β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Network filtering-restore the default settings of iptables
instagram.com/undercodeTesting
/usr/local/sbin/iptables -P INPUT ACCEPT
/usr/local/sbin/iptables -P FORWARD ACCEPT
/usr/local/sbin/iptables -P OUTPUT ACCEPT
#
# reset the default policies in the nat table.
#
/usr/local/sbin/iptables -t nat -P PREROUTING ACCEPT
/usr/local/sbin/iptables -t nat -P POSTROUTING ACCEPT
/usr/local/sbin/iptables -t nat -P OUTPUT ACCEPT
#
# flush all the rules in the filter and nat tables.
#
/usr/local/sbin/iptables -F
/usr/local/sbin/iptables -t nat -F
#
# erase all chains that's not default in filter and nat table.
#
/usr/local/sbin/iptables -X
/usr/local/sbin/iptables -t nat -X'
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Network filtering-restore the default settings of iptables
instagram.com/undercodeTesting
/usr/local/sbin/iptables -P INPUT ACCEPT
/usr/local/sbin/iptables -P FORWARD ACCEPT
/usr/local/sbin/iptables -P OUTPUT ACCEPT
#
# reset the default policies in the nat table.
#
/usr/local/sbin/iptables -t nat -P PREROUTING ACCEPT
/usr/local/sbin/iptables -t nat -P POSTROUTING ACCEPT
/usr/local/sbin/iptables -t nat -P OUTPUT ACCEPT
#
# flush all the rules in the filter and nat tables.
#
/usr/local/sbin/iptables -F
/usr/local/sbin/iptables -t nat -F
#
# erase all chains that's not default in filter and nat table.
#
/usr/local/sbin/iptables -X
/usr/local/sbin/iptables -t nat -X'
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Network filtering-About the problems faced by three proxy gateways in one proxy
Three proxy gateways for 600 machines in the unnamed original LAN The server goes online, and the subnet is divided into three segments:
192.168.1.1/192.168.2.1/192.168.3.1 To save the machine source, I now want to use a proxy server without
changing the client's IP, mask, gateway (too many machines).
My iptables configuration is as follows:
#! / Bin / sh
/ sbin / modprobe ip_tables
/ sbin / modprobe ip_nat_ftp
/ sbin / modprobe ip_conntrack_ftp
/ sbin / iptables -F
/ sbin / iptables -F -t nat
/ sbin / iptables -X
/ sbin / iptables -Z
echo "1"> / proc / sys / net / ipv4 / ip_forward
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -t nat -A PREROUTING -p tcp -s 192.168.0.0/24 --dport 80 -j REDIRECT --to-port 3128
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth1 -j SNAT --to 210.183.14.22
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -A FORWARD -s 0/0 -d 0/0 -j ACCEPT
In addition, I use a proxy machine high? I use intel i7 as example CPU
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Network filtering-About the problems faced by three proxy gateways in one proxy
Three proxy gateways for 600 machines in the unnamed original LAN The server goes online, and the subnet is divided into three segments:
192.168.1.1/192.168.2.1/192.168.3.1 To save the machine source, I now want to use a proxy server without
changing the client's IP, mask, gateway (too many machines).
My iptables configuration is as follows:
#! / Bin / sh
/ sbin / modprobe ip_tables
/ sbin / modprobe ip_nat_ftp
/ sbin / modprobe ip_conntrack_ftp
/ sbin / iptables -F
/ sbin / iptables -F -t nat
/ sbin / iptables -X
/ sbin / iptables -Z
echo "1"> / proc / sys / net / ipv4 / ip_forward
iptables -P INPUT ACCEPT
iptables -P FORWARD ACCEPT
iptables -P OUTPUT ACCEPT
iptables -t nat -A PREROUTING -p tcp -s 192.168.0.0/24 --dport 80 -j REDIRECT --to-port 3128
iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth1 -j SNAT --to 210.183.14.22
iptables -t nat -A POSTROUTING -o eth1 -j MASQUERADE
iptables -A FORWARD -s 0/0 -d 0/0 -j ACCEPT
In addition, I use a proxy machine high? I use intel i7 as example CPU
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Network filtering-set up IP and MAC binding on Linux routing :
There are such requirements in some systems, I hope some of the internal network IP addresses are connected to the Internet, and hope that these
IP addresses will not be stolen by illegal users. This can be achieved by the following solutions:
1) First use ipchains or iptables to set only allow legitimate IP addresses to connect.
Establish IP / MAC bundling for legitimate IP. To discuss this issue, we first need to understand the working principle of the
ARP protocol . The ARP protocol is an abbreviation of Address Resolution Protocol. Its function and working principle are as follows:
In the underlying network communication, two nodes want to communicate with each other. You must first know the MAC addresses of the source and destination. In order
to allow the system to quickly find the MAC address of a remote node, each local kernel maintains an immediate
2) lookup table (called ARP cache). ARP contains a list that maps the IP address of the remote host to its corresponding MAC address. The
Address Resolution Protocol (ARP) cache is a data structure that is resident in memory, and its contents are managed
and maintained by the kernel of the local system . By default, the IP
address (and corresponding MAC address) of the node that the local system communicates with in the last ten minutes is retained in the ARP cache .
4) When the MAC address of a remote host exists in the ARP cache of the local host, there is no problem in converting the IP address of the remote node to the MAC
address. However, in many cases, the MAC address of the remote host does not exist in the local ARP cache,
What will the system do? When the IP address of a remote host is known, but the MAC address is not in the local ARP cache
, the following process is used to obtain the MAC address of the remote node: the
local host sends a broadcast packet to all nodes in the network, asking if There is a corresponding IP address. A node
(only one) will answer this ARP broadcast message. The MAC
address of the remote host will be included in the response packet . After receiving this return packet, the local node will record the MAC address of the remote node in the local ARP cache.
If we IP / MAC correspondence between the establishment of a fixed, that is, to establish a static MAC to those legitimate IP address of
the time should be the relationship, even if illegal users from stealing the IP address, connection linux router in response to these IP requests made
not Will query its MAC address through the ARP protocol, but use the static MAC address established by linux to send out the response data. In this way,
5) IP thieves will not get the response data, so they can not use network services.
6) The method of establishing static IP / MAC binding is to establish / etc / ethers file, which contains the correct IP / MAC correspondence
, the format is as follows:
192.168.2.32 08: 00: 4E: B0: 24: 47
and then in / etc / The last addition of rc.d / rc.local:
arp -f
can be
7) The iptables of the 2.4 kernel can limit both IP and MAC. Use this function to limit the
IP address and MAC address of the rules of legal IP at the same time .
---
end
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Network filtering-set up IP and MAC binding on Linux routing :
There are such requirements in some systems, I hope some of the internal network IP addresses are connected to the Internet, and hope that these
IP addresses will not be stolen by illegal users. This can be achieved by the following solutions:
1) First use ipchains or iptables to set only allow legitimate IP addresses to connect.
Establish IP / MAC bundling for legitimate IP. To discuss this issue, we first need to understand the working principle of the
ARP protocol . The ARP protocol is an abbreviation of Address Resolution Protocol. Its function and working principle are as follows:
In the underlying network communication, two nodes want to communicate with each other. You must first know the MAC addresses of the source and destination. In order
to allow the system to quickly find the MAC address of a remote node, each local kernel maintains an immediate
2) lookup table (called ARP cache). ARP contains a list that maps the IP address of the remote host to its corresponding MAC address. The
Address Resolution Protocol (ARP) cache is a data structure that is resident in memory, and its contents are managed
and maintained by the kernel of the local system . By default, the IP
address (and corresponding MAC address) of the node that the local system communicates with in the last ten minutes is retained in the ARP cache .
4) When the MAC address of a remote host exists in the ARP cache of the local host, there is no problem in converting the IP address of the remote node to the MAC
address. However, in many cases, the MAC address of the remote host does not exist in the local ARP cache,
What will the system do? When the IP address of a remote host is known, but the MAC address is not in the local ARP cache
, the following process is used to obtain the MAC address of the remote node: the
local host sends a broadcast packet to all nodes in the network, asking if There is a corresponding IP address. A node
(only one) will answer this ARP broadcast message. The MAC
address of the remote host will be included in the response packet . After receiving this return packet, the local node will record the MAC address of the remote node in the local ARP cache.
If we IP / MAC correspondence between the establishment of a fixed, that is, to establish a static MAC to those legitimate IP address of
the time should be the relationship, even if illegal users from stealing the IP address, connection linux router in response to these IP requests made
not Will query its MAC address through the ARP protocol, but use the static MAC address established by linux to send out the response data. In this way,
5) IP thieves will not get the response data, so they can not use network services.
6) The method of establishing static IP / MAC binding is to establish / etc / ethers file, which contains the correct IP / MAC correspondence
, the format is as follows:
192.168.2.32 08: 00: 4E: B0: 24: 47
and then in / etc / The last addition of rc.d / rc.local:
arp -f
can be
7) The iptables of the 2.4 kernel can limit both IP and MAC. Use this function to limit the
IP address and MAC address of the rules of legal IP at the same time .
---
end
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
FB.COM/UNDERCODETESTING
π¦πβπππΈπππππΈπππβ & βπβ :
Zip
1) wget -c https://github.com/danielmiessler/SecLists/archive/master.zip -O SecList.zip \
2) && unzip SecList.zip \
3) && rm -f SecList.zip
> Git (Small)
git clone --depth 1 https://github.com/danielmiessler/SecLists.git
Git (Complete)
git clone https://github.com/danielmiessler/SecLists.git
Kali Linux (Tool Page)
apt -y install seclists
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
FB.COM/UNDERCODETESTING
π¦πβπππΈπππππΈπππβ & βπβ :
Zip
1) wget -c https://github.com/danielmiessler/SecLists/archive/master.zip -O SecList.zip \
2) && unzip SecList.zip \
3) && rm -f SecList.zip
> Git (Small)
git clone --depth 1 https://github.com/danielmiessler/SecLists.git
Git (Complete)
git clone https://github.com/danielmiessler/SecLists.git
Kali Linux (Tool Page)
apt -y install seclists
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Facebook
Undercode Testing Company
https://Undercode.help
οΏ½CREATORS OF O7 SPYWARE | BUILDERS OF UNDERCODE OS | Hosting & PROG & CEH... Zgharta, Lebanon 1304
οΏ½CREATORS OF O7 SPYWARE | BUILDERS OF UNDERCODE OS | Hosting & PROG & CEH... Zgharta, Lebanon 1304
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 updated Weaponized web shell
π¦ FEATURES :
Shell access to the target
SQL console pivoting on the target
HTTP/HTTPS proxy to browse through the target
Upload and download files
Spawn reverse and direct TCP shells
Audit remote target security
Port scan pivoting on target
Mount the remote filesystem
Bruteforce SQL accounts pivoting on the target
π¦πβπππΈπππππΈπππβ & βπβ :
Linux
The following example runs on a Debian/Ubuntu derived Linux environments with Python 3.
# Make sure that the python package manager and yaml libraries are installed
$ sudo apt-get install -y python3 python3-pip curl
$ cd weevely3/
$ sudo pip3 install -r requirements.txt --upgrade
OS X
OS X requires Python3 to be installed in the system. Follow the following commands to install manually gnureadline Python package.
$ sudo pip3 install gnureadline
$ cd weevely3/
$ sudo pip3 install -r requirements.txt --upgrade
@uNDERCODEtESTING
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 updated Weaponized web shell
π¦ FEATURES :
Shell access to the target
SQL console pivoting on the target
HTTP/HTTPS proxy to browse through the target
Upload and download files
Spawn reverse and direct TCP shells
Audit remote target security
Port scan pivoting on target
Mount the remote filesystem
Bruteforce SQL accounts pivoting on the target
π¦πβπππΈπππππΈπππβ & βπβ :
Linux
The following example runs on a Debian/Ubuntu derived Linux environments with Python 3.
# Make sure that the python package manager and yaml libraries are installed
$ sudo apt-get install -y python3 python3-pip curl
$ cd weevely3/
$ sudo pip3 install -r requirements.txt --upgrade
OS X
OS X requires Python3 to be installed in the system. Follow the following commands to install manually gnureadline Python package.
$ sudo pip3 install gnureadline
$ cd weevely3/
$ sudo pip3 install -r requirements.txt --upgrade
@uNDERCODEtESTING
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Tool to look for several security related Android application vulnerabilities
T.me/undercodeTesting
π¦πβπππΈπππππΈπππβ & βπβ :
With pip (no security checks on requirements):
~ pip install --user qark # --user is only needed if not using a virtualenv
~ qark --help
With requirements.txt (security checks on requirements):
~ git clone https://github.com/linkedin/qark
~ cd qark
~ pip install -r requirements.txt
~ pip install . --user # --user is only needed if not using a virtualenv
~ qark --help
π¦Exploit APK
QARK can generate a basic exploit APK for a few of the vulnerabilities that have been found.
To generate the exploit APK there are a few steps to follow. You need to have the Android SDK v21 and build-tools v21.1.2
1) Install the android SDK, you can get it under the 'command line tools': https://developer.android.com/studio/#downloads
2) Unzip the android SDK
3) Go into the new directory and generate the licenses with bin/sdkmanager --licenses
4) Make sure the generated licenses are in the android SDK directory.
5) Install the SDK and the proper build-tools version: bin/sdkmanager --
6) install "platforms;android-21" "sources;android-21" "build-tools;21.1.2"
π¦Included in the types of security vulnerabilities this tool attempts to find are:
Inadvertently exported components
Improperly protected exported components
Intents which are vulnerable to interception or eavesdropping
Improper x.509 certificate validation
Creation of world-readable or world-writeable files
Activities which may leak data
The use of Sticky Intents
Insecurely created Pending Intents
Sending of insecure Broadcast Intents
Private keys embedded in the source
Weak or improper cryptography use
Potentially exploitable WebView configurations
Exported Preference Activities
Tapjacking
Apps which enable backups
Apps which are debuggable
Apps supporting outdated API versions, with known vulnerabilities
@uNDERCODEtESTING
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Tool to look for several security related Android application vulnerabilities
T.me/undercodeTesting
π¦πβπππΈπππππΈπππβ & βπβ :
With pip (no security checks on requirements):
~ pip install --user qark # --user is only needed if not using a virtualenv
~ qark --help
With requirements.txt (security checks on requirements):
~ git clone https://github.com/linkedin/qark
~ cd qark
~ pip install -r requirements.txt
~ pip install . --user # --user is only needed if not using a virtualenv
~ qark --help
π¦Exploit APK
QARK can generate a basic exploit APK for a few of the vulnerabilities that have been found.
To generate the exploit APK there are a few steps to follow. You need to have the Android SDK v21 and build-tools v21.1.2
1) Install the android SDK, you can get it under the 'command line tools': https://developer.android.com/studio/#downloads
2) Unzip the android SDK
3) Go into the new directory and generate the licenses with bin/sdkmanager --licenses
4) Make sure the generated licenses are in the android SDK directory.
5) Install the SDK and the proper build-tools version: bin/sdkmanager --
6) install "platforms;android-21" "sources;android-21" "build-tools;21.1.2"
π¦Included in the types of security vulnerabilities this tool attempts to find are:
Inadvertently exported components
Improperly protected exported components
Intents which are vulnerable to interception or eavesdropping
Improper x.509 certificate validation
Creation of world-readable or world-writeable files
Activities which may leak data
The use of Sticky Intents
Insecurely created Pending Intents
Sending of insecure Broadcast Intents
Private keys embedded in the source
Weak or improper cryptography use
Potentially exploitable WebView configurations
Exported Preference Activities
Tapjacking
Apps which enable backups
Apps which are debuggable
Apps supporting outdated API versions, with known vulnerabilities
@uNDERCODEtESTING
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers
π¦FEATURES :
This repository contains the mitmproxy and pathod projects.
1) mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets.
2) mitmdump is the command-line version of mitmproxy. Think tcpdump for HTTP.
3) mitmweb is a web-based interface for mitmproxy.
> pathoc and pathod are perverse HTTP client and server applications designed to let you craft almost any conceivable HTTP request, including ones that creatively violate the standards.
π¦πβπππΈπππππΈπππβ & βπβ :
While there are plenty of options around1, we recommend the installation using pipx:
1) Install a recent version of Python (we require at least 3.6).
2) Install pipx.
pipx install mitmproxy
3) To install additional Python packages, run pipx inject mitmproxy <your-package-name>.
π¦ WORK S ON :
> ANY LINUX DISTRO
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers
π¦FEATURES :
This repository contains the mitmproxy and pathod projects.
1) mitmproxy is an interactive, SSL/TLS-capable intercepting proxy with a console interface for HTTP/1, HTTP/2, and WebSockets.
2) mitmdump is the command-line version of mitmproxy. Think tcpdump for HTTP.
3) mitmweb is a web-based interface for mitmproxy.
> pathoc and pathod are perverse HTTP client and server applications designed to let you craft almost any conceivable HTTP request, including ones that creatively violate the standards.
π¦πβπππΈπππππΈπππβ & βπβ :
While there are plenty of options around1, we recommend the installation using pipx:
1) Install a recent version of Python (we require at least 3.6).
2) Install pipx.
pipx install mitmproxy
3) To install additional Python packages, run pipx inject mitmproxy <your-package-name>.
π¦ WORK S ON :
> ANY LINUX DISTRO
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦LiveCCN :
4355280077621713|09|2023|350 CCN MATCHED [Info: - ]
4355280644705866|06|2022|478 CCN MATCHED [Info: - ]
4355287658422585|11|2026|177 CCN MATCHED [Info: - ]
4355285026437772|09|2026|523 CCN MATCHED [Info: - ]
4355284624565357|12|2022|133 CCN MATCHED [Info: - ]
4355282530356333|10|2023|167 CCN MATCHED [Info: -
4355282468548448|07|2023|315 CCN MATCHED [Info: - ]
4355280355201774|06|2025|962 CCN MATCHED [Info: - ]
4355285041816737|01|2026|267 CCN MATCHED [Info: - ]
4355282010735162|05|2025|769 CCN MATCHED [Info: - ]
4355287363772852|01|2025|560 CCN MATCHED [Info: -
4355286264622562|04|2024|337 CCN MATCHED [Info: - ]
4355286817542614|03|2024|324 CCN MATCHED [Info: - ]
4355282687502648|07|2026|684 CCN MATCHED [Info: - ]
4355281517027123|02|2024|189 CCN MATCHED [Info: - ]
@UNDERCODEtESTING
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦LiveCCN :
4355280077621713|09|2023|350 CCN MATCHED [Info: - ]
4355280644705866|06|2022|478 CCN MATCHED [Info: - ]
4355287658422585|11|2026|177 CCN MATCHED [Info: - ]
4355285026437772|09|2026|523 CCN MATCHED [Info: - ]
4355284624565357|12|2022|133 CCN MATCHED [Info: - ]
4355282530356333|10|2023|167 CCN MATCHED [Info: -
4355282468548448|07|2023|315 CCN MATCHED [Info: - ]
4355280355201774|06|2025|962 CCN MATCHED [Info: - ]
4355285041816737|01|2026|267 CCN MATCHED [Info: - ]
4355282010735162|05|2025|769 CCN MATCHED [Info: - ]
4355287363772852|01|2025|560 CCN MATCHED [Info: -
4355286264622562|04|2024|337 CCN MATCHED [Info: - ]
4355286817542614|03|2024|324 CCN MATCHED [Info: - ]
4355282687502648|07|2026|684 CCN MATCHED [Info: - ]
4355281517027123|02|2024|189 CCN MATCHED [Info: - ]
@UNDERCODEtESTING
β β β ο½ππ»βΊπ«Δπ¬πβ β β β