⚡️ #WhatsApp Beta Gets a New Feature: Forward to Meta #AI

https://undercodenews.com/whatsapp-beta-gets-a-new-feature-forward-to-meta-ai/

@Undercode_News

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 𝐈𝐎𝐓 𝐀𝐍𝐃 𝐇𝐀𝐑𝐃𝐖𝐀𝐑𝐄 𝐏𝐄𝐍𝐓𝐄𝐒𝐓 - 𝐔𝐏𝐃𝐀𝐓𝐄𝐃

#IoT and embedded devices are often used in critical infrastructure, such as healthcare devices or industrial control systems, which makes the security of these devices even more crucial.
💡𝑸𝒖𝒊𝒄𝒌 𝒓𝒆𝒎𝒊𝒏𝒅𝒆𝒓
Hardware refers to the physical components of a computer system or electronic device, while IoT refers to the network of connected devices that can communicate with each other over the internet.
While there is overlap between these concepts, they refer to different aspects of computer and electronic systems.

👉 𝐇𝐨𝐰 𝐭𝐨 𝐛𝐞𝐠𝐢𝐧?
🌟 A Red Team Guide for a Hardware Penetration Test by Adam Toscher
⭐Part 1: https://lnkd.in/eRUtq6Ne
⭐Part 2: https://lnkd.in/ezjwNuP6

🌟Hardware Hacking Curiosity by 👺 Adrien Lasalle
https://lnkd.in/eeDp-iq6

🌟 IoT Security 101 by V33RU
https://lnkd.in/eZ2QGhdJ

🌟 Awesome Hardware Hacking and IoT by Joas A Santos
https://lnkd.in/eyXnbKBv

🌟 IoT Village youtube channel
https://lnkd.in/eHEuww7w

🌟 UART Hardware Hacking Cheat Sheet by Marcel Rick-Cen
https://lnkd.in/edpyHG2B

🌟IoT Pentesting guide by Aditya Gupta and Attify
https://lnkd.in/ekBmcSNd

🌟 IoT Security Resources for beginner by Nayana Dhanesh
https://lnkd.in/eAmTvWnj

🌟 Firmware analysis on HackTricks
https://lnkd.in/eUvMqtAZ

👉 𝐅𝐞𝐞𝐥𝐢𝐧𝐠 𝐫𝐞𝐚𝐝𝐲 𝐭𝐨 𝐭𝐫𝐚𝐢𝐧?
🌟 Open Security Training
https://p.ost2.fyi/

🌟 Hackaday courses
https://lnkd.in/e3yhaZTB

🌟 Intro to IoT pentest on TryHackMe
https://lnkd.in/ewjUM-Tc

👉 𝐒𝐨𝐦𝐞 𝐢𝐧𝐭𝐞𝐫𝐞𝐬𝐭𝐢𝐧𝐠 𝐫𝐞𝐚𝐝𝐬
🌟 IOT Security Foundation
https://lnkd.in/ecGudjgn

🌟 Awesome IoT Hacks by nebgnahz
https://lnkd.in/eQk4UBrt

🌟 Hands on Internet of things hacking by Payatu
https://lnkd.in/eqEEJriu

👉 𝐓𝐎𝐎𝐋𝐒 𝐀𝐍𝐃 𝐑𝐄𝐒𝐎𝐔𝐑𝐂𝐄𝐒
🌟 Scared by eshard - side-channel analysis framework
https://lnkd.in/eZhb_we3

🌟NewAE Technology Inc.’s Github repo
https://lnkd.in/eiuZDCfb

🌟Ledger Donjon’s repo by Ledger Security research team
https://lnkd.in/eEhA4FMh

🌟IoT-PT an OS for IoT pentest by v33ru
https://lnkd.in/evuB7X_Z

👉 𝐖𝐡𝐚𝐭 𝐚𝐛𝐨𝐮𝐭 𝐭𝐡𝐞 𝐬𝐭𝐚𝐧𝐝𝐚𝐫𝐝𝐬?
🌟 The OWASP® Foundation IoT Project:
https://lnkd.in/ev7TrRf9

🌟 NIST Cybersecurity for IOT Program
https://lnkd.in/eq8k8BwG

🌟 Hardware Security Module NIST
https://lnkd.in/eXcGvAwV

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Support & Share: t.me/undercodecommunity

This is the hub for Ethical Hackers and tech enthusiasts:

》Topics We Cover:

1️⃣ CVE News & Databases

2️⃣ Hacker & Tech News

3️⃣ Cybersecurity, Hacking, and Secret Methods

🌟 Our Mission:
Share your knowledge, collaborate, and grow together in a community designed for innovation and learning.

🔗 Join now: bit.ly/joinundercode

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Popular Exploit development library:

》Pwntools (https://github.com/Gallopsled/pwntools) is a popular CTF (Capture The Flag) framework and exploit development library written in Python. It provides tools and features that streamline the process of writing, testing, and executing exploits, especially for binary exploitation challenges.

Key Features:

- Automated Exploit Scripts**: Easily interact with remote or local binaries.

- ROP (Return Oriented Programming): Simplifies creating ROP chains.

- Tubes: Abstraction for handling sockets, SSH, or processes.
- Assembler/Disassembler: Integrates tools like Capstone and Keystone.

- Debugging Utilities: Interfaces with GDB for dynamic analysis.

- Custom Shellcodes: Generate shellcode tailored to your needs.

Requirements:
Pwntools is compatible with Python 3 and can be installed via pip:

pip install pwntools
Example Usage:
Here’s a basic example of using Pwntools to exploit a binary:
from pwn import *

# Connect to the remote service
conn = remote('example.com', 1337)

# Send payload
payload = b'A' * 64 + b'\xdeadbeef'
conn.sendline(payload)

# Interact with the shell
conn.interactive()
Check out the repository for detailed documentation and examples.

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑C++ scanner that retrieves tuples from a PostgreSQL database and scans them for malware:

Here’s a simple C++ scanner that connects to a PostgreSQL database to retrieve tuples and checks them for malware. In this example, I'll assume the tuples are strings that need to be compared against a predefined list of known malware signatures.

- Security: This example does not implement secure credential handling (such as using a .pgpass file) and lacks measures to protect against SQL injection.

- Malware Detection: The method for detecting malware here is quite basic. In a real application, you would want to employ more advanced techniques, potentially involving hash checks against a comprehensive database of malware signatures.

- Error Handling: It’s important to include proper error handling for code intended for production use.

- Dependencies: Make sure you have the libpqxx library installed, which provides the C++ API for PostgreSQL.

Ref: Maximilian Feldthusen
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🔒 A Year Later: #Tesla Sweden Defies Blockades, Leaving Unions Frustrated

https://undercodenews.com/a-year-later-tesla-sweden-defies-blockades-leaving-unions-frustrated/

@Undercode_News

🤖 Smart TV Automation with Modes and Routines: Elevate Your Viewing Experience

https://undercodenews.com/smart-tv-automation-with-modes-and-routines-elevate-your-viewing-experience/

@Undercode_News

🟠 Wazifa System 10: Cross-Site Scripting (XSS), #CVE-2024-12001 (MEDIUM)

https://dailycve.com/wazifa-system-10-cross-site-scripting-xss-cve-2024-12001-medium/

@DailyCVE

🔴 1000 Projects Library Management System 10, SQL Injection, #CVE-2024-12188 (Critical)

https://dailycve.com/1000-projects-library-management-system-10-sql-injection-cve-2024-12188-critical/

@Daily_CVE

🔴 PHPGurukul Complaint Management System 10: Critical SQL Injection (#CVE-2024-12230)

https://dailycve.com/phpgurukul-complaint-management-system-10-critical-sql-injection-cve-2024-12230/

@Daily_CVE

🔴 WeiYe-Jing datax-web 211: Remote Code Execution (#CVE-2024-12358) - Critical

https://dailycve.com/weiye-jing-datax-web-211-remote-code-execution-cve-2024-12358-critical/

@Daily_CVE

🔴 TP-Link VN020 F3v(T) SOAP Request Handler Buffer Overflow (#CVE-2024-12343) - Critical

https://dailycve.com/tp-link-vn020-f3vt-soap-request-handler-buffer-overflow-cve-2024-12343-critical/

@Daily_CVE

🔴 Online Class and Exam Scheduling System 10, SQL Injection, #CVE-2024-12360 (Critical)

https://dailycve.com/online-class-and-exam-scheduling-system-10-sql-injection-cve-2024-12360-critical/

@Daily_CVE

🟠 TOTOLINK EX1800T Stack Overflow Vulnerability (#CVE-2024-12352) - Medium

https://dailycve.com/totolink-ex1800t-stack-overflow-vulnerability-cve-2024-12352-medium/

@Daily_CVE

🔴 Online Notice Board Unrestricted Upload Vulnerability (#CVE-2024-12233 - Critical)

https://dailycve.com/online-notice-board-unrestricted-upload-vulnerability-cve-2024-12233-critical/

@Daily_CVE

🟠 SourceCodester Phone Contact Manager System 10, Improper Input Validation, #CVE-2024-12353 (Medium)

https://dailycve.com/sourcecodester-phone-contact-manager-system-10-improper-input-validation-cve-2024-12353-medium/

@Daily_CVE

🔴 PHPGurukul Complaint Management System 10: Critical SQL Injection (#CVE-2024-12228)

https://dailycve.com/phpgurukul-complaint-management-system-10-critical-sql-injection-cve-2024-12228/

@Daily_CVE

🔴 SourceCodester Petrol Pump Management #Software 10 Unrestricted File Upload (#CVE-2024-2059) - Critical

https://dailycve.com/sourcecodester-petrol-pump-management-software-10-unrestricted-file-upload-cve-2024-2059-critical/

@Daily_CVE

🟠 SourceCodester Best House Rental Management System 10, File Inclusion Vulnerability, #CVE-2024-12357 (Medium)

https://dailycve.com/sourcecodester-best-house-rental-management-system-10-file-inclusion-vulnerability-cve-2024-12357-medium/

@Daily_CVE