Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦MacOS Apps Hacks :
This hack doesn't work on systems with SIP (System Integrity Protection) enabled, and it's enabled by default since El Capitan. It can be easily disabled from Recovery Mode but it's another layer of security which is always good to have so disabling it permanently is not the wisest idea. I'll implement some solution to bypass this restriction when I have time.
Β» Things 3 Trial :
Bear bear-pro
Sketch sketch-trial
VPN Master vpn-master-vip
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
open term and type :
1) git clone https://github.com/gebeto/macos-hacks
2) cd macos-hacks
3) cd <APPLICATION>
4) make
5) You can use run.sh, it's a wrapper script that sets necessary environment variables to insert the lib and launches Applications (it assumes that installed to /Applications, edit the script if it differs for you).
enjoy :)
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦MacOS Apps Hacks :
This hack doesn't work on systems with SIP (System Integrity Protection) enabled, and it's enabled by default since El Capitan. It can be easily disabled from Recovery Mode but it's another layer of security which is always good to have so disabling it permanently is not the wisest idea. I'll implement some solution to bypass this restriction when I have time.
Β» Things 3 Trial :
Bear bear-pro
Sketch sketch-trial
VPN Master vpn-master-vip
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
open term and type :
1) git clone https://github.com/gebeto/macos-hacks
2) cd macos-hacks
3) cd <APPLICATION>
4) make
5) You can use run.sh, it's a wrapper script that sets necessary environment variables to insert the lib and launches Applications (it assumes that installed to /Applications, edit the script if it differs for you).
enjoy :)
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - gebeto/macos-hacks: MacOS Apps Hacks
MacOS Apps Hacks. Contribute to gebeto/macos-hacks development by creating an account on GitHub.
Forwarded from UNDERCODE NEWS
Foreign media: A separate promotional deal was signed by Google & Facebook, suspected of unfair price theft.
#International
#International
Forwarded from UNDERCODE NEWS
Hedge funds show that Intel is considering a strategic sale, with the share price of the latter increasing by 5%
#International
#International
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦wIFI HACK ALL IN ONE FOR TERMUX :
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
$ git clone https://github.com/mkdirlove/WI-TOOLKIT
$ cd WI-TOOLKIT
$ chmod +x *
$ ./install.sh
$ sudo python wi-toolkit.py
or
$ sudo python2 wi-toolkit.py
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦wIFI HACK ALL IN ONE FOR TERMUX :
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
$ git clone https://github.com/mkdirlove/WI-TOOLKIT
$ cd WI-TOOLKIT
$ chmod +x *
$ ./install.sh
$ sudo python wi-toolkit.py
or
$ sudo python2 wi-toolkit.py
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - mkdirlove/WI-TOOLKIT: Hack WiFi in Termux ( ROOTED DEVICES ONLY)
Hack WiFi in Termux ( ROOTED DEVICES ONLY). Contribute to mkdirlove/WI-TOOLKIT development by creating an account on GitHub.
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
After causing an 18-year-old Russian man to freeze to death, Google Maps announces improvements to navigation routes.
#Updates
#Updates
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A free real collection of Burpsuite Intruder payloads
> BurpBounty payloads, fuzz list
> malicious file uploads
> web pentesting methodologies and checklists.
Spiders, Robots and Crawlers IG-001
Search Engine Discovery/Reconnaissance IG-002
Identify application entry points IG-003
Testing for Web Application Fingerprint IG-004
Application Discovery IG-005
Analysis of Error Codes IG-006
SSL/TLS Testing (SSL Version, Algorithms, Key length, Digital Cert. Validity) - SSL Weakness CMβ001
DB Listener Testing - DB Listener weak CMβ002
Infrastructure Configuration Management Testing - Infrastructure Configuration management weakness CMβ003
Application Configuration Management Testing - Application Configuration management weakness CMβ004
Testing for File Extensions Handling - File extensions handling CMβ005
Old, backup and unreferenced files - Old, backup and unreferenced files CMβ006
Infrastructure and Application Admin Interfaces - Access to Admin interfaces CMβ007
Testing for HTTP Methods and XST - HTTP Methods enabled, XST permitted, HTTP Verb CMβ008
Credentials transport over an encrypted channel - Credentials transport over an encrypted channel AT-001
Testing for user enumeration - User enumeration AT-002
Testing for Guessable (Dictionary) User Account - Guessable user account AT-003
Brute Force Testing - Credentials Brute forcing AT-004
Testing for bypassing authentication schema - Bypassing authentication schema AT-005
Testing for vulnerable remember password and pwd reset - Vulnerable remember password, weak pwd reset AT-006
Testing for Logout and Browser Cache Management - - Logout function not properly implemented, browser cache weakness AT-007
Testing for CAPTCHA - Weak Captcha implementation AT-008
Testing Multiple Factors Authentication - Weak Multiple Factors Authentication AT-009
Testing for Race Conditions - Race Conditions vulnerability AT-010
Testing for Session Management Schema - Bypassing Session Management Schema, Weak Session Token SM-001
Testing for Cookies attributes - Cookies are set not βHTTP Onlyβ, βSecureβ, and no time validity SM-002
Testing for Session Fixation - Session Fixation SM-003
Testing for Exposed Session Variables - Exposed sensitive session variables SM-004
Testing for CSRF - CSRF SM-005
Testing for Path Traversal - Path Traversal AZ-001
Testing for bypassing authorization schema - Bypassing authorization schema AZ-002
Testing for Privilege Escalation - Privilege Escalation AZ-003
Testing for Business Logic - Bypassable business logic BL-001
Testing for Reflected Cross Site Scripting - Reflected XSS DV-001
Testing for Stored Cross Site Scripting - Stored XSS DV-002
Testing for DOM based Cross Site Scripting - DOM XSS DV-003
Testing for Cross Site Flashing - Cross Site Flashing DV-004
SQL Injection - SQL Injection DV-005
LDAP Injection - LDAP Injection DV-006
ORM Injection - ORM Injection DV-007
XML Injection - XML Injection DV-008
SSI Injection - SSI Injection DV-009
XPath Injection - XPath Injection DV-010
IMAP/SMTP Injection - IMAP/SMTP Injection DV-011
Code Injection - Code Injection DV-012
OS Commanding - OS Commanding DV-013
Buffer overflow - Buffer overflow DV-014
Incubated vulnerability - Incubated vulnerability DV-015
Testing for HTTP Splitting/Smuggling - HTTP Splitting, Smuggling DV-016
Testing for SQL Wildcard Attacks - SQL Wildcard vulnerability DS-001
Locking Customer Accounts - Locking Customer Accounts DS-002
Testing for DoS Buffer Overflows - Buffer Overflows DS-003
User Specified Object Allocation - User Specified Object Allocation DS-004
User Input as a Loop Counter - User Input as a Loop Counter DS-005
Writing User Provided Data to Disk - Writing User Provided Data to Disk DS-006
Failure to Release Resources - Failure to Release Resources DS-007
Storing too Much Data in Session - Storing too Much Data in Session DS-008
WS Information Gathering - N.A. WS-001
Testing WSDL - WSDL Weakness WS-002
FREE :
https://github.com/1N3/IntruderPayloads
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A free real collection of Burpsuite Intruder payloads
> BurpBounty payloads, fuzz list
> malicious file uploads
> web pentesting methodologies and checklists.
Spiders, Robots and Crawlers IG-001
Search Engine Discovery/Reconnaissance IG-002
Identify application entry points IG-003
Testing for Web Application Fingerprint IG-004
Application Discovery IG-005
Analysis of Error Codes IG-006
SSL/TLS Testing (SSL Version, Algorithms, Key length, Digital Cert. Validity) - SSL Weakness CMβ001
DB Listener Testing - DB Listener weak CMβ002
Infrastructure Configuration Management Testing - Infrastructure Configuration management weakness CMβ003
Application Configuration Management Testing - Application Configuration management weakness CMβ004
Testing for File Extensions Handling - File extensions handling CMβ005
Old, backup and unreferenced files - Old, backup and unreferenced files CMβ006
Infrastructure and Application Admin Interfaces - Access to Admin interfaces CMβ007
Testing for HTTP Methods and XST - HTTP Methods enabled, XST permitted, HTTP Verb CMβ008
Credentials transport over an encrypted channel - Credentials transport over an encrypted channel AT-001
Testing for user enumeration - User enumeration AT-002
Testing for Guessable (Dictionary) User Account - Guessable user account AT-003
Brute Force Testing - Credentials Brute forcing AT-004
Testing for bypassing authentication schema - Bypassing authentication schema AT-005
Testing for vulnerable remember password and pwd reset - Vulnerable remember password, weak pwd reset AT-006
Testing for Logout and Browser Cache Management - - Logout function not properly implemented, browser cache weakness AT-007
Testing for CAPTCHA - Weak Captcha implementation AT-008
Testing Multiple Factors Authentication - Weak Multiple Factors Authentication AT-009
Testing for Race Conditions - Race Conditions vulnerability AT-010
Testing for Session Management Schema - Bypassing Session Management Schema, Weak Session Token SM-001
Testing for Cookies attributes - Cookies are set not βHTTP Onlyβ, βSecureβ, and no time validity SM-002
Testing for Session Fixation - Session Fixation SM-003
Testing for Exposed Session Variables - Exposed sensitive session variables SM-004
Testing for CSRF - CSRF SM-005
Testing for Path Traversal - Path Traversal AZ-001
Testing for bypassing authorization schema - Bypassing authorization schema AZ-002
Testing for Privilege Escalation - Privilege Escalation AZ-003
Testing for Business Logic - Bypassable business logic BL-001
Testing for Reflected Cross Site Scripting - Reflected XSS DV-001
Testing for Stored Cross Site Scripting - Stored XSS DV-002
Testing for DOM based Cross Site Scripting - DOM XSS DV-003
Testing for Cross Site Flashing - Cross Site Flashing DV-004
SQL Injection - SQL Injection DV-005
LDAP Injection - LDAP Injection DV-006
ORM Injection - ORM Injection DV-007
XML Injection - XML Injection DV-008
SSI Injection - SSI Injection DV-009
XPath Injection - XPath Injection DV-010
IMAP/SMTP Injection - IMAP/SMTP Injection DV-011
Code Injection - Code Injection DV-012
OS Commanding - OS Commanding DV-013
Buffer overflow - Buffer overflow DV-014
Incubated vulnerability - Incubated vulnerability DV-015
Testing for HTTP Splitting/Smuggling - HTTP Splitting, Smuggling DV-016
Testing for SQL Wildcard Attacks - SQL Wildcard vulnerability DS-001
Locking Customer Accounts - Locking Customer Accounts DS-002
Testing for DoS Buffer Overflows - Buffer Overflows DS-003
User Specified Object Allocation - User Specified Object Allocation DS-004
User Input as a Loop Counter - User Input as a Loop Counter DS-005
Writing User Provided Data to Disk - Writing User Provided Data to Disk DS-006
Failure to Release Resources - Failure to Release Resources DS-007
Storing too Much Data in Session - Storing too Much Data in Session DS-008
WS Information Gathering - N.A. WS-001
Testing WSDL - WSDL Weakness WS-002
FREE :
https://github.com/1N3/IntruderPayloads
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - 1N3/IntruderPayloads: A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploadsβ¦
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists. - 1N3/IntruderPayloads
Forwarded from UNDERCODE NEWS
The explanation for the failure of the deal to sell the bank to Yandex was discovered by Tinkov. The $200 million he was underpaid.
#International
#International
Forwarded from UNDERCODE NEWS
A journalist uses a zoom to penetrate a "secret" European meeting of Defense Ministers.
#International
#International
β β β Uππ»βΊπ«Δπ¬πβ β β β
Local DNS caching any linux :
1. apt-get install dnsmasq
2. configure
This will tune dnsmasq to standalone mode, not sort of
plugin of NetworkManager.
vim /etc/dnsmasq.conf
+ resolv-file=/etc/???upstream-of-dnsmasq.conf
+ listen..
+ port
+ ...
vim /etc/???upstream-of-dnsmasq.conf
+ nameserver 8.8.8.8
+ nameserver 8.8.4.4
+ nameserver 2001:4860:4860::8888
vim /etc/resolv.conf
ONLY THESE TWO LINE
nameserver 127.0.0.1
nameserver ::1
3. service ... start OR systemctl ... start ..
HINT
WHAT if dnsmasq faild to start ?
/sbin/dnsmasq --test
then check the error message.
Ref: apach
β β β Uππ»βΊπ«Δπ¬πβ β β β
Local DNS caching any linux :
1. apt-get install dnsmasq
2. configure
This will tune dnsmasq to standalone mode, not sort of
plugin of NetworkManager.
vim /etc/dnsmasq.conf
+ resolv-file=/etc/???upstream-of-dnsmasq.conf
+ listen..
+ port
+ ...
vim /etc/???upstream-of-dnsmasq.conf
+ nameserver 8.8.8.8
+ nameserver 8.8.4.4
+ nameserver 2001:4860:4860::8888
vim /etc/resolv.conf
ONLY THESE TWO LINE
nameserver 127.0.0.1
nameserver ::1
3. service ... start OR systemctl ... start ..
HINT
WHAT if dnsmasq faild to start ?
/sbin/dnsmasq --test
then check the error message.
Ref: apach
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
TikTok showed stable progress in 2020, with US-China tension still creating anxiety in 2020.
#Updates
#Updates
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
ddos for beginers, videos, tools,tutorials :
R-U-Dead-Yet(RUDY)HTTP DoS attack https://en.wikipedia.org/wiki/R-U-Dead-Yet https://sourceforge.net/projects/r-u-dead-yet/
R-U-Dead-Yet, RUDY DDoS Attack Tool----a low and slow DoS attack tool https://www.youtube.com/watch?v=k1o9Ya8qxlU
THC-SSL-DOS Attack Tool https://www.youtube.com/watch?v=Ex2xz0ZOKKs
Slowloris DOS/DDOS attack tool https://www.youtube.com/watch?v=8Yl1ddOp3wM Slowloris--Powerful DOS attack perl program https://github.com/hackerimranahmed/Slowloris https://en.wikipedia.org/wiki/Slowloris_(computer_security)
Top 15 DDoS Tools https://www.youtube.com/watch?v=zflrijcVYcg
HULK 2. LOIC 3. XOIC 4. DDOSIM 5. RUDY
Torβs Hammer 7. PyLoris 8. Slowloris
OWASP DOS HTTP POST 10. DAVOSET
GoldenEye 12. Hyenae 13. Hping3
Apache BenchMark Tool 15. Thc-ssl-dos
ZAmbIE is a Toolkit(not finished yet) Made By Lunatic2 for DDoS Attacks https://github.com/zanyarjamal/zambie https://www.youtube.com/watch?v=wJOdtG3r3J8
xerxes website ddos tool on kali linux 2017.1 https://www.youtube.com/watch?v=qMjYDoqG13Y https://github.com/zanyarjamal/xerxes
β β β Uππ»βΊπ«Δπ¬πβ β β β
ddos for beginers, videos, tools,tutorials :
R-U-Dead-Yet(RUDY)HTTP DoS attack https://en.wikipedia.org/wiki/R-U-Dead-Yet https://sourceforge.net/projects/r-u-dead-yet/
R-U-Dead-Yet, RUDY DDoS Attack Tool----a low and slow DoS attack tool https://www.youtube.com/watch?v=k1o9Ya8qxlU
THC-SSL-DOS Attack Tool https://www.youtube.com/watch?v=Ex2xz0ZOKKs
Slowloris DOS/DDOS attack tool https://www.youtube.com/watch?v=8Yl1ddOp3wM Slowloris--Powerful DOS attack perl program https://github.com/hackerimranahmed/Slowloris https://en.wikipedia.org/wiki/Slowloris_(computer_security)
Top 15 DDoS Tools https://www.youtube.com/watch?v=zflrijcVYcg
HULK 2. LOIC 3. XOIC 4. DDOSIM 5. RUDY
Torβs Hammer 7. PyLoris 8. Slowloris
OWASP DOS HTTP POST 10. DAVOSET
GoldenEye 12. Hyenae 13. Hping3
Apache BenchMark Tool 15. Thc-ssl-dos
ZAmbIE is a Toolkit(not finished yet) Made By Lunatic2 for DDoS Attacks https://github.com/zanyarjamal/zambie https://www.youtube.com/watch?v=wJOdtG3r3J8
xerxes website ddos tool on kali linux 2017.1 https://www.youtube.com/watch?v=qMjYDoqG13Y https://github.com/zanyarjamal/xerxes
β β β Uππ»βΊπ«Δπ¬πβ β β β
Wikipedia
R-U-Dead-Yet
R.U.D.Y., short for R U Dead Yet, is an acronym used to describe a Denial of Service (DoS) tool used by hackers to perform slow-rate a.k.a. βLow and slowβ attacks by directing long form fields to the targeted server. It is known to have an interactive consoleβ¦
Forwarded from UNDERCODE NEWS
Forwarded from UNDERCODE NEWS
