▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑SOME GOOD ANDROID APPS FOR RECOVER LOST DATA"

https://play.google.com/store/apps/details?id=com.wondershare.drfone

https://play.google.com/store/apps/dev?id=6817647156581849686

https://play.google.com/store/apps/details?id=com.easeus.mobisaver

https://play.google.com/store/apps/developer?id=EaseUS+Data+Recovery+Software

https://play.google.com/store/apps/details?id=video.recovery

https://play.google.com/store/apps/developer?id=Tasty+Blueberry+PI

https://play.google.com/store/apps/details?id=com.defianttech.diskdigger

https://play.google.com/store/apps/developer?id=Defiant+Technologies,+LLC

https://play.google.com/store/apps/details?
id=com.greatstuffapps.digdeep

https://play.google.com/store/apps/developer?id=GreatStuffApps

https://play.google.com/store/apps/details?id=photo.recovery

https://play.google.com/store/apps/developer?id=Tasty+Blueberry+PI

https://play.google.com/store/apps/details?id=com.auntec.photo

https://play.google.com/store/apps/developer?id=Suzhou+Aunbox+Software+Co.+Ltd.

https://play.google.com/store/apps/details?id=com.baloota.dumpster

https://play.google.com/store/apps/dev?id=5104976176358171231

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Mod your own apk
#fastTips


source code: https://github.com/kaleemullah360/android-APK-Mods

1) Load APK
java -jar apktool.jar if application-name.apk

2) Decode APK
java -jar apktool.jar decode application-name.apk

3) Recompile APK
java -jar apktool.jar b application-name.apk

4) Add signature using APK Signer
java -jar apk-signer-1.8.5.jar certificate.pem key.pk8 application-name.apk

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Speedup mega download and more:

Get file details and information

Download the file

Read file and Decrypt it

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

first download https://github.com/BaseMax/MegaDownloader

step 1: make api call to mega api server get info about the file with download link api return filename,filesize,download link filename is encrypted string

step 2: we download the encrypted file using the url returned in step 1 api response

step 3: after download decrypt the file

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What can XSS do?

Before we learn the use of XSS, it is necessary for us to know what XSS can do? Or what kind of harm:

· Alter the page, modify the content of the page

· Phishing

· Steal user cookies

· Hijack user (browser) sessions

· Hang ads, brush traffic

· DDoS

· Web page hanging horse

· Get ​​client information (such as UA, IP, open port)

· Spread XSS Worm
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to use the system's built-in commands to get manual antivirus ?

1) Start point Before doing it yourself, remember to be prepared-use TaskList to backup system processes

New viruses have learned to use processes to hide themselves, so we'd better back up the computer's process list when the system is normal. Of course, it's best to back up without running any programs when entering Windows, so that the computer will feel abnormal in the future. You can find the process that may be a virus by comparing the process list.

Enter at the command prompt:

TaskList /fo:csv>g:zc.csv

The function of the above command is to output the current process list in csv format to the "zc.csv" file, g: is the disk you want to save to, and you can open the file with Excel.

2) When you do it yourself, you must be eye-catching-use FC to compare process list files

If you feel that your computer is abnormal, or you know that there is a virus epidemic recently, then it is necessary to check it.

Enter the command prompt and enter the following commands:

TaskList /fo:csv>g:yc.csv

Generate a list of yc.csv files of the current process, and then enter:

FC g:\zccsv g:\yc.csy

After pressing Enter, you can see the difference between the front and rear list files. Through comparison, it is found that the computer has an extra abnormal process named "Winion0n.exe" (here we take this process as an example) and not "Winionon.exe".

3) When making a judgment, remember that the evidence is conclusive-use Netstat to view open ports

For such a suspicious process, how to judge whether it is a virus? According to most viruses (especially Trojan horses) will spread the virus through the port to connect to the outside, you can check the port occupancy.

Enter at the command prompt:

Netstat -ano

The meaning of the parameters is as follows:

a: Display all port information that establishes a connection with the host

n: Display the PID code of the process of opening the port

o: Display address and port information in digital format

After you press Enter, you can see all open ports and external connection processes. Here, a process with PID 1756 (take this as an example) is the most suspicious. Its status is "ESTABLISHED". You can know that this process is "Winion0n" through the task manager. .exe", you can judge that this is an illegal connection by checking the network program running on this machine!

The meaning of the connection parameters is as follows:

LISTENINC: indicates that it is in the listening state, that is, the port is open, waiting for connection, but has not been connected yet, only the service port of the TCP protocol can be in the LISTENINC state.

ESTABLISHED means to establish a connection.

Indicates that the two machines are communicating.

TIME-WAIT means the end of this connection.

It indicates that the port has been accessed once, but the access is over. It is used to determine whether an external computer is connected to the machine.


@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑JavaScript email attachments may carry malicious code ?

Most malicious software in Windows is written in a compiled language such as C or C++ and spread in the form of executable files such as .exe or .dll. Other malware is written using command-line scripts, such as Windows batch or PowerShell.

The malware on the client side is rarely written in web-related languages, such as JavaScript, which is mainly interpreted by the browser. But the built-in Script Host in Windows can also directly execute .js files.

Attackers have only recently started using this technique. Last month, Microsoft warned that js attachments in malicious emails might carry viruses, and ESET’s Security Research Institute also warned that some js attachments might run Locky virus. But in both cases, JavaScript files are used as a downloader of malware. They download from other addresses and install traditional malware written in other languages ​​by default. But RAA is different. This is malware written entirely in JavaScript.

Experts in the BleepingComputer.com technical support forum said that RAA relies on CryptoJS, a secure JavaScript library, to implement its encryption process. The implementation of encryption is very solid, using the AES-256 encryption algorithm.

Once the file is encrypted, RAA will add .locked to the suffix of the original file name. Its encryption targets include: .doc, .xls, .rtf, .pdf, .dbf, .jpg, .dwg, .cdr, .psd, .cd, .mdb, .png, .lcd, .zip, .rar And .csv.

Lawrence Abrams, the founder of BleepingComputer.com, said in a blog: "In the current situation, there is no way to decrypt it except for payment.

According to the user's response, after being infected with RAA, messages in Russian will be randomly displayed, but even if its target is a Russian computer, its proliferation is only a matter of time.

It is very unusual to include JavaScript attachments in emails, so users should avoid opening such files even if they are contained in .zip archives. .js files are rarely used in other places except in websites and browsers.



@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Some good fresh sock5

https://pastebin.com/ekkzzD6S

Tutorials related to exploits

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑WEB HACKING FROM ANDROID:

http://faceniff.ponury.net/

https://github.com/pjlantz/droidbox

https://droidsheep.info/

https://www.zimperium.com/zanti-mobile-penetration-testing

https://github.com/cSploit/android

https://apkpure.com/hackode/com.techfond.hackode

https://play.google.com/store/apps/details?id=org.kost.nmap.android.networkmapper

https://play.google.com/store/apps/details?id=jp.co.taosoftware.android.packetcapture

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Linux privilege escalation auditing tool

LES tool is designed to assist in detecting security deficiencies for given Linux kernel/Linux-based machine

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

Quick download:

wget https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh -O les.sh
Details about LES usage and inner workings:

https://mzet-.github.io/2019/05/10/les-paper.html
Additional resources for the LES:

https://github.com/mzet-/les-res

2) Assess exposure of the Linux box on publicly known exploits:

$ ./linux-exploit-suggester.sh
Show state of security features on the Linux box:

3) $ ./linux-exploit-suggester.sh --checksec
Assess exposure of Linux kernel on publicly known exploits based on the provided 'uname' string (i.e. output of uname -a command):

$ ./linux-exploit-suggester.sh --uname <uname-string>

4) MORE USAGE https://github.com/mzet-/linux-exploit-suggester

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑cdaengine0400.dll manual deletion method:

cdaEngine0400.dll has earlier been reported as spyware, but new reports show that newer versions of the file is clean. We still don't have the file though, and only provide removal instructions.

1) Uninstall notice for WildTangent
Notice that removing WildTangent may cause the program that bundled
it to not function as intended.

2) Uninstall procedure
Uninstall WildTangent from "Add/Remove Programs" in the Windows® Control Panel.

3) The vendor is also offering uninstall instructions. If you run into problems

uninstalling, please contact the vendor for support. Note that you will not be able to play WildTangent games if you decide to uninstall.

4) Earlier versions of WildTangent's uninstaller leaved a large number of files
in the "%WinDir%\wt\" folder which can be deleted manually after running the
uninstaller.
Note: %WinDir% is a variable (?)

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑SUB DOMAINS FINDER TOOLS KALI :

A) Sublist3r
Sublist3r - a tool in Python, intended for the transfer of sub-domains of websites using OSINT.

It helps penetration testers and bug hunters collect subdomains from the domain they are targeting.

Sublist3r lists subdomains using many search engines such as Google, Yahoo, Bing, Baidu, and Ask.

Sublist3r also lists subdomains with Netcraft, Virustotal, ThreatCrowd, DNSdumpster and ReverseDNS.

This very nice tool is hosted on github, although when I last checked there were some complaints about it crashing with some of its engines mentioned above.

🦑How to install sublist3r

git clone https://github.com/about3la/Sublist3r.git

Then, in the directory where you cloned the repository, run:

python3 setup.py install
Then you can just run it like normal Linux commands

sublist3r -d itsecforu.ru

B) Dnscan
Dnscan is a Python wordlist based DNS subdomain scanner.

The script will first try to transfer the zone using each of the target domain name servers.

If that fails, it will look up the domain's TXT and MX records and then recursively scan the subdomains using the provided dictionary.

The tool is dictionary based, which means it will use its internal wordlist to try and check if the subdomain actually exists.
Some of the dictionaries it contains include:
subdomains-1000.txt

subdomains-10000.txt

subdomains-500.txt

subdomains-uk-1000.txt

subdomains-uk-500.txt

subdomains.txt

As you can see, subdomain scanning depends entirely on the above files.
Also this tool is available on the Internet, you can test it:
https://www.nmmapper.com/sys/tools/subdomainfinder/


@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑May you interested in those links :

1) The Hacker Playbook : Practical Guide To Penetration Testing
Link : http://www.allitebooks.com/the-hacker-playbook-practical-guide-to-penetration-testing/

2) The Hacker Playbook 2: Practical Guide To Penetration Testing
Link : http://www.allitebooks.com/the-hacker-playbook-2-practical-guide-to-penetration-testing/

3) Android Hacker's Handbook
Link : http://www.allitebooks.com/android-hackers-handbook/

4) BackTrack 5 Wireless Penetration Testing Beginner's Guide
Link : http://www.allitebooks.com/backtrack-5-wireless-penetration-testing-beginners-guide/

5) Black Hat Python
Link : http://www.allitebooks.com/black-hat-python/


▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to solve the problem that there is a black border around the Windows 10 monitor that cannot be displayed in full screen?

Some friends reported that in the actual application of their win10 system, the display cannot be displayed in full screen and there is a black border around it! How to solve the problem of a black border around the display in win10 cannot be displayed in full screen? Today, the editor brings you a solution to the black border around the win10 monitor that cannot be displayed in full screen. Interested friends should not miss it.

🦑How to solve the problem that there is a black border around the Windows 10 monitor that cannot be displayed in full screen:

1) Press win+r to enter the run window, enter "regedit" and press Enter.

2) In the registry editor window, locate [HKEY_CURRENT_USER/SOFTWARE/BLIZZARD ENTERTAIMENT/WARCRAFTIII/Video].

3) Open the reshight file (screen height) in the left margin and change the numerical data inside to "768", then open the reswidth file (screen width) and change the numerical data to "1366".

4) In the blank area of ​​the desktop, right-click and select "Display Settings".

5) In the window, select "Advanced Display Settings", then change the resolution to "1366 x 768" and click Apply.

#fASTtIPS
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁