β β β Uππ»βΊπ«6π¬πβ β β β
π¦#News WastedLocker: Symantec identified a wave of attacks against US organizationsπ±
>Symantec, a Broadcom subsidiary, discovered and warned users that the attackers attempted to deploy the WastedLocker ransomware and carried out a series of attacks on American companies. The ultimate goal of these attacks is to weaken the victim's IT infrastructure by encrypting most of the victim's computers and servers to demand a ransom of millions of dollars. At least 31 organizations are currently under attack, which means The attacker has compromised the target organization's network and is laying the foundation for a ransomware attack.
> It is a relatively new directional ransomware that was recorded before the NCC Group was released , and Symantec is expanding the affected network. WastedLocker was attributed to the infamous "Evil Corp" cybercrime organization, Evil Corp has been associated with Dridex Bank Trojan and BitPaymer ransomware, the amount of ransom is up to tens of millions of dollars. Two Russian men suspected of participating in the organization have prosecuted them publicly in the United States .
> These attacks started with a malicious JavaScript-based framework called SocGholish, which was tracked to update more than 150 threatened websites disguised as software. Once the attacker enters the victim's network, they will use Cobalt Strike malware and some non-native tools to steal identity documents, upgrade privileges, and then move around the network to deploy WastedLocker ransomware on multiple computers.
@UndercodeNews
β β β Uππ»βΊπ«6π¬πβ β β β
π¦#News WastedLocker: Symantec identified a wave of attacks against US organizationsπ±
>Symantec, a Broadcom subsidiary, discovered and warned users that the attackers attempted to deploy the WastedLocker ransomware and carried out a series of attacks on American companies. The ultimate goal of these attacks is to weaken the victim's IT infrastructure by encrypting most of the victim's computers and servers to demand a ransom of millions of dollars. At least 31 organizations are currently under attack, which means The attacker has compromised the target organization's network and is laying the foundation for a ransomware attack.
> It is a relatively new directional ransomware that was recorded before the NCC Group was released , and Symantec is expanding the affected network. WastedLocker was attributed to the infamous "Evil Corp" cybercrime organization, Evil Corp has been associated with Dridex Bank Trojan and BitPaymer ransomware, the amount of ransom is up to tens of millions of dollars. Two Russian men suspected of participating in the organization have prosecuted them publicly in the United States .
> These attacks started with a malicious JavaScript-based framework called SocGholish, which was tracked to update more than 150 threatened websites disguised as software. Once the attacker enters the victim's network, they will use Cobalt Strike malware and some non-native tools to steal identity documents, upgrade privileges, and then move around the network to deploy WastedLocker ransomware on multiple computers.
@UndercodeNews
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Cardable sites for games :
www.instant-gaming.com
www.kinguin.net -> Skrill
www.getgamesgo.com
www.bundlestars.com -> It's a very very good site
www.dlgamer.us
www.yuplay.com
www.elitekeys.com
www.gog.com
www.offgamers.com
www.gamersgate.com
www. bundlestars . com - > It ' s a very very good site
www. dlgamer . us
www. yuplay. com
www. elitekeys . com
www. gog . com
www. offgamers . com
www. gamersgate . com
www. go2 arena . com
www.gamecards.com
for learn only !
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Cardable sites for games :
www.instant-gaming.com
www.kinguin.net -> Skrill
www.getgamesgo.com
www.bundlestars.com -> It's a very very good site
www.dlgamer.us
www.yuplay.com
www.elitekeys.com
www.gog.com
www.offgamers.com
www.gamersgate.com
www. bundlestars . com - > It ' s a very very good site
www. dlgamer . us
www. yuplay. com
www. elitekeys . com
www. gog . com
www. offgamers . com
www. gamersgate . com
www. go2 arena . com
www.gamecards.com
for learn only !
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«6π¬πβ β β β
π¦HOW TO GET 2020 CC CARD-CARDING METH :
HOW TO TAKE A Special VALID CREDIT CARD
1οΈβ£ GO to http:/www.e-coin.io/ and Account formation. False INFORMATIONS may be used
2οΈβ£get WireX Software On The SmartPhone (Playstore / Appstore) lastest version
3οΈβ£ Login to The E-Coin.io Mobile Program
(When doing this stuff I used all the false information)
4οΈβ£ Build a new WireX Mobile USD coin. Consider it a VCC US Dollar (virtual credit card)
5οΈβ£Go back to E-Coin.io or the device WireX;
Submit CVV (CC #, Exp Date and CVV Numbers will be submitted to you)
You now have a Virtual Credit Card which you can use or add to BITCOINS or any service requiring one.
#deepwebTip
β β β Uππ»βΊπ«6π¬πβ β β β
π¦HOW TO GET 2020 CC CARD-CARDING METH :
HOW TO TAKE A Special VALID CREDIT CARD
1οΈβ£ GO to http:/www.e-coin.io/ and Account formation. False INFORMATIONS may be used
2οΈβ£get WireX Software On The SmartPhone (Playstore / Appstore) lastest version
3οΈβ£ Login to The E-Coin.io Mobile Program
(When doing this stuff I used all the false information)
4οΈβ£ Build a new WireX Mobile USD coin. Consider it a VCC US Dollar (virtual credit card)
5οΈβ£Go back to E-Coin.io or the device WireX;
Submit CVV (CC #, Exp Date and CVV Numbers will be submitted to you)
You now have a Virtual Credit Card which you can use or add to BITCOINS or any service requiring one.
#deepwebTip
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«6π¬πβ β β β
π¦ CC 2020 popular SHOP SITES :
1) unicc.cm
(btc donation)
2) fe-acc18.ru
(Activation Require 20$ Btc )
3) vclub.shop
(Activation Require 10$ Btc.)
4) https://jstash.bazar
(Activation require 20$ Btc & this site link open in Blockchain Dns)
5) Validcc.tw
(Activation Fees is 50$ & 200$ btc for premium)
6) https://validccshop.online/
7) http://store-cc.ru/
8) https://cc-shop.su/
9) https://centralshop.cn/
β β β Uππ»βΊπ«6π¬πβ β β β
π¦ CC 2020 popular SHOP SITES :
1) unicc.cm
(btc donation)
2) fe-acc18.ru
(Activation Require 20$ Btc )
3) vclub.shop
(Activation Require 10$ Btc.)
4) https://jstash.bazar
(Activation require 20$ Btc & this site link open in Blockchain Dns)
5) Validcc.tw
(Activation Fees is 50$ & 200$ btc for premium)
6) https://validccshop.online/
7) http://store-cc.ru/
8) https://cc-shop.su/
9) https://centralshop.cn/
β β β Uππ»βΊπ«6π¬πβ β β β
validccshop.online
validccshop.online - This website is for sale! - validccshop Resources and Information.
This website is for sale! validccshop.online is your first and best source for all of the information youβre looking for. From general topics to more of what you would expect to find here, validccshop.online has it all. We hope you find what you are searchingβ¦
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Web Application Firewall Fingerprinting Tool
-termux-linux
> Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions.
> If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is.
> If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£
1) Testing a Single URL
The URL can be directly supplied to the script after WAFW00F has been built and installed on the system.
> wafw00f http://example.com
2) Testing Multiple URLs
Multiple URLs can be supplied one after another using spaces.
> wafw00f http://example.com http://host.com http://site.tld
3) Listing All Supported WAFs
> Option: -l or --list
4) This option lists all the available supported WAF products by WAFW00F. With this option the companies manufacturing the WAF product can also be viewed alongside the WAF name.
> wafw00f --list
5) Adding Custom Headers
> Option: -H or --headers
6) WAFW00F has its own set of default headers by which it makes the requests. The headers are specifically suited for emulating a Chrome browser running on a Windows platform. This option enables you to supply a comma separated list of custom headers which you might want WAFW00F to use during all requests.
> wafw00f http://example.com -H headers.txt
NOTE: The headers which you will supply will overwrite the list of default headers.
7) Using Proxies
> Option: -p or --proxy
8) With this option, you can use proxies to route the requests through. The scheme should be in the normal URL format <scheme>://<username:password>@<hostname>:<port>, where the username and password can be used in cases where the proxy server supports authentication.
> wafw00f http://example.com -p http://user:pass@127.0.0.1:8080
9) Testing For A Single WAF Instance
> Option: -t or --test
10) This option helps you set WAFW00F to test for a single instance of a WAF. When this argument is supplied, WAFW00F will test and try to match the fingerprint for the given WAF only. The supplied WAF name should be equal to at least one of the names within wafprio.py. You can use the --list argument to list the products supported by the WAF.
> wafw00f http://example.com -t 'Edgecast (Verizon Digital Media)'
ENJOY β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Web Application Firewall Fingerprinting Tool
-termux-linux
> Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions.
> If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is.
> If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£
git clone https://github.com/EnableSecurity/wafw00f.git
2οΈβ£cd wafw00f
3οΈβ£python setup.py install
4οΈβ£EXAMPLES:1) Testing a Single URL
The URL can be directly supplied to the script after WAFW00F has been built and installed on the system.
> wafw00f http://example.com
2) Testing Multiple URLs
Multiple URLs can be supplied one after another using spaces.
> wafw00f http://example.com http://host.com http://site.tld
3) Listing All Supported WAFs
> Option: -l or --list
4) This option lists all the available supported WAF products by WAFW00F. With this option the companies manufacturing the WAF product can also be viewed alongside the WAF name.
> wafw00f --list
5) Adding Custom Headers
> Option: -H or --headers
6) WAFW00F has its own set of default headers by which it makes the requests. The headers are specifically suited for emulating a Chrome browser running on a Windows platform. This option enables you to supply a comma separated list of custom headers which you might want WAFW00F to use during all requests.
> wafw00f http://example.com -H headers.txt
NOTE: The headers which you will supply will overwrite the list of default headers.
7) Using Proxies
> Option: -p or --proxy
8) With this option, you can use proxies to route the requests through. The scheme should be in the normal URL format <scheme>://<username:password>@<hostname>:<port>, where the username and password can be used in cases where the proxy server supports authentication.
> wafw00f http://example.com -p http://user:pass@127.0.0.1:8080
9) Testing For A Single WAF Instance
> Option: -t or --test
10) This option helps you set WAFW00F to test for a single instance of a WAF. When this argument is supplied, WAFW00F will test and try to match the fingerprint for the given WAF only. The supplied WAF name should be equal to at least one of the names within wafprio.py. You can use the --list argument to list the products supported by the WAF.
> wafw00f http://example.com -t 'Edgecast (Verizon Digital Media)'
ENJOY β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
Forwarded from Free Premium Accounts Telegram Channel - Netflix - Spotify
Please open Telegram to view this post
VIEW IN TELEGRAM
Forwarded from Free Premium Accounts Telegram Channel - Netflix - Spotify
Please open Telegram to view this post
VIEW IN TELEGRAM
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦57 New cc generator list
1) https://namso-gen.com
2) http://namso.ezyro.com/?i=1
3) http://archive.li/gvfdN
4) https://ia1000.com
6) http://sourcebinccgen.ml/CCGENSBC1/
7) http://sourcebinccgen.ml/CCGENSBC2/
8) https://obtain-link.com/checker2/Index.php
9) http://namsocc.net
10) https://ccgen.srijo.tech
11) http://www.b7k-checker.club
12) https://tnb-generator.000webhostapp.com
13) http://profetaschek.xyz/gen/
14) https://holk.xyz
15) https://www.ondroid.ga
16) https://cccardgen.es.tl
17) http://x-secret.net/ccgen/
18) http://ad365.me/
19) https://www.ccgen.mx
20)https://web.archive.org/web/20160726182003/https://cc.namsoelite.com/
21) http://www.b7k-checker.club/
22) http://hitlerccgen.com
23) http://blckcardgen.xyz/~blckcard/
24) https://cc.ajpro.ml/
25) https://www.ccgen.mx/
26) http://namsodebit.co/
27) http://vpnclub.ml/cg/
28) http://educapro.mx
29) http://namsopirates.xyz
30) http://www.bv1.tech
31) https://namso.gdn/gen/
32) http://www.beshoycc.com
33) http://safra.000webhostapp.com/cassa/
34) https://bin.isecurity.pw
35) http://virusteamdlg.com/gen/
36) https://namso5.com/
37) http://sourcebinccgen.ml/CCGENSBC3/
38) https://www.bestccgen.com/
39) https://creditcardgenerator.com/
40) https://creditcardgenerator.com/visa-credit-card-generator/
41) https://www.gleanster.com/credit-card-generator-with-cvv-and-expiration-date/history/
42) https://saijogeorge.com/dummy-credit-card-generator/
43) https://generator-credit-card.com/
44) https://www.vccgenerator.com/
45) https://www.creditcardrush.com/credit-card-generator-with-money/
46) https://fake-card-generator.com/
47) https://namso-gen.com/
48) https://www.elfqrin.com/discard_credit_card_generator.php
49) https://dzmohaipa.com/Bin/Dz/
50) https://xuls.to/gen/
51) https://databusterz.com/ccgen/
52) https://sieuthuthuat.com/bin
53) https://namso5.com/
54) http://geekhackerzccgen.tk
55) http://Primebox.ml
56) Anonymouspal.me
57) http://ccteam17.xyz/card/ccg/
bv1.tech
58) http://dark-h-zone.cf
ENJOY β€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦57 New cc generator list
1) https://namso-gen.com
2) http://namso.ezyro.com/?i=1
3) http://archive.li/gvfdN
4) https://ia1000.com
6) http://sourcebinccgen.ml/CCGENSBC1/
7) http://sourcebinccgen.ml/CCGENSBC2/
8) https://obtain-link.com/checker2/Index.php
9) http://namsocc.net
10) https://ccgen.srijo.tech
11) http://www.b7k-checker.club
12) https://tnb-generator.000webhostapp.com
13) http://profetaschek.xyz/gen/
14) https://holk.xyz
15) https://www.ondroid.ga
16) https://cccardgen.es.tl
17) http://x-secret.net/ccgen/
18) http://ad365.me/
19) https://www.ccgen.mx
20)https://web.archive.org/web/20160726182003/https://cc.namsoelite.com/
21) http://www.b7k-checker.club/
22) http://hitlerccgen.com
23) http://blckcardgen.xyz/~blckcard/
24) https://cc.ajpro.ml/
25) https://www.ccgen.mx/
26) http://namsodebit.co/
27) http://vpnclub.ml/cg/
28) http://educapro.mx
29) http://namsopirates.xyz
30) http://www.bv1.tech
31) https://namso.gdn/gen/
32) http://www.beshoycc.com
33) http://safra.000webhostapp.com/cassa/
34) https://bin.isecurity.pw
35) http://virusteamdlg.com/gen/
36) https://namso5.com/
37) http://sourcebinccgen.ml/CCGENSBC3/
38) https://www.bestccgen.com/
39) https://creditcardgenerator.com/
40) https://creditcardgenerator.com/visa-credit-card-generator/
41) https://www.gleanster.com/credit-card-generator-with-cvv-and-expiration-date/history/
42) https://saijogeorge.com/dummy-credit-card-generator/
43) https://generator-credit-card.com/
44) https://www.vccgenerator.com/
45) https://www.creditcardrush.com/credit-card-generator-with-money/
46) https://fake-card-generator.com/
47) https://namso-gen.com/
48) https://www.elfqrin.com/discard_credit_card_generator.php
49) https://dzmohaipa.com/Bin/Dz/
50) https://xuls.to/gen/
51) https://databusterz.com/ccgen/
52) https://sieuthuthuat.com/bin
53) https://namso5.com/
54) http://geekhackerzccgen.tk
55) http://Primebox.ml
56) Anonymouspal.me
57) http://ccteam17.xyz/card/ccg/
bv1.tech
58) http://dark-h-zone.cf
ENJOY β€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
Namso-Gen
Random Credit Card Number Generator for Testing and Development - Namsogen
Enhance testing, validation, and development with Namsogen β the ultimate solution for precise, valid credit card numbers tailored for seamless integration.
π¦BEST HACKING PYTHON LIBS :
Python: https://www.python.org/downloads/
PyCurl: http://pycurl.sourceforge.net/
PyBeautifulSoup4: https://pypi.org/project/beautifulsoup4/
PyGeoIP: https://pypi.org/project/pygeoip/
PyGObject: https://pypi.org/project/gobject/
PyCairocffi: https://pypi.org/project/cairocffi/
PySelenium: https://pypi.org/project/selenium/
β β β Uππ»βΊπ«6π¬πβ β β β
Python: https://www.python.org/downloads/
PyCurl: http://pycurl.sourceforge.net/
PyBeautifulSoup4: https://pypi.org/project/beautifulsoup4/
PyGeoIP: https://pypi.org/project/pygeoip/
PyGObject: https://pypi.org/project/gobject/
PyCairocffi: https://pypi.org/project/cairocffi/
PySelenium: https://pypi.org/project/selenium/
β β β Uππ»βΊπ«6π¬πβ β β β
Python.org
Download Python
The official home of the Python Programming Language
β β β Uππ»βΊπ«6π¬πβ β β β
π¦#FastTips :Much Required Advice for Beginners :
(#carding tips)
1οΈβ£ Using socks5 that fit the billing address of the cardholder (dont using socks4 or http proxies because they can leak DNS info).
2οΈβ£If your CC comes from UK, try using a drop in UK and so on for other countries
3οΈβ£If there is a gift choice, place it so it looks like you're sending a present to some buddy, girlfriend and so on.
4οΈβ£ Seek to render requests such as valentines before holidays etc. That's an ancient strategy now but it works for 2 purposes. These days the shops are having a ton of requests, and they can transfer one of the scams as genuine as well. So it seems as though you are giving a legit gift
5οΈβ£ Using cracked / open wifi + modified MAC, VPN in some offshore country + 2-3 sockets in a virtual machine for your protection. I recommend you import VMWare and a ready-made file to launch it. Attempt to build your own encryption proxy chain, with the last external IP that fits the address of the cardholders.
6οΈβ£Using Firefox with Plugins in private mode. Found several extensions relevant to protection that do not control connections, transparent cookies, LSO & flash cookies, etc. Be imaginative, and learn.
7οΈβ£Use gmail / hotmail / yahoo when ordering or Use @some hipster email provider, one that many people don't really use. It does make things seem legal.
8οΈβ£Attempt also to card on Weekends as shops unable to touch and search Extra bank info, by calling them. You may even test the time the closes Bank
9οΈβ£Please send an email to the vendor shortly after finishing the order to ship.
πFast as you desperately need it, as there is some purpose in your building.
1οΈβ£1οΈβ£Do not use a cc on the same site with separate Accounts.
Full record: 3-4 Years max.
1οΈβ£2οΈβ£ When you use the pp in carding instead purchase pp with email
access and remove the order linked emails from the email inbox and trash box
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦#FastTips :Much Required Advice for Beginners :
(#carding tips)
1οΈβ£ Using socks5 that fit the billing address of the cardholder (dont using socks4 or http proxies because they can leak DNS info).
2οΈβ£If your CC comes from UK, try using a drop in UK and so on for other countries
3οΈβ£If there is a gift choice, place it so it looks like you're sending a present to some buddy, girlfriend and so on.
4οΈβ£ Seek to render requests such as valentines before holidays etc. That's an ancient strategy now but it works for 2 purposes. These days the shops are having a ton of requests, and they can transfer one of the scams as genuine as well. So it seems as though you are giving a legit gift
5οΈβ£ Using cracked / open wifi + modified MAC, VPN in some offshore country + 2-3 sockets in a virtual machine for your protection. I recommend you import VMWare and a ready-made file to launch it. Attempt to build your own encryption proxy chain, with the last external IP that fits the address of the cardholders.
6οΈβ£Using Firefox with Plugins in private mode. Found several extensions relevant to protection that do not control connections, transparent cookies, LSO & flash cookies, etc. Be imaginative, and learn.
7οΈβ£Use gmail / hotmail / yahoo when ordering or Use @some hipster email provider, one that many people don't really use. It does make things seem legal.
8οΈβ£Attempt also to card on Weekends as shops unable to touch and search Extra bank info, by calling them. You may even test the time the closes Bank
9οΈβ£Please send an email to the vendor shortly after finishing the order to ship.
πFast as you desperately need it, as there is some purpose in your building.
1οΈβ£1οΈβ£Do not use a cc on the same site with separate Accounts.
Full record: 3-4 Years max.
1οΈβ£2οΈβ£ When you use the pp in carding instead purchase pp with email
access and remove the order linked emails from the email inbox and trash box
CARDING IS FOR LEARN, NOT FOR STEAL !!!Share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«6π¬πβ β β β
π¦2020 webhacking-
- find admin login pages and EAR vulnerabilites.
-Termux/Linux
π¦Features :
> Multi-threading on demand
> Big path list (482 paths)
> Supports php, asp and html extensions
> Checks for potential EAR vulnerabilites
> Checks for robots.txt
> Support for custom patns
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/s0md3v/Breacher.git
2οΈβ£cd Breacher
3οΈβ£EXAMPLES :
> Check all paths with php extension
python breacher -u example.com --type php
> Check all paths with php extension with threads
python breacher -u example.com --type php --fast
> Check all paths without threads
python breacher -u example.com
> Adding a custom path. For example if you want all paths to start with /data (example.com/data/...) you can do this:
python breacher -u example.com --path /data
π¦STILL TROUBLE ?
> https://youtu.be/BEpt5JmcWPk
enjoy β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦2020 webhacking-
- find admin login pages and EAR vulnerabilites.
-Termux/Linux
π¦Features :
> Multi-threading on demand
> Big path list (482 paths)
> Supports php, asp and html extensions
> Checks for potential EAR vulnerabilites
> Checks for robots.txt
> Support for custom patns
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/s0md3v/Breacher.git
2οΈβ£cd Breacher
3οΈβ£EXAMPLES :
> Check all paths with php extension
python breacher -u example.com --type php
> Check all paths with php extension with threads
python breacher -u example.com --type php --fast
> Check all paths without threads
python breacher -u example.com
> Adding a custom path. For example if you want all paths to start with /data (example.com/data/...) you can do this:
python breacher -u example.com --path /data
π¦STILL TROUBLE ?
> https://youtu.be/BEpt5JmcWPk
enjoy β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
GitHub
GitHub - s0md3v/Breacher: An advanced multithreaded admin panel finder written in python.
An advanced multithreaded admin panel finder written in python. - s0md3v/Breacher
β β β Uππ»βΊπ«6π¬πβ β β β
π¦BEST 2020 BROWSER LOG CLEANER(Carding) & System logs REMOVER :
BleachBit cleans files to free disk space and to maintain privacy.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
-PARROT
-KALI
-UBUNTU
ENJOY β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦BEST 2020 BROWSER LOG CLEANER(Carding) & System logs REMOVER :
BleachBit cleans files to free disk space and to maintain privacy.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/bleachbit/bleachbit.gitπ¦TESTED ON':
2οΈβ£cd bleachbit
3οΈβ£Then install via make command
> make -C po local # build translations
4οΈβ£python3 bleachbit.py
5οΈβ£For information regarding the command line interface, run:
> python3 bleachbit.py --help
-PARROT
-KALI
-UBUNTU
ENJOY β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
2020 Bug chrome metas.rb
12.1 KB
2020 Bug Google Chrome 80 - JSCreate Side-effect Type Confusion (Metasploit)
-USE FOR LEARN !!β β β Uππ»βΊπ«6π¬πβ β β β
π¦How Run Python Hacking Scripts Via windows :
#FastTips
1οΈβ£Download
> https://www.python.org/downloads/windows/
2οΈβ£Run setup file
3οΈβ£Download :
https://visualstudio.microsoft.com/thank-you-downloading-visual-studio/?sku=BuildTools&rel=16
4οΈβ£run setup
video tutorial :
> https://www.youtube.com/watch?v=n5sJ4EewKGk&autoplay=1
5οΈβ£Go powerShell and type :
> pip install --upgrade setuptools
6οΈβ£Now you can install git:
https://git-scm.com/download/win
(Download & run)
& more libs from powershell
& load and Python Script
ENJOY β€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦How Run Python Hacking Scripts Via windows :
#FastTips
1οΈβ£Download
> https://www.python.org/downloads/windows/
2οΈβ£Run setup file
3οΈβ£Download :
https://visualstudio.microsoft.com/thank-you-downloading-visual-studio/?sku=BuildTools&rel=16
4οΈβ£run setup
video tutorial :
> https://www.youtube.com/watch?v=n5sJ4EewKGk&autoplay=1
5οΈβ£Go powerShell and type :
> pip install --upgrade setuptools
6οΈβ£Now you can install git:
https://git-scm.com/download/win
(Download & run)
& more libs from powershell
& load and Python Script
ENJOY β€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
Python.org
Python Releases for Windows
The official home of the Python Programming Language
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Linux-Termux tip :
What is BBQSQL?
> Blind SQL injection can be a pain to exploit. When the available tools work they work well, but when they don't you have to write something custom. This is time-consuming and tedious. BBQSQL can help you address those issues.
> BBQSQL is a blind SQL injection framework written in Python. It is extremely useful when attacking tricky SQL injection vulnerabilities. BBQSQL is also a semi-automatic tool, allowing quite a bit of customization for those hard to trigger SQL injection findings. The tool is built to be database agnostic and is extremely versatile. It also has an intuitive UI to make setting up attacks much easier. Python gevent is also implemented, making BBQSQL extremely fast.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
βExample :
You need to provide the following placeholders of information in order for the attack to work. Once you put these in your query, bbqSQL will do the rest:
${row_index}: This tells bbqSQL to iterate rows here. Since we are using LIMIT we can view n number of row depending on ${row_index} value.
${char_index}: This tells bbqSQL which character from the subselect to query.
${char_val}: This tells bbqSQL where to compare the results from the subselect to validate the result.
${comparator}: This is how you tell BBQSQL to compare the responses to determine if the result is true or not. By default, the > symbol is used.
${sleep}: This is optional but tells bbqSQL where to insert the number of seconds to sleep when performing time based SQL injection.
Not all of these place holders are required. For example, if you have discovered semi-blind boolean based SQL injection you can omit the ${sleep} parameter.
6οΈβ£FOR MORE EXAMPLES :
https://github.com/Neohapsis/bbqsql#install
π¦Features :
URL
HTTP Method
Headers
Cookies
Encoding methods
Redirect behavior
Files
HTTP Auth
Proxies
ENJOY β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Linux-Termux tip :
What is BBQSQL?
> Blind SQL injection can be a pain to exploit. When the available tools work they work well, but when they don't you have to write something custom. This is time-consuming and tedious. BBQSQL can help you address those issues.
> BBQSQL is a blind SQL injection framework written in Python. It is extremely useful when attacking tricky SQL injection vulnerabilities. BBQSQL is also a semi-automatic tool, allowing quite a bit of customization for those hard to trigger SQL injection findings. The tool is built to be database agnostic and is extremely versatile. It also has an intuitive UI to make setting up attacks much easier. Python gevent is also implemented, making BBQSQL extremely fast.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/Neohapsis/bbqsql.git5οΈβ£The query syntax is based around placeholders which tell BBQSQL how to execute the attack ?
2οΈβ£cd bbqsql
3οΈβ£install in one command :
sudo pip install bbqsql (kali-parrot repo)
4οΈβ£for termux
> python setup.py install
βExample :
You need to provide the following placeholders of information in order for the attack to work. Once you put these in your query, bbqSQL will do the rest:
${row_index}: This tells bbqSQL to iterate rows here. Since we are using LIMIT we can view n number of row depending on ${row_index} value.
${char_index}: This tells bbqSQL which character from the subselect to query.
${char_val}: This tells bbqSQL where to compare the results from the subselect to validate the result.
${comparator}: This is how you tell BBQSQL to compare the responses to determine if the result is true or not. By default, the > symbol is used.
${sleep}: This is optional but tells bbqSQL where to insert the number of seconds to sleep when performing time based SQL injection.
Not all of these place holders are required. For example, if you have discovered semi-blind boolean based SQL injection you can omit the ${sleep} parameter.
6οΈβ£FOR MORE EXAMPLES :
https://github.com/Neohapsis/bbqsql#install
π¦Features :
URL
HTTP Method
Headers
Cookies
Encoding methods
Redirect behavior
Files
HTTP Auth
Proxies
ENJOY β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
GitHub
GitHub - CiscoCXSecurity/bbqsql: SQL Injection Exploitation Tool
SQL Injection Exploitation Tool. Contribute to CiscoCXSecurity/bbqsql development by creating an account on GitHub.
β β β Uππ»βΊπ«6π¬πβ β β β
π¦#Privilege Escalationβ οΈMethodes & Tools :
> [4 Ways get linux privilege escalation](http://www.hackingarticles.in/4-ways-get-linux-privilege-escalation/) | shows different examples of PE
> [A GUIDE TO LINUX PRIVILEGE ESCALATION](https://payatu.com/guide-linux-privilege-escalation/) | Basics of Linux privilege escalation
> [Abusing SUDO (Linux Privilege Escalation)](http://touhidshaikh.com/blog/?p=790) | Abusing SUDO (Linux Privilege Escalation)
> [AutoLocalPrivilegeEscalation](https://github.com/ngalongc/AutoLocalPrivilegeEscalation) | automated scripts that downloads and compiles from exploitdb
> [Basic linux privilege escalation](https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/) | basic linux exploitation, also covers Windows
> [Common Windows Privilege Escalation Vectors](https://www.toshellandback.com/2015/11/24/ms-priv-esc/) | Common Windows Privilege Escalation Vectors
> [Editing /etc/passwd File for Privilege Escalation](http://www.hackingarticles.in/editing-etc-passwd-file-for-privilege-escalation/) | Editing /etc/passwd File for Privilege Escalation
> [Linux Privilege Escalation ](https://securityweekly.com/2017/12/17/linux-privilege-escalation-tradecraft-security-weekly-22/) | Linux Privilege Escalation Γ’β¬β Tradecraft Security Weekly (Video)
> [Linux Privilege Escalation Check Script](https://github.com/sleventyeleven/linuxprivchecker) | a simple linux PE check script
> [Linux Privilege Escalation Scripts](http://netsec.ws/?p=309#more-309) | a list of PE checking scripts, some may have already been covered
> [Linux Privilege Escalation Using PATH Variable](http://www.hackingarticles.in/linux-privilege-escalation-using-path-variable/) | Linux Privilege Escalation Using PATH Variable
> [Linux Privilege Escalation using Misconfigured NFS](http://www.hackingarticles.in/linux-privilege-escalation-using-misconfigured-nfs/) | Linux Privilege Escalation using Misconfigured NFS
> [Linux Privilege Escalation via Dynamically Linked Shared Object Library](https://www.contextis.com/blog/linux-privilege-escalation-via-dynamically-linked-shared-object-library) | How RPATH and Weak File Permissions can lead to a system compromise.
> [Local Linux Enumeration & Privilege Escalation Cheatsheet](https://www.rebootuser.com/?p=1623) | good resources that could be compiled into a script
> [OSCP - Windows Priviledge Escalation](http://hackingandsecurity.blogspot.com/2017/09/oscp-windows-priviledge-escalation.html) | Common Windows Priviledge Escalation
> [Privilege escalation for Windows and Linux](https://github.com/AusJock/Privilege-Escalation) | covers a couple different exploits for Windows and Linux
> [Privilege escalation linux with live example](http://resources.infosecinstitute.com/privilege-escalation-linux-live-examples/) | covers a couple common PE methods in linux
ENJOY β€οΈππ»
β Git sources 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦#Privilege Escalationβ οΈMethodes & Tools :
> [4 Ways get linux privilege escalation](http://www.hackingarticles.in/4-ways-get-linux-privilege-escalation/) | shows different examples of PE
> [A GUIDE TO LINUX PRIVILEGE ESCALATION](https://payatu.com/guide-linux-privilege-escalation/) | Basics of Linux privilege escalation
> [Abusing SUDO (Linux Privilege Escalation)](http://touhidshaikh.com/blog/?p=790) | Abusing SUDO (Linux Privilege Escalation)
> [AutoLocalPrivilegeEscalation](https://github.com/ngalongc/AutoLocalPrivilegeEscalation) | automated scripts that downloads and compiles from exploitdb
> [Basic linux privilege escalation](https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/) | basic linux exploitation, also covers Windows
> [Common Windows Privilege Escalation Vectors](https://www.toshellandback.com/2015/11/24/ms-priv-esc/) | Common Windows Privilege Escalation Vectors
> [Editing /etc/passwd File for Privilege Escalation](http://www.hackingarticles.in/editing-etc-passwd-file-for-privilege-escalation/) | Editing /etc/passwd File for Privilege Escalation
> [Linux Privilege Escalation ](https://securityweekly.com/2017/12/17/linux-privilege-escalation-tradecraft-security-weekly-22/) | Linux Privilege Escalation Γ’β¬β Tradecraft Security Weekly (Video)
> [Linux Privilege Escalation Check Script](https://github.com/sleventyeleven/linuxprivchecker) | a simple linux PE check script
> [Linux Privilege Escalation Scripts](http://netsec.ws/?p=309#more-309) | a list of PE checking scripts, some may have already been covered
> [Linux Privilege Escalation Using PATH Variable](http://www.hackingarticles.in/linux-privilege-escalation-using-path-variable/) | Linux Privilege Escalation Using PATH Variable
> [Linux Privilege Escalation using Misconfigured NFS](http://www.hackingarticles.in/linux-privilege-escalation-using-misconfigured-nfs/) | Linux Privilege Escalation using Misconfigured NFS
> [Linux Privilege Escalation via Dynamically Linked Shared Object Library](https://www.contextis.com/blog/linux-privilege-escalation-via-dynamically-linked-shared-object-library) | How RPATH and Weak File Permissions can lead to a system compromise.
> [Local Linux Enumeration & Privilege Escalation Cheatsheet](https://www.rebootuser.com/?p=1623) | good resources that could be compiled into a script
> [OSCP - Windows Priviledge Escalation](http://hackingandsecurity.blogspot.com/2017/09/oscp-windows-priviledge-escalation.html) | Common Windows Priviledge Escalation
> [Privilege escalation for Windows and Linux](https://github.com/AusJock/Privilege-Escalation) | covers a couple different exploits for Windows and Linux
> [Privilege escalation linux with live example](http://resources.infosecinstitute.com/privilege-escalation-linux-live-examples/) | covers a couple common PE methods in linux
ENJOY β€οΈππ»
β Git sources 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«6π¬πβ β β β
π¦#Online News Sources :
> InfoSec | covers all the latest infosec topics
> Recent Hash Leaks | great place to lookup hashes
> Security Intell | covers all kinds of news, great intelligence resources
> Threatpost | covers all the latest threats and breaches
> Secjuice
> The Hacker News | features a daily stream of hack news, also has an app
ENJOY β€οΈππ»
β Git sources 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦#Online News Sources :
> InfoSec | covers all the latest infosec topics
> Recent Hash Leaks | great place to lookup hashes
> Security Intell | covers all kinds of news, great intelligence resources
> Threatpost | covers all the latest threats and breaches
> Secjuice
> The Hacker News | features a daily stream of hack news, also has an app
ENJOY β€οΈππ»
β Git sources 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
Infosecurity Magazine
Infosecurity Magazine - Strategy, Insight, Technology
The award winning online magazine dedicated to the strategy, insight and technology of information security