▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Website hacking github topic- linux :
pinterest.com/Undercode_Testing

🦑 𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ :

1) git clone https://github.com/koutto/jok3r.git

2) cd jok3r

3) Pull Jok3r Docker Image:

sudo docker pull koutto/jok3r
Run fresh Docker container:

5) sudo docker run -i -t --name jok3r-container -w /root/jok3r -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix --shm-size 2g --net=host koutto/jok3r


🦑 Notes:

-e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix is required in order to be able to start GUI applicationfrom the Docker container (e.g. open web browser to read reports). It requires running xhost +local:root on the host.
--shm-size 2g is used to increase the size of the shared memory, it is required to avoid crashs of web browser when reading reports from the Docker container.
--net=host is required to share host's interface. It is needed for reverse connections (e.g. Ping to container when testing for RCE, Getting a reverse shell)

6) To re-run a stopped container:

sudo docker start -i jok3r-container

7) To open multiple shells inside the container:

sudo docker exec -it jok3r-container bash

8) In order to update, just pull the latest Docker Image from Docker Hub and run a fresh container from this new image:

sudo docker pull koutto/jok3r
sudo docker run -i -t --name jok3r-container-updated -w /root/jok3r -e DISPLAY=$DISPLAY -v /tmp/.X11-unix:/tmp/.X11-unix --shm-size 2g

🦑FEATURES :

Selection of Tools: Compilation of 50+ open-source tools & scripts, from various sources.
Docker-based: Application packaged in a Docker image running Kali OS, available on Docker Hub.
Ready-to-use: All tools and dependencies installed, just pull the Docker image and run a fresh container.
Updates made easy: Easily keep the whole toolbox up-to-date by running only one command.
Easy Customization: Easily add/remove tools from a simple configuration file.
Network Infrastructure Security Assessment
Many supported Services: Target most common TCP/UDP services (HTTP, FTP, SSH, SMB, Oracle, MS-SQL, MySQL, PostgreSQL, VNC, etc.).
Combine Power of Tools: Each security check is performed by a tool from the toolbox. Attacks are performed by chaining security checks.
Context Awareness: Security checks to run are selected and adapted according to the context of the target (i.e. detected technologies, credentials, vulnerabilities, etc.).
Reconnaissance: Automatic fingerprinting (product detection) of targeted services is performed.
CVE Lookup: When product names and their versions are detected, a vulnerability lookup is performed on online CVE databases (using Vulners & CVE Details).
Vulnerability Scanning: Automatically check for common vulnerabilities and attempt to perform some exploitations (auto-pwn).
Brute-force Attack: Automatically check for default/common credentials on the service and perform dictionnary attack if necessary. Wordlists are optimized according to the targeted services.
Post-authentication Testing: Automatically perform some post-exploitation checks when valid credentials have been found.
Web Security Assessment
Large Focus on HTTP: More than 60 different security checks targeting HTTP supported for now.
Web Technologies Detection: Fingerprinting engine based on Wappalyzer is run prior to security checks, allowing to detect: Programming language, Framework, JS library, CMS, Web & Application Server.
Server Exploitation: Automatically scan and/or exploit most critical vulnerabilities (e.g. RCE) on web and application servers (e.g. JBoss, Tomcat, Weblogic, Websphere, Jenkins, etc.).
CMS Vulnerability Scanning: Automatically run vulnerability scanners on most common CMS (Wordpress, Drupal, Joomla, etc.).
Local Database & Reporting
Local Database: Data related to targets is organized by missions (workspaces) into a local Sqlite database that is kept updated during security testings.
Metasploit-like Interactive Shell: Access the database through an interactive shell with several built-in commands.
Import Targets from Nmap: Add targets to a mission either manually or by loading Nmap results.

Import Targets from Shodan: Add targets to a mission manually from shodan (need shodan API key).
Access all Results: All outputs from security checks, detected credentials and vulnerabilities are stored into the database and can be accessed easily.
Reporting: Generate full HTML reports with targets summary, web screenshots and all results from security testing.

🦑Tested by Undercode on :

> parrot

> ubuntu

> kali


@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 this image explain fonctional of this tool

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Termux -Linux
> git topic The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Turn paper tabletop exercises into controlled "live fire" range events. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
t.me/UndercodeTesting

🦑 𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ :

1) git clone https://github.com/TryCatchHCF/DumpsterFire.git

2) cd DumpsterFire

3) $ ./dumpsterFireFactory.py


dumpsterFireFactory.py - Menu-driven tool for creating, configuring, scheduling, and executing DumpsterFires

FireModules/ - Directory that contains subdirectories of Fires, each subdirectory is a specific Category of Fires to keep your Fire modules organized. Fires are added to a DumpsterFire to create a chain of events and actions.

DumpsterFires/ - Directory containing your collection of DumpsterFires

igniteDumpsterFire.py - Headless script, invoked at command line with the filename of the DumpsterFire you wish to execute. Useful for igniting distributed DumpsterFires.

testFireModule.py - Utility script for unit testing the Class methods of your custom Fire modules, without the hassle of running through the entire DumpsterFire Factory process to debug. Also useful for running a single Fire to check your settings. testFireModule.py will prompt you for configuration settings were applicable.

__init__.py files - Required to make Python treat directories as containing Python packages, allows DumpsterFire toolset to find and load Fire modules.

🦑 TESTED BY UNDERCODE ON :

> kali

@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 CARDING FOR LEARN !


Carding tutorial-MONEYGRAM's carding and transmission of stolen credit cards
MONEYGRAM combs and transmits the stolen credit card
（Are combed and transmission from a stolen credit card ）
How to do bank transfer from credit card
So, have you heard that hackers do bank transfers and you are so eager to be yourself? This is a comprehensive guide on how to get started.
Type of transmission


🦑 There are so many ways to do hacker bank transfer, 1 ST via online banking information of phishing or spam victims. The second method is to cancel the credit card information attacked by a hacker with a bank account. For the purpose of this course, I will teach you how to do stolen / hacked cvvs bank transfer.
Required tools
· Bank account (US or UK or Canada)
· VPN / Socks
· Credit Card Information
· Merchant account (CVV for charging)
Get bank account

> This is undesirable to you, so you need a fake bank information to use real bank account information to make this transfer. This is a very simple way to get bank details in and out of the US. Let us assume that you are in the US, but if you are in the US, you should bypass the first step.

1) Log in to www.myus.com to buy a virtual address in the United States. Although you are not physically in the United States, this will become your own address in the United States. Any items or products sent to this address will be transferred back to your real address in your country. Note: You need this address so that you can connect to the ATM card in your bank account.

2) After you have purchased the address, you have found the hacker and bought a good fullz. The fullz includes the card details, SSN, DOB. After you buy it, log in to www.accountnow.com and use the SSN details you bought to open an account. The nuclear submarine will be used as a means of checking the accountnow.com account and it will cause them to issue a bank account to any bank in the US After verifying your accountnow.com, connect to them to send you the address in the United States, bank details, ATM card, which means you have to use the address myus.com you bought. They will send the card to your address within 4 @ undercodetesting working days and myus.com will now reship its real address in your country. You now have a bank account and your debit card is ready.
VPN and socks

3) You can go to www.hidemyass.com to get good VPN support for all countries. In order to get socks 5, you can just Google Socks 5 and a link will appear for you to purchase and download.
Get fresh credit and debit card details
This is the key to transfer and the most important part to get good credit card details, please check our credit card store www.cardsmarket.su. It's an Empire with more than 1 million credit card details and you can buy it for as low as $ 5.

3) Set up your merchant account
Note: The merchant account will enable you to purchase your afterwards, transfer the card to your bank account to charge money. Since you do n’t have an online store and you do n’t sell anything to do, you will have to use their own business account through a website that raises funds. Now log in to www.gofundme.com, set up an account with them, and set up a campaign for them, if you do n’t know how to set up the campaign, go to www.indiegogo.com and copy any activity you choose. Now your campaign is set up and ready to receive funds.
Generate money and make transfers

4) Now you can do this. This step shows how to generate $$. Log in to www.cardsmarket.su to buy any card of your choice. After purchasing your card, please pay attention to the country, city and address of the credit card. Your VPN is connected to the country of the card, after which use your sock 5 to connect to the city card. Let's assume you bought an American card and the city of Rochester in New York, all you need to do is connect your VPN to New York, USA, and then connect your socks to New York, Rochester at 5. Once connected, it will appear in the credit card company, whose real owner is to do the transaction. Now go to your event page, click donate, it will take you to a secure payment page, enter the credit card information and submit. The card will be charged and the money will go directly to your account on gofundme.com.


5) Note: Do not charge more than $ 200 on the card, let's say you buy ten credit cards and charge $ 200 per card 10 times, you will find that you are taking $ 2000 per day
Withdraw your money to your bank account

6) In the account of the campaign, you will see all the money you have charged from the credit card to live in the account, now your cPanel money, navigate to you to see the exit, click on it. Then it will redirect you to the page that will create an account with wepay. Use your obtained bank account information to set up your wepay account from accountnow.com. Once your wepay account is set up, go back to gofundme.com, click quit, and your $ 2000 will immediately enter your wepay account now.

7) Note: Wepay will process $ 2000 account information, please provide within two or three working days.

8) After you receive the money in the bank account, you can now log in to accountnow.com and transfer money online to any other bank account, you can also use your debit card to withdraw money, or you can send money from your cPanel through Moneygram. You can send nony g to yourself or any institution and ward, go to the store and pick it up.
Now, you can generate as much money as you want for yourself.

written by undercode
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Carding tutorial --- How to CC Cashout PayPal (How to return CVV to PayPal wallet ? by undercode :

CC refunds through PayPal > trick deepweb
1. You need a Socks5 with the same good condition. You must like fresh stickers within 5 minutes, otherwise it will reduce the chance.


2. PP must be very fresh and ready to use.


3. You must use Mozilla Firefox and


4. Clear the cache and use CCleaner.


5. Log in to your real PayPal and make a buy button now


6. Go to blogspot.com or accept any HTML other website


7. Now create a buy button or donate this is your choice.


8. After creating the HTML button placed on BlogSpot and checking if it works.


9. Now after checking, now work closely with Firefox and clean cache and use CCleaner


10. Open Firefox and freshen the socks.


11. Go to BlogSpot with the buy now button or donate.


12. Now use the PP balance or Cc connected to it for charging.


13. You will be successful


14 donations per cubic centimeter


15. To do it, you just transfer the money in your account.


16. Load the account, then transfer to another PayPal then refund the money to the bank account or spend.


Do not use this method with your real PayPal. PayPal can still be charged back if the boss reports fraudulent charges on their credit card


@undercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 The whole process of washing materials 2020 latest washing materials cvv-carding tutorial by Undercode-Testing
instagram.com/UndercodeTesting

🦑 𝕃𝔼𝕋'𝕊 𝕊𝕋𝔸ℝ𝕋 :


Now we have cleared the basic concepts and started with the actual process of combing.
Set up SOCKS proxy in Firefox:

> follow these steps to open Firefox, to go to select to advanced options to network to


A pop-up window will come. It will show options

No agent 2. Automatic detection 3. Use system agent 4. Manual agent configuration

Select manual proxy configuration. Enter the socks host: << proxy ip >> and port: << proxy port >> For example: 141.141.141.141:8080. Press ok and restart Firefox. Now you are connected to the secure Socks5 J

Note: When buying socks, always match the address of the credit card holder. If the credit card holder is from California, the United States, try to make SOCKS5 at least match the state, country J

Guys are now starting to sort out the process. Please follow the steps below:

Create an email ID that matches the name of the credit card holder. If his name is John Cena (random name is taken), then the email ID should be johncena92@gmail.com or close to it.
Now run RDP and connect to the credit card holder location system to continue. If you do not have an RDP, please follow the steps below.
Turn on the MAC converter and change the address randomly.
Run CCleaner and clear all unnecessary data (cookies / history / temporary data, etc.).
Set up SOCKS5 proxy in Firefox. "It has already been explained."
Be sure to use SOCK5 to match the location of the credit card holder, and be careful not to use blacklisted IP. Please visit www.check2ip.com to
open the website for shopping. I want to recommend a website store in your country because you do n’t need to wait for many packages.
Registered credit card holder information (John Cena), name, country, city, address and email.
Shop and select your products and add to cart. Note: The first step is to choose a project that does not exceed US $ 500.
Add the address or address where the product will be delivered to the shipping address.
Then go to the payment page and select a payment method such as credit card.
Enter all the details of the credit card manually, because most websites have copy-and-paste detector scripts.
Finally, add the credit card owner ’s address information to the billing address and continue the payment process.
If all goes well, then the order will be placed successfully.
After the order arrives at the delivery address, it is received from the delivery person.
(If the delivery person asks for proof, very few people will arrange a fake ID).
Method of combing using mobile phone:

Extra pro carder uses a mobile phone for carding. If you follow the steps carefully, you will do the same.

basic requirements:

Android phone that requires root.
Several applications need to be installed (agent application, CCleaner, IMEI converter, photo and Android ID converter).
You can use any VPN for combing, I suggest using HMA or Zen pairing.
You can use SOCKS5 proxy with proxy robot application.
In addition, continue to use IMEI and Android ID changer and perform this operation.
Now use SOCKS5 proxy to connect the proxy robot and connect it.
Now, follow all the steps explained above J
Reference site:

CC from the store → [The freshest CC store

Buy socks from à www.vip72.com

Download CCleaner's software à www.piriform.com/ccleaner

Download MAC address translation à www.zokali.com/win7-mac-addresschanger

Download SOCKS Check à www.socksproxychecker.com

Acronyms:

BIN: Bank Identification Number
CC: Credit Card
CCN: Credit Card Number
CVV / CVV2: Credit Verification Value (Card Security Code)
SSN: Social Security Number
MMN: Mother ’s
Last Surname DOB: Date of Birth
COB: Bill Change
VBV: Visa Verification
MCSC: Master Card Security code
POS: Point of sale
VPN: Virtual private network
BTC: Bitcoin


WRITTEN BY UNDERCODE
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 full carding tutorials use for learn Only !

🦑 FREE CCAM SERVER FOR EUROP CHANNELS FOR 1 K USERS BY UNDERCODE :

Your Free CCcam line is :

> C: fast1.mycccam24.com 21100 jequue mycccam24

and it will expire=2020-05-02

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁