🛡️ Stalemate on EU Chat Control: Balancing Privacy and Combating Child Abuse

https://undercodenews.com/stalemate-on-eu-chat-control-balancing-privacy-and-combating-child-abuse/

@Undercode_News

🌐 #Google's Project Mariner: Your #AI Web Assistant

https://undercodenews.com/googles-project-mariner-your-ai-web-assistant/

@Undercode_News

Zomato Faces Rs 800 Crore Tax Demand: A Potential Setback

https://undercodenews.com/zomato-faces-rs-800-crore-tax-demand-a-potential-setback/

@Undercode_News

⚡️ Fiverr's New #AI Tool: A Game Changer for Freelancers?

https://undercodenews.com/fiverrs-new-ai-tool-a-game-changer-for-freelancers/

@Undercode_News

🦑Bug bounty tips ✨

Xss 💰 Methodology 💯

1- Pick a target

2- Do Full depth Subdomain enumeration using Subfinder( along API'S ) and use webcopilot or SubDomz and various subdomains finder tools in one liner and also ones perform subdomain bruteforicng and save it in a file.!!

3- subfinder -d example.com -all >> subs.txt

4- cat subs.txt | httpx -o alive-subs.txt



hashtag#Method-1 ( Using Dalfox )

1- katana -u alive-subs.txt -o endpoints-1.txt

2- waybackurls http://example.com | grep = | tee endpoints-2.txt

3- ./gau example.com >> endpoints-3.txt

4- paramspider -d example.com

5 - cat alive-subs.txt | hakrawler | tee -a endpoints-5.txt

6- cat endpoints.txt | uro | tee -a endpoints-uro.txt ( Combine all URLS )

7- cat endpoints-uro.txt | Gxss | dalfox pipe --multicast --skip-mining-all (Accurate also ) ( Here Gxss helps us when payload is injected is reflecting back ?? and I used skip mining because already we got urls nah ! if want remove it )

[ OR ]
8- dalfox url http://example.com --custom-payload payloads.txt ( Simple Scan )

Method-2 ( Using XSS_vibes )
1- katana -u alive-subs.txt -o endpoints-1.txt

2- waybackurls http://example.com | grep = | tee endpoints-2.txt

3- ./gau example.com >> endpoints-3.txt

4- paramspider -d example.com

5 - cat alive-subs.txt | hakrawler | tee -a endpoints-5.txt

6- cat endpoints.txt | uro | tee -a endpoints-uro.txt

7- cat endpoints-uro.txt | ./gf xss | sed 's/=.*/=/' -o output.txt

8- python3 main.py -f input.txt -o <output>

Note :- if u can use Alternative of xss automation Tool For better Result U can Use
Xssorv2 Ibrahim Husić Tool it's effective and 100 Acuracy 💯

Ref: Linkedin_stuffs
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

⚡️ ViewSonic Unveils New Monitor Lineup: A Blend of Innovation and Performance

https://undercodenews.com/viewsonic-unveils-new-monitor-lineup-a-blend-of-innovation-and-performance/

@Undercode_News

⚡️ Informative #WhatsApp Enhances Calling Experience with New Features

https://undercodenews.com/informative-whatsapp-enhances-calling-experience-with-new-features/

@Undercode_News

The Pursuit of Truth in #AI: Elon Musk's Critique

https://undercodenews.com/the-pursuit-of-truth-in-ai-elon-musks-critique/

@Undercode_News

🔴 Online Class and Exam Scheduling System 10: Critical SQL Injection (#CVE-2024-12487)

https://dailycve.com/online-class-and-exam-scheduling-system-10-critical-sql-injection-cve-2024-12487/

@DailyCVE

🔴 Apache Fineract, SQL Injection, #CVE-2024-23538 (CRITICAL)

https://dailycve.com/apache-fineract-sql-injection-cve-2024-23538-critical/

@Daily_CVE

🔴 Tenda AC10U Router Stack-Based Buffer Overflow (#CVE-2024-2764) - Critical

https://dailycve.com/tenda-ac10u-router-stack-based-buffer-overflow-cve-2024-2764-critical/

@Daily_CVE

🔴 Codezips Technical Discussion Forum 10 - SQL Injection (#CVE-2024-12484 - Critical)

https://dailycve.com/codezips-technical-discussion-forum-10-sql-injection-cve-2024-12484-critical/

@Daily_CVE

🔴 Online Class and Exam Scheduling System 10 Critical SQL Injection (#CVE-2024-12485)

https://dailycve.com/online-class-and-exam-scheduling-system-10-critical-sql-injection-cve-2024-12485/

@Daily_CVE

🔴 Gutenberg Blocks by Kadence Blocks Plugin Vulnerable to Stored XSS (#CVE-2024-1541 - Critical)

https://dailycve.com/gutenberg-blocks-by-kadence-blocks-plugin-vulnerable-to-stored-xss-cve-2024-1541-critical/

@Daily_CVE

🔴 Online Class and Exam Scheduling System 10 Critical SQL Injection (#CVE-2024-12489)

https://dailycve.com/online-class-and-exam-scheduling-system-10-critical-sql-injection-cve-2024-12489/

@Daily_CVE

🔴 GitLab CE/EE, Denial of Service, #CVE-2024-2829 (High)

https://dailycve.com/gitlab-ce-ee-denial-of-service-cve-2024-2829-high/

@Daily_CVE

🔴 Online Class and Exam Scheduling System 10, SQL Injection, #CVE-2024-12488 (Critical)

https://dailycve.com/online-class-and-exam-scheduling-system-10-sql-injection-cve-2024-12488-critical/

@Daily_CVE

🔴 Apache Fineract, SQL Injection, #CVE-2024-23539 (HIGH)

https://dailycve.com/apache-fineract-sql-injection-cve-2024-23539-high/

@Daily_CVE

⚠️ EU #AI Act: A Closer Look at Systemic Risks in the First CoP Draft Comments

https://undercodenews.com/eu-ai-act-a-closer-look-at-systemic-risks-in-the-first-cop-draft-comments/

@Undercode_News

🦑Ai Model for Hackers:


4 Security AI for Pentesting

>>

This model is designed to accurately detect and classify commands associated with four essential security tools used in pentesting: Nmap, Metasploit, John the Ripper, and the Social Engineering Toolkit (SET). It leverages a Naive Bayes classifier trained on a comprehensive dataset of commands for these tools, enhancing the accuracy and effectiveness of recognizing and categorizing such commands.

Tools Included

1️⃣Nmap: A network scanning tool used to discover hosts and services on a computer network.

2️⃣Metasploit (msploit): A penetration testing framework for exploiting known vulnerabilities.

3️⃣John the Ripper (jtr): A password cracking software used to test password strength and recover lost passwords.

4️⃣Social Engineering Toolkit (SET): A collection of tools for conducting social engineering attacks.

>> Structure
The model has been trained to detect commands formatted to specify the tool being used. Each command or query is associated with one of the four tools, allowing for precise classification.

Example:

import pandas as pd
from sklearn.model_selection import train_test_split
from sklearn.feature_extraction.text import TfidfVectorizer
from sklearn.naive_bayes import MultinomialNB
from sklearn.metrics import classification_report
import joblib

# Load the dataset from the txt file
data_path = 'trainingdata.txt'
data = []

# Read the file and parse the data
with open(data_path, 'r') as file:
    lines = file.readlines()
    for line in lines:
        # Split each line into question and tool by the last comma
        parts = line.rsplit(', "', 1)
        if len(parts) == 2:
            question = parts[0].strip().strip('"')
            tool = parts[1].strip().strip('",')
            data.append((question, tool))

# Create a DataFrame
df = pd.DataFrame(data, columns=['question', 'tool'])

# Split the data
X_train, X_test, y_train, y_test = train_test_split(df['question'], df['tool'], test_size=0.2, random_state=42)

# Vectorize the text data
vectorizer = TfidfVectorizer()
X_train_vectorized = vectorizer.fit_transform(X_train)
X_test_vectorized = vectorizer.transform(X_test)

# Train a Naive Bayes classifier
clf = MultinomialNB()
clf.fit(X_train_vectorized, y_train)

# Make predictions
y_pred = clf.predict(X_test_vectorized)

# Print the classification report
print(classification_report(y_test, y_pred))

# Save the model and vectorizer
joblib.dump(clf, 'findtool_model.pkl')
joblib.dump(vectorizer, 'vectorizer.pkl')

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🛡️ A Senator's Stance: Can We Secure US Telcos from the Next Cyberattack?

https://undercodenews.com/a-senators-stance-can-we-secure-us-telcos-from-the-next-cyberattack/

@Undercode_News