Forwarded from UNDERCODE NEWS
Samsung leads Apple, but is it tougher to make money for mobile makers or are they being lazy?
#Technologies
#Technologies
β β β Uππ»βΊπ«Δπ¬πβ β β β
A GOOD HACKING COLLECTION :
>>go-tools(https://github.com/dominikh/go-tools) - A collection of tools and libraries for working with Go code, including linters and static analysis
- >>Clean code linters(https://github.com/collections/clean-code-linters) - A collection of linters in github collections
- >>Code Quality Checker Tools For PHP Projects(https://github.com/collections/code-quality-in-php) - A collection of PHP linters in github collections
- >>linters(https://github.com/mcandre/linters) - An introduction to static code analysis
- >>php-static-analysis-tools(https://github.com/exakat/php-static-analysis-tools) - A reviewed list of useful PHP static analysis tools
- >>Tools for C/C++(https://www.peerlyst.com/posts/a-list-of-static-analysis-tools-for-c-c-peerlyst?utm_source=twitter&utm_medium=social&utm_content=peerlyst
_post&utm_campaign=peerlyst_resources) - A list of static analysis tools for C/C++
- >>Wikipedia(http://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis) - A list of tools for static code analysis.
β β β Uππ»βΊπ«Δπ¬πβ β β β
A GOOD HACKING COLLECTION :
>>go-tools(https://github.com/dominikh/go-tools) - A collection of tools and libraries for working with Go code, including linters and static analysis
- >>Clean code linters(https://github.com/collections/clean-code-linters) - A collection of linters in github collections
- >>Code Quality Checker Tools For PHP Projects(https://github.com/collections/code-quality-in-php) - A collection of PHP linters in github collections
- >>linters(https://github.com/mcandre/linters) - An introduction to static code analysis
- >>php-static-analysis-tools(https://github.com/exakat/php-static-analysis-tools) - A reviewed list of useful PHP static analysis tools
- >>Tools for C/C++(https://www.peerlyst.com/posts/a-list-of-static-analysis-tools-for-c-c-peerlyst?utm_source=twitter&utm_medium=social&utm_content=peerlyst
_post&utm_campaign=peerlyst_resources) - A list of static analysis tools for C/C++
- >>Wikipedia(http://en.wikipedia.org/wiki/List_of_tools_for_static_code_analysis) - A list of tools for static code analysis.
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - dominikh/go-tools: Staticcheck - The advanced Go linter
Staticcheck - The advanced Go linter. Contribute to dominikh/go-tools development by creating an account on GitHub.
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
28 hours of battery life IPX7 waterproof quality revealed to Samsung Galaxy Buds Pro specs.
#Technologies
#Technologies
Forwarded from UNDERCODE NEWS
To contend directly with Google and Microsoft, Zoom will launch email services and calendar applications.
#Updates
#Updates
β β β Uππ»βΊπ«Δπ¬πβ β β β
dos_ssh Hacking Guide :
Use BIOS ram hacks to make a SSH server out of any INT 10 13h app (MS-DOS is one of those)
1) Get a DOS compatible floppy disk image (e.g. from here: http://www.allbootdisks.com/download/dos.html)
2) Install golang and qemu, e.g. sudo apt-get install qemu golang
3) Compile dos_ssh: go get;
4) go build
5) Start qemu with this image: qemu-system-i386 -fda Dos6.22.img
6) -boot a -vnc :0 -s
7) Run dos_ssh: ./dos_ssh
8) Connect to ssh server: ssh localhost -p 2222
β β β Uππ»βΊπ«Δπ¬πβ β β β
dos_ssh Hacking Guide :
Use BIOS ram hacks to make a SSH server out of any INT 10 13h app (MS-DOS is one of those)
1) Get a DOS compatible floppy disk image (e.g. from here: http://www.allbootdisks.com/download/dos.html)
2) Install golang and qemu, e.g. sudo apt-get install qemu golang
3) Compile dos_ssh: go get;
4) go build
5) Start qemu with this image: qemu-system-i386 -fda Dos6.22.img
6) -boot a -vnc :0 -s
7) Run dos_ssh: ./dos_ssh
8) Connect to ssh server: ssh localhost -p 2222
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
The head of Voentelecom is charged with fraud and extortion. This is the third consecutive director under a criminal case.
#International
#International
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
COding courses/empire :
- >>Code Intelligence(https://www.code-intelligence.com) :copyright: - CI/CD-agnostic DevSecOps platform which combines industry-leading fuzzing engines for finding bugs and visualizing code coverage
- >>Codeac(https://www.codeac.io/?ref=awesome-static-analysis) :copyright: - Automated code review tool integrates with GitHub, Bitbucket and GitLab (even self-hosted). Available for JavaScript, TypeScript, Python, Ruby, Go, PHP, Java, Docker, and more. (open-source free)
- >>codeburner(http://groupon.github.io/codeburner) - Provides a unified interface to sort and act on the issues it finds.
- >>codechecker(https://codechecker.readthedocs.io/en/latest) - A defect database and viewer extension for the Clang Static Analyzer with web GUI.
- >>CodeFactor(https://codefactor.io) :copyright: - Automated Code Analysis for repos on GitHub or BitBucket.
- >>CodeFlow(https://www.getcodeflow.com) :copyright: - Automated code analysis tool to deal with technical depth. Integrates with Bitbucket and Gitlab. (free for Open Source Projects)
- >>CodeIt.Right(https://submain.com/products/codeit.right.aspx) :copyright: - CodeIt.Right™ provides a fast, automated way to ensure that your source code adheres to (your) predefined design and style guidelines as well as best coding practices.
- >>CodePatrol(https://cyber-security.claranet.fr/en/codepatrol) :copyright: - Automated SAST code reviews driven by security, supports 15+ languages and includes security training.
- >>codeql(https://github.com/github/codeql) - Deep code analysis
- semantic queries and dataflow for several languages with VSCode plugin support.
- >>CodeRush(https://www.devexpress.com/products/coderush) :copyright: - Code creation, debugging, navigation, refactoring, analysis and visualization tools that use the Roslyn engine in Visual Studio 2015 and up.
- >>CodeScan(https://www.codescan.io/) :copyright: - Code Quality and Security for Salesforce Developers. Made exclusively for the Salesforce platform, CodeScanβs code analysis solutions provide you with total visibility into your code health.
β β β Uππ»βΊπ«Δπ¬πβ β β β
COding courses/empire :
- >>Code Intelligence(https://www.code-intelligence.com) :copyright: - CI/CD-agnostic DevSecOps platform which combines industry-leading fuzzing engines for finding bugs and visualizing code coverage
- >>Codeac(https://www.codeac.io/?ref=awesome-static-analysis) :copyright: - Automated code review tool integrates with GitHub, Bitbucket and GitLab (even self-hosted). Available for JavaScript, TypeScript, Python, Ruby, Go, PHP, Java, Docker, and more. (open-source free)
- >>codeburner(http://groupon.github.io/codeburner) - Provides a unified interface to sort and act on the issues it finds.
- >>codechecker(https://codechecker.readthedocs.io/en/latest) - A defect database and viewer extension for the Clang Static Analyzer with web GUI.
- >>CodeFactor(https://codefactor.io) :copyright: - Automated Code Analysis for repos on GitHub or BitBucket.
- >>CodeFlow(https://www.getcodeflow.com) :copyright: - Automated code analysis tool to deal with technical depth. Integrates with Bitbucket and Gitlab. (free for Open Source Projects)
- >>CodeIt.Right(https://submain.com/products/codeit.right.aspx) :copyright: - CodeIt.Right™ provides a fast, automated way to ensure that your source code adheres to (your) predefined design and style guidelines as well as best coding practices.
- >>CodePatrol(https://cyber-security.claranet.fr/en/codepatrol) :copyright: - Automated SAST code reviews driven by security, supports 15+ languages and includes security training.
- >>codeql(https://github.com/github/codeql) - Deep code analysis
- semantic queries and dataflow for several languages with VSCode plugin support.
- >>CodeRush(https://www.devexpress.com/products/coderush) :copyright: - Code creation, debugging, navigation, refactoring, analysis and visualization tools that use the Roslyn engine in Visual Studio 2015 and up.
- >>CodeScan(https://www.codescan.io/) :copyright: - Code Quality and Security for Salesforce Developers. Made exclusively for the Salesforce platform, CodeScanβs code analysis solutions provide you with total visibility into your code health.
β β β Uππ»βΊπ«Δπ¬πβ β β β
Code-Intelligence
AI-Automated Software Security Testing | Code Intelligence
Find bugs and vulnerabilities missed by other security tools with a single command
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
Web browser "Smooz" ends service, burns due to suspicion of external transmission of browsing information.
#Updates
#Updates
β β β Uππ»βΊπ«Δπ¬πβ β β β
Identify IoT devices/Discovery phase GUIDE
1) Use WebRTC to obtain a local IP address.
Send requests to all IP addresses in the IP range through port 81. Since port 81 is usually not occupied, the active device will immediately respond to a TCP RST packet. For inactive devices in the IP range, the request packet will time out.
2) Each active IP address received the initial request collected using HTML5 for 35 GET endpoints. Based on the returned error message information, the attack script will identify whether the IP address matches any of the seven devices.
3) The research project uses three different operating systems (Windows 10, MacOS and Ubuntu) and four different browsers (Chrome, Firefox, Safari, MicrosoftEdge). However, only two browsers, Chrome and Firefox, are suitable for this study. Therefore, Safari and Edge browsers are not used, because according to (Web-based attacks on the discovery and control of local IoT devices):
> On Safari, all FETCH requests timed out, causing the attack script to identify all IP addresses as inactive. On the Edge browser, the script can use the FETCH request to correctly identify the active IP address, but Edge did not disclose the detailed HTML5 error message, so the attack script could not identify any devices on Edge.
Identify IoT devices/Discovery phase GUIDE
1) Use WebRTC to obtain a local IP address.
Send requests to all IP addresses in the IP range through port 81. Since port 81 is usually not occupied, the active device will immediately respond to a TCP RST packet. For inactive devices in the IP range, the request packet will time out.
2) Each active IP address received the initial request collected using HTML5 for 35 GET endpoints. Based on the returned error message information, the attack script will identify whether the IP address matches any of the seven devices.
3) The research project uses three different operating systems (Windows 10, MacOS and Ubuntu) and four different browsers (Chrome, Firefox, Safari, MicrosoftEdge). However, only two browsers, Chrome and Firefox, are suitable for this study. Therefore, Safari and Edge browsers are not used, because according to (Web-based attacks on the discovery and control of local IoT devices):
> On Safari, all FETCH requests timed out, causing the attack script to identify all IP addresses as inactive. On the Edge browser, the script can use the FETCH request to correctly identify the active IP address, but Edge did not disclose the detailed HTML5 error message, so the attack script could not identify any devices on Edge.
(don't clone our tips:()β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
