▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 new list of OSINT Resources :

* [Awesome OSINT](https://github.com/jivoi/awesome-osint) - Awesome list of OSINT

* [OSINT Framework](http://osintframework.com/) - Collection of various OSInt tools broken out by category.

* [Intel Techniques](https://inteltechniques.com/menu.html) - A collection of OSINT tools. Menu on the left can be used to navigate through the categories.

* [NetBootcamp OSINT Tools](http://netbootcamp.org/osinttools/) - A collection of OSINT links and custom Web interfaces to other services such as [Facebook Graph Search](http://netbootcamp.org/facebook.html) and [various paste sites](http://netbootcamp.org/pastesearch.html).

* [Automating OSINT blog](http://www.automatingosint.com/blog/) - A blog about OSINT curated by Justin Seitz, the same author of BHP.

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑The tool detects the wordpress version and try to find the vulnerabilities that are vulnerable on the version,the tools detects also the the plugins and themes installed on the website.

> WPHunter can aslo find the backup files, path disclosure, and checks security headers.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

Installation Linux alt tag

1) git clone https://github.com/Jamalc0m/wphunter.git

2) cd WPHunter

3) php wphunter.php

Installation Windows alt tag

1) Download and install PHP

2) Download WPHunter

3) Extract WPHunter into Desktop

4) Open CMD and type the following commands:

5) cd Desktop/wphunter-master/

6) php wphunter.php

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

VTB online app now have an ability to trade six new currencies 🥳

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BEST CRACKING TOOLS FOR ANY PASSWORD :

https://github.com/crunchsec/crunch

https://github.com/digininja/CeWL

https://github.com/hashcat/hashcat

https://github.com/magnumripper/JohnTheRipper

https://github.com/jmk-foofus/medusa

https://github.com/nmap/ncrack

https://github.com/vanhauser-thc/thc-hydra

https://github.com/gentilkiwi/mimikatz

https://github.com/Tody-Guo/chntpw

https://github.com/digininja/RSMangler

🦑There is much more, those are the fastest tools in cracking process

ENJOY:)
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Clearing linux systemd logs :

1) First check the space taken up by the logs with the du command:

> du -sh / var / log / journal /

2) You can also use journalctl command for the same task:

> journalctl --disk-usage

3) Both commands should give approximately the same result:

> annihilator @ dega-undercode: ~ $ journalctl --disk-usage
Archived and active journals take up 1.6G in the file system.

4) annihilator @ dega-undercode: ~ $ sudo du -sh / var / log / journal /
1.7G / var / log / journal /

5) Now that you know how much space the log logs are taking up, you can decide if you want to clear the logs or not. If you decide to clear your logs, let me show you a few ways to do it.

6) Of course, you can use the rm command to delete files in the log folder, but we won't recommend that. Journalctl command gives you the correct way to handle old journals.

7) The first thing you should do is rotate the log files. This will mark the currently active log logs as archive and create new new logs. This is optional, but good practice.

> sudo journalctl --rotate

8) You now have two ways to clear the old logs. You either delete logs older than a certain time, or you delete old log files so that the total size of the log is limited to a predetermined disk space.

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

I've been given the directive at work to try to automate the things that I can. One thing I'd like to investigate automating is the discovery and recon portions of a pen test. I came across a tool that claims to do just that. Legion is "an open source, easy-to-use, super-extensible and semiautomated network penetration testing framework that aids in discovery, reconnaissance and exploitation of information systems." So let's dive in and see if Legion can help achieve my goals

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Tips for securing SSH on Linux servers :

Don't go blindly follow all the SSH security tips mentioned here. Read all of them and then see which ones suit your needs. Also keep in mind that some tips may not be compatible with others.

For example, if you disable password-based SSH login, you don't need to go to the Fail2Ban solution.

If you are familiar with the basics of SSH, you know that the SSH configuration files are located in / etc / ssh / sshd_config.


Let's see what steps you can take to secure your SSH server :

1) Disable blank passwords

2) Change the default SSH ports

3) Disable root login via SSH

4) Disable ssh 1 protocol

5) Configure the idle timeout interval

6) Allow SSH access only for selected users

7) Disable X11 forwarding

8) Automatically mitigate brute force attacks

ENJOY ❤️👍🏻
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑The rebirth of Trojan horse backdoor in anti-injection :

> For the current popular SQL injection, programmers generally add anti-injection programs when writing programs. Some anti-injection programs will automatically record your IP address as long as we submit some illegal parameters, and the submission is illegal. Parameters and actions, etc., and also write the illegally submitted data into the file with the suffix of the system as ASP.

> This also gives us some places to use. As you know, a word is written by using the incomplete program filtering. Enter, according to this idea, can we add a sentence of horse to the illegal parameter submission and the anti-injection program will record the data we submitted and the sentence of horse and write it into the database, so as to get a WEBSHELL?

—- Ha ha, the answer is yes Yes, but how to bypass the filtering program for a sentence to be written is a problem. The common format of a sentence is "<%execute request("a")%>, but it is difficult for <%%> Bypass HTML filtering, but we can bypass it in different ways

E X A M P L E 1 :

1) Open "http://127.0.0.1/2005/sia-log.asp,

2) "Type mismatch:'execute' appears, and the IE option that displays internal errors shows that friends errors are hooked off.

3) " We use another sentence client to upload one after another and successfully get a WEBSHELL.

🦑Example 2: Let’s talk about the utilization and analysis of the "Happy Audiovisual Music Network V4.0" system:

The system strengthens anti-sql injection, cancels Asp pages, and blocks unfriendly IP or IP segments. The Ip function of the injector is automatically blocked, so that the injector can no longer visit this site!

It can manage and display the system interface in the background. When submitting illegal data after the parameters, the system automatically records your IP address, the illegal parameters and actions submitted, and then the system blocks your IP address

so that you can no longer access the website. Let's take a look at part of the code in the anti-injection sql.asp file. Anyone who has read the anti-injection code can tell at a glance that this file is a modified version.

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

The client has blocked Powershell.exe using AppLocker and I don’t have the dough for Cobalt Strike. I want to get an Empire payload on a workstation via a phishing campaign and I need payloads ready once I have a foothold. Nearly all of the launcher methods for Empire rely on the ability to use PowerShell.exe. Other methods like msbuild.exe requires dropping a file to disk, and I really liked the regsvr32 method of loading my .sct over the internet (it too drops a file to disk) and using a ducky. I also really appreciate the simplicity of VBA’s in documents or HTA’s. Problem is, Empire is a Powershell RAT so one way or another PowerShell has to run.

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 Deepwebsites :

website url: msydqstlz2kzerdg.onion

website url: xmh57jrzrnw6insl.onion

website url: dnmugu4755642434.onion

website: hss3uro2hsxfogfq.onion

website: gjobqjj7wyczbqie.onion

website: haystakvxad7wbk5.onion

website: abikogailmonxlzl.onion

website: 3bbaaaccczcbdddz.onion

source wiki
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑SOME FREE/Paid RANSOMWARE DECRYPTORS :

http://media.kaspersky.com/utilities/VirusUtilities/EN/rakhnidecryptor.zip

https://decrypter.emsisoft.com/download/amnesia

https://decrypter.emsisoft.com/download/amnesia2

https://decrypter.emsisoft.com/apocalypse

https://decrypter.emsisoft.com/apocalypsevm

https://decrypter.emsisoft.com/autolocky

https://decrypter.emsisoft.com/badblock

http://www.avg.com/us-en/ransomware-decryption-tools#bart

https://files.avast.com/files/decryptor/avast_decryptor_btcware.exe

http://media.kaspersky.com/utilities/VirusUtilities/EN/rakhnidecryptor.zip

https://decrypter.emsisoft.com/cryptinfinite

https://decrypter.emsisoft.com/cryptodefense

https://github.com/aaaddress1/my-Little-Ransomware/tree/master/decryptoTool

https://decrypter.emsisoft.com/dmalocker

https://decrypter.emsisoft.com/dmalocker2

https://decrypter.emsisoft.com/fabiansomware

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is ping monitoring?
#FastTips

1) Without getting into complex ping monitoring, it refers to the way our devices access the Internet.

2) Basically, when you want to go online, your device (computer, tablet, phone, etc.), known as a client, communicates with another device for information.

3) To make a request for information, your device sends a request (known as a packet) to the server that stores the information. To access a packet, the server needs to know who is requesting it so they can send it back.

4) Packages can be sent in a variety of ways, some of which are faster than others. The one most people are familiar with is HTTP .

5) This way, the server processes your packets and sends them back using the ping command , which tests the connection between the client and the server.

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑SOME RESOURCES FOR CEH- ONLINE HACKING CERTIFICATE

https://www.eccouncil.org/

https://digitaldefynd.com/best-ethical-hacking-course-certification-training-tutorial/#8_Penetration_Testing_and_Ethical_Hacking_Cybrary

https://digitaldefynd.com/best-ethical-hacking-course-certification-training-tutorial/#9_Ethical_Hacking_Course_for_Beginners_Experts_Pluralsight

https://www.offensive-security.com/

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

New way of leaking,the prosecutor's office verifies the evidence on the selling of vehicles records #Leaks

"He offered $ 1 million for installing malware" #Cyberattacks

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is WSL for? What are the limitations of WSL2 (Windows Subsystem for Linux)

1) we are not actually installing Kali Linux
in fact we don't install Linux at all

2) The Windows Subsystem for Linux is NOT a virtual machine
and is NOT real Linux. If you understand what Wine is (which is also not an emulator), then WSL2 is also a Wine in reverse. WSL2 is simply trying to serve as a Linux kernel to the best of its ability for GNU applications, without being a true Linux kernel.

🦑What does this mean from a practical point of view?

1) This means that we get a very similar situation with Wine, which tries to perform Windows functions (again, to the best of its ability) - something will work fine, something will work with errors, and something will not work at all. ...

2) In WSL2, 100% will not work (in the coming years, and maybe never at all)

absolutely all wireless attacks (Wi-Fi, Bluetooth)

3) Hashcat and other programs using video cards to perform computations (brute force)

4) low-level access to USB devices (for example, to make an image of a disk / flash drive for forensic research)
background server applications

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁