Forwarded from Exploiting Crew (Pr1vAt3)
🦑Network Diagnostics and Troubleshooting:
PingPlotter - https://www.pingplotter.com/
MTR (My Traceroute) - https://github.com/traviscross/mtr
Angry IP Scanner - https://angryip.org/
PingPlotter - https://www.pingplotter.com/
MTR (My Traceroute) - https://github.com/traviscross/mtr
Angry IP Scanner - https://angryip.org/
GitHub
GitHub - traviscross/mtr: Official repository for mtr, a network diagnostic tool
Official repository for mtr, a network diagnostic tool - traviscross/mtr
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
🔋 #Adobe and Box Partner to Supercharge Content Creation
https://undercodenews.com/adobe-and-box-partner-to-supercharge-content-creation/
@Undercode_News
https://undercodenews.com/adobe-and-box-partner-to-supercharge-content-creation/
@Undercode_News
UNDERCODE NEWS
Adobe and Box Partner to Supercharge Content Creation - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
⚡️ MacWeb's New M4 Mac Minis: A Powerful Boost for Developers
https://undercodenews.com/macwebs-new-m4-mac-minis-a-powerful-boost-for-developers/
@Undercode_News
https://undercodenews.com/macwebs-new-m4-mac-minis-a-powerful-boost-for-developers/
@Undercode_News
UNDERCODE NEWS
MacWeb's New M4 Mac Minis: A Powerful Boost for Developers - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
🌐 #Amazon Revolutionizes Car Buying with Transparent Online Experience: #Amazon Autos Launches Nationwide!
https://undercodenews.com/amazon-revolutionizes-car-buying-with-transparent-online-experience-amazon-autos-launches-nationwide/
@Undercode_News
https://undercodenews.com/amazon-revolutionizes-car-buying-with-transparent-online-experience-amazon-autos-launches-nationwide/
@Undercode_News
UNDERCODE NEWS
Amazon Revolutionizes Car Buying with Transparent Online Experience: Amazon Autos Launches Nationwide! - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
🛡️ How Art Appreciation Can Enhance Cybersecurity Skills
https://undercodenews.com/how-art-appreciation-can-enhance-cybersecurity-skills/
@Undercode_News
https://undercodenews.com/how-art-appreciation-can-enhance-cybersecurity-skills/
@Undercode_News
UNDERCODE NEWS
How Art Appreciation Can Enhance Cybersecurity Skills - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from Exploiting Crew (Pr1vAt3)
This is a beautiful malicous BadUSB implant photo. One of the best parts of #RedTeaming is going into an office and secretly swapping out USB cables on folks desks.
⬇️ 💻 Thanks to Lumafield’s Neptune industrial x-ray CT scanner, we can see the O.MG USB-C Cable isn’t just a regular USB cable. At its core, the O.MG Cable uses an ultra compact ESP32 Pico allow for keystroke injection attacks, remote control via wifi, hardware keylogging, ID/PID spoofing as well as remote command and control.
These are not really that new, and have existed in various forms and lesser capabilities at higher prices for almost ten years now.
Source: Linkedin
⬇️ 💻 Thanks to Lumafield’s Neptune industrial x-ray CT scanner, we can see the O.MG USB-C Cable isn’t just a regular USB cable. At its core, the O.MG Cable uses an ultra compact ESP32 Pico allow for keystroke injection attacks, remote control via wifi, hardware keylogging, ID/PID spoofing as well as remote command and control.
These are not really that new, and have existed in various forms and lesser capabilities at higher prices for almost ten years now.
Source: Linkedin
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
⚡️ #Apple Expands Radio Offerings with New Live Stations
https://undercodenews.com/apple-expands-radio-offerings-with-new-live-stations/
@Undercode_News
https://undercodenews.com/apple-expands-radio-offerings-with-new-live-stations/
@Undercode_News
UNDERCODE NEWS
Apple Expands Radio Offerings with New Live Stations - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE TESTING
🦑Hack with 1 Plug:
Duckyspark v.0.4.1
Translator from USB-Rubber-Ducky payloads (Ducky script) to a Digispark code.
Usage:
in this case the translated payload will be saved in the file "digipayload.ino"
Ducky payloads you can find here: https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payloads
or here: https://github.com/CedArctic/DigiSpark-Scripts
Or, you can simply write your own payloads using Ducky script
Ducky script syntax: https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Duckyscript
Recently we found the video "Digispark Flashing Guide & Ducky Payload Converters" that shows how to flash Digispark using the payloads generated by our script: https://www.youtube.com/watch?v=Lrn_hgckhGw&lc
Our site: https://awake.pro/
Upd: added 3d models of USB flesh drive to hide Digispark.
You could edit 3d model, or just print on 3d printer ready-for-print .stl models
Duckyspark v.0.4.1
Translator from USB-Rubber-Ducky payloads (Ducky script) to a Digispark code.
Usage:
python3 Duckyspark_translator.py [payload.txt] [output_file]
or
python3 Duckyspark_translator.py [payload.txt]
in this case the translated payload will be saved in the file "digipayload.ino"
Ducky payloads you can find here: https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Payloads
or here: https://github.com/CedArctic/DigiSpark-Scripts
Or, you can simply write your own payloads using Ducky script
Ducky script syntax: https://github.com/hak5darren/USB-Rubber-Ducky/wiki/Duckyscript
Recently we found the video "Digispark Flashing Guide & Ducky Payload Converters" that shows how to flash Digispark using the payloads generated by our script: https://www.youtube.com/watch?v=Lrn_hgckhGw&lc
Our site: https://awake.pro/
Upd: added 3d models of USB flesh drive to hide Digispark.
You could edit 3d model, or just print on 3d printer ready-for-print .stl models
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
🔋 A Cellular MacBook: A Long-Awaited Dream?
https://undercodenews.com/a-cellular-macbook-a-long-awaited-dream/
@Undercode_News
https://undercodenews.com/a-cellular-macbook-a-long-awaited-dream/
@Undercode_News
UNDERCODE NEWS
A Cellular MacBook: A Long-Awaited Dream? - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE TESTING
🦑 Example of sFTP Credentials Leak in Private Program
Target Sub-Domain: trc[•]example[•]com
Impact: Full FTP Server Access Obtained
Details: sftp-config.json exposed sensitive credentials.
Severity: 🔴 Critical (9.6)
💡 Stay vigilant for exposed configuration files!
Target Sub-Domain: trc[•]example[•]com
Impact: Full FTP Server Access Obtained
Details: sftp-config.json exposed sensitive credentials.
Severity: 🔴 Critical (9.6)
💡 Stay vigilant for exposed configuration files!
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
🚨 Lessons from the Largest #Software Supply Chain Incidents
https://undercodenews.com/lessons-from-the-largest-software-supply-chain-incidents/
@Undercode_News
https://undercodenews.com/lessons-from-the-largest-software-supply-chain-incidents/
@Undercode_News
UNDERCODE NEWS
Lessons from the Largest Software Supply Chain Incidents - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
📱 #Apple Maps: A More Seamless Experience with Yelp Integration
https://undercodenews.com/apple-maps-a-more-seamless-experience-with-yelp-integration/
@Undercode_News
https://undercodenews.com/apple-maps-a-more-seamless-experience-with-yelp-integration/
@Undercode_News
UNDERCODE NEWS
Apple Maps: A More Seamless Experience with Yelp Integration - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…
Forwarded from UNDERCODE TESTING
🦑Top ChatGPT extensions for enhancing your productivity and web browsing experience:
1. Monica AI Copilot: A versatile assistant powered by GPT-4, offering functionalities like email drafting, web summaries, PDF chatting, and AI image generation, all while integrating with real-time web browsing.
2. AIPRM for ChatGPT: A powerful tool for marketers and content creators, featuring over 4,500 professional prompts for generating blog titles, ad copy, SEO strategies, and more.
3. Superpower ChatGPT: Adds features like organizing chat folders, custom prompt saving, and downloadable conversations. It’s a great organizational tool for frequent ChatGPT users.
4. Wiseone: Designed for readers, this extension simplifies complex text by providing definitions, context, and summaries directly within your browser.
5. YouTube Summary with ChatGPT & Claude: Summarizes YouTube videos and supports multilingual summaries, complete with timestamps for key points.
6. ChatGPT Writer: Specializes in creating emails and messages based on context, perfect for streamlining communication tasks.
7. Compose AI: Assists with sentence completion, rephrasing, and email replies, making it ideal for improving your writing speed and clarity.
These extensions are available on the Chrome Web Store and are useful for professionals, students, and casual users alike. Let me know if you'd like help with installation or exploring any of these!
1. Monica AI Copilot: A versatile assistant powered by GPT-4, offering functionalities like email drafting, web summaries, PDF chatting, and AI image generation, all while integrating with real-time web browsing.
2. AIPRM for ChatGPT: A powerful tool for marketers and content creators, featuring over 4,500 professional prompts for generating blog titles, ad copy, SEO strategies, and more.
3. Superpower ChatGPT: Adds features like organizing chat folders, custom prompt saving, and downloadable conversations. It’s a great organizational tool for frequent ChatGPT users.
4. Wiseone: Designed for readers, this extension simplifies complex text by providing definitions, context, and summaries directly within your browser.
5. YouTube Summary with ChatGPT & Claude: Summarizes YouTube videos and supports multilingual summaries, complete with timestamps for key points.
6. ChatGPT Writer: Specializes in creating emails and messages based on context, perfect for streamlining communication tasks.
7. Compose AI: Assists with sentence completion, rephrasing, and email replies, making it ideal for improving your writing speed and clarity.
These extensions are available on the Chrome Web Store and are useful for professionals, students, and casual users alike. Let me know if you'd like help with installation or exploring any of these!
Forwarded from DailyCVE
🟠 #Linux Kernel Vulnerability: #CVE-2024-50177 (Medium)
https://dailycve.com/linux-kernel-vulnerability-cve-2024-50177-medium/
@DailyCVE
https://dailycve.com/linux-kernel-vulnerability-cve-2024-50177-medium/
@DailyCVE
DailyCVE
Linux Kernel Vulnerability: CVE-2024-50177 (Medium) - DailyCVE
2024-12-10 This article describes a vulnerability (CVE-2024-50177) in the Linux kernel’s AMD display driver. The issue arises when programming a […]
Forwarded from DailyCVE
🔴 SourceCodester Simple Online Bidding System 10 - SQL Injection (#CVE-2024-4930) - Critical
https://dailycve.com/sourcecodester-simple-online-bidding-system-10-sql-injection-cve-2024-4930-critical/
@Daily_CVE
https://dailycve.com/sourcecodester-simple-online-bidding-system-10-sql-injection-cve-2024-4930-critical/
@Daily_CVE
DailyCVE
SourceCodester Simple Online Bidding System 10 - SQL Injection (CVE-2024-4930) - Critical - DailyCVE
2024-12-10 : A critical SQL injection vulnerability (CVE-2024-4930) exists in SourceCodester Simple Online Bidding System version 1.0. This vulnerability allows […]
Forwarded from DailyCVE
🟠 SourceCodester Simple Online Bidding System 10 - Cross-Site Request Forgery (#CVE-2024-4929) - MEDIUM
https://dailycve.com/sourcecodester-simple-online-bidding-system-10-cross-site-request-forgery-cve-2024-4929-medium/
@Daily_CVE
https://dailycve.com/sourcecodester-simple-online-bidding-system-10-cross-site-request-forgery-cve-2024-4929-medium/
@Daily_CVE
DailyCVE
SourceCodester Simple Online Bidding System 10 - Cross-Site Request Forgery (CVE-2024-4929) - MEDIUM - DailyCVE
2024-12-10 A vulnerability classified as MEDIUM severity (CVSS score: 6.9) has been identified in SourceCodester Simple Online Bidding System 1.0. […]
Forwarded from DailyCVE
🔴 SourceCodester Simple Online Bidding System 10 - SQL Injection (#CVE-2024-4931 - Critical)
https://dailycve.com/sourcecodester-simple-online-bidding-system-10-sql-injection-cve-2024-4931-critical/
@Daily_CVE
https://dailycve.com/sourcecodester-simple-online-bidding-system-10-sql-injection-cve-2024-4931-critical/
@Daily_CVE
DailyCVE
SourceCodester Simple Online Bidding System 10 - SQL Injection (CVE-2024-4931 - Critical) - DailyCVE
2024-12-10 : A critical SQL injection vulnerability (CVE-2024-4931) has been identified in SourceCodester Simple Online Bidding System 1.0. This vulnerability […]
Forwarded from DailyCVE
🟠 #Linux Kernel, mptcp: handle consistently DSS corruption, #CVE-2024-50185 (Medium)
https://dailycve.com/linux-kernel-mptcp-handle-consistently-dss-corruption-cve-2024-50185-medium/
@Daily_CVE
https://dailycve.com/linux-kernel-mptcp-handle-consistently-dss-corruption-cve-2024-50185-medium/
@Daily_CVE
DailyCVE
Linux Kernel, mptcp: handle consistently DSS corruption, CVE-2024-50185 (Medium) - DailyCVE
2024-12-10 What Undercode Says: This blog post details a vulnerability (CVE-2024-50185) affecting the MPTCP functionality in the Linux kernel. A […]
Forwarded from Exploiting Crew (Pr1vAt3)
🦑Easiest XSS Testing!! [Basic Recon Tips]
✅Tip: Use Inspect Element to find how the input is handled by the server. i.e. if it is enclosed as ''<your_payload>'' try to escape the closing '' '' by adding ''<your_payload> in the input field. This will break the filters in most cases.
This tip is just a very basic method to bypass filters. There are numerous other ways to bypass the filters and having a little knowledge on javascript will be a advantage for you guys...
I will be sharing next levels of bypassing on my coming posts✅
Source
✅Tip: Use Inspect Element to find how the input is handled by the server. i.e. if it is enclosed as ''<your_payload>'' try to escape the closing '' '' by adding ''<your_payload> in the input field. This will break the filters in most cases.
This tip is just a very basic method to bypass filters. There are numerous other ways to bypass the filters and having a little knowledge on javascript will be a advantage for you guys...
I will be sharing next levels of bypassing on my coming posts✅
Source
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
🔐 Global Insurance Agency Suffers from #Ransomware Attack
https://undercodenews.com/global-insurance-agency-suffers-from-ransomware-attack/
@Undercode_News
https://undercodenews.com/global-insurance-agency-suffers-from-ransomware-attack/
@Undercode_News
UNDERCODE NEWS
Global Insurance Agency Suffers from Ransomware Attack - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information and…