Windows Hacking
- exploit
- WPAD poisoning using Responder
- full tutorial with pictures

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑System security hidden file method to protect personal privacy :


1)) The first method is also the simplest: modify the attributes of the file directory

This method is the simplest, as long as you select the directory you want to hide, click the right mouse button, select "Properties", and tick "√" in the "Hidden" property check box. In this way, the directory has hidden attributes. This method is the simplest, but the security is also poor. As long as in the window "Tools", select "Folder Options" in the menu, and then select "Show All Files" in the "Hidden Files" part of "View" to display the hidden directories.

2)) The second method: hide through software encryption

There are many encryption hiding software under Windows, such as Magic Folders, EMF, etc., which can be used to hide or even encrypt directories. Here is a brief introduction to the use of EMF. First install EMF, generate a password disk during the installation process, insert the disk during operation, EMF checks the password on the disk, and enter the corresponding account, and then run the Magic.exe program and you will be asked to enter the password. This password will be entered later EMF password. If you want to display the directory again, you must also enter this password.

3)) The third method: hide through hard disk partition

Store the data to be encrypted in a special hard disk partition, and then use partition tools such as PQmagic to set this partition as a hidden partition. The specific method is: first start in DOS mode, then run PQmagic, select the partition you want to hide, select Hidepartition under Advanced in the Operations menu, exit, and restart. If you want to restore again, use the same method to enter PQmagic and remove the hidden partition. This method has strong concealment, but it also has certain dangers and may cause certain damage to the hard disk, so you should be cautious when using this method.

4)) The fourth method: alternative methods

Move the file to be hidden to a temporary folder, and then use WinZip or WinRAR with a password to compress it into a file. At this time, you can see in the "Explorer" that it was compressed with WinZip or WinRAR, some people Naturally, the corresponding decryptor will be used to decrypt it. And we changed its extension from ZIP or RAR to a non-existent file extension, such as SYJ, after double-clicking it, WinZip or WinRAR will not start and open it. However, you have to remember its real extension, and change the extension when you want to use it.

@undercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑AgentTesla spy Trojan's new trick :
#News

> Tesla RAT (Remote Access Trojan Horse) has become one of the most popular malware series threatening enterprises in the first half of 2020. The number of attacks discovered even exceeds TrickBot or Emotet, second only to Dridex. Although the Agent RAT has existed for at least 6 years, it is still adapting and evolving, frustrating the security efforts of many organizations. During the COVID-19 pandemic, new variants with additional features were introduced, and the malware has been widely used in phishing campaigns with the theme of coronavirus.

> The core of AgentTesla is a keylogger and information stealer. AgentTesla was first discovered at the end of 2014, and its usage has been increasing steadily in the past 1-2 years. The malware was initially sold in various underground forums and markets, as well as its own AgentTesla.com website (now discontinued). Like many contemporary agents, AgentTesla also provides the malware itself and a data collection management panel , The information obtained from the attacked device can be quickly obtained to the attacker through the panel interface.

#news
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑TOPIC EXPLOITATION 2020 updated :
The Social-Engineer Toolkit is an open-source penetration testing framework designed for social engineering. SET has a number of custom attack vectors that allow you to make a believable attack quickly. SET is a product of TrustedSec, LLC – an information security consulting firm located in Cleveland, Ohio.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) pip3 install -r requirements.txt python setup.py

2) git clone https://github.com/trustedsec/social-engineer-toolkit/ setoolkit/

3) cd setoolkit

4) pip3 install -r requirements.txt

5) python setup.py

6) choose options via numbers

E N J O Y ❤️👍🏻
U S E F O R L E A R N
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 new extensions for speedup browsing :

A)) for chrome :

https://chrome.google.com/webstore/detail/fasterchrome/nmgpnfccjfjhdenioncabecepjcmdnjg

> https://chrome.google.com/webstore/detail/web-boost-wait-less-brows/ahbkhnpmoamidjgbneafjipbmdfpefad

> https://chrome.google.com/webstore/detail/amp-browser-extension/mccnchmofleakpdohkmljohfckgpdehb/

> https://chrome.google.com/webstore/detail/mcafee%C2%AE-web-boost/klekeajafkkpokaofllcadenjdckhinm?hl=en

B)) MULTI :

Block Comments Everywhere

- https://chrome.google.com/webstore/detail/shut-up-comment-blocker/oklfoejikkmejobodofaimigojomlfim

-https://addons.mozilla.org/en-US/firefox/addon/shut-up-comment-blocker/

-https://safari-extensions.apple.com/details/?id=net.rickyromero.shutup-TMM5P68287

E N J O Y ❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

\

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Maze ransomware for manipulating attacks :
#news

> Maze ransomware is currently one of the most widely used ransomware in the wild and is distributed by competent participants.

> We found a Maze branch that deployed a tailored persistence method before delivering the ransomware.

> The actor appears to have used a stolen certificate to sign his beacon.

> As with other attacks, the actor uses the HTA payload as an interactive shell that can capture real-time and defuzzified content.

🦑background

The Maze ransomware has been widely used in the past year or so and has become the ultimate payload for many different players around the world. This year, the notorious Maze operator not only started to blackmail the company through encrypted files, but also threatened to publish the stolen files online to blackmail the company. Recently, we caught a Maze member who tried to spread through the network of our customers.

In this article, we share detailed information about how the Maze member uses it to clarify their strategy and help the security team find similar IOCs in their own network.

#new
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Linux Hex Editors :

There are many Linux hex editors out there. Some of the popular ones are xxd, DHex, HexEdit, Bless, HexCurse etc. Here xxd, Dhex, Hexedit, HexCurse hex editors don’t have any graphical user interface, you can only use them from the Linux terminal. Bless hex editor does have a graphical user interface (GUI). Vim and Emacs can also be used as hex editors in Linux.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

Installing Linux Hex Editors
In this section, I am going to show you how to install the hex editors in Linux, especially on Ubuntu/Debian.

open terminal & type :

1) $ sudo apt-get update

2) $ sudo apt-get install xxd

3) Installing DHex:
You can install DHex with the following command:

$ sudo apt-get install dhex

4) You can run the following command to install HexEdit:

$ sudo apt-get install hexedit

5) You can install HexCurse with the following command:

$ sudo apt-get install hexcurse

6) To install Bless graphical hex editor, run the following command:

$ sudo apt-get install bless

7) NOTE: If you’re using Ubuntu/Debian, and you want to follow along, you will need to install the C/C++ development tools for compiling C programs. Just run ‘sudo apt-get update’ and then run ‘sudo apt-get install build-essential -y’ to install the C/C++ development tools on Ubuntu/Debian.

E N J O Y ❤️👍🏻
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑how to check if the website is vulnerable of clickjacking and creates a poc : via termux/linux

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

 git clone https://github.com/D4Vinci/Clickjacking-Tester.git

2) cd Clickjacking-Tester

3) python(3) clickjacking_tester.py <file_name>

4) python clickjacking_tester.py sites.txt

5) E X A M P L E :

> sites.txt
www.google.com
www.turkhackteam.com

> Output
* Checking www.google.com

- Website is not vulnerable!

* Checking www.turkhackteam.org

+ Website is vulnerable!
* Created a poc and saved to <URL>.html

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Hack Whatsapp through a clone of a sim card :

Again, in theory everything looks nice, but in practice the owner's original SIM card is deactivated after the clone is activated. Why?

> Yes, because two identical numbers simultaneously receive a signal, SMS and calls will not be able, therefore, the original is blocked, and the clone receives the signal for itself. This is for the GSM operator. On WhatsApp, two active sessions are also impossible, so after disabling the SIM card of the jailbroken, WhatsApp will also be disabled. Consequently, the owner will immediately notice that something was wrong.


The second disadvantage of this method is that it is still impossible to restore a backup copy with a SIM card, since archived correspondence lives in Icloud and Google Drive cloud storage. There is no need to talk about the memory card in the device, since there is no influence of the clone of the SIM card on it. But if the phone number was linked to Google mail, you can restore access to the storage by resetting the password via SMS.

The only plus of this method is to receive and send messages in real time with the contacts of the former owner of the number. Of course, these will be naked numbers, without names and surnames like the contact list on the owner's smartphone. However, it will not be difficult to figure out who is sending hearts and who is just a friendly "hello".

🦑The main question is how to clone someone else's SIM card?

1) Power of attorney from Natarius to reissue the SIM card and visit the operator. If you have the passport data of the previous owner of the SIM card, you can try your luck with a notary and a branch of the mobile operator where they will "understand" you. Or, if you have a friend, a manager, turn a scam without a power of attorney
> for clone sim card http://www.mobiledit.com/sim-cloning/

2) Purchase a duplicate SIM card by providing the operator with passport data and PUK code of the SIM card. The duplicate is activated with the same number, but in your name. Such a solution was found on the forums, the performance of which is questionable.

3) Multi-SIM card - a special SIM card for clone encoding, identical to the original. Limitation of cloning sim cards rests on their date of manufacture and operator. Modern SIM cards MTS, Megafon can no longer be copied.

E N J O Y ❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

#requested for beginers helpful

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Gerrit is a web-based code analysis tool that is integrated with Git and built on top of the Git version control system (helps developers work together and keep their work history). This allows you to merge your changes into the Git repository when you're done with code reviews.

» F E A T U R E S :

Below are some of the reasons why you should use Gerrit.

You can easily find the error in the source code using Gerrit.

You can work with Gerrit if you have a regular Git client; no need to install any Gerrit client.

Gerrit can be used as an intermediary between developers and git repositories.

Gerrit is a free and open source Git version control system.

Gerrit's user interface is built on Google Web Toolkit .

This is a lightweight structure for checking each commit.

Gerrit acts as a repository that allows you to upload code and creates an overview for your commit.

Gerrit provides access control to Git repositories and a web interface for code review.

You can push code without using additional command line tools.

Gerrit can allow or deny permission at the store level and down to the branch level.

Gerrit is supported by Eclipse.

Reviewing, reviewing, and resubmitting code commits will slow down your time to market.

Gerrit can only work with Git.

Gerrit is slow and there is no way to change the sort order that lists the changes.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) Linux
You can install Git on Linux using the software package management tool. For example, if you are using Fedora you can use both -

sudo yum install git
If you are using a Debian based distribution like Ubuntu use the following command:

sudo apt-get install git

2) Windows
You can install Git on Windows by downloading it from the Git website. Just go to msysgit.github.io and hit the download button.

3) mac.
Git can be installed on Mac using the following command -

brew install git
Another way to install Git is to download it from the Git site. Just follow the Git install on Mac link , which will install the Git for Mac framework.

4) You can check your existing SSH key on your local machine using the following command in Git Bash:

$ ls ~ / .ssh

5) Generating a new SSH key
You can generate a new SSH key for authentication using the following command in Git Bash -

$ ssh-keygen -t rsa -C "your_email@mail.com"

6) If you already have an SSH key, do not generate a new key as it will be overwritten. You can only use the ssh-keygen command if you have installed Git with Git Bash.

When you run the above command, it will create 2 files in ~ / .ssh directory .

~ / .ssh / id_rsa is the private key or identity key.

~ / .ssh / id_rsa.pub is public TV.

7) You can track each commit by setting the name and email variables . The name variable specifies the name, and the email variable specifies the email address associated with Git commits. You can install them using the following commands -

git config --global user.email "your_email@mail.com"
git config --global user.name "your_name"

E N J O Y ❤️👍🏻
written @undercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Documents show that the U.S. treats DDS as a criminal hacking organization :
#news

> Transparency activity organization "Distributed Denial of Secrets" (DDoSecrets) was officially designated as a "criminal hacker organization" after it released 296GB of sensitive law enforcement data earlier this summer. This description comes from an announcement distributed by the Office of Intelligence and Analysis of the Department of Homeland Security to fusion centers across the country at the end of June. The wording of the announcement is exactly the same as the US government's earlier description of WikiLeaks, Anonymous, and LulzSec.

> The announcement read: "A criminal hacking organization Distributed Denial of Secrets (DDS) conducted a hacking and leaking operation against federal, state, and local law enforcement databases on June 19, 2020, possibly to support or respond to George- National protests triggered by Freud’s death.” According to reports, DDS leaked ten-year data on 200 police departments, integration centers and other law enforcement training and support resources around the world. DDS had previously conducted hacking and leaking activities against the Russian government. "

> According to reports, BlueLeaks' data was provided to DDS by a hacker who claimed to have a relationship with Anonymous, including 10 years of information from more than 200 police departments and fusion centers. These records include police and FBI reports, announcements, guidelines, and technical data related to surveillance technology and intelligence collection. Some news organizations used BlueLeaks data to publish reports on law enforcement methods, including anti-surveillance methods for black life-important protesters, analysis of threats by anti-law enforcement agencies, and widespread use of masks to thwart facial recognition algorithms during the COVID-19 pandemic. Worry.

> At the end of June, Twitter suspended the account of DDS in response to the leak and blocked the hyperlinks of the leaked data set on a large scale, making it impossible to share on the platform. This is a very severe step for a company that has long allowed extremist content such as DCLeaks and allowed links to election interference. Last month, the German authorities seized the DDS server hosting BlueLeaks data, effectively shutting down the organization's online record database. This seizure was carried out at the request of the US authorities.

#news
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Amazon Alexa vulnerability: may expose user personal information and voice history :

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/esmog/nodexp.git

2) cd nodexp

3) To get a list of all options run:

python2.7 nodexp -h

4) Setting up and Use Testbeds
In order get familiar with NodeXP you might need to set the Node.js testing services provided (/testbeds) and start using the tool. A local machine running Node.js server will be necessary.

5) Firstly, you should install 'body-parser' and 'express' packages, in the GET and POST directories.

6) Go to 'testbeds/GET' directory on your local machine and paste the command below in terminal:

npm install express --save

7) Go to 'testbeds/POST' directory and paste the commands below in terminal:

npm install body-parser --save
nmp install express --save

8) After the correct installment of the packages you could run each service by running the command 'node' and the desirable js file (ex. node eval.js).

9) After you server is up and running, you are ready to run NodeXP and test it upon those services!

🦑Example for GET case shown below:

> python2.7 nodexp.py --url=http://localiprunningnodejsserver:3001/?name=[INJECT_HERE]
Example for POST case shown below:

> python2.7 nodexp.py --url=http://localiprunningnodejsserver:3001/post.js --pdata=username=[INJECT_HERE]

E N J O Y ❤️👍🏻
written @undercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑YouTube bans videos containing hacker information, fearing that it may interfere with the US election :
#news

-As the Democrats and Republicans prepare to hold the National Convention starting next week, YouTube announced on Thursday that it will update its policies on deceptive videos and other content aimed at disrupting the election. The world’s largest video platform with more than 2 billion users per month will ban videos containing hacked videos that may interfere with elections or the census. This will include materials like campaign emails obtained by hackers with details about candidates.

> After the update, Google, which owns YouTube, announced similar rules earlier this month to prohibit ads containing hacker information. Google will begin to implement this policy on September 1. YouTube also said it will remove videos that encourage people to interfere in voting and other democratic processes. For example, videos that tell people to line up at a polling place to stifle voting will not be allowed.

> The new policy was introduced before the Democratic National Convention, which began on Monday, followed by Republican events later this month. These conventions marked the beginning of the US presidential election season. As the election climaxed and former Vice President Joe Biden appointed California Senator Kamala Harris as his running mate earlier this week, Silicon Valley companies have been eager to prove that they can avoid the traps they encountered in 2016. That election was interfered by Russia, which used the platforms of Google, Facebook and Twitter to try to influence the election results.

Earlier this week, several large technology companies including Google, Facebook, Twitter, Reddit and Microsoft announced the formation of an alliance to work with US government agencies to protect the integrity of the election. YouTube said that it will broadcast the two conferences live, in order to curb the spread of the coronavirus, the broadcast of the two conferences will be conducted in a virtual way. The video platform also said that when people search for president and federal candidates on YouTube, it will add new information panels. These panels will include the person’s name, party affiliation, and a link to the candidate’s official video channel.

#news
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Netflix GiftCard Method✅

1) Go to : https://www.randomcodegenerator.com/en/generate-codes

2) Click Generate Using Pattern

3) Put this Pattern : LEQ9X999999

4) Untick the Exclude Characters Box

5) Generate Some Codes You can generate in the site [ but max is 1k ] , Or export to .txt File

6)choose the netflix checker :

https://t.me/UnderCodeTesting/9401

E N J O Y ❤️👍🏻
(not by us)
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁