▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Update software, change passwords, keys and salts :)
> Once you have removed the malicious code, update WordPress, plugins and themes. Change passwords on the site and on the hosting. Think about changing the password for the email and database (in the wp-config.php file and on the hosting).
t.me/UndercOdeTesting

1) Change the keys and salts , this will make all cookies that are stored in the browsers of users, including hackers, invalid for authorization on the site.

2) The key and salt generator is on the WordPress website. Copy the new keys and paste them into the wp-config file at this location:


> define('AUTH_KEY', 'r?=mgu>fln25:B(vkI2l4mK_3v5>K*$<0)|nwPx#JJAK-3aMbu>@,m<69Z<(Bc--');
define('SECURE_AUTH_KEY', '0Z<j1rD>!|3x$sFedLT|?yiMw{Jx:&3Y%c^zoSn%WNicz@sh[wn;K8OMW_!:,L0C');
define('LOGGED_IN_KEY', '4{=AG|uXk#.h{,WXo3qOak^R-_f|uwJUn[>~^(GgZL3((iVx%=%_mC9iN|Vavz4b');
define('NONCE_KEY', 'BLj3h5)aK/fflv/EchqWqIAK!>T&{[cDE%Wz4^%teT_p`OLO3uMR(!!-vXDKO{3d');
define('AUTH_SALT', ']UxIOGK)4q%h3op98)Zv`x|b>!MNomc7(>v+Za&RkQeKy$f/->u3b3nC*v`2/3P^');
define('SECURE_AUTH_SALT', 'KGxLW%Kj|:dY/~W_wdR<CFHMi!Ce^MZX2)+Pnk:!Ulc[/}|}^k}b&s4kH->_|nF ');
define('LOGGED_IN_SALT', 'I-YI,LF. GOv4UU!6%P./.D#M79%M])WqNL^hHE[N>U$bfMUtuDO=)q]N588HB,4');
define('NONCE_SALT', 'wAlP+rI2uHJ5wx|ucHeoha.%P_T4Xnc(Lp43|<dnQ72Jsv7#{cF_ptT8-~)G)+@,');

3) Before modifying the wp-config file, make a backup of it. Save the file, upload it back to the server.


Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Tips to help you prevent your phone from being hacked guide:
t.me/UndercOdeTesting

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

Here are some tips you can use to prevent your phone from being hacked:

1) Do not share passwords with everyone.

2) Do not use the same passwords for all devices and accounts.

3) Do not open links sent in text messages and emails without checking the source.

4) Install antivirus software on your phone.

5) Check the applications installed on your phone and remove those that you consider suspicious.

6) Make sure you have 2fa for iCloud and online accounts.

7) Regularly update the applications and OS of your phone.

8) Do not connect your phone to a public Wi-Fi account without using a VPN.

9) Use a VPN to connect your phone to a public Wi-Fi network.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑IN PHP SQL Injection Protection GUIDE BY UndercOde
t.me/iOsDeveloppers

🦑PART 1 :

> SQL injection attack principle

1) Let's say our site has a page showing weather history for one city. The identifier of this city is transmitted in the link in the request parameter:, /weather.php?city_id=<ID>where IDis the primary key of the city.
In a PHP script, we use this parameter to substitute a SQL query:

$city_id = $_GET['city_id'];
$res = mysqli_query($link, "SELECT * FROM weather_log WHERE city_id = " . $city_id);

2) If the city_id parameter equal to 10 ( /weather.php?city_id=10) is passed on the server , then an SQL query will be executed:

SELECT * FROM weather_log WHERE city_id = 10
But if the attacker passes a string as the id parameter -1 OR 1=1, the request will be executed:

SELECT * FROM weather_log WHERE city_id = -1 OR 1=1

3) Adding SQL language constructs (instead of simple values) to the input parameters changes the logic of the entire SQL query!
this example, instead of showing data for one city, data will be obtained for all cities, because the expression 1 = 1 is always true. Instead of an expression, there SELECT ...could be an expression to update the data, and then the consequences would be even more serious.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How Protect YouR Php site from sql attack :
t.me/UndercOdeTesting


PART 2 :

> Casting to integer type

1) In SQL queries, integer values ​​received from the user are often substituted. In the examples above, the city identifier obtained from the request parameters was used.

2) This identifier can be forced to a number. So we exclude the appearance of dangerous expressions in it. If the hacker passes code in this parameter instead of the number SQL, then the result of the cast will be zero, and the logic of the entire SQL query will not change.

3) PHP can assign a new type to a variable. This code will force the variable to be an integer type:

$city_id = $_GET['city_id'];
settype($city_id, 'integer');
After conversion, the variable $city_idcan be safely used in SQL queries.

4) Escaping Values
What should I do if I need to substitute a string value in an SQL query? For example, the site has the ability to search for a city by its name. The search form will pass the search query to the GET parameter, and we use it in the SQL query:

$city_name = $_GET['search'];
$sql = "SELECT * FROM cities WHERE name LIKE('%$city_name%')";

5) But if there city_nameis a quotation mark in the parameter , then the meaning of the request can be radically changed. Passing the value to search_text ')+and+(id<>'0, we will execute a request that displays a list of all cities:

SELECT * FROM cities WHERE name LIKE('%') AND (id<>'0%'))
The meaning of the query has changed because the quotation mark from the query parameter is considered a control character: MySQL determines the end of the value by the quotation mark after it, therefore, the quotation mark values ​​themselves should not contain.
Obviously, casting to a numeric type is not suitable for string values. Therefore, to protect the string value, use the escaping operation .

6) Escaping adds an apostrophe in the line before quotation marks (and other special characters) \.
Such processing removes the quotation marks of their status - they no longer determine the end of the value and cannot affect the logic of the SQL expression.

7) The function is responsible for escaping values mysqli_real_escape_string().
This code will process the value from the parameter, making it safe for use in the request:

$city_name = mysqli_real_escape_string($link, $_GET['search']);
$sql = "SELECT * FROM cities WHERE name LIKE('%$city_name%')";

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How Protect YouR Php site from sql attack :
fb.com/UndercOdeTestingCompany

PART 3-end :

> Prepared Expressions
A type of SQL injection attack is possible because the values (data) for the SQL query are transmitted along with the query itself. Since the data is not separate from the SQL code, it can affect the logic of the whole expression. Fortunately, MySQL offers a way to transfer data separately from the code. This method is called prepared queries .

> Execution of prepared queries consists of two stages: first, a query template is formed - a regular SQL expression, but without real values, and then, separately, values for this template are transferred to MySQL.
The first stage is called preparation, and the second - expression. A prepared request can be executed several times, passing different values there.

1) Stage of preparation
At the stage of preparation, an SQL query is generated, where the place signs will contain question marks - placeholders. These placeholders will later be replaced with real values. The query template is sent to the MySQL server for analysis and parsing.
Example:

$sql = "SELECT * FROM cities WHERE name = ?";
$stmt = mysqli_prepare($link, $sql);

2) This code will form a prepared expression to fulfill your request.

The preparation is in progress. When the request is launched, PHP binds the real values to the placeholders and sends them to the server. The function is responsible for passing the values to the prepared request mysqli_stmt_bind_param(). It takes the type and the variables themselves:

mysqli_stmt_bind_param($stmt, 's', $_GET['search']);
After executing the query, you can get its result in the mysqli_result format with the function mysqli_stmt_get_result():

$res = mysqli_stmt_get_result($stmt);

// чтение данных
while ($row = mysqli_fetch_assoc($res)) {
// ассоциативный массив с очередной записью из результата
var_dump($row);
}

3) The server shields the values of the variables associated with the request automatically. Bound variables are sent to the server separately from the request and cannot affect it. The server uses these values directly at runtime, after the expression template has been processed. Bound parameters do not need to be escaped, since they are never substituted directly into the query string.

THATS ALL!

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HTTP protocol and work with headers guide :
twitter.com/UndercOdeTC

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

> HTTP protocol
How WWW (World Wide Web, Web) works in a nutshell:

1) the user's browser (client) sends a request to the server with the site address (URL);

2) the server receives this request and gives the client the content it needs.

3) In other words, the entire modern web is built on a model of client-server interaction. And to make this whole process possible, a universal protocol language is needed that both the server and browser will understand. There is such a protocol, but it is called HTTP.

🦑 How HTTP works, and why do we need to know ? 🦑

> You can program in PHP without knowing the HTTP protocol, but there are a number of situations where you need to know how the web server works to solve problems. After all, PHP is, first of all, a server programming language.

> The HTTP protocol is very simple and consists essentially of two parts:

Request / response headers
Request / Response Bodies.
First comes a list of headers, then an empty string, and then (if any) the body of the request / response.

> Both the client and the server can send headers and the response body to each other, but in the case of the client, the available headers will be one, and the server will be different. Let's take a step-by-step look at how the work using the HTTP protocol will look in the case when the user wants to download the main page of the Vkontakte social network.

1) The user's browser establishes a connection with the vk.com server and sends the following request:

GET / HTTP / 1.1
Host: vk.com

2) The server accepts the request and sends a response:

HTTP/1.1 200 OK
Server: Apache

<html>
<head>
<title>ВКонтакте</title>
</head>
<!-- остальной контент страницы ниже -->

3) The browser accepts the response and displays the finished page

> Most of all, we are interested in the very first step, where the browser initiates a request to the vk.com server.
Let us consider in more detail what is happening there. The first line of the query defines several important parameters, namely:

> The method by which the content will be requested;
Page address;
Protocol version.
GETIs a method (verb) that we use to access the specified page.
GETis the most commonly used method because it tells the server that the client just wants to read the specified document. But besides GETthere are other methods, we will consider one of them in the next section.

> After the method there is an indication of the page address - URI (universal resource identifier). In our case, we request the main page of the site, so just a slash is used /.
The last in this line is the protocol version and almost always it will beHTTP/1.1

> After a line indicating the main parameters, a list of headers always fo1llows, which give the server additional useful information: the name and version of the browser, language, encoding, caching parameters, and so on.

> Among all these headers that are transmitted during each request, there is one mandatory and most important one - this is the heading Host. It determines the domain address that the client browser requests.

> Having received a request, the server searches for a site with a domain from the header Host, as well as the specified page.
If the requested site and page are found, a response is sent to the client:
HTTP/1.1 200 OK

> This answer means that everything is fine, the document is found and will be sent to the client.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2019 collection of android Exploits and Hacks
Fb.com/UndercOdeTestingcompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/sundaysec/Android-Exploits.git

> Recommend you grab exploitpack latest version

wget https://github.com/juansacco/exploitpack/archive/master.zip

2) Extract then Navigate into the folder and type:

3) java -jar ExploitPack.jar

4) Load the exploits

🦑Common Tools(In mobile Exploits):

> SSH

> VNC server

> A compiler (gcc / agcc)

> Android SDK (adb!)

> XCode

> Jailbroken iDevice

> Rooted Android Device

@ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Objects and classes in PHP Lets Undercode hive s you a small good example in php
t.me/UndercOdeTesting

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

class WeatherEntry
{

private $date;
private $comment = "";
private $temperature = 0;

private $isRainy = false;

public function __construct($date, string $comment, int $temperature)
{
$this->date = $date;
$this->comment = $comment;
$this->temperature = $temperature;
}

public function isCold()
{
return $this->temperature < 0;
}

public function setRainStatus($rain_status)
{
$this->isRainy = $rain_status;
}

public function getDayDescription()
{
$dt = strtotime($this->date);
$delta = time() - $dt;
$days = ceil($delta / 86400);

$res = "Это было $days дней назад. В тот день было ";

if ($this->isCold()) {
$res .= "холодно. ";
}
else {
$res .= "довольно тепло. ";
}

if ($this->isRainy) {
$res .= "Семенил дождь.";
}
else {
$res .= "На небе не было ни облачка.";
}

return $res;
}
}

🦑Creating an object based on a class:

$firstSeptember = new WeatherEntry("2018-09-01", "День знаний", 14);
$firstSeptember->setRainStatus(false);

print($firstSeptember->getDayDescription());

@UndercOdeOfficial

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Open Databases and Hacking with Shodan guide: details:
t.me/UndercOdeTesting

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) special search engines Shodan and Censys are used. Databases have a specific pattern in the form of a port and a so-called header. For example, for MongoDB, this is the standard port 27017 and the header is “mongodb server information”. Such patterns exist for other databases.

2) The most popular option is MongoDB. At the time of writing, 69,100 results have been indexed . Most of them are closed (the Authentication partially enabled parameter indicates this ).

3) To fully work with the results of issuing a database: filter records by size, date of entry into the index, number of collections, etc. need to use more functional tools. One of them is Lampyre .

If you don’t want to deliver software to yourself, you can use the familiar Shodan Command-Line Interface . For those who want to work using the command line, I have prepared a file with commands that allow you to find and analyze data in json or xlsx formats.

4) To work with more exotic databases, I recommend using LeakLooker . The script is written in Python and works with Shodan. In addition to standard databases, it supports Kibana, CouchDB.

> see next tutorial how install

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Find open databases 2019-2020
fb.com/UndercOdeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) pip3 install colorama

2) pip3 install hurry.filesize

3) pip3 install beautifulsoup4

4) pip3 install pybinaryedge

5) git clone https://github.com/woj-ciech/LeakLooker

6) cd LeakLooker

7) PycharmProjects/LeakLooker# python leaklooker.py -h

🦑Example :
>/PycharmProjects/LeakLooker# python leaklooker.py --rethink --listing --first 21 --last 37

🦑New version supports:

Elasticsearch
CouchDB
MongoDB
Gitlab
Rsync
Jenkins
Sonarqube
Kibana
CassandraDB
RethinkDB
Directory listing
Amazon S3

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Finding open databases with Lampyre
t.me/undercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) For more flexible settings, you can use the Lampyre tool for Windows.
> https://lampyre.io/

2) After downloading the application, you must specify the mail and confirm your account. After starting in Online Mode, you need to click New Investidation, select the folder for storing the project and start working.

3) In the List of requests, select Shodan search. We enter the API key and our query in the Query field, which will allow us to find open databases.

> all:"mongodb server information" all:"metrics"
https://lampyre.io/

4) You can also specify additional parameters in the Shodan - 2 window. For example, country and port. We start using the “Execute” button. Next up are the results. For graphic display, select “Schema” -> ”Network”.

5) Lampyre can filter found queries using the ExploreDB: MongoDB built-in query . Select the necessary IPs, then right-click on the menu and specify ExploreDB: MongoDB.

6) Then we get all the requests in a convenient format. You can filter by database size and other parameters that are not in Shodan. Confirmation that the database is open is the parameter text , which has the status open. It is worth sorting the results by the Size and Count documents parameters , since the most interesting databases will contain the maximum number of records in the tables.

7) You can also notice that Lampyre supports working with ExploreDB: ElasticSearch. We do everything by analogy using the query:

> port:"9200" all:"elastic indices"

8) now you receive in a convenient form the ElasticSearch database. They can be viewed by clicking on the link in the “ http query top 500 “ column .

9) you receive in a convenient form the ElasticSearch database. They can be viewed by clicking on the link in the “ http query top 500 “ column .

10) As a result, you find an open database of some store where you can find the phone, date of creation, description, mail and some other interesting information.

11) You can use any manager convenient for you to work with the resulting databases. For example, for MongoDB, NoSQL Manager for MongoDB, Robo 3T, or Studio 3T for MongoDB is suitable. Consider, for example, one of the options.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Analyzing Databases Using Robo 3T for MongoDB
The choice fell on the free version of Robo 3T . Portable version takes about 15 mb and allows you to quickly connect to the desired database. After starting, see a window where you need to specify the IP address.
twitter.com/UndercOdeTC

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Right-click and add using the Add button.

2) Specify the desired IP and click Save.

3) After a successful connection, see the database. If the connection has occurred, a new client will appear in the left pane as showing on your computer

4) So You can use any manager to work with the database. You can also process data from the command line. Despite the fact that Studio 3T for MongoDB has more functionality (which is available for a trial period of 30 days

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is Microsoft Access?
Microsoft Access is a Database Management System offered by Microsoft. It uses the Microsoft Jet Database Engine and comes as a part of the Microsoft Office suite of application.

Microsoft Access offers the functionality of a database and the programming capabilities to create easy to navigate screens (forms).
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Database File:
It is a file which stores the entire database. The database file is saved to your hard drive or other storage devices.

2) Datatypes:
Datatypes are the properties of each field. Every field has one datatype like text, number, date, etc.

3) Table
A Table is an object which stores data in Row & Column format to store data.
A Table is usually related to other tables in the database file.
Each column must have Unique name
We can also define Primary Key in a table.

4) Query
Queries answer a question by selecting and sorting and filtering data based on search criteria.
Queries show a selection of data based on criteria (limitations) you provide.
Queries can pull from one or more related Tables and other Queries.
Types of Query can be SELECT, INSERT, UPDATE, DELETE.

5) Form
A form is a database object that you can use to create a user interface for a database application.
Forms help you to display live data from the table. It mainly used to ease the process of data entry or editing.

6) Report
A report is an object in desktop databases primarily used for formatting, calculating, printing, and summarizing selected data.
You can even customize the report's look and feel.

7) Macros
Macros are mini computer programming constructs. They allow you to set up commands and processes in your forms, like, searching, moving to another record, or running a formula.

8) Modules:
Modules are procedures(functions) which you can write using Visual Basic for Applications (VBA).

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑MS Access Datatypes
MS Access common data types are listed below:
t.me/UNderCodeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

Type of Data Description Size
Short Text Text, including numbers which does not need calculation. (e.g., Mobile numbers). Up to 255 characters.

> Long Text This data type is used for lengthy text or alphanumeric data. Maximum 63, 999 characters.

> Number Numeric data type used for storing mathematical calculations. 1, 2, 4, 8, and 16 bytes.

> Date/Time Store Date/time for the years 100 through 9999. 8 bytes.

> Currency It allows you to store currency values and numeric data with one to four decimal places. 8 bytes.

> Auto Number Assign a unique number or assigned by Microsoft Access when any new record is created. Usually used as the primary key Four bytes (16 bytes if it is set as a Replication ID).

> Yes/No It only stores logical values Yes and No. 1 bit

>Attachment It stores files, such as digital photos. Multiple files can be attached per record. Up to 2 GB Data can be stored.

> OLE objects OLE objects can store audio, video, other Binary Large Objects. Up to 2 GB data can be stored.

>Hyperlink Text or combinations of text and numbers stored. That text is used as hyperlink address. Each part of a Hyperlink data type allows you to store a maximum 2048 characters.

> Calculated Helps you to create an expression that uses data from one or more fields. You can create an expression which uses data from one or more fields.

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑dumps() method converts dictionary object of python into JSON string data format.
t.me/UndercOdeTesting

Now lets we perform our first encoding example with Python.

import json

x = {
"name": "Ken",
"age": 45,
"married": True,
"children": ("Alice","Bob"),
"pets": ['Dog'],
"cars": [
{"model": "Audi A1", "mpg": 15.1},
{"model": "Zeep Compass", "mpg": 18.1}
]
}
# sorting result in asscending order by keys:
sorted_string = json.dumps(x, indent=4, sort_keys=True)
print(sorted_string)

🦑Output:

{"person": {"name": "Kenn", "sex": "male", "age": 28}})
Let's create a JSON file of the dictionary using the same function dump()

# here we create new data_file.json file with write mode using file i/o operation
with open('json_file.json', "w") as file_write:
# write json data into file
json.dump(person_data, file_write)

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How get alot of Traffics to your sites
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Website design should not be intimidating. For verification, you can ask several friends who do not understand sites and understand, look at the site and evaluate. Gather people's opinions about what they like and what they don't like.

2) The layout of the site should be normal so that nothing and wherever it moves around and crawls. Check the site in several browsers will help you service BrowserShots .

3) Consider how you can interest visitors who have arrived, because of which they will have to stay on your site or come to you again. For example, make a service on your site, an interesting section, answers to questions, etc.

4) Create a feedback and feedback page. In general, make it possible for your visitors to leave you a message, because if someone does not like something, you will most likely be told this.

5) Give your site visitor the opportunity to subscribe to updates, so you can invite him again and again to your site.

6) It is necessary to achieve indexing of the site by search engines. The faster you do it, the better, since you’ll get into the search results faster and most likely you will get your first visitors from search engines faster.

7) Perform internal site optimization.

8) If your site supports RSS, then you need to add your site to feedburner. After adding your RSS to feedburner you need to do the following. Go to the Analyze tab, then go to FeedBurner Stat [PRO] and uncheck the line Item link clicks - optimize for. With this action, we made sure that all your links in RSS will now be direct to the site, thereby if someone plunders your RSS, then all links will be direct to you.

9) After your site is indexed, I recommend adding it to social bookmarks .
Also add your site to the site ratings: mail (paid registration) and rambler .

10) Add your site to rss aggregators.

11) Add your site to the ratings of sites (blogs).

12) Make a promotion on thematic forums, how to do it I wrote in a post - promotion using forums.


Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Resource infection mechanisms for your sites:
twitter.com/UndercOdeTc

🦑 The site may become infected due to:

1) introducing a program whose purpose is to intercept access to the CMS , FTP protocols and then send them back (as a rule, the virus “enters” along with pirated software when downloading a file while visiting a site with viruses);

2) direct selection by attackers of the login characters, password set to enter the server, or CMS;

3) the possibility (due to the vulnerability of templates, plugins) to manage a site that is hosted on such popular engines as WordPress, Joomla;

4) the human factor (this may be negligence, or inexperience of the owner of the hosting, system administrator, transfer of confidential information to a third party, or its incorrect storage)

5) placement of counters, advertising (some viruses are able to use ad units, counter codes if they are provided by an unverified partner to penetrate the resource);

6) actions of site users who intentionally or inadvertently leave malicious content (this can be a downloaded file, link).

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Ways to prevent site infection:
twitter.com/UndercOdeTC

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

> Following some guidelines by UndercOde will help to minimize the risk of infection or hacking.

1) Reliable storage of logins and passwords

2) Storage of all information regarding access to an account, admin panel, FTP, passwords to other programs can only be entrusted to password managers, for example, KeePass.

> The most vulnerable storage locations are: Total Commander, browsers, text files, FTP clients. It is necessary to periodically change the passwords, and after transferring them to third parties (for example, the webmaster) do this without fail. It is advisable not to set simple or too short passwords, it is better to create keys using a password generator.

3) Using the backup function

> Hosting providers often provide the ability to copy files, and caution is never superfluous. You need to regularly backup (3-4 times a month), this also applies to the local computer.

4) Using the secure FTP connection option

> Since the FTP protocol does not have protection, attackers can intercept files during transmission over the network. To maintain security, you must use protocol versions that have reliable protection against interception (SFTP or SSH).

5) Regular updating of CMS, server software

> If you use third-party CMS, you need to update them regularly. At the same time, you need to download extensions, as well as plugins necessary for the control panel to work (including other software) from reliable, preferably official sources. It is highly recommended not to download and then run suspicious files.

6) Installing an antivirus program

> All computers with access to the server must be equipped with a reliable antivirus program, which must be updated regularly.

7) Advertising from trusted partners

> Advertising blocks, counter codes, banners should be placed exclusively from partners who have proven their reliability.

8) Site security audit

> To reduce risks, you need to regularly monitor user activity in the admin panel, on the hosting (if they are available to several users), to quickly find out about possible attempts to hack the site. You also need to track the files that appear in the directives, to inspect the code. It is convenient to carry out such a procedure using a special service, for example, Yandex.Webmaster. Using the Security tab, you can see the time of checks, as well as use information about threats, virus pages detected by Yandex anti-virus program.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How it Works The Classic computer viruses :
t.me//UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) This category includes programs that distribute their copies to the resources of the local computer in order to:

2) the subsequent launch of your code with any user actions;
further implementation in other computer resources.
Unlike worms, viruses do not use network services to penetrate other computers. A copy of the virus gets to remote computers only if, for some reason, the infected object is activated on another computer, for

🦑example:

1) upon infection of accessible disks, the virus penetrated the files located on a network share;

2) the virus copied itself onto removable media or infected the files on it;

3) the user sent an email with the infected attachment.

4) Some viruses contain the properties of other types of malicious software, such as a backdoor procedure or a Trojan component to destroy information on a disk.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑The most active mobile threats in December 2019
t.me/UNdercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) xHelper and Guerrilla are leaders in the ranking of mobile malware.
xHelper is a malicious Android application , active since March 2019, used to download other malicious applications and display ads . The application is able to hide itself from user and mobile anti-virus programs and reinstall itself if the user uninstalls it.

2) Guerilla is a clicker for Android that can interact with the remote control server , download additional malicious plugins and aggressively wind clicks on ads without the consent or knowledge of the user.

3) Hiddad - A modular backdoor for Android that provides superuser privileges for downloaded malware , and also helps implement it in system processes. He can access key security details built into the OS , which allows him to receive confidential user data .

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁