Note that nmap will perform a ping scan under any circumstances, and only the target host is running before subsequent scans will be performed. This option is only used if you just want to know whether the target host is running, and do not want to perform other scans.
　　
5) -sU
　　UDP scanning: If you want to know which UDP (User Datagram Protocol, RFC768) services are provided on a certain host, you can use this scanning method. Nmap first sends a 0-byte UDP packet to each port of the target host. If we receive an ICMP message that the port is unreachable, the port is closed, otherwise we assume it is open.
　　Some people may think that UDP scanning is meaningless. However, I often think of the recent solaris rpcbind defect. rpcbind is hidden on an undisclosed UDP port, the port number is greater than 32770. So even if port 111 (the well-known port number of portmap) is blocked by the firewall, it matters. But can you find out which port greater than 30000 has a program listening? Use UDP scanning! The backdoor of cDc Back Orifice is hidden in a configurable UDP port on the Windows host

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑good HACKING » WireSpy allows attackers to set up quick honeypots to carry out MITMAs. Monitoring and logging functionality is implemented in order to keep records of the victims' traffic/activities. Other tools can be used together with Wirespy to conduct more advanced attacks.

F E A T U R E S :

Capture victims' traffic.

MAC address spoofing.

Set-up honeypot and evil twin attacks.

Show the list of in range access points.

Wireless adapter|card|dongle power amplification.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/aress31/wirespy.git

2) cd wirespy

3) $ chmod +x wirespy.sh

4) $ sudo ./wirespy.sh
Attacks:
eviltwin > launch an evil twin attack
honeypot > launch a rogue access point attack

Commands:
clear > clear the terminal
help > list available commands
quit|exit > exit the program
apscan > show all wireless access points nearby
leases > display DHCP leases
powerup > power wireless interface up (may cause issues)
start capture > start packet capture (tcpdump)
stop capture > stop packet capture (tcpdump)
status > show modules status


@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

For Facbeook users, you can share link or anything related to hacking on facebook.com/groups/UndercodeTesting

Support & Share :

T.me/UndercodeTesting

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FREE APPLICATIONS FOR DNS CHANGERS AND EDITORS :

https://f-droid.org/en/packages/io.github.otakuchiyan.dnsman/

https://play.google.com/store/apps/details?id=com.frostnerd.dnschanger

https://play.google.com/store/apps/details?id=net.mx17.overridedns

https://play.google.com/store/apps/details?id=com.okirat.dnsmanager.pro

https://play.google.com/store/apps/details?id=ua.com.streamsoft.pingtools&rdid=ua.com.streamsoft.pingtools

https://play.google.com/store/apps/details?id=com.cloudflare.onedotonedotonedotone

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Netflix Downloader & Some good projects:

A) Authorization URL
n = NetflixAPI(api_key='*your app key*',
api_secret='*your app secret*',
callback_url='http://www.example.com/callback/')

auth_props = n.get_authentication_tokens()
auth_url = auth_props['auth_url']

#Store this token in a session or something for later use in the next step.
oauth_token_secret = auth_props['oauth_token_secret']

print 'Connect with Netflix via %s' % auth_url
Once you click “Allow” be sure that there is a URL set up to handle getting finalized tokens and possibly adding them to your database to use their information at a later date.

B) Handling the callback
# In Django, you'd do something like
# oauth_token = request.GET.get('oauth_verifier')
# oauth_verifier = request.GET.get('oauth_verifier')

oauth_token = *Grab oauth token from URL*
oauth_verifier = *Grab oauth verifier from URL*

#Initiate the NetflixAPI class in your callback.
n = NetflixAPI(api_key='*your app key*',
api_secret='*your app secret*',
oauth_token=oauth_token,
oauth_token_secret=session['netflix_session_keys'][ 'oauth_token_secret'])

authorized_tokens = n.get_auth_tokens(oauth_verifier)

final_oauth_token = authorized_tokens['oauth_token']
final_oauth_token_secret = authorized_tokens['oauth_token_secret']
final_user_id = authorized_tokens['user_id']
Save those tokens and user_id to the database for a later use?

Return a list of the users Instant Queue
n = NetflixAPI(api_key = '*your app key*',
api_secret = '*your app secret*',
oauth_token=final_tokens['oauth_token'],
oauth_token_secret=final_tokens['oauth_token_secret'])

instant_queue = n.get('users/*final_user_id*/queues/instant')
print instant_queue
Add Gabriel Iglesias: Hot and Fluffy to Instant Queue
# Assume you are using the same NetflixAPI instance as above
try:
add_to_queue = n.post('users/*final_user_id*/queues/instant', params={'title_ref': 'http://api.netflix.com/catalog/titles/movies/70072945'})

print add_to_queue

C) # You can also added "position" to the params to set where this media will be positioned on the users queue.
except NetflixAPIError:
# This returns the added item if successful.
# If it's already in the queue, it will return a NetflixAPIError, code 412
Remove Gabriel Iglesias: Hot and Fluffy to Instant Queue
# Assume you are using the same NetflixAPI instance as above
# When querying for the users Queue, when iterating over the Queue items
# you can use the 'id' for the next call. Where it says *final_user_id*
# that is automatically returned from the Netflix Instant Queue response.

del_from_queue = n.delete('http://api-public.netflix.com/users/*final_user_id*/queues/instant/available/2/70072945')

print del_from_queue

https://pypi.org/project/python-netflix/
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Free and Great:

https://github.com/wtsxDev/reverse-engineering

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FOR LINUX/TERMUX- NEW UPDATES subdomain enumerator;
F E A T U R E S :

Subdomains monitoring: put data to Discord, Slack or Telegram webhooks. See Subdomains Monitoring for more information.

Multi-thread support for API querying, it makes that the maximun time that Findomain will take to search subdomains for any target is 15 seconds (in case of API's timeout).

Parallel support for subdomains resolution, in good network conditions can resolv about 3.5k of subdomains per minute.
DNS over TLS support.

Specific IPv4 or IPv6 query support.

Discover subdomains without brute-force, it tool uses Certificate Transparency Logs and APIs.

Discover only resolved subdomains.

Discover subdomains IP for data analysis.

Read target from user argument (-t) or file (-f).

Write to one unique output file specified by the user all or only
resolved subdomains.

Write results to automatically named TXT output file(s).

Hability to query directly the Findomain database created with Subdomains Monitoring for previous discovered subdomains.

Hability to import and work data discovered by other tools.

Quiet mode to run it silently.

Cross platform support: Any platform, it's written in Rust and Rust is multiplatform. See the documentation for instructions.
Multiple API support.

Possibility to use as subdomain resolver.

Subdomain wildcard detection for accurate results.

Support for subdomain discover using bruteforce method.

Support for configuration file in TOML, JSON, HJSON, INI or YAML
format.

Custom DNS IP addresses for fast subdomains resolving (more than 60 per second by default, adjustable using the --threads option.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) $ git clone https://github.com/Edu4rdSHL/findomain.git -b develop # Only the develop branch is needed

2) $ cd findomain

3) $ cargo build --release

4) $ ./target/release/findomain
To update the repository when new commits are added, just go to the folder where Findomain's develop branch was cloned and excute:

5) $ git pull

6) $ cargo build --release

7) $ ./target/release/findomain

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑The use of identity-based password technology for email encryption :

> In order to simplify the key management problem of the traditional public key cryptosystem, in 1984, A. Shamir, an Israeli scientist and one of the inventors of the well-known RSA system, proposed the idea of ​​identity-based cryptography: the user’s public identity information (such as e-mail addresses) , IP address, name..., etc.) as the user's public key, and the user's private key is generated by a trusted center called the private key generator.

> In the following two decades, the design of identity-based cryptosystems has become a hot research field in cryptography.

> At present, this method is the most promising way to realize large-scale email encryption applications. The more representative domestic system is Saiman Mail Angel System.

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

TONS OF HACKERS BOOKS:

http://index-of.es/

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑how do you intercept traffic?
How to position and set up listening equipment?

I propose to consider options for the location (connection) of equipment for sniffing in a switched environment (we will consider intercepting a wi-fi channel in the next article).
The most convenient way is to install a sniffer directly on the listening host of interest to us.

However, some of the traffic that is very useful for research, but not intended for the end device, will be discarded by the network interface and not sent for processing to the system, and therefore we will not be able to capture this traffic for further research. This traffic includes broadcast traffic within the operation of the switch.

For example, an ARP request that hosts use to determine the MAC address that corresponds to a specific IP address.

1) Knowing the IP, we send an ARP request in order to match the IP-MAC to all devices within the broadcast domain.

2) However, only the target host is “interested” in receiving such a request; other hosts, as mentioned above, will discard the specified packet.

For clarity, using the Cisco Packet racer, consider how a host with IP address 192.168.1.2 sends an ARP request to host 192.168.1.4.

3) Having previously checked that there are no ARP entries on 192.168.1.2 from the word at all with the command arp -a (you can delete them using arp -d), we execute the ping command on 192.168.1.4.

4) Since we do not know the MAC address, we first send an ARP request. The request comes to the switch (cisco 2960), then it is sent to all hosts connected to the switch. After that, host 192.168.1.3 discards the specified one, and 192.168.1.4 responds accordingly.

5) In order to capture all incoming traffic on 192.168.1.3, you need to enable mixed mode of operation on the network interface . The software components Aircrack-ng, Wireshark, tcp dump, etc. allow you to do this.

6) When it is not possible to place a traffic analyzer on the target host , a hub can help .

In this case, the host under investigation and the traffic analyzer in the same switched network segment are connected to the same hub.

As a result, all incoming and outgoing packets will pass through all ports of the hub.

7) For example, by sending packets from Host1 to Host2, Hub0 will send them to both the Host2 under investigation and the Sniffer packet sniffer.

Dropping packets by the Sniffer in the picture is due to the disabled mixed mode of the network adapter

8) Port mirroring remains the most popular way to intercept traffic .

To implement this method, the switch must be manageable, and also have physical or via a remote ssh / Web interface access to it.

The point is that the incoming and outgoing traffic of the device connected to the switch port is mirrored to another switch port where the traffic analyzer is connected.

9) So, having connected, we configure the Cisco 2960 switch to mirror traffic on the fastEthernet 0/1 and fastEthernet 0/2 ports where host1 and host2 are connected, respectively:

Switch> enable
Switch # conf terminal
Switch (config) #monitor session 1 source interface fastEthernet 0/1
Switch (config) #monitor session 1 source interface fastEthernet 0/2
And the port to which the traffic will be mirrored, where the packet analyzer is connected:

Switch (config) #monitor session 1 destination interface f0 / 24
Let's check:

Switch # show monitor

don't clone our tutorials :)
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Some termux hacking tools:

1) git clone https://github.com/

2) AnonHackerr/toolss.git

3) cd toolss

4) chmod +x Tools.py

5) python Tools.py

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

original Hacking The Art of Exploitation Ebook

http://www.mediafire.com/file/ht5dy5dwmf4h0j7/hacking-the-art-of-exploitation.pdf

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Install Suricata IDS on Linux

Might as well build Suricata from source code. You have to install a few required dependencies first, as shown below.

Install dependencies on Debian, Ubuntu or Linux Mint

1) $ sudo apt-get install wget build-essential libpcre3-dev libpcre3-dbg automake autoconf libtool libpcap-dev libnet1-dev libyaml-dev zlib1g-dev libcap-ng-dev libjansson-dev
install dependencies on CentOS, Fedora or RHEL

2) $ sudo yum install wget libpcap-devel libnet-devel pcre-devel gcc-c++ automake autoconf libtool make libyaml-devel zlib-devel file-devel jansson-devel nss-devel

3) Once you have installed all the necessary packages, you can now install Suricata , As shown below.

First, download the latest Suricata source code from http://suricata-ids.org/download/ and compile the code.

4) Now compile and install it.

$ make

$ sudo make install
Suricata source code comes with default configuration files. May wish to install these default configuration files as shown below.

$ sudo make install-conf

5) As you know, Suricata is useless without the IDS rule set. Conveniently, the Makefile comes with IDS rules installation options. To install IDS rules, just run the following command.

$ sudo make install-rules

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁