▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑SPEEDUP WINDOWS 10 FAST TIPS
T.me/UndercodeTesting


1) Restart your PC. While this may seem an obvious step, many users

2) keep their machines running for weeks at a time. ...

3) Updates

4) Check startup apps.

5) Run Disk Cleanup.

6) Remove unused software.

7) Disable special effects.

8) Disable transparency effects.

9) Upgrade your RAM.

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 2020 CVE VERIFIED BY UNDERCODE
> Pisay Online E-Learning System 1.0 - Remote Code Executio

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 FRESH PREMIUM PROXIES 2020 :
pinterest.com/undercode_Testing

125.94.44.129 1080 1 hour ago
5110 ms 7% (80) cn China Elite -
159.8.114.37 80 1 hour ago
452 ms 96% (46) fr France - Clichy Elite -
159.8.114.34 8123 1 hour ago
623 ms 100% (45) fr France - Clichy Elite -
218.204.153.156 443 1 hour ago
3201 ms 28% (74) cn China Elite -
34.92.94.5 8123 1 hour ago
937 ms 40% (10) us United States Elite -
36.75.130.126 80 1 hour ago
1387 ms 96% (21) id Indonesia Elite -
52.161.188.146 80 1 hour ago
202 ms 100% (42) us United States - Cheyenne Elite -
52.161.188.147 80 1 hour ago
204 ms 100% (47) us United States - Cheyenne Elite -
60.251.40.84 1080 1 hour ago
696 ms 48% (70) tw Taiwan - Keelung Elite -
62.213.14.166 8080 1 hour ago
3421 ms 25% (82) ru Russia - Samara Elite -
169.57.157.148 8123 1 hour ago
564 ms 23% (72) br Brazil - São Paulo Elite -
182.138.160.189 8118 1 hour ago
2029 ms 17% (72) cn China Elite -


183.64.239.19 8060 1 hour ago
2298 ms 17% (74) cn China - Chongqing Elite -
182.191.84.39 80 1 hour ago
4028 ms 18% (75) pk Pakistan - Mardan Elite -
195.110.6.30 8118 1 hour ago
1224 ms 5% (66) ua Ukraine - Simferopol Elite -
190.210.8.70 8080 1 hour ago
3160 ms 6% (77) ar Argentina - Buenos Aires Elite -
200.106.55.125 80 1 hour ago
2564 ms 100% (16) pe Peru - Lima Elite -
103.242.44.80 8080 1 hour ago
3271 ms 33% (64) mn Mongolia Elite -
112.111.77.95 9999 1 hour ago
2010 ms 2% (96) cn China - Fuzhou Elite -
105.247.171.202 8080 1 hour ago
3787 ms 14% (84) za South Africa - Durban Elite -
159.8.114.37 8123 1 hour ago
455 ms 96% (47) fr France - Clichy Elite -
125.162.229.74 8080 1 hour ago
2615 ms 26% (31) id Indonesia Elite -
140.227.174.216 1000 1 hour ago
2648 ms 17% (79) jp Japan Elite -
144.76.214.159 1080 1 hour ago
3321 ms 43% (57) de Germany Elite -
197.216.2.14 8080 1 hour ago
951 ms 86% (56) ao Angola Elite -
213.96.26.189 8080 1 hour ago
1175 ms 96% (44) es Spain Elite -
47.113.108.233 8080 1 hour ago
1907 ms 37% (57) cn China Elite -
5.196.255.171 3128 1 hour ago
4094 ms 10% (81) fr France Elite -
101.37.118.54 8888 1 hour ago
1130 ms 70% (49) cn China - Hangzhou Elite -
18.163.28.22 1080 1 hour ago
1607 ms 68% (53) hk Hong Kong Elite -
118.89.91.108 8888 1 hour ago
1959 ms 33% (58) cn China - Beijing Elite -
119.206.222.160 80 1 hour ago
755 ms 59% (60) kr South Korea - Incheon Elite -
121.17.210.114 8060 1 hour ago
2745 ms 38% (8) cn China Elite -
125.59.223.27 8380 1 hour ago
759 ms 16% (79) hk Hong Kong Elite -
123.194.231.55 8197 1 hour ago
777 ms 25% (73) tw Taiwan - Taipei Elite -

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 HOW SECURE YOUR PSN ACCOUNT ?
T.me/UndercodeTesting

🦑 How to ensure the security of the account as much as possible?
Create passwords that are not easily cracked.

1) If the password is too simple, others may be able to guess the password and log in to your account. If you have disclosed the password to others and let the other party know your account details, it also means that your account is not secure. If someone else can log in to your account, they can change your PlayStation Network password and / or login ID so that you cannot log in. They can also use any saved payment method in their account to recharge the e-wallet.

2) The password of the PSN account is case sensitive and special characters are allowed. When choosing a password, we recommend that you pay attention to the following points as much as possible:
Make sure that the password will not be duplicated with your other passwords. Use a different password for each online service you use to avoid you entering these authentication information on an unsecured website.

3) Use numbers and capital letters.

4) Us e symbols (such as "$" or "%").

5) Don't use dictionary to find words, please use randomly combined characters.

6) If you want to use a dictionary to find words, use symbols instead of letters. Don't use obvious alternatives. For example, replacing the English letter "O" with the number 0 is very common, so it is easy to guess.

7) The longer the password, the better.

8) make sure that the password does not contain any part of the PSN account. For example, the password must never contain words or numbers similar to your online ID or other account details.

9) Never tell anyone the account details. Even your best friend or someone who claims to be a PlayStation employee is the same.

10) Save password and log

in automatically For convenience, you can save the account password on your device and enable automatic login to PlayStation Network. However, if other users can use your console, they can log in to the PlayStation Network and PlayStation Store through your account. If you want to save the password or enable automatic login, you can enable

the function of entering the password before payment , so that unless the purchaser knows the password, otherwise the amount in the electronic wallet cannot be spent.


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 How to Install Nginx on Ubuntu :
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Install Nginx on Your Ubuntu Server

Nginx is available in the Ubuntu package repositories simple. First, update the apt cache with the following command:

sudo apt update

and install Nginx by issuing:

sudo apt install nginx

Once the installation is completed Nginx will be automatically started.
You can make sure that Nginx service is running with the following command:

sudo systemctl status nginx

The output should look like below:

● nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Sat 2018-03-31 01:50:44 CDT; 8s ago
Main PID: 716 (nginx)
CGroup: /system.slice/nginx.service
├─716 nginx: master process /usr/sbin/nginx -g daemon on; master_process on
├─717 nginx: worker process
├─718 nginx: worker process
├─719 nginx: worker process
└─720 nginx: worker process

2) Open Firewall Ports

If you are using ufw you need to open HTTP port 80 and/or HTTPS port 433. Ufw comes with profiles based on the default ports of most common daemons and programs.

To open both Nginx ports run the following command:

sudo ufw allow 'Nginx Full'

To verify the change run:

sudo ufw status

The output should look like below:

Status: active

To Action From
-- ------ ----
Nginx Full ALLOW Anywhere
Nginx Full (v6) ALLOW Anywhere (v6)

You can now open your browser, enter your server IP address into your browser address bar and you should see the default Nginx page.

3) Managing Nginx Service

You can manage the Nginx service same as any other systemd unit.

Start the nginx service with the following command:

sudo systemctl start nginx

Stop the service with:

sudo systemctl stop nginx

Restart the service with:

sudo systemctl restart nginx

Check the status of the service with:

sudo systemctl status nginx

Enable the service on system boot with:

sudo systemctl enable nginx

Disable the service on system boot with:

sudo systemctl disable nginx

4) Create a New Server Block

The default Nginx installation will have one server block enabled with a document root set to /var/www/html.
In this guide, we will create a new server block for the domain example.com and set the document root to /var/www/example.com.

First, create the domain document root with the following command:

sudo mkdir -p /var/www/example.com

and then create an index.html file with the following content:

sudo vim /var/www/example.com/index.html

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>example.com</title>
</head>
<body>
<h1>example.com server block</h1>
</body>
</html>

Next, create a new server block with the following content:

sudo vim /etc/nginx/sites-available/example.com.conf

server {
listen 80;
listen [::]:80;

server_name example.com www.example.com;

root /var/www/example.com;
index index.html;

location / {
try_files $uri $uri/ =404;
}
}

Activate the server block by creating a symbolic link :

sudo ln -s /etc/nginx/sites-available/example.com.conf /etc/nginx/sites-enabled/example.com.conf

5) Restart Nginx

Test the Nginx configuration and restart nginx:

sudo nginx -t
sudo systemctl restart nginx

6) Now if you enter example.com into your browser address bar you should see example.com server block.

this post Powered by Wiki
Tested by UndercOde on Lastest Version of Ubuntu
e n j o y
@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Securing ubuntu server System
Setting up the Firewall
instagram.com/UnderCodeTesting

🦑 Reference: "IPTables :

1) Linux has a built-in Firewall called netfilter, which works via the iptables tool. It uses 3 so-called iptables:

the filter table for filtering the IP packets,
the nat table for network address translation, and
the mangle table for modifying the IP packets.

2) Each table contains a set of chains. Each chain has rules.

3) For the filter table, there are 3 chains (of rules): INPUT (applied to incoming packets), OUTPUT (applied to the outgoing packets), and FORWARD (applied to incoming packets destined for another system). You can list all the current filter rules via the following command:

$ sudo iptables -L // -L to list the current filtering rules.
Chain INPUT (policy ACCEPT)
target prot opt source destination

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
// The filter table has 3 chains with no rules

4) The iptables tool is complex. But, we are only concerned about the incoming IP packets, i.e., the INPUT chain of the filter table. To setup incoming packet-filtering via Webmin:

5) Goto "Webmin" ⇒ "Networking" ⇒ "Linux Firewall" ⇒ Select the option "Allow all traffic" and check "Enable firewall at boot time" ⇒ "Setup Firewall".

6) Select the iptable "Packet filtering (filter)". On a fresh installation, there shall be no rules under all the 3 chains: INPUT, OUTPUT and FORWARD.
}
7) Add the following rules, which are necessary for proper operations of the network interface.

8) Under "Incoming packets (INPUT)":
"Add Rule" ⇒ Set "Action to take" to "Accept" ⇒ For "Connection states", select "Equals" for both "Established" and "Related" ⇒ "Create".

9) This rule is necessary to allow incoming packets that are part of an already established IP connection. We will set the rules for new connection later.

10 ) The corresponding Unix command is:

$ sudo iptables -A INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
// -A INPUT: append this rule to the INPUT chain
// -m conntrack:
// -ctstate ESTABLISHED,RELATED: connection state
// -j ACCEPT: accept the packet


11) "Add Rule" ⇒ Set "Action to take" to "Accept" ⇒ For "Network protocol", select "Equals" for "ICMP" ⇒ "Create".

12) This rule allows incoming packets for ICMP diagnostics such as ping and traceroute.

13) "Add Rule" ⇒ Set "Action to take" to "Accept" ⇒ For "Incoming interface", select "Equals" for "lo" (local) ⇒ "Create".

14) This rule allows incoming packets for local loopback interface (or, localhost).

15)Next, create rules for each of the protocol services that are permitted to access the server. This depends on your specific environment.
Under "Incoming packets (INPUT)":

16) To allow incoming SSH connection, which runs on TCP port 22 by default: "Add Rule" ⇒ Set "Action to take" to "Accept" ⇒ For "Network protocol", select "Equals" for "TCP" ⇒ For "Destination TCP or UDP port", select "Equals" and set "Port(s)" to 22 ⇒ For "Connection states", select "Equals" for "NEW".

17) The corresponding Unix command is:

$ sudo iptables -A INPUT -p tcp --dport ssh -j ACCEPT
// -A INPUT: append this rule to INPUT chain
// -p tcp: network protocol of tcp
// --dport ssh: ssh default port number (22)
// -j ACCEPT: accept the packet

18) To allow incoming Webmin connection, which runs on TCP port 10000 by default: repeat the above, but choose port 10000.


19) Similarly, you can allow incoming connection for services such as HTTP (default on TCP port 80), HTTPS (default on TCP port 443), Usermin (default on TCP port 20000) Samba (UDP Ports 137-139, TCP ports 137, 139 and 445), PhpMyAdmin (...) ...

20) Finally, set the INPUT chain's default policy to drop packets that don't match any rules.

21) Select "Default action" to "Drop", and click "Set Default Action To" button.

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Speed ​​optimization-enable hard disk DMA support Enabling hard-ssd disk DMA support
t.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

> DMA support is not enabled after the anonymous system is installed. In order to improve efficiency, you can enable it.

1) /etc/rc.d/rc.local Add a line / sbin / hdparm -d1 -c3 -m16 / dev / hda
If your hard disk supports ATA33, you can add -X66, ATA66 is -X68.

2) For example, ATA66 is: / sbin / hdparm -d1 -X68 -c3 -m16 / dev / hda
We can use hdparm -Tt / dev / hda to test the effect before and after joining.

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Malware collection gd list by UNdercOde
pinterest.com/Undercode_Testing

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

> Capture and collect your own samples

1) Conpot -ICS / SCADA Honeypot

2) Cowrie -Kippo-based SSH honeypot

3) Dionaea -Honeypot to catch malware

4) Glastopf -Web Application Honeypot

5) Honeyd -Create a virtual honeypot

6) HoneyDrive -Linux distribution for honeypot packages
Mnemosyne -Honeypot data standardization supported by Dinoaea

7) Thug -Low-interaction honeypot for investigating malicious websites
Malware Sample Library

🦑 Collect malware samples for analysis

1) Clean MX -Real-time database of malware and malicious domains

2 )Contagio -Collection of recent malware samples and analysis

3) Exploit Database -Exploit and shellcode samples

4) Malshare -A large library of malicious samples obtained on malicious websites.

5) MalwareDB -Malware sample library

6) Open Malware Project -Sample Information and Download

7)-Ragpicker -A plugin based on the malware crawler.

8) the Zoo -Real-time malicious sample library for analysts

9) Tracker h3x -Agregator's malware tracking and download address
V
10) iruSign -Database of malware detected by anti-virus programs other than ClamAV

11) VirusShare -Malware library

12) VX Vault -Active Collection of Malware Samples

13) Zeltser's Sources -List of malware sample sources compiled by Lenny Zeltser

14) Zeus Source Code -Zeus source code leaked in 2011

🦑 Will write tutorial for each one

written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑To run an external (third party, copied) "WORKING" php script : On Termux
Twitter.com/UndercodeNews
After installing php

1) Pkg updates

2) Sudo pkg install php

3) save your (executable) script.php in /storage/
example : in /storage/emulated/0/Documents/...FULL...PATH.../
(and other files.txt used by the script, if necessary)


4) Then in Termux App,
>
cd /storage/emulated/0/Documents/...FULL...PATH.../
>
php script.php

5) BUT ... before,
"It is necessary to grant storage permission for Termux on [your device with] Android 6 and higher.
Use 'Settings>Apps>Termux>Permissions>Storage' and set to true."

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 malwares Setup 2020
An SSH Honeypot >Cowrie is a medium interaction SSH and Telnet honeypot, which can log brute force attacks and an attacker’s shell interaction
pinterest.com/Undercode_Testing

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Change the Port You’ll Use to Administer the Server
Cowrie will be listening for SSH connections on port 22. You’ll want to configure the SSH service to listen on a different port for you to connect to and administer the server.

2)sudo vi /etc/ssh/sshd_config
Under # What ports, IPs and protocols we listen for, change the port number to 3393 or your preferred port number.

3) Write your changes and quit vi.
Ctrl + C

4) Restart the SSH service.

5) service ssh restart

6) By running the command below, you can see that the server is now listening for connections on port 3393.

7) netstat -tan

> Proto Recv-Q Send-Q Local Address Foreign Address State
tcp0 0 0.0.0.0:3393 0.0.0.0:* LISTEN

🦑 Install and Configure Cowrie

1) Download updated package lists.

> sudo apt-get update

2) Install Cowrie’s dependencies.

> sudo apt-get install python2.7 git virtualenv libmpfr-dev libssl-dev libmpc-dev libffi-dev build-essential libpython-dev python-pip

3) Add a new user named, cowrie.

4) sudo adduser — disabled-password cowrie

5) Switch to the new user, cowrie

> sudo su — cowrie

6) Navigate to the home directory of user, cowrie, and clone the cowrie git repository.
> git clone https://github.com/micheloosterhof/cowrie.git

7) Create a new Python virtual environment for cowrie.

8) cd cowrie

9) virtualenv cowrie-env

10) Activate the virtual environment.

> source cowrie-env/bin/activate

11) The terminal will display (cowrie-env) before the username, cowrie.

12) Install pycrypto, Crypto and other requirements.

13) pip install pycrypto Crypto
(cowrie-env)$ pip install -r requirements.txt

14) Generate a key for the cowrie instance.

15) cd data
ssh-keygen -t dsa -b 1024 -f ssh_host_dsa_key
cd ..

16) export PYTHONPATH=/home/cowrie/cowrie
Additional Cowrie Configuration

17) Make a copy of the config file for your new cowrie instance.

18) cd /home/cowrie/cowrie/

19) cp cowrie.cfg.dist cowrie.cfg
vi ./cowrie.cfg

20) Set the hostname in the configuration file to a server name of your choice. E.g. fileserver4

21) Change the Port to listen for incoming SSH connections to port 22.

22) Write your changes and quit vi.
Ctrl + C
:wq

23) Enable authbind in cowrie’s start.sh file.
sudo vi /home/cowrie/cowrie/start.sh

Change line 2 to read:
AUTHBIND_ENABLED=yes

24) sudo apt-get install authbind

25) sudo touch /etc/authbind/byport/22

26) sudo chown cowrie /etc/authbind/byport/22

27) sudo chmod 777 /etc/authbind/byport/22

🦑 Start Cowrie

1) Execute the following commands to start Cowrie.

2) sudo su cowrie

3) cd /home/cowrie/cowrie/
source cowrie-env/bin/activate

4) ./start.sh

5) Verify cowrie is listening on port 22 by running the command below.
netstat -tan
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN

6) Execute the following command to stop Cowrie.
./stop.sh

Written by Undercode
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Usefull Tools for IDS / IPS / Host IDS / Host IPS 2020
instagram.com/UndercodeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Snort - Snort is a free, open source intrusion prevention system (NIPS) and network intrusion detection system (NIDS), created by Martin Roche Snort is currently under development. Sourcefire, founded by Roesch and CTO. In 2009, Snort entered the OpenWork InfoWorld Hall of

2) Fame as one of the “greatest [open source] software samples of all time”.

3) Bro - Bro is a powerful network analysis infrastructure that is very different from the typical IDS you may know.

4) OSSEC - Integrated HIDS open source. Not for the faint of heart. It takes a little to understand how this works. Performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time notification, and an active response. It works on most operating systems, including Linux, MacOS, Solaris, HP-UX, AIX, and Windows. Lots of reasonable documentation. Sweet spot - medium to large deployment.

5) Suricata - Suricata is a high-performance mechanism for monitoring
network IDS, IPS and network security. Open Source and belongs to the public non-profit foundation Open Foundation Security Foundation (OISF). Suricata was developed by OISF and its suppliers.

6) Security Onion - Security Onion is a Linux distribution for intrusion detection, network security monitoring and log management. It is based on Ubuntu and contains Snort, Suricata, Bro, OSSEC, Sguil, Squert,

7) Snorby, ELSA, Xplico, NetworkMiner and many other security tools. The easy-to-use installation wizard allows you to create an army of distributed sensors for your enterprise in minutes!

8) sshwatch - IPS for SSH is similar to DenyHosts written in Python. It can also collect information about an attacker during an attack in a log.

9) Stealth - Check file integrity, which leaves virtually no residue. The controller starts from another computer, which makes it difficult for an attacker to know that the file system is checked at certain pseudorandom intervals via SSH. Highly recommended for small to medium deployments.

11) AIEngine - AIEngine is an interactive / programmable next-generation Python / Ruby / Java / Lua package checker with training capabilities without any human intervention, NIDS (network intrusion detection) System) functionality, DNS domain classification, network collector, network forensics and much more.

12) Denyhosts - Prevent SSH dictionary attacks and brute force attacks.
Fail2Ban - scans log files and performs actions at IP addresses that show malicious behavior.

13) SSHGuard - a service security software in addition to SSH written in C
Lynis is an open source security audit tool for Linux / Unix.

Written by Undercode
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 COMMUN VIRUS-MALWARES 2020 top
twitter.com/UndercodeNews

1) Damn Simple Honeypot (DSHP) - Honeypot framework with pluggable handlers.

2) NOVA - uses honeypots as detectors, looks like a complete system.

3) OpenFlow Honeypot (OFPot) - Redirects traffic for unused IP addresses to a honeypot built on POX.

4) OpenCanary - A modular and decentralized honeypot daemon that runs several Canary versions of services and warns when (ab) is in use.
low- ciscoasa_honeypot Honeypot for a Cisco ASA that can detect CVE-2018-0101, DoS vulnerabilities, and remote code execution.
miniprint - Honeypot mid-interaction printer.

🦑 Botnet C2 Tools

1) Hale - Botnet management and control monitor.

2) dnsMole - analyzes DNS traffic and potentially detects botnet commands and monitors server activity, as well as infected hosts.

3) IPv6 attack detection tool

ipv6 attack detector is a Google Summer of Code 2012 project supported by the Honeynet Project.
dynamic code toolkit

4)Frida - Add JavaScript to explore native applications on Windows, Mac, Linux, iOS, and Android.
A tool for converting a site into server decoys

5) HIHAT - Convert arbitrary PHP applications to high-level Honeypots web interfaces.
malware collector

6) Kippo-Malware is a Python script that downloads all malicious files stored as URLs in the Kippo SSH honeypot database.
Distributed Deployment Sensor

7) Modern Honey Network - Multiple snort and honeypot sensor management, uses a network of virtual machines, small SNORT installations, hidden dioneas and a centralized server for management.

🦑Network analysis tool

1) Tracexploit - play network packets.

2) Anonymizer Journal

3) LogAnon - Anonymous logging library that helps ensure anonymous logs are consistent between logs and network captures.
Low-interaction Honeypot (router back door)

4) Honeypot-32764 - Honeypot for the back door of the router (TCP 32764).

5) WAPot - Honeypot that can be used to monitor traffic directed to home routers.

6) Honeynet Farm Traffic Redirector

Honeymole - Deploying multiple sensors that redirect traffic to a centralized collection of honey pots.

7) HTTPS Proxy

mitmproxy - allows you to intercept, verify, modify and play traffic flows.

🦑System hardware

1) Sysdig - An open-source system-level study allows you to record the status and activity of a system from a running GNU / Linux instance, and then save, filter, and analyze the results.

2) Fibratus - A tool for researching and tracking the Windows kernel.
Honeypot for malware distribution via USB

3) Ghost-usb - Honeypot for malware spreading through USB storage devices.

🦑 Data collection

1) Kippo2MySQL - Extracts some very simple statistics from Kippo text log files and inserts them into a MySQL database.

2) Kippo2ElasticSearch is a Python script for transferring data from the

3) Kippo SSH honeypot MySQL database to an ElasticSearch instance (server or cluster).

4) Passive Network Audit Framework Parser

[Passive Network Audit Infrastructure (pnaf)] ( https://github.com/jusafing/pnaf ) is a platform that combines several passive and automated analysis methods to provide an assessment of the security of network platforms.

🦑 VM monitoring and tools

1) Antivmdetect - Script to create templates for use with VirtualBox to make VM detection more difficult.

2) VMCloak - Automatically create a virtual machine and mask for a cuckoo sandbox.
[vmitools] ( http://libvmi.com/ ) is a C library with Python bindings that makes it easy to track the low-level details of a running virtual machine.

🦑 binary debugger

1) Hexgolems - the server part of the debugger Pint - the server part of the debugger and the LUA shell for the PIN code.

2) Hexgolems - external interface of the debugger Schem - external interface of the debugger.

ALL THOSE AVAIBLE AT GITHUB WILL WROTE SOME TUTORIALS FOR those
Written by Undercode
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Deface topic script Deface is a library that allows you to customize HTML (ERB, Haml and Slim) views in a Rails application without editing the underlying view.

> It allows you to easily target html & erb elements as the hooks for customization using CSS selectors as supported by Nokogiri. Rails plugin that allows you to customize ERB views in a Rails application without editing the underlying view updated in 2019
http://pinterest.com/Undercode_testing

🦑 𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) on linux os clone https://github.com/spree/deface

2) go dir

3) Ensure that your layout views include doctype, html, head and body tags in a single file, as Nokogiri will create such elements if it detects any of these tags have been incorrectly nested.

4) Parsing will fail and result in invalid output if ERB blocks are responsible for closing an HTML tag that was opened normally, i.e. don't do this: &lt;div <%= ">" %>

5) Gems or Spree Extensions that add overrides to your application will load them in the order they are added to your Gemfile.

6) Applying an override to a view that contains invalid markup (which, occasionally happens in Spree views) can break rendering that would normally pass a browser's own permissive rendering. This is because the nokogiri library takes it upon itself to correct the issue, which doesn't happen prior to applying deface. Sometimes that correction changes the rendering of the view in an unintended manner, appearing to break it. The easiest way to tell if this is the cause of an issue for you is to put your view into http://deface.heroku.com/ and diff the output with the html which rails renders without your override. If you see a difference in the structure of the html, you may have invalid markup in your view which nokogiri is correcting for you. See Spree issue #1789 for an example of what may be wrong in a view.

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁