▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑ASTRA LINUX TIPS :

🐧 How to use Sudo when used with Output Redirection or Pipe ?

1) Use sudo with tree
For example, to redirect the output from echo 1 to ip_forward, run:

$ sudo echo 1> / proc / sys / net / ipv4 / ip_forward
bash: / proc / sys / net / ipv4 / ip_forward: Permission denied

2) The above sudo command resulted in a permission denied error because the redirection is done by a shell that does not have write permission.

We can use the sudo command with the tee command to fix this error:

$ echo 1 | sudo tee / proc / sys / net / ipv4 / ip_forward

3) With the approach described above, the command executed before the pipe will not be executed as the root user (echo 1).

4) This is useful if you just want the output of a program that does not require root privileges.

If the command before the pipe requires root, we could use sudo before each command, for example:

$ sudo echo 1 | sudo tee / proc / sys / net / ipv4 / ip_forward> / dev / null

5) A similar approach that we can use to write "1" to the "ip_forward" file as in the previous examples is to level up the write process to the file.

🦑Here's an example:

$ sudo tee / proc / sys / net / ipv4 / ip_forward> / dev / null << EOF

EOF

6) Start the shell with sudo -c
Another popular approach is to start another shell as root with the -c option.

🦑Example:

$ sudo sh -c 'echo 1> / proc / sys / net / ipv4 / ip_forward'
Start the shell with sudo -s
Another way is to start a shell with sudo -s and then execute the command:

$ sudo -s
# echo 1> / proc / sys / net / ipv4 / ip_forward
# ^ D

6) With a Bash script
Another way to run sudo with a redirect or pipe is to create a bash script with all your commands and run that script with sudo.

Let's see how we can implement this.

7) First, we need to create a new file using any text editor like nano, vim, gedit or whatever.

Let's call it myscript.sh.

8) Then paste the following commands into myscript.sh and save the file:

#! / bin / sh
echo 1> / proc / sys / net / ipv4 / ip_forward
Now you just need to run the myscript.sh file using the sudo command:

$ sudo myscript.sh

Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How secure li nux from malwares ?

1) Beware of the
emergence of Linux virus at the beginning of Linux. Due to its original excellent design, it seems to have innate virus immunity. At that time, many people believed that there would not be a virus against Linux, but Linux is no exception. In the autumn of 1996, an organization called VLAD in Australia wrote Staog, which is said to be the first virus under Linux, in assembly language. It specifically infects binary files and tries to obtain root permissions in three ways. Of course, the Staog virus is designed to demonstrate and prove that Linux is potentially dangerous to be infected by the virus. It does not perform any damage to the infected system.

2) Grasp the weaknesses. Everyone who breaks
Linux may have heard of or even encountered some Linux viruses. The principles and symptoms of these Linux viruses are different, so the prevention methods they take are also different. In order to better prevent Linux viruses, we first classify some known Linux viruses.
From the current appearance of Linux viruses, it can be summarized into the following virus types:

A) Viruses that infect ELF format files
This type of virus uses ELF format files as the main target of infection, and viruses that can infect ELF files can be written through compilation or C. Lindose virus is a virus that can infect ELF files. When it finds an ELF file, it will check whether the infected machine type is Intel80386. If it is, check whether there is a part of the file with a size greater than 2784 bytes (or hexadecimal AEO). If there is, the virus will overwrite it with its own code and add the code of the corresponding part of the host file, and the host The entry point of the file points to the virus code part.

B) Script viruses
Script viruses refer to viruses written in script languages ​​such as shell. This type of virus is relatively simple to write and does not require high-level knowledge. It is easy to damage the system, such as deleting files, disrupting the normal operation of the system, or even downloading and installing Trojan horses. But it is not very spreading, and usually causes damage on the machine.
Prevention: To prevent such viruses, you must also be careful not to run scripts of unknown origin, and at the same time, strictly control the use of root permissions.

Worm virus
The worm virus under Linux is similar to the worm virus under Windows. It can run independently and spread itself to other computers.

Worms under the Linux platform usually use vulnerabilities in some Linux systems and services to spread. For example, the Ramen virus uses the rpc.statd and wu-ftp security of certain versions of Linux (Redhat6.2 and 7.0) The vulnerability is spread.

Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How UChecker works
Uchecker works with all modern Linux distributions starting from version 6.

It is free JSON software and is open for distribution and / or modification under the terms of the GNU General Public License.

Uchecker detects processes that are using old (i.e. unpatched) shared libraries.

It detects and reports obsolete libraries that are being used by running processes.

Its detection capabilities are based on BuildID comparisons.

As a result, the tool knows about deleted or replaced files.

The Uchecker tool can determine the process ID and name, as well as the names of the shared libraries that are not patched, as well as their build IDs.

Uchecker gets the latest BuildIDs from KC resources.

It then starts the process by iterating over / proc / and gets the associated shared library from / proc / <pid> / maps.

At this point, Uchecker asks if the shared library has been replaced or removed.

F E A T U R E S :

Uchecker allows you to update your FOSS libraries.

You can avoid the usual hassle of rebooting servers because you don't know which processes need to be restarted.

This is true for OpenSSL and GNU C (glibc) libraries, among others.

Thanks to technologies such as KernelCare +, it is now even possible to hot fix vulnerabilities in core user space libraries in addition to the Linux kernel libraries.

You can update apps without affecting their working state.

No restarts or reboots required.

Download script:
https://github.com/cloudlinux/kcare-uchecker
Depending on the answer, the program will either parse ELF from the file system or parse ELF from mapped memory.

Uchecker then collects the BuildID from the .note.gnu.build-id.

Detecting obsolete in-memory libraries with UChecker
No installation required!

🦑Just run the Uchecker script to find the unpatched libraries on your Linux server:

# curl -s -L https://kernelcare.com/checker | python

Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is DevSecOps?
#Forbeginers :)))

DevSecOps is security as a code culture where you integrate security tools into the DevOps lifecycle.

Security as part of the DevOps process is the only way to mitigate risk.

It is a transformational shift that includes the culture, practices, and security tools at every stage of the DevOps process.

It removes silos between development, security, and admin teams.

It follows a 'shift to the left' approach, which means implementing security processes early in the design / planning phase to provide security awareness for development and administration teams and meet cybersecurity requirements.

Here's how DevSecOps is implemented:

Security and development team collaboration on a threat model
Integration of security tools into the development pipeline
Prioritize security requirements as part of the product backlog
Reviewing infrastructure-related security policies prior to deployment
Security experts evaluate automated tests.
Modern technological innovation plays a vital role in DevSecOps.

Security as code, compliance as code, and infrastructure as code can eliminate many of the manual security steps and improve overall efficiency.

Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🔒Vault Tutorial Hacking :

1) While Vault can be installed on a variety of platforms (www.vaultproject.io/downloads.html), there is one very smart approach that will work for later cloud migration is to use a published Docker container.

2) To get started, you still need to download the Vault binary for your local machine in order to use the Vault client.

$ docker run -p 8200:8200
--cap-add=IPC_LOCK -d --name=dev-vault vault

3) If you've run it in the past but don't see it working with Docker PS, just run: If you want to force the token (for automation later this will come in handy)

$ docker run vault


$ docker run -p 8200:8200
--cap-add=IPC_LOCK -e 'VAULT_DEV_ROOT_TOKEN_ID=5l8v34FMhOVBozD9IAAkHREj' vault
==> Vault server configuration:

Api Address: http://0.0.0.0:8200
Cgo: disabled
Cluster Address: https://0.0.0.0:8201
Once started, make sure your container is listening on 8200, log in with the vault login.

define IP

4) docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
44597b284377 vault "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 0.0.0.0:8200->8200/tcp vigorous_darwin


5) vault login -address=http://0.0.0.0:8200
Token (will be hidden):
Success! You are now authenticated. The token information displayed below
is already stored in the token helper. You do NOT need to run "vault login"
again. Future Vault requests will automatically use this token.

Key Value
--- -----
token 5lxyundercode
token_accessor asdfsadundercode
token_duration ∞
token_renewable false
token_policies ["root"]
identity_policies []
policies ["root"]
You can create a credential file (plain text) and pass it with "-" for non-interactive sessions.
You can also use the REST API to log in non-interactively (anything you can do in the CLI can be done through the API).

6) One of the nice things about running a Vault container is that you can run multiple instances at the same time in developer mode by simply using different container IP addresses.

using pod ip

docker inspect zen_chatterjee | grep IPAddress
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.2",
"IPAddress": "172.17.0.2",
$ sudo ifconfig lo0 alias 172.17.0.2
$ sudo vi /etc/hosts
$ cat /etc/hosts | grep vault.local
172.17.0.2 vault.local

$ vault login -address=http://vault.local:8200
Token (will be hidden):
Success! You are now authenticated.

Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🖧 Burp Bounty: BurpSuite extension to improve active and passive scanner ?

Burp Bounty - Scan Check Builder
This Burp Suite extension allows you to quickly and easily improve your active and passive burpsuite scanner with personalized rules through a very intuitive GUI.
XSS rendered and saved
SQL injection based on errors
Blind SQL Injection
Blind SQL injection based on time
XXE
Blind XXE
SSRF
CRLF
Information disclosure
Nginx off-by-slash by Orange Tsai
Command injection
Poisoning the web cache
Blind command injection
Open redirect
Including files locally
Remote file inclusion
Traversing the path
LDAP injection
XML injection
SSI Injection
XPath Injection
etc.

Security headers
Cookie Attributes
Extract endpoints
Software versions
Error lines
In general, any string or regular expression in the response.
Passive request scanning
Interesting parameters and values
In general, any string or regular expression in a request.


Download & use
https://github.com/wagiro/BurpBounty/releases/


ENJOY :)

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑iOs Hacking apps list 3 :

https://spytomobile.com/ru

https://phonespector.com/

https://hellospy.soft112.com/

https://www.cocospy.com/iphone-spy-app.html

https://www.elcomsoft.com/eppb.html

https://github.com/GeoSn0w/Myriam

https://github.com/BishopFox/iSpy

https://www.cydiahacks.net/xsellize-repo-source.html

https://www.veracode.com/resources?assettype=toolkit#resources-results

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Windows Hacking tools :

http://www.ettercap-project.org/

https://www.wireshark.org/

https://intruder.io/?utm_source=referral&utm_campaign=softwaretestinghelp-ethical-hacking-tools

https://www.metasploit.com/

https://www.softwaretestinghelp.com/Kiuwan-Hacking

https://www.acunetix.com/vulnerability-scanner/

https://www.paterva.com/web6/products/maltego.php

https://www.netsparker.com/web-vulnerability-scanner/

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 IP address and DNS Lookup Tools :

- [bgp](https://bgp.he.net/)
- [Bgpview](https://bgpview.io/)
- [DataSploit (IP Address Modules)](https://github.com/DataSploit/datasploit/tree/master/ip)
- [Domain Dossier](https://centralops.net/co/domaindossier.aspx)
- [Domaintoipconverter](http://domaintoipconverter.com/)
- [Googleapps Dig](https://toolbox.googleapps.com/apps/dig/)
- [Hurricane Electric BGP Toolkit](https://bgp.he.net/)
- [ICANN Whois](https://whois.icann.org/en)
- [Massdns](https://github.com/blechschmidt/massdns)
- [Mxtoolbox](https://mxtoolbox.com/BulkLookup.aspx)
- [Ultratools ipv6Info](https://www.ultratools.com/tools/ipv6Info)
- [Viewdns](https://viewdns.info/)
- [Umbrella (OpenDNS) Popularity List](http://s3-us-west-1.amazonaws.com/umbrella-static/index.html)

git 2020
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁