Tips and tricks

Top reversed eng/ malwares in one repo :

https://github.com/ytisf/theZoo/tree/master/malwares/Source/Reversed

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Framework designed to automate various wireless networks attacks:

Capture victims' traffic.

MAC address spoofing.

Set-up honeypot and evil twin attacks.

Show the list of in range access points.

Wireless adapter|card|dongle power amplification.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/aress31/wirespy

2) cd wirespy

3) $ chmod +x wirespy.sh

Run the script with root privileges:

4) $ sudo ./wirespy.sh

Attacks:
eviltwin > launch an evil twin attack
honeypot > launch a rogue access point attack

Commands:
clear > clear the terminal
help > list available commands
quit|exit > exit the program
apscan > show all wireless access points nearby
leases > display DHCP leases
powerup > power wireless interface up (may cause issues)
start capture > start packet capture (tcpdump)
stop capture > stop packet capture (tcpdump)
status > show modules status

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 post login box injection in SQLMAP

(1) The search-test.txt is the package captured by the package capture tool burp suite and the data is saved as this txt file. When
we use Sqlmap for post-type injection, there are often cases where the request is missed and the injection fails. Here is a little trick, that is, to use sqlmap in combination with burpsuite. This method will be more accurate for post injection testing and it is very easy to operate.

1) Open the target address examplesite .com or http://www.UndercodeTesting.com/Login.asp in the browser

2) Configure the burp proxy (127.0.0.1:8080) to intercept the request

3)Click the submit button in the login form

4) At this time Burp will intercept To our login POST request

5) Copy this post request to txt, I named it search-test.txt and put it in the sqlmap directory

6) Run sqlmap and use the following command:

./sqlmap.py -r search-test.txt -p tfUPass

Here the parameter -r is for sqlmap to load our post request rsearch-test.txt, and -p should be familiar to everyone and specify the parameters for injection.

Injection point: http://testasp.vulnweb.com/Login.asp

Several injection methods: ./sqlmap.py -r search-test.txt -p tfUPass

(2) Automatic search

sqlmap -u [url]http://testasp.vulnweb.com/Login.asp[/url] --forms

(3) Specify parameter search

sqlmap -u [url]http://testasp.vulnweb.com/Login.asp[/url] --data "tfUName=321&tfUPass=321"


▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑NEW TWITTER BOT FOR AUTOMATE IN THE CLUB :

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :


1) You will need your own Twitter account for testing, since the bot tweets from this account. Generate your Twitter API keys by creating a new app.

2) CLONE THIS CODE https://github.com/freeCodeCamp/100DaysOfCode-twitter-bot

3) Create an .env file and add in your API keys and Twitter handle,

» like so:
TWITTER_CONSUMER_KEY=xxxxxxxxxxxxxxxxxxxxdMhxg
TWITTER_CONSUMER_SECRET=xxxxxxxxxxxxxxxxxxxxkFNNj1H107PFv1mvWwEM6CZH0fjymV
TWITTER_ACCESS_TOKEN=xxxxxxxxx-xxxxxxxxxxxxxxxxxxxxecKpi90bFhdsGG2N7iII
TWITTER_ACCESS_TOKEN_SECRET=xxxxxxxxxxxxxxxxxxxxZAU8wNKAPU8Qz2c0PhOo43cGO
QUERY_STRING=#someTestHashtag
TWITTER_USERNAME=YourTestTwitterAccountName

4) Make the Change

5) Change any hashtags to #someTestHashtag to avoid spamming the community hashtag.

6) Run npm/yarn test to check all keys are available before you start.

7) Make your suggested change.

8) Ensure code style follows existing code (run npm run format to apply preferred formatting).

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🌐 OWASP APICheck - DevSecOps Toolkit for HTTP API :

APICheck is a set of HTTP API DevSecOps tools, it integrates existing HTTP API tools, easily creates execution chains, and is designed to integrate with third party tools.
APICheck consists of a set of tools that can be linked together to achieve different functions, depending on how they are linked.
It allows you to create chains of execution and can not only integrate self-developed tools, but can also use existing tools to take advantage of them to provide new functionality.

1) Each tool in APICheck is a Docker image.

This means that the tools are a black box that can receive some information on their standard input and write the results to standard output or error output.

2) In addition, the return code can be used to stop the current chain.

🦑Who is the APICheck HTTP API DevSecOps Toolkit for?

3) APICheck focuses on more than just security testing and hacking scenarios, the goal of the project is to become a complete toolbox for DevSecOps loops.

The tools are designed for different user profiles:

Developers

System Administrators

Security Engineers and Penetration Testers

To enable interoperability between teams and tools, they all
share a common JSON data format.

In other words, APICheck commands output JSON documents and also accept them as input.

This allows you to customize your pipelines!

Using the APICheck HTTP API DevSecOps Toolset

After installation, you can start the package manager using the acp command.

https://github.com/OWASP/apicheck

$ acp

Usage : acp [ - h ] [ - w ] { list , info , install , version } . ... ...

APICheck Manager

positional arguments :

{ list , info , install , version }

available actions

list search in A

info show expanded tool info

install install an APICheck tool

version displays version


optional arguments :

- h , - help show this help message and exit

- w , - disable - warning

disable check of RC Shell File

You can download APICheck like this:
pip install apicheck-package-manager


@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is the difference between "5G" and "Wi-Fi 6" and how to use them properly?

1) "5G" (5th generation mobile communication system) and wireless LAN standard "Wi-Fi 6" (standards organization IEEE standard name is "IEEE 802.11ax") have a lot in common.

2) Not only is it a new standard for wireless networks that appeared at about the same time, but it is also the same in that it realizes high-speed data transmission at the gigabit level. With the advent of these two wireless network standards, studies are underway for applications that were unthinkable in the past.

3) In the near future, it is expected that the time for full-scale introduction of networks that adopt these standards will come. What we should consider now for that time is how to utilize these two wireless network standards. The features that realize high-speed data transmission are the same, but each has its own strengths and weaknesses.

4) In addition to using them properly according to the purpose, it may be an option to use the two together in some cases. This document, which is a collection of notable articles from TechTarget Japan, summarizes the differences between 5G and Wi-Fi 6 and introduces the points of utilization.

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Methode for protect yourself from iploggers ?

1) Hosts - a file stored in the system at

C: \ Windows \ System32 \ drivers \ etc
which contains a database of domain names and corresponding network addresses of nodes.

2) Before a query to DNS servers, data from this file is requested, i.e. it takes precedence and is solely controlled by you or your organization's administrators.

Using the hosts file, you can block access to specific sites, block ads by adding specific nodes, block Microsoft telemetry, etc.

3) To set the IP address of your computer, attackers can use IPlogger by sending you links, pictures, etc.

After clicking on this link, the attacker gets your IP.

4) To block iploggers, redirect their domain names to the network address 0.0.0.0 (this is a special non-routable address pointing to a non-existent host ) by specifying the following in the host file and saving:

# This is a sample HOSTS file used by Microsoft TCP / IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost

0.0.0.0 ezstat.ru
0.0.0.0 iplogger.org
0.0.0.0 2no.co
0.0.0.0 iplogger.com
0.0.0.0 iplogger.ru
0.0.0.0 yip.su
0.0.0.0 iplogger.co
0.0.0.0 iplogger.info
0.0.0.0 ipgrabber.ru
0.0.0.0 ipgraber.ru
0.0.0.0 iplis.ru
0.0.0.0 02ip.ru

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Some good New Proxies

https://pastebin.com/ArhDdP2q

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑ways to boot Windows 10 in Safe Mode :

A) Accessing Safe Mode from Windows 10 Settings
This is the most common method for accessing Safe Mode, where you can control the system and access settings.

Here's how to do it:

1) From the Start menu, go to Windows Settings and click Windows Security.

2) Then go to "Recovery"

3) Windows will restart and open Windows Recovery Environment (WinRE).
Here go to Troubleshoot> Advanced options> Startup options> Restart.

4) Your computer will restart and a page with a set of commands to choose from will open.

5) press the 4 key or the f4 key to start Safe Mode.

B) Using commands from the command line
If you only have command prompt access, you can run a command that will reboot your computer into Windows Recovery Environment, where you can access Safe Mode.

1) To access Command Prompt in Windows 10, press Windows Key + R to open the Run dialog and type cmd here to open Command Prompt.

2) enter the command:

> shutdown.exe /r /o

3) After a short delay, Windows will restart into Windows Recovery

C) You can also boot into Safe Mode from the login screen if you cannot login for some reason

All you have to do is press the power button in the lower right corner and then hold down the Shift key and press the restart button.

This will restart your computer and you will enter the Windows recovery environment.

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🌐 Bulletproof Hosting List (2020 Version)


vdsinside.com
vhoster.net
vinahost.vn
vinastar.net
vit.com.tr
vscale.io
vstoike.ru
webcare360.com
www.1984hosting.com
www.altushost.com
www.anonymoushosting.in
www.artmotion.eu
www.bacloud.com
www.bahnhof.net
www.cubexsweatherly.com
www.deltasystem.cl
www.dreamwebhosting.net
www.elvsoft.com
www.eserver.ru
www.flokinet.is
www.globatel.org
www.heberjahiz.com
www.host.al
www.hosthink.net
www.hostname.cl
www.hostoweb.com
www.ihc.ru
www.ihor.ru
www.infomaniak.ch
www.localhost.tn
www.m247.ro/en/
www.nine.ch
www.ninet.rs
www.nonamehosts.com
www.oblaci.rs
www.orangewebsite.com
www.pachosting.hk
www.voxility.com
www.vps.ag
www.vpsbg.eu
www.wavecom.ee
www.webhost.tn
www.webonic.hu
www.xenyohosting.com
www.xhostfire.com
www.yourserver.se
www.zgh.cl

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🐧 How to set up and manage log rotation using Logrotate on Linux :

A) Installing Logrotate on Linux
To install logrotate just use your package manager:

---------- On Debian and Ubuntu ----------
# aptitude update && aptitude install logrotate

---------- On CentOS, RHEL and Fedora ----------
# yum update && yum install logrotate

B) It is worth noting that the configuration file (/etc/logrotate.conf) may indicate that other, more specific settings may be placed in separate .conf files inside /etc/logrotate.d.
This will be the case if and only if the following line exists and is not commented out:

include /etc/logrotate.d

C) We will stick to this approach as it will help us keep things tidy and will use the Debian box for the following examples.
Configuring Logrotate on Linux

D) As a very versatile tool, logrotate provides many directives to help us customize when and how the logs will be rotated, and what should happen immediately afterwards.

E) Let's paste the following content into /etc/logrotate.d/apache2.conf (note that you will most likely need to create this file) and examine each line.

/ var / log / apache2 / * {
weekly
rotate 3
size 10M
compress
delaycompress
}

F) The first line indicates that the directives inside the block apply to all logs inside / var / log / apache2:
weekly means the tool will try to update the logs on a weekly basis. Other possible values ​​are daily and monthly.
rotate 3 indicates that only 3 rotations should be left. Thus, the oldest file will be deleted on the fourth subsequent run.
size = 10M sets the minimum size for rotation to 10M. In other words, each log will not rotate until it reaches 10MB.
compress and delaycompress are used to specify that all but the most recent logs being processed should be compressed.
Let's do a dry run to see what logrotate would do if it were actually executed now.
Use the -d option followed by the config file (you can run logrotate by omitting this option):

# logrotate -d /etc/logrotate.d/apache2.conf
Instead of compressing the logs, we could rename them according to the date they were rewritten.

To do this, we'll use the dateext directive.


@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁