β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦APK 2020 hacking update all in one :
Information Gathering
View a list of access points and stations (clients) around you (even hidden ones)
View the activity of a specific network (by measuring beacons and data packets) and its clients
Statistics about access points and stations
See the manufacturer of a device (AP or station) from the OUI database
See the signal power of devices and filter the ones that are closer to you
Save captured packets in .cap file
Attacks
Deauthenticate all the clients of a network (either targeting each one (effective) or without specific target)
Deauthenticate a specific client from the network it's connected
MDK3 Beacon Flooding with custom options and SSID list
MDK3 Authentication DoS for a specific network or to every nearby AP
Capture a WPA handshake or gather IVs to crack a WEP network
Reaver WPS cracking (pixie-dust attack using NetHunter chroot and external adapter)
Other
Leave the app running in the background, optionally with a notification
Copy commands or MAC addresses to clipboard
Includes the required tools, no need for manual installation
Includes the Nexmon driver, required library and management utility for BCM4339 and BCM4358 devices
Set commands to enable and disable monitor mode automatically
Crack .cap files with a custom wordlist
Create custom actions and run them on an access point or a client easily
Sort and filter Access Points and Stations with many parameters
Export all gathered information to a file
Add a persistent alias to a device (by MAC) for easier identification
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
DOWNLOAD THIS APK
https://github.com/chrisk44/Hijacker/releases/download/v1.5-beta.12/Hijacker-release-v1.5-beta.12.apk
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦APK 2020 hacking update all in one :
Information Gathering
View a list of access points and stations (clients) around you (even hidden ones)
View the activity of a specific network (by measuring beacons and data packets) and its clients
Statistics about access points and stations
See the manufacturer of a device (AP or station) from the OUI database
See the signal power of devices and filter the ones that are closer to you
Save captured packets in .cap file
Attacks
Deauthenticate all the clients of a network (either targeting each one (effective) or without specific target)
Deauthenticate a specific client from the network it's connected
MDK3 Beacon Flooding with custom options and SSID list
MDK3 Authentication DoS for a specific network or to every nearby AP
Capture a WPA handshake or gather IVs to crack a WEP network
Reaver WPS cracking (pixie-dust attack using NetHunter chroot and external adapter)
Other
Leave the app running in the background, optionally with a notification
Copy commands or MAC addresses to clipboard
Includes the required tools, no need for manual installation
Includes the Nexmon driver, required library and management utility for BCM4339 and BCM4358 devices
Set commands to enable and disable monitor mode automatically
Crack .cap files with a custom wordlist
Create custom actions and run them on an access point or a client easily
Sort and filter Access Points and Stations with many parameters
Export all gathered information to a file
Add a persistent alias to a device (by MAC) for easier identification
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
DOWNLOAD THIS APK
https://github.com/chrisk44/Hijacker/releases/download/v1.5-beta.12/Hijacker-release-v1.5-beta.12.apk
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦APK 2020 hacking update all in one :
Information Gathering
View a list of access points and stations (clients) around you (even hidden ones)
View the activity of a specific network (by measuring beacons and data packets) and its clients
Statistics about access points and stations
See the manufacturer of a device (AP or station) from the OUI database
See the signal power of devices and filter the ones that are closer to you
Save captured packets in .cap file
Attacks
Deauthenticate all the clients of a network (either targeting each one (effective) or without specific target)
Deauthenticate a specific client from the network it's connected
MDK3 Beacon Flooding with custom options and SSID list
MDK3 Authentication DoS for a specific network or to every nearby AP
Capture a WPA handshake or gather IVs to crack a WEP network
Reaver WPS cracking (pixie-dust attack using NetHunter chroot and external adapter)
Other
Leave the app running in the background, optionally with a notification
Copy commands or MAC addresses to clipboard
Includes the required tools, no need for manual installation
Includes the Nexmon driver, required library and management utility for BCM4339 and BCM4358 devices
Set commands to enable and disable monitor mode automatically
Crack .cap files with a custom wordlist
Create custom actions and run them on an access point or a client easily
Sort and filter Access Points and Stations with many parameters
Export all gathered information to a file
Add a persistent alias to a device (by MAC) for easier identification
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
DOWNLOAD THIS APK
https://github.com/chrisk44/Hijacker/releases/download/v1.5-beta.12/Hijacker-release-v1.5-beta.12.apk
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦APK 2020 hacking update all in one :
Information Gathering
View a list of access points and stations (clients) around you (even hidden ones)
View the activity of a specific network (by measuring beacons and data packets) and its clients
Statistics about access points and stations
See the manufacturer of a device (AP or station) from the OUI database
See the signal power of devices and filter the ones that are closer to you
Save captured packets in .cap file
Attacks
Deauthenticate all the clients of a network (either targeting each one (effective) or without specific target)
Deauthenticate a specific client from the network it's connected
MDK3 Beacon Flooding with custom options and SSID list
MDK3 Authentication DoS for a specific network or to every nearby AP
Capture a WPA handshake or gather IVs to crack a WEP network
Reaver WPS cracking (pixie-dust attack using NetHunter chroot and external adapter)
Other
Leave the app running in the background, optionally with a notification
Copy commands or MAC addresses to clipboard
Includes the required tools, no need for manual installation
Includes the Nexmon driver, required library and management utility for BCM4339 and BCM4358 devices
Set commands to enable and disable monitor mode automatically
Crack .cap files with a custom wordlist
Create custom actions and run them on an access point or a client easily
Sort and filter Access Points and Stations with many parameters
Export all gathered information to a file
Add a persistent alias to a device (by MAC) for easier identification
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
DOWNLOAD THIS APK
https://github.com/chrisk44/Hijacker/releases/download/v1.5-beta.12/Hijacker-release-v1.5-beta.12.apk
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ I want to set my Slackware Linux as a server, so that others can connect to my Linux host via modem dial-up. What should I do? Especially how to make my modem answer the dial?
1) Add this line in /etc/inittab:
d1:345:respawn:/sbin/agetty -mt60 38400,19200,9600,2400,1200 ttyS1
(assuming your modem is on the second serial port)
Note that the redhat is The mingetty cannot be used for this purpose, you can
download mgetty from freesoft.cei.gov.cn to use.
2) if you have the modem will switch you can set it to answer calls, if there is no switch
to check its manual to find out what is AT command set (I do not have modem manual)
to set up this command in / etc /rc.d/rc.local will do.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ I want to set my Slackware Linux as a server, so that others can connect to my Linux host via modem dial-up. What should I do? Especially how to make my modem answer the dial?
1) Add this line in /etc/inittab:
d1:345:respawn:/sbin/agetty -mt60 38400,19200,9600,2400,1200 ttyS1
(assuming your modem is on the second serial port)
Note that the redhat is The mingetty cannot be used for this purpose, you can
download mgetty from freesoft.cei.gov.cn to use.
2) if you have the modem will switch you can set it to answer calls, if there is no switch
to check its manual to find out what is AT command set (I do not have modem manual)
to set up this command in / etc /rc.d/rc.local will do.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from WEB UNDERCODE - PRIVATE
SQLite3 Injection.pdf
98.7 KB
A few months ago I found an SQL injection vulnerability in an enterprisey webapp's help system. Turns out this was stored in a separate database - in SQLite. I had a Google around and could find very little information about exploiting SQLI with SQLite as the backend.. so I went on a hunt, and found some neat tricks
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦NEW UPDATE (last month) -ALL IN ONE :
HACKTRONIAN Menu :
Information Gathering
Password Attacks
Wireless Testing
Exploitation Tools
Sniffing & Spoofing
Web Hacking
Private Web Hacking
Post Exploitation
Install The HACKTRONIAN
Information Gathering:
Nmap
Setoolkit
Port Scanning
Host To IP
wordpress user
CMS scanner
XSStrike
Dork - Google Dorks Passive Vulnerability Auditor
Scan A server's Users
Crips
Password Attacks:
Cupp
Ncrack
Wireless Testing:
reaver
pixiewps
Fluxion
Exploitation Tools:
ATSCAN
sqlmap
Shellnoob
commix
FTP Auto Bypass
jboss-autopwn
Sniffing & Spoofing:
Setoolkit
SSLtrip
pyPISHER
SMTP Mailer
Web Hacking:
Drupal Hacking
Inurlbr
Wordpress & Joomla Scanner
Gravity Form Scanner
File Upload Checker
Wordpress Exploit Scanner
Wordpress Plugins Scanner
Shell and Directory Finder
Joomla! 1.5 - 3.4.5 remote code execution
Vbulletin 5.X remote code execution
BruteX - Automatically brute force all services running on a target
Arachni - Web Application Security Scanner Framework
Private Web Hacking:
Get all websites
Get joomla websites
Get wordpress websites
Control Panel Finder
Zip Files Finder
Upload File Finder
Get server users
SQli Scanner
Ports Scan (range of ports)
ports Scan (common ports)
Get server Info
Bypass Cloudflare
Post Exploitation:
Shell Checker
POET
Weeman
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Installation in Linux :
This Tool Must Run As ROOT !!!
1) git clone https://github.com/thehackingsage/hacktronian.git
2) cd hacktronian
3) chmod +x install.sh
4) ./install.sh
That's it.. you can execute tool by typing hacktronian
Installation in Android :
1) Open Termux
2) pkg install git
3) pkg install python
4) git clone https://github.com/thehackingsage/hacktronian.git
5) cd hacktronian
6) chmod +x hacktronian.py
7) python2 hacktronian.py
β git 2020
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦NEW UPDATE (last month) -ALL IN ONE :
HACKTRONIAN Menu :
Information Gathering
Password Attacks
Wireless Testing
Exploitation Tools
Sniffing & Spoofing
Web Hacking
Private Web Hacking
Post Exploitation
Install The HACKTRONIAN
Information Gathering:
Nmap
Setoolkit
Port Scanning
Host To IP
wordpress user
CMS scanner
XSStrike
Dork - Google Dorks Passive Vulnerability Auditor
Scan A server's Users
Crips
Password Attacks:
Cupp
Ncrack
Wireless Testing:
reaver
pixiewps
Fluxion
Exploitation Tools:
ATSCAN
sqlmap
Shellnoob
commix
FTP Auto Bypass
jboss-autopwn
Sniffing & Spoofing:
Setoolkit
SSLtrip
pyPISHER
SMTP Mailer
Web Hacking:
Drupal Hacking
Inurlbr
Wordpress & Joomla Scanner
Gravity Form Scanner
File Upload Checker
Wordpress Exploit Scanner
Wordpress Plugins Scanner
Shell and Directory Finder
Joomla! 1.5 - 3.4.5 remote code execution
Vbulletin 5.X remote code execution
BruteX - Automatically brute force all services running on a target
Arachni - Web Application Security Scanner Framework
Private Web Hacking:
Get all websites
Get joomla websites
Get wordpress websites
Control Panel Finder
Zip Files Finder
Upload File Finder
Get server users
SQli Scanner
Ports Scan (range of ports)
ports Scan (common ports)
Get server Info
Bypass Cloudflare
Post Exploitation:
Shell Checker
POET
Weeman
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Installation in Linux :
This Tool Must Run As ROOT !!!
1) git clone https://github.com/thehackingsage/hacktronian.git
2) cd hacktronian
3) chmod +x install.sh
4) ./install.sh
That's it.. you can execute tool by typing hacktronian
Installation in Android :
1) Open Termux
2) pkg install git
3) pkg install python
4) git clone https://github.com/thehackingsage/hacktronian.git
5) cd hacktronian
6) chmod +x hacktronian.py
7) python2 hacktronian.py
β git 2020
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - thehackingsage/hacktronian: Tools for Pentesting
Tools for Pentesting. Contribute to thehackingsage/hacktronian development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST Hacking #Tools :
* [nudge4j](https://github.com/lorenzoongithub/nudge4j) - Java tool to let the browser talk to the JVM
* [IDA](https://www.hex-rays.com/products/ida/) - IDA is a Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger
* [OllyDbg](http://www.ollydbg.de/) - A 32-bit assembler level analysing debugger for Windows
* [x64dbg](http://x64dbg.com/) - An open-source x64/x32 debugger for Windows
* [dex2jar](https://github.com/pxb1988/dex2jar) - Tools to work with Android .dex and Java .class files
* [JD-GUI](http://jd.benow.ca/) - A standalone graphical utility that displays Java source codes of Γ’β¬Ε.classΓ’β¬ files
* [procyon](https://bitbucket.org/mstrobel/procyon/wiki/Java%20Decompiler) - A modern open-source Java decompiler
* [androguard](https://code.google.com/p/androguard/) - Reverse engineering, malware and goodware analysis of Android applications
* [JAD](http://varaneckas.com/jad/) - JAD Java Decompiler (closed-source, unmaintained)
* [dotPeek](https://www.jetbrains.com/decompiler/) - a
free-of-charge .NET decompiler from JetBrains
* [ILSpy](https://github.com/icsharpcode/ILSpy/) - an open-source .NET assembly browser and decompiler
* [dnSpy](https://github.com/0xd4d/dnSpy) - .NET assembly editor, decompiler, and debugger
* [de4dot](https://github.com/0xd4d/de4dot) - .NET deobfuscator and unpacker.
* [antinet](https://github.com/0xd4d/antinet) - .NET anti-managed debugger and anti-profiler code
* [UPX](http://upx.sourceforge.net/) - the Ultimate Packer for eXecutables
* [radare2](https://github.com/radare/radare2) - A portable reversing framework
* [plasma](https://github.com/joelpx/plasma) - Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.
* [Hopper](https://www.hopperapp.com) - A OS X and Linux Disassembler/Decompiler for 32/64-bit Windows/Mac/Linux/iOS executables.
* [ScratchABit](https://github.com/pfalcon/ScratchABit) - Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST Hacking #Tools :
* [nudge4j](https://github.com/lorenzoongithub/nudge4j) - Java tool to let the browser talk to the JVM
* [IDA](https://www.hex-rays.com/products/ida/) - IDA is a Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger
* [OllyDbg](http://www.ollydbg.de/) - A 32-bit assembler level analysing debugger for Windows
* [x64dbg](http://x64dbg.com/) - An open-source x64/x32 debugger for Windows
* [dex2jar](https://github.com/pxb1988/dex2jar) - Tools to work with Android .dex and Java .class files
* [JD-GUI](http://jd.benow.ca/) - A standalone graphical utility that displays Java source codes of Γ’β¬Ε.classΓ’β¬ files
* [procyon](https://bitbucket.org/mstrobel/procyon/wiki/Java%20Decompiler) - A modern open-source Java decompiler
* [androguard](https://code.google.com/p/androguard/) - Reverse engineering, malware and goodware analysis of Android applications
* [JAD](http://varaneckas.com/jad/) - JAD Java Decompiler (closed-source, unmaintained)
* [dotPeek](https://www.jetbrains.com/decompiler/) - a
free-of-charge .NET decompiler from JetBrains
* [ILSpy](https://github.com/icsharpcode/ILSpy/) - an open-source .NET assembly browser and decompiler
* [dnSpy](https://github.com/0xd4d/dnSpy) - .NET assembly editor, decompiler, and debugger
* [de4dot](https://github.com/0xd4d/de4dot) - .NET deobfuscator and unpacker.
* [antinet](https://github.com/0xd4d/antinet) - .NET anti-managed debugger and anti-profiler code
* [UPX](http://upx.sourceforge.net/) - the Ultimate Packer for eXecutables
* [radare2](https://github.com/radare/radare2) - A portable reversing framework
* [plasma](https://github.com/joelpx/plasma) - Interactive disassembler for x86/ARM/MIPS. Generates indented pseudo-code with colored syntax code.
* [Hopper](https://www.hopperapp.com) - A OS X and Linux Disassembler/Decompiler for 32/64-bit Windows/Mac/Linux/iOS executables.
* [ScratchABit](https://github.com/pfalcon/ScratchABit) - Easily retargetable and hackable interactive disassembler with IDAPython-compatible plugin API
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - lorenzoongithub/nudge4j: Get inside your JVM
Get inside your JVM. Contribute to lorenzoongithub/nudge4j development by creating an account on GitHub.