▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is ping monitoring ?

1) Without getting into complex ping monitoring, it refers to the way our devices access the Internet.

2) Basically, when you want to go online, your device (computer, tablet, phone, etc.), known as a client, communicates with another device for information.

3) To make a request for information, your device sends a request (known as a packet) to the server that stores the information. To access a packet, the server needs to know who is requesting it so they can send it back.

4) Packages can be sent in a variety of ways, some of which are faster than others. The one most people are familiar with is HTTP .

5) This way, the server processes your packets and sends them back using the ping command , which tests the connection between the client and the server.

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Detailed fresh Proxies List :

https://pastebin.com/QkqFVpCZ

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 new update SIPVicious suite is a set of security tools that can be used to audit SIP based VoIP systems.:

1) svmap
this is a sip scanner. When launched against
ranges of ip address space, it will identify any SIP

2) servers
which it finds on the way. Also has the option to scan
hosts on ranges of ports.

3) svwar
identifies working extension lines on a PBX. A working extension is one that can be registered.
Also tells you if the extension line requires authentication or not.

4) svcrack
a password cracker making use of digest authentication.
It is able to crack passwords on both registrar servers and proxy servers. Current cracking modes are either numeric ranges or words from dictionary files.

5) svreport
able to manage sessions created by the rest of the tools and export to pdf, xml, csv and plain text.

6) svcrash
responds to svwar and svcrack SIP messages with a message that causes old versions to crash.
For usage help make use of -h or --help switch.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/enablesecurity/sipvicious.git

2) cd sipvicious/
Setup the tool.

3) python setup.py install

4) Fire-up the scripts one by one.

sipvicious_svmap --help
sipvicious_svcrack --help
sipvicious_svcrash --help
sipvicious_svwar --help
sipvicious_svreport --help

5) Installing via pip:
Simply using pip install sipvicious should do.

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑A quick way to get the row count of all tables in a database is to query the data from the information_schema database directly:
#FastTips

// SELECT
table_name,
table_rows
FROM
information_schema.tables
WHERE
table_schema = 'classicmodels'
ORDER BY table_name; ////


1) This method is sometimes inaccurate because the number of rows in information_schema and the actual number of rows in the tables are out of sync. To avoid this, you must execute the ANALYZE TABLE statement before querying the row count from the information_schema database.

2) ANALYZE TABLE table_name, ...;

#FastTips
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑MySQL Security - Generate a random password :

MySQL has the ability to generate random passwords for user accounts, as an alternative to requiring explicit administrator-supplied literal passwords.

The database administrator can use CREATE USER, ALTER USER, or SET PASSWORD to generate random passwords for user accounts.

> Let's take a quick look at using MySQL 8.0

MySQL SQL> SELECT VERSION ();
+ ----------- +
| VERSION () |
+ ----------- +
| 8.0.19 |
+ ----------- +


1) Create user account
To create a new MySQL user account with a random password, use the CREATE USER statement with the IDENTIFIED BY RANDOM PASSWORD clause:

MySQL SQL>
CREATE USER aUser @ localhost IDENTIFIED BY RANDOM PASSWORD;
+ ---------- + ----------- + ---------------------- +
| user | host | generated password |
+ ---------- + ----------- + ---------------------- +
| Stella | localhost | M3BA1Po% as1Kse8Jt! AC |
+ ---------- + ----------- + ---------------------- +


2) Change user account
To assign a new random password for the MySQL user account, use the ALTER USER statement with the IDENTIFIED BY RANDOM PASSWORD clause:

MySQL SQL>
ALTER USER aUser @ localhost IDENTIFIED BY RANDOM PASSWORD;
+ ---------- + ----------- + ---------------------- +
| user | host | generated password |
+ ---------- + ----------- + ---------------------- +
| AndreyEx | localhost | SjAA * @ (LA & fd43IOj> vS |
+ ---------- + ----------- + ---------------------- +


3) Assign a password
Another way to assign a new random password to the MySQL user account is to use the SET PASSWORD statement with the TO RANDOM clause:

MySQL SQL>

4) SET PASSWORD FOR aUser @ localhost TO RANDOM;
+ ---------- + ----------- + ---------------------- +
| user | host | generated password |
+ ---------- + ----------- + ---------------------- +
| Stella | localhost | 7kaJY ^% x1 <b8kT & 84Du, |
+ ---------- + ----------- + ---------------------- +

5) Please note that by default the generated random passwords are 20 characters long.
This length is controlled by the generate_random_password_length system variable, which has a range of 5 to 255.

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Find the road less traveled
^ means find the application (or parts of an application) less tested.

1. *.acme.com scope is your friend

2. Find domains via Google (and others!) a. Can be automated well via recon-ng and other tools.

3. Port scan for obscure web servers or services (on all domains)

4. Find acquisitions and the bounty acquisition rules a. Google has a 6 month rule

5. Functionality changes or re-designs

6. Mobile websites

7. New mobile app versions

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BEST WHATSAPP CHAT-BOTS :

https://www.engati.com/

https://www.aivo.co/en/agentbot-automatic-support-chat/

https://www.messengerpeople.com/

https://botsociety.io/whatsapp-bot

https://panel.rapiwha.com/landing/#service

https://www.gupshup.io/developer/docs/bot-platform/guide/build-deploy-test-bots-on-whatsapp

https://whatsapp.yalochat.com/demo?utm_source=website5.0&utm_medium=WhatsAppDemo

https://www.liveperson.com/products/ai-chatbots/

https://www.chatcompose.com/whatsappen.html

https://landbot.io/whatsapp/

https://morph.ai/whatsapp

https://www.botsza.com/

https://snatchbot.me/

https://flow.ai/

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑ALL WAYS REBOOT LINUX- ubuntu
Since restarting the server is a functionally critical task, it can only be performed by users with administrator rights. In other words, you need to be superuser or use sudo to run commands to restart or shutdown the system.



1) Use the reboot command
If you want to restart your Ubuntu server immediately, you can use this command:

> sudo reboot now


If you don't use "now" in the above command, it will reboot the system after one minute.

If for some reason your Ubuntu server won't restart, you can try restarting it with the -f option.

> sudo reboot -f


2) Use the shutdown command
There are other ways as well. Our preferred way is to use the shutdown command on Linux. With the -r option, the shutdown command will reboot the system rather than just shutting down.

> sudo shutdown -r now


You can specify a timestamp instead. 0 means immediate shutdown / reboot. You can also use the -h option to stop. With this option, the system will first kill all processes and then shutdown the CPU.

> sudo shutdown -r -h +0


3) Use the systemd command
Ubuntu uses systemd, so you can also use the systemd command to reboot your server:

> sudo systemctl reboot


@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HASH CRACKING FREE ONLINE :
Best popular websites -list 2

md5cracker.org.

md5decrypt.org.

crackstation.net.

hashkiller.co.uk.

crackstation.net

hashkiller.co.uk

reverse-hash-lookup.online-domain-tools.com

md5decrypt.net

onlinehashcrack.com

cmd5.org

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Postfix vs. Sendmail :
#fastTips

Postfix and Sendmail are in the same category of Mail Transfer Agents. When selecting the MTA (Mail Transfer Agent) for your system, to choose the best option that meets your needs, you must consider a few important features, such as performance, security, documentation, and feasibility. The following points are given, based on which you can explore some technical aspects of MTAs:

1) More than one configuration file

2) Minimal syntax

3) Which type of scripting language is used

4) Check code stability

5) Source code contribution

6) Set of minimum features

Postfix vs. Sendmail – Comparison


Postfix and Sendmail are both MTAs, but the Postfix mail server is security-oriented, whereas Sendmail is a standard mail transfer agent for Unix systems. Based on the following features, we can easily compare some major differences.

#FastTips
unixforum
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to control your Mac with an iPhone :

1) Download Gateway on Mac
First you need to install Gateway on your computer.

> You can download the application from the Momentous Studio website https://www.momentous.studio/gateway or via the link below.

> The app is not available in the Mac App Store. It only works on macOS 10.13 High Sierra or newer.

Gateway Desktop for Mac https://gateway-software-update-bucket.s3.eu-west-1.amazonaws.com/Gateway.dmg

2) Install Gateway Desktop for Mac
Double click on the DMG file, which should be in the Downloads folder. The installation of the application will begin. When the disk image opens in a new window, add the Gateway Desktop to the Applications folder by dragging and dropping the icon there.

3) In the Applications folder, double-click the Gateway Desktop. Since this is a third-party program, you need to click on launch confirmation. Click "Open". You may need to change your gatekeeper settings if there is no Open button.

4) Give Gateway Desktop full disk access
When you start Gateway Desktop for the first time, some information is given. On the last page, you need to give a few permissions. The app asks for full disk access, which it needs to communicate and control your Mac with the iPhone. You can click the arrow button to open Settings> Security & Privacy.

5) If you click Next instead, you will be able to manually configure the settings. Before that, click on the Gateway Desktop icon in the Mac menu, then click on (•••) and "Exit". Now there will be no request to do this later.

6) Open the system settings, go to the "Security and privacy" section. From the Privacy tab in the left pane, select Full Disk Access. If the settings are locked, click on the lock at the bottom left, enter your password and click "Unlock".

If you do not see Gateway in the list of applications, click on the plus sign (+), find and select Gateway Desktop, click Open and make sure the checkbox is checked.

7) Give Gateway Desktop Accessibility
Before closing the settings, you need to give access to accessibility features. This allows the app to control your Mac from your iPhone. Select accessibility in the left pane, select Gateway from the list. If the app is not here, click on the (+) button, select Gateway Desktop, and click Open. Click on the lock at the bottom left to prevent further changes and exit the settings.

8) Reboot Gateway Desktop
You will need to log out and back in the Gateway Desktop application to apply the changes.

9) Select a password for remote access (optional)
When the Gateway Desktop application is running, click on the icon in the menu, select (•••) and go to settings. The "Security" tab should be open, where you need to enter the password and exit the settings. This step is optional, but provides an additional layer of security.

10) Installing Gateway on iPhone
On Mac, the installation is almost complete, now you need to install the program on your iPhone. The app is available in the iOS App Store. Requires iOS 13.2 or later. You can install the application on iPhone, iPad, iPod touch.

11) Find your Mac in Gateway Control
Open Gateway on iPhone, then wait for Mac to appear there. If you don't see it, make sure your computer and smartphone are on the same Wi-Fi network and then try again. When the device is found, the default Mac name and IP address will appear in the list. Click on it, enter your password and click "Connect". If you have not set a password, you can connect without it.

12) .Use the Gateway to remotely control your Mac
When you access your Mac via the iPhone app, you will see the System Control remote. Various functions can be performed here. When you select one of these, you need to grant more Gateway Desktop rights before you can use these features. Here's what you can do:

Sleep mode . The computer will be put to sleep without locking the screen.

Reboot .

Screen lock . To unlock, you will need to enter a password.

Shutdown .

Muting the sound .

Volume control .

13) Adding additional controls.
Only the simplest possibilities are described above. If you're willing to pay a little, you can click on the icon to access the Gateway Store. Here, with a one-time purchase, you can expand the possibilities of remote control. Some of the features are free, such as Apple Music Control, Podcasts, Screenshot, VLC and Force Quit.

14) Once you've added these features, you'll see them on the home screen of the System Control app on your Mac. You can click on the Blocks icon at the top to view them in a short list. There you can change the order of the commands. After that click "Finish" and close the settings.

15) Give Gateway Desktop additional permissions
We will not describe how each control or Block works. It must be said that some of them require additional permissions on the Mac computer. In particular, system events for automation, which controls interface elements by simulating keyboard and mouse actions.

The first time you encounter these applications, you will be prompted for access on your Mac. You need to click OK. Access permission can be seen under System Preferences> Security & Privacy> Privacy> Automation. Once you've given permission once, it should work for future Blocks too.

15) Momentous Studios does not store your data and requests. The developers say this information is stored locally on user devices.

Gateway's only drawback is that the iPhone and Mac must be on the same wireless network. If you want to get remote access away from home, this is not yet possible with the Gateway. Hopefully, SSH (Secure Shell) will appear in the future for access from an application on an iPhone. Until then, you can use Chrome Remote Desktop, which turns your iPhone into a mouse and trackpad for your Mac if it's running the client.

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to hack web browsers with BeEF :

1) Launch BeEF
BeEF is built into Kali Linux and can be run as a service and accessed through a web browser on your computer (localhost). So let's start by launching Kali and then BeEF. Go to Applications -> Kali Linux -> System Services -> BeEF -> beef start.

2) Open your browser and go to BeEF
The BeEF server is accessed through any browser on our local web server (127.0.0.1) on port 3000. To access its authentication page, follow the link:

http: // localhost: 3000 / ui / authentication
The default credentials are "beef" for username and password.

3) Fine! You are now successfully logged into BeEF and are ready to start using this powerful web browser hacking platform.

Note that in the screenshot below, our local browser 127.0.0.1 appeared in the left pane “Hooked Browsers” after clicking on the demo page link. BeEF also displays the Getting Started window on the right side.

4) View browser details
If we click on the local browser, it will show several tabs with information on the right, including the "Details" window, where you can get all the details about our browser. Since we are using the Iceweasel browser built into Kali, which is built on Firefox, it shows that it is a Firefox browser.

It also shows the version number (24), the platform (Linux i686), any components (Flash, websockets), and additional information that we can use in subsequent web application hacks.

5) Browser hijacking
The key to success with BeEF is browser hijacking. This means that we need a victim to visit the vulnerable web application. The code injected into the "captured" browser will then respond to commands from the BeEF server. And from there we can do a number of malicious things on the victim's computer.

BeEF has a JavaScript file called "hook.js" and if we can get the victim to execute it in a vulnerable web application, we will "hijack" their browser we'll look at several ways to hijack the victim's browser.

6) Running commands in the browser
Now that we have hijacked the victim's browser, we can use a large number of built-in commands that can be executed from the victim's browser. Below are just a few examples, but there are actually many more.

> Get visited domains
> Get visited urls
> Webcam
> Get all cookies
> Capture Google Contacts
> Screenshot

7) When this command is executed, the Adobe Flash dialog box appears on the user's screen: "Allow Webcam?" If he clicks "Allow", the browser will start sending you pictures from the victim's machine.

Of course, you can change the query text, so be creative. For example, you can set up a button to display: “You just won the lottery! Click here to claim your winnings! " or “Your software is out of date. Click here to update and protect your computer. " Messages like this can prompt the victim to click on the button.

8) Receiving cookies
Once we take over the browser, we have almost unlimited possibilities for what we can do. If we want to get the victim's cookies, then we can go to "Chrome Extensions" and select "Get All Cookies"

9) When we click on the "Execute" button in the lower right corner, it will start collecting all cookies from the browser. Obviously, after you have all the user's cookies, you will most likely also have access to all of their websites.

BeEF is an extraordinary and powerful tool for using web browsers. In addition to what we showed you here, it can also be used for attacks against the operating system. We'll be using it and other tools in our new series on hacking web, mobile, and Facebook, so be sure to come back!

USE FOR LEARN !!!
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁