▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑TOOLS LIST PDF TOOLS New (BRUTEFORCE PROTECTED PDF/PAYLOADS/INJECTION....)
t.me/UndercOdeTestingOfficial

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

Tool URL

AnalyzePDF.py https://github.com/hiddenillusion/AnalyzePDF
ByteForce https://github.com/weaknetlabs/ByteForce
Caradoc https://github.com/ANSSI-FR/caradoc
Didier Stevens suite https://github.com/DidierStevens/DidierStevensSuite
dumppdf https://packages.debian.org/jessie/python-pdfminer
forensics-all https://packages.debian.org/jessie-backports/forensics-all
Origami https://code.google.com/archive/p/origami-pdf/
ParanoiDF https://github.com/patrickdw123/ParanoiDF
peepdf https://github.com/jesparza/peepdf
PDF Xray https://github.com/9b/pdfxray_public
pdf-parser http://didierstevens.com/files/software/pdf-parser_V0_6_4.zip
pdf2jhon.py https://github.com/magnumripper/JohnTheRipper/blob/unstable-jumbo/run/pdf2john.py
pdfcrack https://packages.debian.org/jessie/pdfcrack
pdfextract https://github.com/CrossRef/pdfextract
pdfobjflow.py https://bitbucket.org/sebastiendamaye/pdfobjflow
pdfresurrect https://packages.debian.org/jessie/pdfresurrect
PdfStreamDumper.exe http://sandsprite.com/CodeStuff/PDFStreamDumper_Setup.exe
pdftk https://packages.debian.org/en/jessie/pdftk
pdfxray_lite.py https://github.com/9b/pdfxray_lite
poppler-utils https://packages.debian.org/en/jessie/poppler-utils (pdftotext, pdfimages, pdftohtml, pdftops, pdfinfo, pdffonts, pdfdetach, pdfseparate, pdfsig, pdftocairo, pdftoppm, pdfunite)
pyew https://packages.debian.org/en/jessie/pyew
qpdf https://packages.debian.org/jessie/qpdf
swf_mastah.py https://github.com/9b/pdfxray_public/blob/master/builder/swf_mastah.py

e n j o y

@ M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑.INI File Extension types/kinds...
instagram.com/UndercOdeTestingCompany

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) Windows Initialization File

>An INI file is a configuration file used by Windows programs to initialize program settings. It contains sections for settings and preferences (delimited by a string in square brackets) with each section containing one or more name and value parameters.

> desktop.ini - A hidden file located in Windows folders that saves viewing options for that specific folder. This file can specify an image that is used for the folder icon as well as appearance options for files within the folder. It can be ignored, but if you delete the desktop.ini file, Windows may generate a new one. Mac OS X .DS_STORE files serve a similar purpose.

> INI files can be edited with a plain text editor, but typically should not be edited or altered by regular users. INI files were partially replaced by the registry database in Windows 95. More recently, they have also been replaced by XML files.

2) Symbian OS Configuration File

>Configuration file that stores settings and user preferences for the Symbian operating system and installed applications; similar to INI files used by Windows and typically should not be opened manually.

3) Gravis UltraSound Bank Setup File

> Contains settings for a Gravis UltraSound sound bank (.FFF file) as well as patch files used by Gravis sound cards.

4) Finale Preferences File

>File created by Finale, a music notation program; contains Finale program settings to customize the work environment; settings include dialog boxes, menu settings, and font styles; preset in Finale but can be edited either through settings dialog windows or manually.

@ M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Topic pdf tools Offline Digital Forensics Tool for Binary Files...
You can used to hide a dangerous malware in pdf for windows...
>Offline Digital Forensics Tool for Binary Files This tool can be used for (offline) digital forensics and malware analysis as it shows all raw bytes of a file and also the ASCII representations. As you can see from the screenshots, I have used it on a few different file types, TXT, PNG, Compiled C code, and even a packet capture file. It has three columns, one to show the byte count on the far left. Then, in the middle the hexadecimal bytes of the file, and on the right the ASCII representations (if there are any) of the hexadecimal bytes.
instagram.com/UndercOdeTestingCompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/weaknetlabs/ByteForce

2) cd ByteForce

3)Example run :

./ByteForce alg.exe |head -n 20

🦑Features:

1) HTTP Strings

ByteForce will search Binary files for case-insensitive, plain-text HTTP strings.

2) XOR Brute Force attack (Case-Insensitive)

The XOR brute force attack will try every byte from 0x01 to 0x1f as a XOR key against the byte found in the file. If the result equals the ASCII value of an "H" or "h" I grab the next byte in the file, perform the XOR and look for a "T" ot "t". I continue until I find "[Hh][Tt]{2}[pP]" and if found, I print the bytes until I get a non printable character. The algorithm I wrote will trace steps back into the opened file's bytes accordingly if a non http ASCII value is found.

3)Rotate 13 Check

This will perform a simple ROT13() function that I made on the byte before checking it's value for the "[Hh][tT]{2}[pP]" ASCII values that I searched for in the XOR segment above.

4) XOR-ROT13 Attack

This will perform the brute-force XOR attack after performing the ROT13() function I made on the file's byte before checking it for the "[Hh][tT]{2}[pP]" ASCII values.

5) for PDF Documents

ByteForce has the ability to check the document for a valid PDF header and also to search for plain-text case-insensitive executable file names. This does not deflate/inflate data streams. This is a simple string check on the file.

🦑Tested by UndercOde On:

> Ubanto

> Kali

@ M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Usefull for termux users Wrapper for Mpv on Termux. Displays play controls in the notification
instagram.com/UndercOdeTestingCompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

> Manual :

1) git clone https://github.com/Neo-Oli/Termux-Mpv

2) cd Termux-Mpv

3) pyhon setup.py

Or Automate install :

> apt install termux-api python mpv

well done

@ M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How Sucessful hack Any Telegram Running On Windows From Termux Or Linux ?
t.me/UndercOdeTestingOfficial

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/ultrasecurity/TeleKiller.git

2) cd TeleKiller

3) pip install -r requirements.txt

4) python TeleKiller.py

🦑Features:

> Session Hijacking

> Stealer Local Passcode

> Keylogger

> Shell

> Bypass 2 Step Verification

🦑Tested by UndercOde :

> Win10(victime)

@ M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑many ways someone can hack Facebook Profile's lets give s some :
t.me/UndercOdeTestingOfficial

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) Phishing

Phishing is still the most popular attack vector used for hacking Facebook accounts. There are variety methods to carry out phishing attack. In a simple phishing attacks a hacker creates a fake log in page which exactly looks like the real Facebook page and then asks the victim to log in. Once the victim log in through the fake page the, the victims "Email Address" and "Password" is stored in to a text file, and the hacker then downloads the text file and gets his hands on the victims credentials.

2) Keylogging

Keylogging is the easiest way to hack a Facebook password. Keylogging sometimes can be so dangerous that even a person with good knowledge of computers can fall for it. A Keylogger is basically a small program which, once is installed on victim's computer, will record every thing victim types on his/her computer. The logs are then send back to the attacker by either FTP or directly to hackers email address.

3) Stealer's

Almost 80% percent people use stored passwords in their browser to access the Facebook. This is quite convenient, but can sometimes be extremely dangerous. Stealer's are software's specially designed to capture the saved passwords stored in the victims Internet browser.

4) Session Hijacking

Session Hijacking can be often very dangerous if you are accessing Facebook on a http (non secure) connection. In Session Hijacking attack, a hacker steals the victims browser cookie which is used to authenticate the user on a website, and use it to access the victims account. Session hijacking is widely used on LAN, and WiFi connections.

5) Sidejacking With Firesheep

Sidejacking attack went common in late 2010, however it's still popular now a days. Firesheep is widely used to carry out sidejacking attacks. Firesheep only works when the attacker and victim is on the same WiFi network. A sidejacking attack is basically another name for http session hijacking, but it's more targeted towards WiFi users.

6) Mobile Phone Hacking

Millions of Facebook users access Facebook through their mobile phones. In case the hacker can gain access to the victims mobile phone then he can probably gain access to his/her Facebook account. Their are a lots of Mobile Spying software's used to monitor a Cellphone. The most popular Mobile Phone Spying software's are: Mobile Spy, and Spy Phone Gold.

7) DNS Spoofing

If both the victim and attacker are on the same network, an attacker can use a DNS spoofing attack and change the original Facebook page to his own fake page and hence can get access to victims Facebook account.

8) USB Hacking

If an attacker has physical access to your computer, he could just insert a USB programmed with a function to automatically extract saved passwords in the Internet browser.

9) Man In the Middle Attacks

If the victim and attacker are on the same LAN and on a switch based network, a hacker can place himself between the client and the server, or he could act as a default gateway and hence capturing all the traffic in between.

10) Botnets

Botnets are not commonly used for hacking Facebook accounts, because of it's high setup costs. They are used to carry more advanced attacks. A Botnet is basically a collection of compromised computer. The infection process is same as the key logging, however a Botnet gives you additional options for carrying out attacks with the compromised computer. Some of the most popular Botnets include Spyeye and Zeus.

powred by wiki

@ M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Require python3 (Termux)& root for some android Version

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Hack Gmail and Facebook/instagram or gmail/any other accounts of Remote PC using DNS Spoofing and SET Toolkit
instagram.com/UndercOdeTestingCompany

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) git clone https://github.com/SemyonMakhaev/dns-poison

2) cd dns-poison

3) python3 poison.py [-h] server name address

server IP-address of a target server
name Requested domain name
address IP-address of domain this name for writing to server cache
-h or --help Show a help message

🦑This program is trying to put a fake data to a target DNS-server cache. It sends a DNS-request to server and then it sends a DNS-reply to all of server ports, so the program imitates a forwarder of this server

🦑Tested by Under Code On

>Termux

>ubanto

@ M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Malicious Scanner Script 2019 websites bug
twitter.com/UndercOdeTC

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃

> At first glance, you notice a curl request to a hacked Russian website, along with a list of 14 typical filenames of the adminer script:

1) _adminer.php

2) ad.php

3) adminer-4.2.5-en.php

4) adminer-4.2.5-mysql.php

5) adminer-4.2.5.php

6) adminer-4.3.0-en.php

7) adminer-4.3.0-mysql-en.php

8) adminer-4.3.0-mysql.php

9) adminer-4.3.0.php

10) adminer-4.3.1-en.php

11) adminer-4.3.1-mysql-en.php

12) adminer-4.3.1-mysql.php

13) adminer-4.3.1.php

14) Adminer.php

🦑SO WHAT THIS SCRIPT CAN DO ?

Batches of Domain Names:

> When we made a curl request to that Russian site, it returned a list of 10,000 domain names.

Except for the alphabetical order of the list, there was no apparent pattern in the way the list was compiled. The sites used all kinds of CMSs that were hosted on different servers.

> When we made another request to that URL, it returned a new list of 10,000 domain names. Again, the list was alphabetically sorted – this time, the new list began where the first one left off.

The same happened on each subsequent request.


🦑Estimating Scan Coverage

> This way, request by request, this single script can receive a significant number of domain names. Let’s estimate this number.

> A typical batch of 10 thousand domains consists of domains that begin with the same letter. The difference between #1 and #10,000 might only appear in the 4th letter

>Overall, the script returned over 300,000 domains that began with letter
“b”.

🦑WILL SEND IT LATER ON UNDERCODE TESTING ENGLISH GROUPES
AFTER few nessasary tests

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm)
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How Does the Scanner Works in websites ?
t.me/UNdercOdeTestingOfficial

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃

> Now let’s see how these large lists of domains are being processed. First of all, we know that the scanner script requests them in chunks of 10,000 domains. That’s quite a big number when you need to make requests to external websites.

> As you might recall, for each domain the script needs to probe 14 adminer filenames. This means there are 140,000 requests per batch (or around 100 million requests per campaign.). Of course, you can’t expect a script to complete such a large task in one go.

🦑 To work around this, the scanner uses the following approach:

1) It saves the list of 140,000 URLs in the “s” file and the current position in that list in the “c” file.

2) The script reads URL from position “c” and then makes requests for up to 3,000 seconds (50 minutes). To do it, they have the following setting:

> and this condition:

if((time()-$t)>3000){ exit(); }

3) To speed things up, the script makes 20 asynchronous requests at once using the “curl_multi_…” function, instead of regular curl.

4) Once a batch of 20 requests is complete, the script makes another 20 requests and repeats this routine until the execution time runs out.

5) Every 100 requests, a new position in the list is saved in the “c” file so that next time when the attackers activate the script it will start where it left off.

written by M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm)
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁