to be presented at CVPR 2019 (Oral presentation)

I> mplementation is done in PyTorch 0.4.1 and runs with Python 3.6+. The code of the attack is also provided on TensorFlow. This repository also contains an implementation of the C&W L2 attack in PyTorch (ported from Carlini's TF version)


🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:


🦑INSTALLISATION:

> This package can be installed via pip as follows:


1) pip install git+https://github.com/jeromerony/fast_adversarial

or git clone https://github.com/jeromerony/fast_adversarial

🦑HOW USE:

2) Using DDN to attack a model

from fast_adv.attacks import DDN

attacker = DDN(steps=100, device=device)

3)Now Setup:

> adv = attacker.attack(model, x, labels=y, targeted=False)

🦑NOTE:

Where model is a pytorch nn.Module that takes inputs x and outputs the pre-softmax activations (logits), x is a batch of images (N x C x H x W) and labels are either the true labels (for targeted=False) or the target labels (for targeted=True). Note: x is expected to be on the [0, 1] range: you can use fast_adv.utils.NormalizedModel to wrap any normalization, such as mean subtraction.


🦑COMMANDS:

>The following commands were used to adversarially train the models:

MNIST:

1) python -m fast_adv.defenses.mnist --lr=0.01 --lrs=30 --adv=0 --max-norm=2.4 --sn=mnist_adv_2.4
CIFAR-10 (adversarial training starts at epoch 200):

2) python -m fast_adv.defenses.cifar10 -e=230 --adv=200 --max-norm=1 --sn=cifar10_wrn28-10_adv_1

Written by @̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

T.me/UnderCodeTestingOfficial

#SUPPORt & SHARE

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑Easy tips to protect your PC from hackers and malware undercOde: 2019
new ios jailbreak channel(t.me/UnderCodeRepoUpdates)

🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) Install, update and use anti-virus software

> Once installed, it’s vital to regularly update your anti-malware software’s database and run system scans at least once a month.

2) Keep Windows up to date:

>Hackers often discover new ways to bypass Windows’ built-in security features, which is why Microsoft issues small operating system updates every Tuesday and larger updates once or twice a year. These will be downloaded and installed automatically by Windows Update, but only if this feature is properly configured.

>Windows Update cannot be switched off by default in Windows 10, you should be receving updates already. However, if you'd like to check for a new update, search Windows Update from the Start Menu and click Check for updates.

3) Turn on the Windows firewall

>Windows has a built-in ‘firewall’ that protects your PC from unwanted attention via the internet. This software firewall is enabled by default and works alongside any hardware firewall that’s built into your home broadband router. Check its settings by typing “check firewall” in the Start menu search box and choosing Check firewall status from the results.

>Three green tick marks mean the firewall is working normally - if not, select each one to turn the firewall on.

4) Use the latest version of your web browser:

>Web browsers are vital applications, but just like other software, they can contain bugs. Hackers are quick to capitalise on these and create bogus (or infect genuine) web sites with data designed to exploit them. Once a web browser has been compromised in this way, a hacker can monitor everything you type, including passwords to credit card numbers. That’s why it’s vital to use the latest version of your web browser - anything other than this may be a security risk.

>Internet Explorer is on its way out to make way for Microsoft Edge, so don't expect to use that forever. Edge, like Google Chrome and Firefox browsers, should automatically update themselves.

5) Don’t fall for phishing emails:

>Emails that appear to be from a recognisable online service asking you to log into a site to confirm some personal details are always fake.

>These emails are usually caught by your email application’s spam filter, but if one does slip through and you click its link, your web browser should detect and block the site it takes you to.

>This does depend on your web browser being aware of the fraudulent site, though, which is another good reason to always use the most recent version.

6) Use the Windows Malicious Software Removal Tool
If you suspect your PC has succumbed to malware and your anti-malware software doesn’t detect it, there are two steps to take.

>The first is to download and run the Microsoft Malicious Software Removal Tool from the Windows Download Centre. This will detect and remove specific types of malware and is very simple to use, although it isn’t a replacement for a full anti-malware application.

7) till infected? Use a boot CD

🦑>Some malware can hide within Windows and make itself difficult to detect and remove. If your own anti-malware software and the Windows Malicious Software Removal Tool fail to shift it, you’ll need to download and burn a free anti-malware boot CD – refer to your computer’s manuals for instructions on how to boot from a CD as the process varies from manufacturer to manufacturer.

>Kaspersky Rescue Disk 10 is a good one, but never download it on an infected PC -ask a friend to do it, if necessary. This will then scan your PC for malware without the need for Windows, which makes removal that much easier.

@̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑Wi-Fi tools keep getting more and more accessible to beginners, and the Ehtools Framework is a framework of serious penetration tools that can be explored easily from within it. This powerful and simple tool can be used for everything from installing new add-ons to grabbing a WPA handshake in a matter of seconds. Plus, it's easy to install, set …
(instagram.com/UnderCodeTestingCompany)

🦑INSTALLISATION & RUN:

1) git clone https://github.com/entynetproject/ehtools

2) cd ehtools

3) chmod +x install.sh

4) ./install.sh

5) INFO: After executing install.sh it will be ask you
to select version of Ehtools Framework - PRO os LITE.
Select LITE if you did not buy Ehtools Framework PRO.
If you bought Ehtools Framework PRO, select PRO.

6) Now start:

> ./install.sh

What version of Ehtools Framework do you want to install?(pro/lite):
If you did not buy Ehtools Framework PRO, select lite!
If you bought Ehtools Framework PRO, select pro!
(version)>

🦑Run it to open quick access menu:

> ehtools -o

Run it to uninstall ehtools:

> ehtools -u

Run it to open handshake manu:

> ehtools -h

Run it to open Find WPS menu:

> ehtools -w


@̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑
Hacking systems with the automation of PasteJacking attacks Kali/anyLinux os:
(instagram.com/UnderCodeTestingCompany)


🦑INSTALLISATION & RUN:

>For Linux :

1) git clone https://github.com/D4Vinci/PasteJacker.git

2) sudo python3 -m pip install ./PasteJacker

3) sudo pastejacker

🦑Updating the framework or the database

> On Linux while you are outside the directory

1) cd PasteJacker && git pull && cd ..

2) sudo python3 -m pip install ./PasteJacker --upgrade

🦑Installing and requirements

> Python 3 and setuptools module.

> Linux or Unix-based system (Currently tested only on Kali Linux rolling and Ubuntu 16.04).

> Third-party requirements like msfvenom but only if you are gonna use the msfvenom option, of course.

> Third-party library ncurses-dev for Ubuntu
Root access.

🦑A simple scenario to make things clear:

1) The target opens an HTML page served by the tool and this page has anything that makes the user wants to copy from it and paste into the terminal. Ex: package installation instructions

2) Target copies anything from the page then in the background it gets replaced quickly with our liner.

3) The user pastes into the terminal and before he notices that the line he copied has been changed :

4) The line gets executed by itself in the background (Without pressing enter)

>The terminal gets cleared.

> The user sees the terminal is usable again.

> You already got your meterpreter session by this time.

5) All of that happened in less than second and maybe the user thinks this is a bad program and he won't install it

@̶͝ ̯̯ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -