▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑12 Best Laravel Helpers To Consider Using :

Laravel comes with a ton of useful global helper functions. If you haven’t used them so far, this is the best time to start. Over the years of me using the Laravel, 10 of those emerged as the most useful, making the development a lot easier. Sometimes we don’t really see how we can apply some methods until we see an example. So let’s get down to it and see the top 10 helpers I often use the most.


1)) array_flatten()
The array_flatten function flattens a multi-dimensional array into a single level array:

$array = ['name' => 'John', 'tools' => ['Laravel', 'Recipes']];

$flattened = array_flatten($array);

// ['John', 'Laravel', 'Recipes']
It is really helpful if I need to collect all the array values where some values might contain another array. Here, I am just concentrated on getting a new array with a list of all the values. It works like a charm!

2)) array_forget()
The array_forget function removes a given key / value pair from a deeply nested array using “dot” notation:

$array = ['users' => ['managers' => ['name' => 'John']]];

array_forget($array, 'users.managers');

// ['users' => []]
This is a nicer version of unset() function which is a native PHP function for removing array elements.

3)) array_get()
Another amazing method that makes your development life easier. The array_get function retrieves a value from a deeply nested array using “dot” notation:


$array = ['users' => ['managers' => ['name' => 'John']]];

$price = array_get($array, 'products.desk.price');

// 100
The array_get function also accepts a default value, which will be returned if the specific key is not found:

$discount = array_get($array, 'users.managers.missing', 'Jane');

// Jane

If there is anything more valuable than getting a deeply nested value withing an array, that’s an ability to set a default value.

4)) array_only()
Imagine you had a lot of keys inside your array that you don’t want to use. As a matter of fact, out of 10 keys, you only want to use two and instantly create a new array. Instead of going through and array_forget()each item, you could simply pick the ones you want. The array_only function returns only the specified key / value pairs from the given array:

$array = ['name' => 'John', 'type' => 'user', 'age' => 44];

$slice = array_only($array, ['name', 'age']);

// ['name' => 'John', 'age' => 44]

5)) array_prepend()
How often have you used array_push and had to reverse the array instead of pre-pending it. The array_prepend function will push an item onto the beginning of an array:


$array = ['one', 'two', 'three', 'four'];

$array = array_prepend($array, 'zero');

// ['zero', 'one', 'two', 'three', 'four']
It’s great that it works for key/value as well. If needed, you may specify the key that should be used for the value:

$array = ['price' => 100];

$array = array_prepend($array, 'Desk', 'name');

// ['name' => 'Desk', 'price' => 100]

6)) array_sort_recursive()
Many times you would get nested arrays that you might need to sort all at the same time. Yes, you could write a simple function to loop through and sort each array, but why, when you have the following function. The array_sort_recursive function recursively sorts an array using the sort function:

$array = [
['Roman', 'Taylor', 'Li'],
['PHP', 'Ruby', 'JavaScript'],
];

$sorted = array_sort_recursive($array);

/*
[
['Li', 'Roman', 'Taylor'],
['JavaScript', 'PHP', 'Ruby'],
]
*/
7)) array_wrap()
Sometimes you want to turn your single, string result into an array with only one element. Being able to reduce code to one line is always good. The array_wrap function wraps the given value in an array. If the given value is already an array it will not be changed:

$string = 'Success';

$array = array_wrap($string);

// ['Success']
If the given value is null, an empty array will be returned:

$nothing = null;

$array = array_wrap($nothing);

// []

8)) public_path()
You want to have your public files, such as the application icons, svg image, css resources etc… that are used statically inside the app, in your public folder. The public_path function will bring back the fully qualified path to the public directory. You may also use the public_path function to generate a fully qualified path to a given file within the public directory:


$path = public_path();

$path = public_path('css/app.css');

9)) auth()
Probably used the most, auth() doesn’t require you to insert the Auth facade. It works simple and easy on the fly and I use it mostly to get the currently logged in user. The auth function returns an authenticator instance. You may use it instead of the Auth facade for convenience:

$user = auth()->user();
If needed, you may specify which guard instance you would like to access:

$user = auth('admin')->user();

10)) collect()
If you want to change your realm and do all of this with collections, and I love collections, like really love them, then you can bridge the array and collections using the collect() function. The collect function creates a collection instance from the given value:

$collection = collect(['John', 'Jane']);

11)) dump()
The dump() function dumps the given variables without stopping the execution. It is extremely useful for debugging since it pretty-prints the whole class for you, in case you would print an Eloquent Model object.


dump($var1);
dump($var1, $var2, $var3);
dd()
If you do not want to continue executing your script, use the dump function we mentioned above. However, if you are interested in inspecting a specific result and don’t care about what happens after that, then use dd(). The dd function dumps the given variables and ends execution of the script:

12)) dd($value);

dd($value1, $value2, $value3, ...);
optional()
You have probably run into this issue at least once in your dev lifetime, and that is trying to access a property that doesn’t exist. The optional() function accepts an argument and you can call its methods or access properties. If the passed object is null, methods and properties will return null instead of causing errors or throwing exceptions.

$user = User::find(1);

return optional($user)->name;

wiki source
VERIFIED BY
@undercodeTesting
@UndercodeHacking
@Undercodesecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁


🦑#Linux Kernel Exploitation Tutorial :

* [01.Stack smashing(32bit) & Return-to-user(ret2usr)](https://www.lazenca.net/pages/viewpage.action?pageId=23789706)


* [02.Stack smashing(64bit) & Return-to-user(ret2usr)](https://www.lazenca.net/pages/viewpage.action?pageId=25624684)


* [03.Stack smashing(64bit) & ROP](https://www.lazenca.net/pages/viewpage.action?pageId=25624746)


* [04.Write-what-where(Arbitrary Memory Overwrite)(feat.ret2usr)](https://www.lazenca.net/pages/viewpage.action?pageId=25624658)


* [05.Null pointer dereference(32bit & 64bit)](https://www.lazenca.net/pages/viewpage.action?pageId=25624632)


* [06.Use-After-Free(UAF) (feat.struct cred)](https://www.lazenca.net/pages/viewpage.action?pageId=25624864)


* [07.Use-After-Free(UAF) (feat.tty_struct)](https://www.lazenca.net/pages/viewpage.action?pageId=29327365)


* [08.ret2dir(return-to-direct-mapped memory)](https://www.lazenca.net/pages/viewpage.action?pageId=25624881)

🦑Kernel Self-Protection

* [01.Kernel Address Space Layout Randomization (KASLR)](https://www.lazenca.net/pages/viewpage.action?pageId=25624857)

* [02.Segregation of kernel memory from userspace memory(x86's SMEP/SMAP, ARM's PXN/PAN)](https://www.lazenca.net/pages/viewpage.action?pageId=25624859)


@undercodeTesting
@UndercodeHacking
@Undercodesecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Python black hat programming 3.5 DTP attack

1) Dynamic Trunking Protocol DTP (Dynamic Trunking Protocol) is a Cisco proprietary protocol. DTP is used for the directly connected Layer 2 ports of two switches to detect the configuration of the opposite end, and automatically negotiate the link type of the Layer 2 port and Ethernet protocol encapsulation to adapt to the opposite end. In this way,

2) when the peer device is modified, there is no need to manually modify the local configuration, and it can be changed adaptively through the protocol. The important role of DTP is that plug and play can be realized when the network is uncertain; when modifying the network topology, there is no need to manually modify the configuration of the second layer port.

3) DTP uses the second layer of relay frames to communicate between the directly connected ports of two switches. DTP packets are limited to the communication between two directly connected ports, maintaining the link type and Ethernet encapsulation type of the two directly connected ports

4) If the switch is enabled with the DTP protocol, the attacker will pretend to be the switch and send Dynamic desirable packets to the target switch , then the target port will be turned into a trunking port, which means that we can enter any VLAN by modifying the configuration of the machine , and at the same time we can use 3.4 The method of this section performs VLAN hopping attacks and monitors all data.

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Python black hat programming 3.5 DTP attack

1) Dynamic Trunking Protocol DTP (Dynamic Trunking Protocol) is a Cisco proprietary protocol. DTP is used for the directly connected Layer 2 ports of two switches to detect the configuration of the opposite end, and automatically negotiate the link type of the Layer 2 port and Ethernet protocol encapsulation to adapt to the opposite end. In this way,

2) when the peer device is modified, there is no need to manually modify the local configuration, and it can be changed adaptively through the protocol. The important role of DTP is that plug and play can be realized when the network is uncertain; when modifying the network topology, there is no need to manually modify the configuration of the second layer port.

3) DTP uses the second layer of relay frames to communicate between the directly connected ports of two switches. DTP packets are limited to the communication between two directly connected ports, maintaining the link type and Ethernet encapsulation type of the two directly connected ports

4) If the switch is enabled with the DTP protocol, the attacker will pretend to be the switch and send Dynamic desirable packets to the target switch , then the target port will be turned into a trunking port, which means that we can enter any VLAN by modifying the configuration of the machine , and at the same time we can use 3.4 The method of this section performs VLAN hopping attacks and monitors all data.

After the data packet is sent, there will be some delay to take effect.

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑NETWORK ATTACK TIPS BY UNDERCODE :

> TCP/IP is the core of the entire network protocol system, because from here on, data transmission has moved from the local area network to the vast Internet, program is also capable of processing data from the Internet, and can directly attack and test hosts on the Internet. .

> Still an old saying, I hope you will learn the protocol in depth, practice packet analysis through packet capture tools, and understand the protocol through examples :

A)
1)) PRINCIPLES OF SNIFFING AND SNIFFER

Sniffing is a comprehensive concept that involves the second layer we talked about before and the application layer that we will talk about in the future. Data sniffing is a way of passive attack. It extracts the required information by analyzing the data flowing through the local network card.

2) According to different network types, we may have to combine ARP spoofing /DNS spoofing to get the data of the target host we want.

3) Sniffer is a tool used to obtain and analyze data. There are many such tools on the Internet. Our focus is on the principles and coding implementation of these tools.

B) IP POISONING ATTACK AND FLOOD ATTACK

1) The previous ARP poisoning attack is similar. IP poisoning is to construct fake IP data packets and use fake IP addresses to attack or hide yourself.

2) At this layer, we can construct various data packets to flood the devices on the Internet, such as SYN floods and connection flood attacks of various protocols.

C) PORT SCANNING AND SERVICE DETECTION
zmap and nmap are our commonly used port scanning and service detection programs. We also know that there are many different implementation techniques for port scanning, from simple full connections to half-open connections. It is said that zmap can scan the entire Internet in one hour . What advanced technology does it use? I will reveal the secrets for you one by one here on undercode testing :

D) SESSION HIJACKING

1) "Hijacking" is a very important concept. Only by intercepting the flow of data can we have the opportunity to tamper with data and forge normal conversations. The goal of common sessions is the data concept of the application layer, but hijacking is done at the transport layer.

2) We will see practical examples of how to implement session hijacking and data tampering through programming.

E N J O Y ❤️👍🏻
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁