Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π‘οΈ Stalemate on EU Chat Control: Balancing Privacy and Combating Child Abuse
https://undercodenews.com/stalemate-on-eu-chat-control-balancing-privacy-and-combating-child-abuse/
@Undercode_News
https://undercodenews.com/stalemate-on-eu-chat-control-balancing-privacy-and-combating-child-abuse/
@Undercode_News
UNDERCODE NEWS
Stalemate on EU Chat Control: Balancing Privacy and Combating Child Abuse - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
π #Google's Project Mariner: Your #AI Web Assistant
https://undercodenews.com/googles-project-mariner-your-ai-web-assistant/
@Undercode_News
https://undercodenews.com/googles-project-mariner-your-ai-web-assistant/
@Undercode_News
UNDERCODE NEWS
Google's Project Mariner: Your AI Web Assistant - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
Zomato Faces Rs 800 Crore Tax Demand: A Potential Setback
https://undercodenews.com/zomato-faces-rs-800-crore-tax-demand-a-potential-setback/
@Undercode_News
https://undercodenews.com/zomato-faces-rs-800-crore-tax-demand-a-potential-setback/
@Undercode_News
UNDERCODE NEWS
Zomato Faces Rs 800 Crore Tax Demand: A Potential Setback - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
β‘οΈ Fiverr's New #AI Tool: A Game Changer for Freelancers?
https://undercodenews.com/fiverrs-new-ai-tool-a-game-changer-for-freelancers/
@Undercode_News
https://undercodenews.com/fiverrs-new-ai-tool-a-game-changer-for-freelancers/
@Undercode_News
UNDERCODE NEWS
Fiverr's New AI Tool: A Game Changer for Freelancers? - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE TESTING
π¦Bug bounty tips β¨
Xss π° Methodology π―
1- Pick a target
2- Do Full depth Subdomain enumeration using Subfinder( along API'S ) and use webcopilot or SubDomz and various subdomains finder tools in one liner and also ones perform subdomain bruteforicng and save it in a file.!!
3- subfinder -d example.com -all >> subs.txt
4- cat subs.txt | httpx -o alive-subs.txt
hashtag#Method-1 ( Using Dalfox )
1- katana -u alive-subs.txt -o endpoints-1.txt
2- waybackurls http://example.com | grep = | tee endpoints-2.txt
3- ./gau example.com >> endpoints-3.txt
4- paramspider -d example.com
5 - cat alive-subs.txt | hakrawler | tee -a endpoints-5.txt
6- cat endpoints.txt | uro | tee -a endpoints-uro.txt ( Combine all URLS )
7- cat endpoints-uro.txt | Gxss | dalfox pipe --multicast --skip-mining-all (Accurate also ) ( Here Gxss helps us when payload is injected is reflecting back ?? and I used skip mining because already we got urls nah ! if want remove it )
[ OR ]
8- dalfox url http://example.com --custom-payload payloads.txt ( Simple Scan )
Method-2 ( Using XSS_vibes )
1- katana -u alive-subs.txt -o endpoints-1.txt
2- waybackurls http://example.com | grep = | tee endpoints-2.txt
3- ./gau example.com >> endpoints-3.txt
4- paramspider -d example.com
5 - cat alive-subs.txt | hakrawler | tee -a endpoints-5.txt
6- cat endpoints.txt | uro | tee -a endpoints-uro.txt
7- cat endpoints-uro.txt | ./gf xss | sed 's/=.*/=/' -o output.txt
8- python3 main.py -f input.txt -o <output>
Note :- if u can use Alternative of xss automation Tool For better Result U can Use
Xssorv2 Ibrahim HusiΔ Tool it's effective and 100 Acuracy π―
Ref: Linkedin_stuffs
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Xss π° Methodology π―
1- Pick a target
2- Do Full depth Subdomain enumeration using Subfinder( along API'S ) and use webcopilot or SubDomz and various subdomains finder tools in one liner and also ones perform subdomain bruteforicng and save it in a file.!!
3- subfinder -d example.com -all >> subs.txt
4- cat subs.txt | httpx -o alive-subs.txt
hashtag#Method-1 ( Using Dalfox )
1- katana -u alive-subs.txt -o endpoints-1.txt
2- waybackurls http://example.com | grep = | tee endpoints-2.txt
3- ./gau example.com >> endpoints-3.txt
4- paramspider -d example.com
5 - cat alive-subs.txt | hakrawler | tee -a endpoints-5.txt
6- cat endpoints.txt | uro | tee -a endpoints-uro.txt ( Combine all URLS )
7- cat endpoints-uro.txt | Gxss | dalfox pipe --multicast --skip-mining-all (Accurate also ) ( Here Gxss helps us when payload is injected is reflecting back ?? and I used skip mining because already we got urls nah ! if want remove it )
[ OR ]
8- dalfox url http://example.com --custom-payload payloads.txt ( Simple Scan )
Method-2 ( Using XSS_vibes )
1- katana -u alive-subs.txt -o endpoints-1.txt
2- waybackurls http://example.com | grep = | tee endpoints-2.txt
3- ./gau example.com >> endpoints-3.txt
4- paramspider -d example.com
5 - cat alive-subs.txt | hakrawler | tee -a endpoints-5.txt
6- cat endpoints.txt | uro | tee -a endpoints-uro.txt
7- cat endpoints-uro.txt | ./gf xss | sed 's/=.*/=/' -o output.txt
8- python3 main.py -f input.txt -o <output>
Note :- if u can use Alternative of xss automation Tool For better Result U can Use
Xssorv2 Ibrahim HusiΔ Tool it's effective and 100 Acuracy π―
Ref: Linkedin_stuffs
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
β‘οΈ ViewSonic Unveils New Monitor Lineup: A Blend of Innovation and Performance
https://undercodenews.com/viewsonic-unveils-new-monitor-lineup-a-blend-of-innovation-and-performance/
@Undercode_News
https://undercodenews.com/viewsonic-unveils-new-monitor-lineup-a-blend-of-innovation-and-performance/
@Undercode_News
UNDERCODE NEWS
ViewSonic Unveils New Monitor Lineup: A Blend of Innovation and Performance - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
β‘οΈ Informative #WhatsApp Enhances Calling Experience with New Features
https://undercodenews.com/informative-whatsapp-enhances-calling-experience-with-new-features/
@Undercode_News
https://undercodenews.com/informative-whatsapp-enhances-calling-experience-with-new-features/
@Undercode_News
UNDERCODE NEWS
Informative WhatsApp Enhances Calling Experience with New Features - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
The Pursuit of Truth in #AI: Elon Musk's Critique
https://undercodenews.com/the-pursuit-of-truth-in-ai-elon-musks-critique/
@Undercode_News
https://undercodenews.com/the-pursuit-of-truth-in-ai-elon-musks-critique/
@Undercode_News
UNDERCODE NEWS
The Pursuit of Truth in AI: Elon Musk's Critique - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from DailyCVE
π΄ Online Class and Exam Scheduling System 10: Critical SQL Injection (#CVE-2024-12487)
https://dailycve.com/online-class-and-exam-scheduling-system-10-critical-sql-injection-cve-2024-12487/
@DailyCVE
https://dailycve.com/online-class-and-exam-scheduling-system-10-critical-sql-injection-cve-2024-12487/
@DailyCVE
DailyCVE
Online Class and Exam Scheduling System 10: Critical SQL Injection (CVE-2024-12487) - DailyCVE
2024-12-12 : A critical SQL injection vulnerability (CVE-2024-12487) has been identified in the `room_update.php` file of Online Class and Exam [β¦]
Forwarded from DailyCVE
π΄ Apache Fineract, SQL Injection, #CVE-2024-23538 (CRITICAL)
https://dailycve.com/apache-fineract-sql-injection-cve-2024-23538-critical/
@Daily_CVE
https://dailycve.com/apache-fineract-sql-injection-cve-2024-23538-critical/
@Daily_CVE
DailyCVE
Apache Fineract, SQL Injection, CVE-2024-23538 (CRITICAL) - DailyCVE
2024-12-12 This article describes a critical vulnerability (CVE-2024-23538) affecting Apache Fineract versions before 1.8.5. This vulnerability is classified as an [β¦]
Forwarded from DailyCVE
π΄ Tenda AC10U Router Stack-Based Buffer Overflow (#CVE-2024-2764) - Critical
https://dailycve.com/tenda-ac10u-router-stack-based-buffer-overflow-cve-2024-2764-critical/
@Daily_CVE
https://dailycve.com/tenda-ac10u-router-stack-based-buffer-overflow-cve-2024-2764-critical/
@Daily_CVE
DailyCVE
Tenda AC10U Router Stack-Based Buffer Overflow (CVE-2024-2764) - Critical - DailyCVE
2024-12-12 : A critical stack-based buffer overflow vulnerability was discovered in Tenda AC10U router firmware version 15.03.06.48. This vulnerability exists [β¦]
Forwarded from DailyCVE
π΄ Codezips Technical Discussion Forum 10 - SQL Injection (#CVE-2024-12484 - Critical)
https://dailycve.com/codezips-technical-discussion-forum-10-sql-injection-cve-2024-12484-critical/
@Daily_CVE
https://dailycve.com/codezips-technical-discussion-forum-10-sql-injection-cve-2024-12484-critical/
@Daily_CVE
DailyCVE
Codezips Technical Discussion Forum 10 - SQL Injection (CVE-2024-12484 - Critical) - DailyCVE
2024-12-12 : A critical SQL injection vulnerability (CVE-2024-12484) has been identified in Codezips Technical Discussion Forum version 1.0. This vulnerability [β¦]
Forwarded from DailyCVE
π΄ Online Class and Exam Scheduling System 10 Critical SQL Injection (#CVE-2024-12485)
https://dailycve.com/online-class-and-exam-scheduling-system-10-critical-sql-injection-cve-2024-12485/
@Daily_CVE
https://dailycve.com/online-class-and-exam-scheduling-system-10-critical-sql-injection-cve-2024-12485/
@Daily_CVE
DailyCVE
Online Class and Exam Scheduling System 10 Critical SQL Injection (CVE-2024-12485) - DailyCVE
2024-12-12 Vulnerability : A critical SQL injection vulnerability exists in Online Class and Exam Scheduling System 1.0. This vulnerability affects [β¦]
Forwarded from DailyCVE
π΄ Gutenberg Blocks by Kadence Blocks Plugin Vulnerable to Stored XSS (#CVE-2024-1541 - Critical)
https://dailycve.com/gutenberg-blocks-by-kadence-blocks-plugin-vulnerable-to-stored-xss-cve-2024-1541-critical/
@Daily_CVE
https://dailycve.com/gutenberg-blocks-by-kadence-blocks-plugin-vulnerable-to-stored-xss-cve-2024-1541-critical/
@Daily_CVE
DailyCVE
Gutenberg Blocks by Kadence Blocks Plugin Vulnerable to Stored XSS (CVE-2024-1541 - Critical) - DailyCVE
2024-12-12 This blog post discusses CVE-2024-1541, a critical Stored Cross-Site Scripting (XSS) vulnerability affecting the Gutenberg Blocks by Kadence Blocks [β¦]
Forwarded from DailyCVE
π΄ Online Class and Exam Scheduling System 10 Critical SQL Injection (#CVE-2024-12489)
https://dailycve.com/online-class-and-exam-scheduling-system-10-critical-sql-injection-cve-2024-12489/
@Daily_CVE
https://dailycve.com/online-class-and-exam-scheduling-system-10-critical-sql-injection-cve-2024-12489/
@Daily_CVE
DailyCVE
Online Class and Exam Scheduling System 10 Critical SQL Injection (CVE-2024-12489) - DailyCVE
2024-12-12 : A critical SQL injection vulnerability (CVE-2024-12489) has been identified in the code-projects Online Class and Exam Scheduling System [β¦]
Forwarded from DailyCVE
π΄ GitLab CE/EE, Denial of Service, #CVE-2024-2829 (High)
https://dailycve.com/gitlab-ce-ee-denial-of-service-cve-2024-2829-high/
@Daily_CVE
https://dailycve.com/gitlab-ce-ee-denial-of-service-cve-2024-2829-high/
@Daily_CVE
DailyCVE
GitLab CE/EE, Denial of Service, CVE-2024-2829 (High) - DailyCVE
2024-12-12 Platform: GitLab CE/EE Version: 12.5 before 16.9.6, 16.10 before 16.10.4, 16.11 before 16.11.1 Vulnerability: Unauthenticated ReDoS in FileFinder with [β¦]
Forwarded from DailyCVE
π΄ Online Class and Exam Scheduling System 10, SQL Injection, #CVE-2024-12488 (Critical)
https://dailycve.com/online-class-and-exam-scheduling-system-10-sql-injection-cve-2024-12488-critical/
@Daily_CVE
https://dailycve.com/online-class-and-exam-scheduling-system-10-sql-injection-cve-2024-12488-critical/
@Daily_CVE
DailyCVE
Online Class and Exam Scheduling System 10, SQL Injection, CVE-2024-12488 (Critical) - DailyCVE
2024-12-12 : A critical SQL injection vulnerability was discovered in the `pages/subject_update.php` file of Online Class and Exam Scheduling System [β¦]
Forwarded from DailyCVE
π΄ Apache Fineract, SQL Injection, #CVE-2024-23539 (HIGH)
https://dailycve.com/apache-fineract-sql-injection-cve-2024-23539-high/
@Daily_CVE
https://dailycve.com/apache-fineract-sql-injection-cve-2024-23539-high/
@Daily_CVE
DailyCVE
Apache Fineract, SQL Injection, CVE-2024-23539 (HIGH) - DailyCVE
2024-12-12 This article describes a vulnerability (CVE-2024-23539) in Apache Fineract versions before 1.8.5. This vulnerability is rated HIGH severity and [β¦]
Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)
β οΈ EU #AI Act: A Closer Look at Systemic Risks in the First CoP Draft Comments
https://undercodenews.com/eu-ai-act-a-closer-look-at-systemic-risks-in-the-first-cop-draft-comments/
@Undercode_News
https://undercodenews.com/eu-ai-act-a-closer-look-at-systemic-risks-in-the-first-cop-draft-comments/
@Undercode_News
UNDERCODE NEWS
EU AI Act: A Closer Look at Systemic Risks in the First CoP Draft Comments - UNDERCODE NEWS
Undercode News was founded in order to provide the most useful information in the world of hacking and technology. Staffed 24/24 hours, seven days a week by a dedicated team in undercode around the world, so it can provide an environment of information andβ¦
Forwarded from UNDERCODE TESTING
π¦Ai Model for Hackers:
4 Security AI for Pentesting
>>
Tools Included
1οΈβ£Nmap: A network scanning tool used to discover hosts and services on a computer network.
2οΈβ£Metasploit (msploit): A penetration testing framework for exploiting known vulnerabilities.
3οΈβ£John the Ripper (jtr): A password cracking software used to test password strength and recover lost passwords.
4οΈβ£Social Engineering Toolkit (SET): A collection of tools for conducting social engineering attacks.
>> Structure
The model has been trained to detect commands formatted to specify the tool being used. Each command or query is associated with one of the four tools, allowing for precise classification.
Example:
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β
4 Security AI for Pentesting
>>
This model is designed to accurately detect and classify commands associated with four essential security tools used in pentesting: Nmap, Metasploit, John the Ripper, and the Social Engineering Toolkit (SET). It leverages a Naive Bayes classifier trained on a comprehensive dataset of commands for these tools, enhancing the accuracy and effectiveness of recognizing and categorizing such commands.
Tools Included
1οΈβ£Nmap: A network scanning tool used to discover hosts and services on a computer network.
2οΈβ£Metasploit (msploit): A penetration testing framework for exploiting known vulnerabilities.
3οΈβ£John the Ripper (jtr): A password cracking software used to test password strength and recover lost passwords.
4οΈβ£Social Engineering Toolkit (SET): A collection of tools for conducting social engineering attacks.
>> Structure
The model has been trained to detect commands formatted to specify the tool being used. Each command or query is associated with one of the four tools, allowing for precise classification.
Example:
import pandas as pd
from sklearn.model_selection import train_test_split
from sklearn.feature_extraction.text import TfidfVectorizer
from sklearn.naive_bayes import MultinomialNB
from sklearn.metrics import classification_report
import joblib
# Load the dataset from the txt file
data_path = 'trainingdata.txt'
data = []
# Read the file and parse the data
with open(data_path, 'r') as file:
lines = file.readlines()
for line in lines:
# Split each line into question and tool by the last comma
parts = line.rsplit(', "', 1)
if len(parts) == 2:
question = parts[0].strip().strip('"')
tool = parts[1].strip().strip('",')
data.append((question, tool))
# Create a DataFrame
df = pd.DataFrame(data, columns=['question', 'tool'])
# Split the data
X_train, X_test, y_train, y_test = train_test_split(df['question'], df['tool'], test_size=0.2, random_state=42)
# Vectorize the text data
vectorizer = TfidfVectorizer()
X_train_vectorized = vectorizer.fit_transform(X_train)
X_test_vectorized = vectorizer.transform(X_test)
# Train a Naive Bayes classifier
clf = MultinomialNB()
clf.fit(X_train_vectorized, y_train)
# Make predictions
y_pred = clf.predict(X_test_vectorized)
# Print the classification report
print(classification_report(y_test, y_pred))
# Save the model and vectorizer
joblib.dump(clf, 'findtool_model.pkl')
joblib.dump(vectorizer, 'vectorizer.pkl')
@UndercodeCommunity
β β β Uππ»βΊπ«Δπ¬πβ β β β