Forwarded from UNDERCODE NEWS
As of September next year the British telecom firm forbids the installation of new Huawei 5G products.
#international
#international
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/StevenBlack/hosts.git
2) Option 1: Generate in a Docker container
We provide a Dockerfile that you can use to create a Docker container with everything you need. The container will contain Python 3 and all its dependency requirements, and a copy of the latest version of this repository.
Build the Docker container like this:
3) docker build ./
Access the terminal like this:
docker run -it (containerid) bash
4) Option 2: Generate it in your own environment.
To generate your own amalgamated hosts files you will need Python 3.5 or later.
First, install the dependencies with:
pip3 install --user -r requirements.txt
5) Common steps regardless of your development environment.
To run unit tests, in the top-level directory, run:
python3 testUpdateHostsFile.py
The updateHostsFile.py script will generate a unified hosts file based on the sources in the local data/ subfolder. The script will prompt you whether it should fetch updated versions (from locations defined by the update.json text file in each source's folder). Otherwise, it will use the hosts file that's already there.
python3 updateHostsFile.py [--auto] [--replace] [--ip nnn.nnn.nnn.nnn] [--extensions ext1 ext2 ext3]
Command line options:
--help, or -h: display help.
--auto, or -a: run the script without prompting. When --auto is invoked,
Hosts data sources, including extensions, are updated.
No extensions are included by default. Use the --extensions or -e flag to include any you want.
Your active hosts file is not replaced unless you include the --replace flag.
--backup, or -b: Make a backup of existing hosts file(s) as you generate over them.
--extensions <ext1> <ext2> <ext3>, or -e <ext1> <ext2> <ext3>: the names of subfolders below the extensions folder containing additional category-specific hosts files to include in the amalgamation. Example: --extensions porn or -e social porn.
--flush-dns-cache, or -f: skip the prompt for flushing the DNS cache. Only active when --replace is also active.
--ip nnn.nnn.nnn.nnn, or -i nnn.nnn.nnn.nnn: the IP address to use as the target. Default is 0.0.0.0.
--keepdomaincomments, or -k: true (default) or false, keep the comments that appear on the same line as domains. The default is true.
--noupdate, or -n: skip fetching updates from hosts data sources.
--output <subfolder>, or -o <subfolder>: place the generated source file in a subfolder. If the subfolder does not exist, it will be created.
--replace, or -r: trigger replacing your active hosts
--skipstatichosts, or -s: false (default) or true, omit the standard section at the top, containing lines like 127.0.0.1 localhost. This is useful for configuring proximate DNS services on the local network.
--nogendata, or -g: false (default) or true, skip the generation of the readmeData.json file used for generating readme.md files. This is useful if you are generating host files with additional whitelists or blacklists and want to keep your local checkout of this repo unmodified.
--compress, or -c: false (default) or true, Compress the hosts file ignoring non-necessary lines (empty lines and comments) and putting multiple domains in each line. Reducing the number of lines of the hosts file improves the performances under Windows (with DNS Client service enabled).
--minimise, or -m: false (default) or true, like --compress, but puts each domain on a separate line. This is necessary because many implementations of URL blockers that rely on hosts files do not conform to the standard which allows multiple hosts on a single line.
--blacklist <blacklistfile>, or -x <blacklistfile>: Append the given blacklist file in hosts format to the generated hosts file.
--whitelist <whitelistfile>, or -w <whitelistfile>: Use the given whitelist file to remove hosts from the generated hosts file.
π¦Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/StevenBlack/hosts.git
2) Option 1: Generate in a Docker container
We provide a Dockerfile that you can use to create a Docker container with everything you need. The container will contain Python 3 and all its dependency requirements, and a copy of the latest version of this repository.
Build the Docker container like this:
3) docker build ./
Access the terminal like this:
docker run -it (containerid) bash
4) Option 2: Generate it in your own environment.
To generate your own amalgamated hosts files you will need Python 3.5 or later.
First, install the dependencies with:
pip3 install --user -r requirements.txt
5) Common steps regardless of your development environment.
To run unit tests, in the top-level directory, run:
python3 testUpdateHostsFile.py
The updateHostsFile.py script will generate a unified hosts file based on the sources in the local data/ subfolder. The script will prompt you whether it should fetch updated versions (from locations defined by the update.json text file in each source's folder). Otherwise, it will use the hosts file that's already there.
python3 updateHostsFile.py [--auto] [--replace] [--ip nnn.nnn.nnn.nnn] [--extensions ext1 ext2 ext3]
Command line options:
--help, or -h: display help.
--auto, or -a: run the script without prompting. When --auto is invoked,
Hosts data sources, including extensions, are updated.
No extensions are included by default. Use the --extensions or -e flag to include any you want.
Your active hosts file is not replaced unless you include the --replace flag.
--backup, or -b: Make a backup of existing hosts file(s) as you generate over them.
--extensions <ext1> <ext2> <ext3>, or -e <ext1> <ext2> <ext3>: the names of subfolders below the extensions folder containing additional category-specific hosts files to include in the amalgamation. Example: --extensions porn or -e social porn.
--flush-dns-cache, or -f: skip the prompt for flushing the DNS cache. Only active when --replace is also active.
--ip nnn.nnn.nnn.nnn, or -i nnn.nnn.nnn.nnn: the IP address to use as the target. Default is 0.0.0.0.
--keepdomaincomments, or -k: true (default) or false, keep the comments that appear on the same line as domains. The default is true.
--noupdate, or -n: skip fetching updates from hosts data sources.
--output <subfolder>, or -o <subfolder>: place the generated source file in a subfolder. If the subfolder does not exist, it will be created.
--replace, or -r: trigger replacing your active hosts
--skipstatichosts, or -s: false (default) or true, omit the standard section at the top, containing lines like 127.0.0.1 localhost. This is useful for configuring proximate DNS services on the local network.
--nogendata, or -g: false (default) or true, skip the generation of the readmeData.json file used for generating readme.md files. This is useful if you are generating host files with additional whitelists or blacklists and want to keep your local checkout of this repo unmodified.
--compress, or -c: false (default) or true, Compress the hosts file ignoring non-necessary lines (empty lines and comments) and putting multiple domains in each line. Reducing the number of lines of the hosts file improves the performances under Windows (with DNS Client service enabled).
--minimise, or -m: false (default) or true, like --compress, but puts each domain on a separate line. This is necessary because many implementations of URL blockers that rely on hosts files do not conform to the standard which allows multiple hosts on a single line.
--blacklist <blacklistfile>, or -x <blacklistfile>: Append the given blacklist file in hosts format to the generated hosts file.
--whitelist <whitelistfile>, or -w <whitelistfile>: Use the given whitelist file to remove hosts from the generated hosts file.
GitHub
GitHub - StevenBlack/hosts: π Consolidating and extending hosts files from several well-curated sources. Optionally pick extensionsβ¦
π Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories. - StevenBlack/hosts
Using NixOS:
To install hosts file on your machine add the following into your configuration.nix:
{
networking.extraHosts = let
hostsPath = https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts;
hostsFile = builtins.fetchurl hostsPath;
in builtins.readFile "${hostsFile}";
}
NOTE: Change hostsPath if you need other versions of hosts file.
β β β Uππ»βΊπ«Δπ¬πβ β β β
To install hosts file on your machine add the following into your configuration.nix:
{
networking.extraHosts = let
hostsPath = https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts;
hostsFile = builtins.fetchurl hostsPath;
in builtins.readFile "${hostsFile}";
}
NOTE: Change hostsPath if you need other versions of hosts file.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
The Italian antitrust regulator has awarded Apple a fine of EUR 10 million because the iPhone is not protected by water.
#international
#international
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Web hacking attacks:
Database Injection
Broken Authentication
Sensitive Data Exposure
XML External Entities (XEE)
Broken Access Control
Security Misconfiguration
Cross-site Scripting (XSS)
Insecure Deserialization
Using Components with Known Vulnerabilities
Insufficient Logging and Monitoring
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Web hacking attacks:
Database Injection
Broken Authentication
Sensitive Data Exposure
XML External Entities (XEE)
Broken Access Control
Security Misconfiguration
Cross-site Scripting (XSS)
Insecure Deserialization
Using Components with Known Vulnerabilities
Insufficient Logging and Monitoring
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Virus infection diagnosis:
1. Press Ctrl+Shift+Delete (press these three keys at the same time), bring up the windows task manager to view the processes running on the system, find out the unfamiliar processes and write down their names (this requires experience), if these If the process is a virus, it can be cleaned up later. Don't end these processes for now, because some viruses or illegal processes may not end here. Click Performance to view the current status of the CPU and memory. If the CPU utilization is close to 100% or the memory occupancy value remains high, the possibility of computer poisoning is 95%.
γγ
2. Check the service items currently started in Windows, and open the "Services" in the "Management Tools" of the "Control Panel". Look at the line in the right column where the status is "Startup" and the startup category is "Auto"; generally speaking, normal windows services basically have descriptions (except for a few faked by hackers or worms), double-click at this time Open the service item that is considered to be problematic and view the path and name of the executable file in its properties. If the name and path are C:/winnt/system32/explored.exe, the computer is recruited. There is a situation that the "Control Panel" cannot be opened or all the icons in it run to the left, there is a vertical scroll bar in the middle, and the right is blank. Double-click to add/remove programs or management tools, the window is empty. This is the characteristic of the virus file winhlpp32.exe.
γγ
3. Run the registry editor, the command is regedit or regedt32, check which programs are started together with windows. Mainly look at Hkey_Local_Machine/Software/MicroSoft/Windows/CurrentVersion/Run and the following RunOnce, etc., check the item value on the right side of the form to see if there is an illegal startup item. WindowsXp running msconfig also plays the same role. With the accumulation of experience, you can easily determine the startup items of the virus.
γγ
4. Use a browser to go online to judge. The previous Gaobot virus can go to yahoo.com, sony.com and other websites, but you cannot visit the websites of famous security vendors such as www.symantec.com, www.ca.com, and you canβt access the Internet after installing the antivirus software of symantecNorton2004. upgrade.
γγ
5. Unhide attributes and check the system folder winnt(windows)/system32. If the folder is empty after opening, it means that the computer has been poisoned; after opening system32, you can sort the icons by type to see if there are any executable files of popular viruses. . By the way, check the folders Tasks, wins, drivers. The current virus executable files are hidden here; the file hosts under drivers/etc is the object that viruses like to tamper with. It was originally only about 700 bytes, and it became after tampering. Above 1Kb, this is the reason why the general website can be accessed but the website of the security vendor cannot be accessed, and the famous anti-virus software cannot be upgraded.
γγ
6. The anti-virus software determines whether it is poisoned. If it is poisoned, the anti-virus software will be automatically terminated by the virus program and the manual upgrade will fail.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Virus infection diagnosis:
1. Press Ctrl+Shift+Delete (press these three keys at the same time), bring up the windows task manager to view the processes running on the system, find out the unfamiliar processes and write down their names (this requires experience), if these If the process is a virus, it can be cleaned up later. Don't end these processes for now, because some viruses or illegal processes may not end here. Click Performance to view the current status of the CPU and memory. If the CPU utilization is close to 100% or the memory occupancy value remains high, the possibility of computer poisoning is 95%.
γγ
2. Check the service items currently started in Windows, and open the "Services" in the "Management Tools" of the "Control Panel". Look at the line in the right column where the status is "Startup" and the startup category is "Auto"; generally speaking, normal windows services basically have descriptions (except for a few faked by hackers or worms), double-click at this time Open the service item that is considered to be problematic and view the path and name of the executable file in its properties. If the name and path are C:/winnt/system32/explored.exe, the computer is recruited. There is a situation that the "Control Panel" cannot be opened or all the icons in it run to the left, there is a vertical scroll bar in the middle, and the right is blank. Double-click to add/remove programs or management tools, the window is empty. This is the characteristic of the virus file winhlpp32.exe.
γγ
3. Run the registry editor, the command is regedit or regedt32, check which programs are started together with windows. Mainly look at Hkey_Local_Machine/Software/MicroSoft/Windows/CurrentVersion/Run and the following RunOnce, etc., check the item value on the right side of the form to see if there is an illegal startup item. WindowsXp running msconfig also plays the same role. With the accumulation of experience, you can easily determine the startup items of the virus.
γγ
4. Use a browser to go online to judge. The previous Gaobot virus can go to yahoo.com, sony.com and other websites, but you cannot visit the websites of famous security vendors such as www.symantec.com, www.ca.com, and you canβt access the Internet after installing the antivirus software of symantecNorton2004. upgrade.
γγ
5. Unhide attributes and check the system folder winnt(windows)/system32. If the folder is empty after opening, it means that the computer has been poisoned; after opening system32, you can sort the icons by type to see if there are any executable files of popular viruses. . By the way, check the folders Tasks, wins, drivers. The current virus executable files are hidden here; the file hosts under drivers/etc is the object that viruses like to tamper with. It was originally only about 700 bytes, and it became after tampering. Above 1Kb, this is the reason why the general website can be accessed but the website of the security vendor cannot be accessed, and the famous anti-virus software cannot be upgraded.
γγ
6. The anti-virus software determines whether it is poisoned. If it is poisoned, the anti-virus software will be automatically terminated by the virus program and the manual upgrade will fail.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
It is a hack tool kit for pentest and web security research, which is based on BeautifulSoup bs4 module http://www.crummy.com/software/BeautifulSoup/bs4/.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) clone https://github.com/brianwrf/hackUtils
2) cd hackUtils
3) hackUtils.py [options]
to use:
hackUtils.py -b inurl:www.example.com
hackUtils.py -g inurl:www.example.com
hackUtils.py -i 1099.java-rmi
hackUtils.py -u 1099.java-rmi
hackUtils.py -w .php?id=
hackUtils.py -j http://www.joomla.com/
hackUtils.py -j urls.txt
hackUtils.py -r http://www.joomla.com/
hackUtils.py -r urls.txt
hackUtils.py -f http://www.feifeicms.com/
hackUtils.py -f urls.txt
hackUtils.py -k 10.10.10.10
hackUtils.py -k 10.10.10.10::dir
hackUtils.py -k ips.txt
hackUtils.py -k ips.txt::"touch /tmp/jenkins"
hackUtils.py -o http://www.shiro.com/::"touch /tmp/shiro"
hackUtils.py -o urls.txt::"touch /tmp/shiro"
hackUtils.py -s http://www.struts2.com/index.action
hackUtils.py -s urls.txt
hackUtils.py -d example.com
hackUtils.py -e text
β β β Uππ»βΊπ«Δπ¬πβ β β β
It is a hack tool kit for pentest and web security research, which is based on BeautifulSoup bs4 module http://www.crummy.com/software/BeautifulSoup/bs4/.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) clone https://github.com/brianwrf/hackUtils
2) cd hackUtils
3) hackUtils.py [options]
to use:
hackUtils.py -b inurl:www.example.com
hackUtils.py -g inurl:www.example.com
hackUtils.py -i 1099.java-rmi
hackUtils.py -u 1099.java-rmi
hackUtils.py -w .php?id=
hackUtils.py -j http://www.joomla.com/
hackUtils.py -j urls.txt
hackUtils.py -r http://www.joomla.com/
hackUtils.py -r urls.txt
hackUtils.py -f http://www.feifeicms.com/
hackUtils.py -f urls.txt
hackUtils.py -k 10.10.10.10
hackUtils.py -k 10.10.10.10::dir
hackUtils.py -k ips.txt
hackUtils.py -k ips.txt::"touch /tmp/jenkins"
hackUtils.py -o http://www.shiro.com/::"touch /tmp/shiro"
hackUtils.py -o urls.txt::"touch /tmp/shiro"
hackUtils.py -s http://www.struts2.com/index.action
hackUtils.py -s urls.txt
hackUtils.py -d example.com
hackUtils.py -e text
β β β Uππ»βΊπ«Δπ¬πβ β β β
Crummy
Beautiful Soup: We called him Tortoise because he taught us.
Beautiful Soup: a library designed for screen-scraping HTML and XML.
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Europe threatens Russian Internet companies. Yandex, Mail.ru, Aviasales, Ozon are under attacK.
#international
#international
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HTML-Email-Hacks
A series of HTML hacks for all those lovely Email clients out there.
This repo is a place to put all of the HTML Email hacks we all depend on so much to get our campaigns looking and feeling sweet and spiffy.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
GET https://github.com/FunWithEmail/HTML-Email-Hacks
Click To Tap:
Change button text responsively
@media screen and (max-width:600px) {
span[class=click] { display: none !important; max-height: 0 !important; }
span[class=tap]:after { content:"Tap"; }
}
<a href="#"><span class="tap"><span class="click">Click</span></span> here</a>
-courtesy of Nicole Merlin
Kill Gmail App Zooming:
Stop Gmail app from zooming text
style="min-width:600px;"
-courtesy of Chris Wise
Target Webkit Clients:
Webkit support is best support
@ media screen and (-webkit-min-device-pixel-ratio:0) { }
-courtesy of Kevin Mandeville
Margins and Float in Outlook:
Use a capital βMβ or βFβ
style="Margin: 20px; Float: left"
-courtesy of Nicole Merlin
Interactive Email in Gmail:
No Class or ID selector support
Use lang as selector with "x-" prefix
* [lang~="x-selector"] { }
<div lang="x-selector"></div>
-courtesy of Justin at FreshInbox
Interactive Email conβt - Hover!:
Hover effect works on these clients:
Gmail:
* [lang~="x-selector"]:hover { }
Outlook Web:
.class:hover
Yahoo! Web:
.class:hover
-courtesy of Justin at FreshInbox
More usage go to https://github.com/FunWithEmail/HTML-Email-Hacks
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HTML-Email-Hacks
A series of HTML hacks for all those lovely Email clients out there.
This repo is a place to put all of the HTML Email hacks we all depend on so much to get our campaigns looking and feeling sweet and spiffy.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
GET https://github.com/FunWithEmail/HTML-Email-Hacks
Click To Tap:
Change button text responsively
@media screen and (max-width:600px) {
span[class=click] { display: none !important; max-height: 0 !important; }
span[class=tap]:after { content:"Tap"; }
}
<a href="#"><span class="tap"><span class="click">Click</span></span> here</a>
-courtesy of Nicole Merlin
Kill Gmail App Zooming:
Stop Gmail app from zooming text
style="min-width:600px;"
-courtesy of Chris Wise
Target Webkit Clients:
Webkit support is best support
@ media screen and (-webkit-min-device-pixel-ratio:0) { }
-courtesy of Kevin Mandeville
Margins and Float in Outlook:
Use a capital βMβ or βFβ
style="Margin: 20px; Float: left"
-courtesy of Nicole Merlin
Interactive Email in Gmail:
No Class or ID selector support
Use lang as selector with "x-" prefix
* [lang~="x-selector"] { }
<div lang="x-selector"></div>
-courtesy of Justin at FreshInbox
Interactive Email conβt - Hover!:
Hover effect works on these clients:
Gmail:
* [lang~="x-selector"]:hover { }
Outlook Web:
.class:hover
Yahoo! Web:
.class:hover
-courtesy of Justin at FreshInbox
More usage go to https://github.com/FunWithEmail/HTML-Email-Hacks
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - FunWithEmail/HTML-Email-Hacks: A series of HTML hacks for all those lovely Email clients out there
A series of HTML hacks for all those lovely Email clients out there - FunWithEmail/HTML-Email-Hacks