- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - - -

🦑Awesome Termux Automate script:
(t.me/UnderCodeRepoUpdates)

🦑INSTALLISATION & RUN:


1) Termux

> pkg install git && python2

2) Ubuntu :

> sudo apt-get install python2 && git

3) git clone github.com/m4rktn/jogan/

4) cd jogan

5) python jogan.py

Thats all now choose option Via Numbers

@ ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

🦑Howyour wireless network password in Windows , Linux and Mac OS
(instagram.com/UnderCodeTestingCompany)

🦑INSTALLISATION & RUN:

On linux open terminal and run
1) sudo su

2) git clone https://github.com/LionSec/wifresti.git

3) cp wifresti/wifresti.py /usr/bin/wifresti

4) chmod +x /usr/bin/wifresti

5) sudo wifresti thenrun as bash

🦑Without Python (.exe file)

1) if you do not have Python installed, you can also download the executable version (Only for Windows)

2) Download link : http://lionsec.net/tools/download.php?Down=wifresti_windows.zip

3) unzip and click

Written by ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

🦑 advanced man in the middle framework for Linux Distro
(instagram.com/UnderCodeTestingCompany)

🦑INSTALLISATION & RUN:

1) git clone https://github.com/LionSec/xerosploit

2) cd xerosploit

3) sudo python install.py

4) sudo xerosploit

🦑Requirements:
1) nmap

2) hping3

3) build-essential

4) ruby-dev

5) libpcap-dev

6) libgmp3-dev

7) tabulate

8) terminaltables

Written by ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

https://www.youtube.com/watch?v=lZAoFs75_cs

🦑 2 hours ethical hacking🦑

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

🦑Trick to crack the password If you forgot your Windows Password fastest way by UndercOde:
(t.me/UnderCodeTestingOfficial)

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) get windows-10 bootlable DVD.

2) at bios settings Make sure your PC setup is configured to boot from DVD.

3) boot The Disk

4) Press SHIFT + F10 to open the Command prompt

5) Replace the utilman.exe with cmd.exe. (Utilman.exe is a built in Windows application that is designed to allow the user to configure Accessibility options such as the Magnifier, High Contrast Theme, Narrator and On Screen Keyboard before they log onto the system.)

> move d: \System32\utilman.exe d: \System32\utilman.exe.bak

7) Then copy :

copy d: \System32 \cmd.exe d: \System32 \ultiman.exe

8) Windows-10 is usually installed in Drive D:/ if you can not trace it by finding file using d:\windows\system32\utilman.exe, if can’t trace this file in current drive then try in another Drive.

9) After successfully moving utilman.exe, remove your bootable DVD and reboot your problematic windows-10 installation from same CMD prompt.

> wpeutil reboot

10) On the Windows Login page,

> Click Utility Manager Icon at Bottom left.

11) As we have already replaced Utility Manager EXE file with Command Prompt EXE, so it will get open CMD prompt. (Avoid error message)

12) Directly reset the windows-10 password from command prompt! It will not ask you for old password and direct reset your new password.

> net user <username> <new_password>

13) Now, the password has been changed successfully

> Exit from command prompt, Get to the Login screen and apply your new password

Written by UnderCode
Tested on lastest win version
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

🦑 A gd collection of android Exploits and Hacks
(instagram.com/UnderCodeTestingCompany)

🦑Installisation & Run:

1) git clone https://github.com/sundaysec/Android-Exploits.git

> Recommend you grab exploitpack latest version

2) wget https://github.com/juansacco/exploitpack/archive/master.zip

3) Extract then Navigate into the folder and type:

> java -jar ExploitPack.jar

4) Load the exploits

Learn and hack

🦑OWASP Top 10 Mobile Risks:

1) Insecure Data Storage

2) Weak Server Side Controls

3) Insufficient Transport Layer Protection

4) Client Side Injection

5) Poor Authorization and Authentication

6) Improper Session Handling

7) Security Decisions Via Untrusted Inputs

8) Side Channel Data Leakage

9) Broken Cryptography

10) Sensitive Information Disclosure

Written by UnderCode
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

🦑Different Types of Ransomware:
(t.me/UnderCodeTestingOfficial)

🦑CryptoLocker

CyptoLocker botnet is one of the oldest forms of cyber attacks which has been around for the past two decades. The CyptoLocker ransomware came into existence in 2013 when hackers used the original CryptoLocker botnet approach in ransomware.

CyptoLocker ransomware is the most destructive form of ransomware since it uses strong encryption algorithms. It is often impossible to decrypt (restore) the Crypto ransomware-infected computer and files without paying the ransom.

🦑WannaCry

WannaCry is the most widely known ransomware variant across the globe. The WannaCry ransomware has infected nearly 125,000 organizations in over 150 countries. Some of the alternative names given to the WannaCry ransomware are WCry or WanaCrypt0r.

🦑Bad Rabbit

Bad Rabbit is another strain of ransomware which has infected organizations across Russia and Eastern Europe. It usually spreads through a fake Adobe Flash update on compromised websites.

🦑Cerber

Cerber is another ransomware variant which targets cloud-based Office 365 users. Millions of Office 365 users have fallen prey to an elaborate phishing campaign carried out by the Cerber ransomware.

🦑Crysis

Crysis is a special type of ransomware which encrypts files on fixed drives, removable drives, and network drives. It spreads through malicious email attachments with double-file extension. It uses strong encryption algorithms making it difficult to decrypt within a fair amount of time.

🦑CryptoWall

CryptoWall is an advanced form of CryptoLocker ransomware. It came into existence since early 2014 after the downfall of the original CryptoLocker variant. Today, there are multiple variants of CryptoWall in existence. It includes CryptoDefense, CryptoBit, CryptoWall 2.0, and CryptoWall 3.0.

🦑GoldenEye

GoldenEye is similar to the infamous Petya ransomware. It spreads through a massive social engineering campaign that targets human resources departments. When a user downloads a GoldenEye-infected file, it silently launches a macro which encrypts files on the victim's computer.

🦑Jigsaw

Jigsaw is one of the most destructive types of ransomware which encrypts and progressively deletes the encrypted files until a ransom is paid. It starts deleting the files one after the other on an hourly basis until the 72-hour mark- when all the remaining files are deleted.

🦑Locky

Locky is another ransomware variant which is designed to lock the victim's computer and prevent them from using it until a ransom is paid. It usually spread through seemingly benign email message disguised as an invoice.

When a user opens the email attachment, the invoice gets deleted automatically, and the victim is directed to enable macros to read the document. When the victim enables macros, Locky begins encrypting multiple file types using AES encryption.

> Petya, NotPetya, TeslaCrypt, TorrentLocker, ZCryptor, etc., are some of the other ransomware variants that are well-known for their malicious activities.

Written by UnderCode
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

🦑How Hack Systems (wINDOWS) with the automation of PasteJacking attacks? WORK TERMUX /KALI/PARROT/DEBIAN...
(instagram.com/UnderCodeTestingCompany)


🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

> Pastejacking is a method that malicious websites employ to take control of your computers’ clipboard and change its content to something harmful without your knowledge

> So here what I did is automating the original attack and adding two other tricks to fool the user, using HTML and CSS Will talk about it then added meterpreter sessions as I said before.

🦑How it WORKS:

1) The target opens an HTML page served by the tool and this page has anything that makes the user wants to copy from it and paste into the terminal. Ex: package installation instructions

2) Target copies anything from the page then in the background it gets replaced quickly with our liner.

3) The user pastes into the terminal and before he notices that the line he copied has been changed :

> The line gets executed by itself in the background (Without pressing enter)

> The terminal gets cleared.

> The user sees the terminal is usable again.

> You already got your meterpreter session by this time.

4) All of that happened in less than second and maybe the user thinks this is a bad program and he won't install it

🦑INSTALLISATION & RUN:

1) git clone https://github.com/D4Vinci/PasteJacker.git

2) sudo python3 -m pip install ./PasteJacker

3) sudo pastejacker

🦑Requirements:

1) Python 3 and setuptools module.

2) Linux or Unix-based system (Currently tested only on Kali Linux rolling and Ubuntu 16.04).

3) Third-party requirements like msfvenom but only if you are gonna use the msfvenom option, of course.

4) Third-party library ncurses-dev for Ubuntu

5) Root access.

Written by UnderCode
- - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

🦑2019 HACKING AWESOME TOOL

> This repository contains four different proof-of-concept attacks showing ZombieLoad. It also includes four different victim applications to test the leakage in various scenarios.

> All demos are tested with an Intel Core i7-8650U, but they should work on any Linux system with any modern Intel Core or Xeon CPU since 2010. We provide three variants for Linux, which we tested on Ubuntu 18.04.1 LTS, and two variants for Windows, which we tested on Windows 10 (1803 build 17134.706).

> For best results, we recommend a fast CPU that supports Intel TSX (e.g. nearly any Intel Core i7-5xxx, i7-6xxx, or i7-7xxx).
(t.me/UnderCodeTestingOfficial)

🦑INSTALLISATION & RUN:

1) clone https://github.com/IAIK/ZombieLoad

2) cd Zombieload

3) sudo modprobe msr

4) cd module && make load

5) Then, run the attacker on one hyperthread as root:

> sudo taskset -c 3 ./leak

🦑MORE USAGES:

🦑Userspace Victim (Linux and Windows)

1) An unprivileged user application which constantly loads the same value from its memory.

> Run (Linux)

Simply run the victim on the same physical core but a different hyperthread as the attacker:

> taskset -c 7 ./secret.

2) You can also provide a secret letter to the victim application as a parameter, e.g., taskset -c 7 ./secret B to access memory containing 'B's. The default secret letter is 'X'.

3) As soon as the victim is started, there should be a clear signal in the attacker process, i.e., the bar for the leaked letter should get longer.

🦑Run (Windows)

1) Simply run the victim on the same physical core but a different hyperthread as the attacker: start /affinity 7 .\secret.exe. You can also provide a secret letter to the victim application as a parameter, e.g.,
> start /affinity 7 .\secret.exe B to access memory containing 'B's.

2) The default secret letter is 'X'.

3) As soon as the victim is started, there should be a clear signal in the attacker process, i.e., the bar for the leaked letter should get longer.
Kernel Victim (Linux only)

4) A kernel module which constantly loads the letter 'J'.
Run

5) Before running the victim, the kernel module has to be loaded into the kernel. This is done by running sudo insmod leaky.ko. Then, simply run the victim on the same physical core but a different hyperthread as the attacker: taskset -c 7 ./secret.

6) As soon as the victim is started, there should be a clear signal in the attacker process, i.e., the bar for the letter 'J' should get longer.
Intel SGX Victim (Linux only)

7) An Intel SGX enclave which constantly loads the letter 'S'. This victim requires that the SGX driver and SDK are installed.
Run

8) Simply run the victim on the same physical core but a different hyperthread as the attacker: taskset -c 7 ./secret.

9) As soon as the victim is started, there should be a clear signal in the attacker process, i.e., the bar for the letter 'S' should get longer.
VM Victim (Linux and Windows)

10) A virtual machine containing an application which constantly loads the same value from its memory. This victim requires that QEMU is installed, and VT-x is enabled.

Written by UnderCode
- - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

- - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

🦑Some commun attacks for Servers
(instagram.com/UnderCodeTestingCompany)

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1> The DROWN (Decrypting RSA with Obsolete and Weakened eNcryption) attack is a cross-protocol security bug that attacks servers supporting modern SSLv3/TLS protocol suites by using their support for the obsolete,

2> insecure, SSL v2 protocol to leverage an attack on connections using up-to-date protocols that would otherwise be secure.


3> DROWN can affect all types of servers that offer services encrypted with SSLv3/TLS yet still support SSLv2, provided they share the same public key credentials between the two protocols.[3]

4> Additionally, if the same public key certificate is used on a different server that supports SSLv2, the TLS server is also vulnerable due to the SSLv2 server leaking key information that can be used against the TLS server

5> Full details of DROWN were announced in March 2016, along with a patch that disables SSLv2 in OpenSSL; the vulnerability was assigned the ID CVE-2016-0800.[4] The patch alone will not be sufficient to mitigate the attack if the certificate can be found on another SSLv2 host. The only viable countermeasure is to disable SSLv2 on all servers.

6> The researchers estimated that 33% of all HTTPS sites were affected by this vulnerability as of March 1, 2016

🦑Protections against This Attacks:

1) To protect against DROWN, server operators need to ensure that their private keys are not used anywhere with server software that allows SSLv2 connections. This includes web servers, SMTP servers, IMAP and POP servers, and any other software that supports SSL/TLS.[8]

2) The OpenSSL group has released a security advisory, and a set of patches intended to mitigate the vulnerability by removing support for obsolete protocols and ciphers.[9] However, if the server's certificate is used on other servers that support SSLv2, it is still vulnerable, and so are the patched servers.

3) Numerous sources have recommended that the vulnerability be patched as soon as possible by site operators.


Written by UnderCode
- - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

🦑A gd hacking tool for kali/termux The OneSiTyOne
Fast SNMP Scanner
(instagram.com/UnderCodeTestingCompany)

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

The SNMP protocol is a stateless, datagram oriented protocol. An SNMP scanner is a program that sends SNMP requests to multiple IP addresses, trying different community strings and waiting for a reply. Unfortunately SNMP servers don't respond to requests with invalid community strings and the underlying UDP protocol does not reliably report closed UDP ports. This means that 'no response' from the probed IP address can mean either of the following:

1) machine unreachable

2) SNMP server not running

3) invalid community string

4) the response datagram has not yet arrived

🦑INSTALLISATION & RUN:

1) git clone https://github.com/trailofbits/onesixtyone

2) cd onesixtyone

3) Linux, FreeBSD, OpenBSD:

> gcc -o onesixtyone onesixtyone.c

🦑Solaris:

> gcc -o onesixtyone onesixtyone.c -lsocket -lnsl

Installation is not necessary, just run the program from the current directory.
If you wish you may copy it to /usr/local/bin

🦑MORE :

> The approach taken by most SNMP scanners is to send the request, wait for n seconds and assume that the community string is invalid. If only 1 of every hundred scanned IP addresses responds to the SNMP request, the scanner will spend 99*n seconds waiting for replies that will never come. This makes traditional SNMP scanners very inefficient.

> onesixtyone takes a different approach to SNMP scanning. It takes advantage of the fact that SNMP is a connectionless protocol and sends all SNMP requests as fast as it can. Then the scanner waits for responses to come back and logs them, in a fashion similar to Nmap ping sweeps. By default onesixtyone waits for 10 milliseconds between sending packets, which is adequate for 100MBs switched networks. The user can adjust this value via the -w command line option. If set to 0, the scanner will send packets as fast as the kernel would accept them, which may lead to packet drop.

> Running onesixtyone on a class B network (switched 100MBs with 1Gbs backbone) with -w 10 gives us a performance of 3 seconds per class C, with no dropped packets. All 65536 IP addresses were scanned in less than 13 minutes. onesixtyone sends a request for the system.sysDescr.0 value, which is present on almost all SNMP enabled devices. This returned value gives us a description of the system software running on the device

Written by UnderCode
-- - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

🦑2019 tested by UnderCode Information Gathering Tool For Instagram.
like Username, Profile Name, URL, Followers, Following, Number of Posts, Bio, Profile Picture URL, Is Business Account ?, Connected to a FB account ?, External URL, Joined Recently ?, Business Category Name, Is private ?, Is Verified ?, Downloads Public Photos
> Check Our at instagram.com/UnderCodeTestingCompany

🦑INSTALLISATION & RUN:

( TERMUX OR ANY LINUX DISTRO)

1) pkg install -y git python

2) git clone https://github.com/th3unkn0n/osi.ig.git

3) cd osi.ig

4) chmod +x install.sh && ./install.sh

5) python3 main.py


THATS ALL

Written by UnderCode
- - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

T.me/UnderCodeTestingOfficial

# Support & Share

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

🦑 PreInstalled kali tool DNSChef Package Description
(instagram.com/UnderCodeTestingCompany)

WHAT IS DNS CHEF ?

> DNSChef is a highly configurable DNS proxy for Penetration Testers and Malware Analysts.

> A DNS proxy (aka “Fake DNS”) is a tool used for application network traffic analysis among other uses. For example, a DNS proxy can be used to fake requests for “badguy.com” to point to a local machine for termination or interception instead of a real host somewhere on the Internet.

> Most will simply point all DNS queries a single IP address or implement only rudimentary filtering. DNSChef was developed as part of a penetration test where there was a need for a more configurable system.

> As a result, DNSChef is cross-platform application capable of forging responses based on inclusive and exclusive domain lists, supporting multiple DNS record types, matching domains with wildcards, proxying true responses for nonmatching domains, defining external configuration files, IPv6 and many other features. You can find detailed explanation of each of the features and suggested uses below.

> The use of DNS Proxy is recommended in situations where it is not possible to force an application to use some other proxy server directly. For example, some mobile applications completely ignore OS HTTP Proxy settings. In these cases, the use of a DNS proxy server such as DNSChef will allow you to trick that application into forwarding connections to the desired destination.

oFFICIAL Source: http://thesprawl.org/projects/dnschef/

🦑How to Use?

> root@kali:~# dnschef -h


> dnschef.py [options]:
_
Written by UnderCode
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

🦑What is exactly definition for dns?
(t.me/UnderCodeTestingOfficial)

🦑DNS

1) The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like nytimes.com or espn.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.

2) Each device connected to the Internet has a unique IP address which other machines use to find the device.

3) DNS servers eliminate the need for humans to memorize IP addresses such as 192.168.1.1 (in IPv4), or more complex newer alphanumeric IP addresses such as 2400:cb00:2048:1::c629:d7a2 (in IPv6).

🦑How does DNS work?

1) The process of DNS resolution involves converting a hostname (such as www.example.com) into a computer-friendly IP address (such as 192.168.1.1).

2) An IP address is given to each device on the Internet, and that address is necessary to find the appropriate Internet device - like a street address is used to find a particular home. When a user wants to load a webpage, a translation must occur between what a user types into their web browser (example.com) and the machine-friendly address necessary to locate the example.com webpage.

3) In order to understand the process behind the DNS resolution, it’s important to learn about the different hardware components a DNS query must pass between. For the web browser, the DNS lookup occurs “ behind the scenes” and requires no interaction from the user’s computer apart from the initial request.

@ Mr BotNet(tm)
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

🦑All dns Servers Types:
t.me/UnderCodeTestingOfficial)

🦑There are 4 DNS servers involved in loading a webpage:


1) DNS recursor -

> The recursor can be thought of as a librarian who is asked to go find a particular book somewhere in a library. The DNS recursor is a server designed to receive queries from client machines through applications such as web browsers. Typically the recursor is then responsible for making additional requests in order to satisfy the client’s DNS query.


2) Root nameserver -

> The root server is the first step in translating (resolving) human readable host names into IP addresses. It can be thought of like an index in a library that points to different racks of books - typically it serves as a reference to other more specific locations.


3) TLD nameserver -

> The top level domain server (TLD) can be thought of as a specific rack of books in a library. This nameserver is the next step in the search for a specific IP address, and it hosts the last portion of a hostname (In example.com, the TLD server is “com”).

4) Authoritative nameserver -

> This final nameserver can be thought of as a dictionary on a rack of books, in which a specific name can be translated into its definition. The authoritative nameserver is the last stop in the nameserver query. If the authoritative name server has access to the requested record, it will return the IP address for the requested hostname back to the DNS Recursor (the librarian) that made the initial request.

🦑What's the difference between an authoritative DNS server and a recursive DNS resolver?

1) Both concepts refer to servers (groups of servers) that are integral to the DNS infrastructure, but each performs a different role and lives in different locations inside the pipeline of a DNS query. One way to think about the difference is the recursive resolver is at the beginning of the DNS query and the authoritative nameserver is at the end.
Recursive DNS resolver

2) The recursive resolver is the computer that responds to a recursive request from a client and takes the time to track down the DNS record. It does this by making a series of requests until it reaches the authoritative DNS nameserver for the requested record (or times out or returns an error if no record is found).

3) Luckily, recursive DNS resolvers do not always need to make multiple requests in order to track down the records needed to respond to a client; caching is a data persistence process that helps short-circuit the necessary requests by serving the requested resource record earlier in the DNS lookup

@ Mr BotNet(tm)
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

🦑
DNS Spoofing tool made in Python 3 with Scapy☠️kali/Termux
(t.me/UnderCodeTestingOfficial)

🦑INSTALLISATION & RUN:

1) git clone https://github.com/Trackbool/DerpNSpoof'


2) install the requirements with:

> 'pip3 install -r requirements.txt' (recomended) or manually 'pip3 install scapy'

> Scapy uses tcpdump

3) To execute the tool, you will need root permissions


4) Options to use:
<ip> - Spoof the DNS query packets of a certain IP address
<all> - Spoof the DNS query packets of all hosts
[!] Examples:
# python3 DerpNSpoof.py 192.168.1.20 myfile.txt
# python3 DerpNSpoof.py all myfile.txt

@ Mr BotNet(tm)
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -

🦑 Kali Linux Burp Suite Tutorial :
(instagram.com/UnderCodeTestingCompany)

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

> Burpsuite is a collection of tools bundled into a single suite made for Web Application Security or Penetration testing. It’s a java executable and hence it’s cross-platform. Kali Linux comes with Buprsuite free edition installed. There is also a professional version available.

🦑Features include:


1) Application-Aware Spider: Used for spidering/crawling a given scope of pages.

2) Scanner: Automatically scans for vulnerabilities just like any other automated scanners

3) Intruder: Used to perform attacks & brute-forces on pages in a highly customize-able manner.

4) Repeater: Used for manipulating and resending individual requests.

5) Sequencer: Used mainly for testing/fuzzing session tokens.

6) Extensibility, allowing you to easily write your own plugins, to perform complex and highly customized tasks within Burp.

7) Comparer & Decoder used for misc purposes that might come along the way when you conduct a Web Security test


🦑How Hack With it?

> Spidering a website

Spidering is a major part of recon while performing Web security tests. It helps the pentester to identify the scope & archetecture of the web-application.As described earlier, burpsuite has it’s own spider called the burp spider which can crawl into a website.

1) Setup Proxy

First, start burpsuite and check details under the proxy tab in Options sub-tab. Ensure IP is localhost IP & port is 8080.

> on IceWeasel/Firefox, Goto Options > Preferences > Network > Connection Settings.

> Choose Manual Proxy Configuration

2) Getting Content into Burpsuite

> After you have setup the proxy, goto the target normally by entering the URL in the address bar. You can notice that the page will not be loading up.

> This is because burpsuite is intercepting the connection.

3) Scope Selection & Starting Spider

> Now narrow down the target as you want. Here the target/mutillidae is selected. Right click the mutillidae from the sitemap & select Spider from Here option

4) Manipulating Details

Now you can see as the spider runs on your screan , the tree inside of the mutillidae branch gets populated. Also, the requests made are shown in the queue and the details are shown in the Request tab.

5) Move on to different Tabs and see all the underlying information.

6) Finally, check if the spider is finished by viewing the Spider tab.

@ Mr BotNet(tm)
- - - - - U҉N҉D҉E҉R҉C҉O҉D҉E҉- - - -