▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🔒Vault Tutorial Hacking :

1) While Vault can be installed on a variety of platforms (www.vaultproject.io/downloads.html), there is one very smart approach that will work for later cloud migration is to use a published Docker container.

2) To get started, you still need to download the Vault binary for your local machine in order to use the Vault client.

$ docker run -p 8200:8200
--cap-add=IPC_LOCK -d --name=dev-vault vault

3) If you've run it in the past but don't see it working with Docker PS, just run: If you want to force the token (for automation later this will come in handy)

$ docker run vault


$ docker run -p 8200:8200
--cap-add=IPC_LOCK -e 'VAULT_DEV_ROOT_TOKEN_ID=5l8v34FMhOVBozD9IAAkHREj' vault
==> Vault server configuration:

Api Address: http://0.0.0.0:8200
Cgo: disabled
Cluster Address: https://0.0.0.0:8201
Once started, make sure your container is listening on 8200, log in with the vault login.

define IP

4) docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
44597b284377 vault "docker-entrypoint.s…" 2 minutes ago Up 2 minutes 0.0.0.0:8200->8200/tcp vigorous_darwin


5) vault login -address=http://0.0.0.0:8200
Token (will be hidden):
Success! You are now authenticated. The token information displayed below
is already stored in the token helper. You do NOT need to run "vault login"
again. Future Vault requests will automatically use this token.

Key Value
--- -----
token 5lxyundercode
token_accessor asdfsadundercode
token_duration ∞
token_renewable false
token_policies ["root"]
identity_policies []
policies ["root"]
You can create a credential file (plain text) and pass it with "-" for non-interactive sessions.
You can also use the REST API to log in non-interactively (anything you can do in the CLI can be done through the API).

6) One of the nice things about running a Vault container is that you can run multiple instances at the same time in developer mode by simply using different container IP addresses.

using pod ip

docker inspect zen_chatterjee | grep IPAddress
"SecondaryIPAddresses": null,
"IPAddress": "172.17.0.2",
"IPAddress": "172.17.0.2",
$ sudo ifconfig lo0 alias 172.17.0.2
$ sudo vi /etc/hosts
$ cat /etc/hosts | grep vault.local
172.17.0.2 vault.local

$ vault login -address=http://vault.local:8200
Token (will be hidden):
Success! You are now authenticated.

Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🖧 Burp Bounty: BurpSuite extension to improve active and passive scanner ?

Burp Bounty - Scan Check Builder
This Burp Suite extension allows you to quickly and easily improve your active and passive burpsuite scanner with personalized rules through a very intuitive GUI.
XSS rendered and saved
SQL injection based on errors
Blind SQL Injection
Blind SQL injection based on time
XXE
Blind XXE
SSRF
CRLF
Information disclosure
Nginx off-by-slash by Orange Tsai
Command injection
Poisoning the web cache
Blind command injection
Open redirect
Including files locally
Remote file inclusion
Traversing the path
LDAP injection
XML injection
SSI Injection
XPath Injection
etc.

Security headers
Cookie Attributes
Extract endpoints
Software versions
Error lines
In general, any string or regular expression in the response.
Passive request scanning
Interesting parameters and values
In general, any string or regular expression in a request.


Download & use
https://github.com/wagiro/BurpBounty/releases/


ENJOY :)

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑iOs Hacking apps list 3 :

https://spytomobile.com/ru

https://phonespector.com/

https://hellospy.soft112.com/

https://www.cocospy.com/iphone-spy-app.html

https://www.elcomsoft.com/eppb.html

https://github.com/GeoSn0w/Myriam

https://github.com/BishopFox/iSpy

https://www.cydiahacks.net/xsellize-repo-source.html

https://www.veracode.com/resources?assettype=toolkit#resources-results

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Windows Hacking tools :

http://www.ettercap-project.org/

https://www.wireshark.org/

https://intruder.io/?utm_source=referral&utm_campaign=softwaretestinghelp-ethical-hacking-tools

https://www.metasploit.com/

https://www.softwaretestinghelp.com/Kiuwan-Hacking

https://www.acunetix.com/vulnerability-scanner/

https://www.paterva.com/web6/products/maltego.php

https://www.netsparker.com/web-vulnerability-scanner/

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 IP address and DNS Lookup Tools :

- [bgp](https://bgp.he.net/)
- [Bgpview](https://bgpview.io/)
- [DataSploit (IP Address Modules)](https://github.com/DataSploit/datasploit/tree/master/ip)
- [Domain Dossier](https://centralops.net/co/domaindossier.aspx)
- [Domaintoipconverter](http://domaintoipconverter.com/)
- [Googleapps Dig](https://toolbox.googleapps.com/apps/dig/)
- [Hurricane Electric BGP Toolkit](https://bgp.he.net/)
- [ICANN Whois](https://whois.icann.org/en)
- [Massdns](https://github.com/blechschmidt/massdns)
- [Mxtoolbox](https://mxtoolbox.com/BulkLookup.aspx)
- [Ultratools ipv6Info](https://www.ultratools.com/tools/ipv6Info)
- [Viewdns](https://viewdns.info/)
- [Umbrella (OpenDNS) Popularity List](http://s3-us-west-1.amazonaws.com/umbrella-static/index.html)

git 2020
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

An dangerous vulnerability was discovered in OpenStack blazar.
#Vulnerabilities

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑bUILD YOUR OWN OTP :
building massively scalable soft real-time systems with requirements on high availability.

Binary Distributions
Erlang/OTP is available as pre-built binary packages by most OS package managers.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) apt-get install erlang
Compiling from source

2) git clone https://github.com/erlang/otp.git

3) cd otp

4) ./otp_build autoconf

5) ./configure

6) make

7) make install

🦑EXAMPLE :

-module(hello).
-export([world/0]).

world() -> io:format("Hello, world\n").
Save the file as hello.erl and run erl to enter the Erlang shell to compile the module.

Erlang/OTP 19 [erts-8.2] [source] [64-bit] [smp:4:4] [async-threads:10] [hipe] [kernel-poll:false] [dtrace]

Eshell V8.2 (abort with ^G)
1> c(hello).
{ok,hello}
2> hello:world().
Hello, world
ok

git 2020
don't clone our tutorials
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑This API is inspired by and loosely based on the following discussions:


https://github.com/whatwg/html/issues/3745#issuecomment-395327173

https://developers.google.com/identity/sms-retriever/overview


» The Web OTP API tutorials :

https://discourse.wicg.io/t/sms-otp-retrieval/3499

https://groups.google.com/a/chromium.org/d/msg/blink-dev/-bdqHhCyBwM/yFoKtQQRAQAJ

https://github.com/w3ctag/design-reviews/issues/391

https://web.dev/sms-receiver-api-announcement/

✅git 2020
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

DETAILED PROXIES LIST

https://pastebin.com/KqxHjkhC

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑in 4 steps How to set the discrete graphics card as the default graphics card in win10 dual graphics card environment:

1) Right-click on the desktop and select the Nivida control panel

2) Click "Manage 3D Settings

3) Click here to select the default graphics card

4) Select "High-performance NVIDIA processor (discrete graphics card)

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁