β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Enumall β Subdomain Discovery Using Recon-ng & AltDNS :
t.me/UndercodeTesting
π¦INSTALLISATION & RUN :
1) Setting up Enumall for Subdomain Discovery
Install recon-ng from Source, clone the Recon-ng repository:
> git clone https://LaNMaSteR53@bitbucket.org/LaNMaSteR53/recon-ng.git
2) Change into the Recon-ng directory:
cd recon-ng
3) Install dependencies:
> pip install -r REQUIREMENTS
4) Link the installation directory to /usr/share/recon-ng
ln -s /$recon-ng_path /usr/share/recon-ng
5) Optionally (highly recommended) download:
β AltDNS
β A good subdomain bruteforce list (example here)
6) Create the config.py file and specify the path to Recon-ng and AltDNS as it showed in config_sample.py.
π¦ Basic Usage for Subdomain Enumeration
./enumall.py domain.com
> Also supports:
-w to run a custom wordlist with recon-ng
-a to use alt-dns
-p to feed a custom permutations list to alt-dns (requires -a flag)
-i to feed a list of domains (can also type extra domains into the original command)
> -i to feed a list of domains (can also type extra domains into the original command)
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Enumall β Subdomain Discovery Using Recon-ng & AltDNS :
t.me/UndercodeTesting
π¦INSTALLISATION & RUN :
1) Setting up Enumall for Subdomain Discovery
Install recon-ng from Source, clone the Recon-ng repository:
> git clone https://LaNMaSteR53@bitbucket.org/LaNMaSteR53/recon-ng.git
2) Change into the Recon-ng directory:
cd recon-ng
3) Install dependencies:
> pip install -r REQUIREMENTS
4) Link the installation directory to /usr/share/recon-ng
ln -s /$recon-ng_path /usr/share/recon-ng
5) Optionally (highly recommended) download:
β AltDNS
β A good subdomain bruteforce list (example here)
6) Create the config.py file and specify the path to Recon-ng and AltDNS as it showed in config_sample.py.
π¦ Basic Usage for Subdomain Enumeration
./enumall.py domain.com
> Also supports:
-w to run a custom wordlist with recon-ng
-a to use alt-dns
-p to feed a custom permutations list to alt-dns (requires -a flag)
-i to feed a list of domains (can also type extra domains into the original command)
> -i to feed a list of domains (can also type extra domains into the original command)
@UndercodeTesting
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Qewe ransomware:
t.me/UndercodeTesting
π¦ This is the detailed information of Qewe ransomware:
1) Ransomware family3 DJVU / STOP4 Ransomware
2) extension .qewe
3) Ransomware considerations _readme.txt
ransom From US $ 490 to US $ 980 (in Bitcoin)
contact helpdatarestore@firemail.cc , helpmanager@mail.ch
Detect5 Generik.CNMFSW , Generik.ETDNQBV , Backdoor: MSIL / Noancooe.A
3) Symptoms Your file (photo, video, document) has .qewe extension and you cannot open it
4) The encryption algorithm used by Qewe is AES-256. Therefore, if your document is encrypted with a specific decryption key, this is completely different and there are no other copies. The sad reality is that without a unique key, it is impossible to recover information.
5) If Qewe works in online mode, you will not be able to access the AES-256 key. It is stored on a remote server owned by a fraudster who promoted Qewe infection.
6) To get the decryption key, you should pay $ 980. To obtain payment details, the message in the message encourages the
π¦ Qewe ransomware:
t.me/UndercodeTesting
π¦ This is the detailed information of Qewe ransomware:
1) Ransomware family3 DJVU / STOP4 Ransomware
2) extension .qewe
3) Ransomware considerations _readme.txt
ransom From US $ 490 to US $ 980 (in Bitcoin)
contact helpdatarestore@firemail.cc , helpmanager@mail.ch
Detect5 Generik.CNMFSW , Generik.ETDNQBV , Backdoor: MSIL / Noancooe.A
3) Symptoms Your file (photo, video, document) has .qewe extension and you cannot open it
4) The encryption algorithm used by Qewe is AES-256. Therefore, if your document is encrypted with a specific decryption key, this is completely different and there are no other copies. The sad reality is that without a unique key, it is impossible to recover information.
5) If Qewe works in online mode, you will not be able to access the AES-256 key. It is stored on a remote server owned by a fraudster who promoted Qewe infection.
6) To get the decryption key, you should pay $ 980. To obtain payment details, the message in the message encourages the
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦CARDING Methods that are used by carders to steal sensitive information :
t.me/UndercodeTesting
1) Malware. Malware that is mostly used for carding includes these categories: Trojan horses, rootkits, backdoors, etc. Each of these viruses can be installed on the system without any permission asked and then used to get the backdoor access to the system.
> These viruses can hide deep in the system as long as they need to collect the required amount of personal data. They can track their victims by recording their keystrokes or taking the screenshots of their desktops while they are using the Internet. After collecting financial information and other sensitive data, they send it to their remote server.
> The latest threat to watch out is βBackoff virusβ, which is set to track PC users and steal their credit card data.
2) Phishing. People engaged in carding sometimes use phishing websites to trick users into revealing their financial information. These sites look like real login websites because they are developed by grabbing images from real websites and using URLs that are very close to the real ones. Also, victims can also receive fake email messages resembling reputable companies. They seek to make the victim reveal his/hers credit card number, expiration date, and similar sensitive information.
3) Carding forums. If the carder is not willing to use malware or if he/she simply does not know how to do that, he/she can use carding forums to receive needed information. Such forums have already become marketplaces used for such illegal activities as exchanging information related to stolen credit or debit card account numbers and similar data. The membership on such sites is usually paid, and only online nicknames can identify each of carders.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦CARDING Methods that are used by carders to steal sensitive information :
t.me/UndercodeTesting
1) Malware. Malware that is mostly used for carding includes these categories: Trojan horses, rootkits, backdoors, etc. Each of these viruses can be installed on the system without any permission asked and then used to get the backdoor access to the system.
> These viruses can hide deep in the system as long as they need to collect the required amount of personal data. They can track their victims by recording their keystrokes or taking the screenshots of their desktops while they are using the Internet. After collecting financial information and other sensitive data, they send it to their remote server.
> The latest threat to watch out is βBackoff virusβ, which is set to track PC users and steal their credit card data.
2) Phishing. People engaged in carding sometimes use phishing websites to trick users into revealing their financial information. These sites look like real login websites because they are developed by grabbing images from real websites and using URLs that are very close to the real ones. Also, victims can also receive fake email messages resembling reputable companies. They seek to make the victim reveal his/hers credit card number, expiration date, and similar sensitive information.
3) Carding forums. If the carder is not willing to use malware or if he/she simply does not know how to do that, he/she can use carding forums to receive needed information. Such forums have already become marketplaces used for such illegal activities as exchanging information related to stolen credit or debit card account numbers and similar data. The membership on such sites is usually paid, and only online nicknames can identify each of carders.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Protecting yourself from carding :
1) If you believe that a credit card fraudster targets you, you should waste no time and contact your bank. Please, let them know about your issues.
If your business was affected, you should also let all your customers know about that. Asking them to change their passwords and another login information is always a good idea.
2) To avoid programs that are used for identity theft, you should install a reliable anti-spyware. We highly recommend the following tools that have been tested by our team and received the biggest ranking: Reimage , SpyHunter 5.
3) Donβt forget to update your programs (security software as well) to avoid vulnerabilities. These βholesβ can be used for installing new malware on your computer that can additionally be used for tracking you and stealing your personal data.
4) Stay away from illegal websites, suspicious Facebook pages and email messages from unknown senders. Each of them can lead you to the loss of your sensitive information, including your financial data.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Protecting yourself from carding :
1) If you believe that a credit card fraudster targets you, you should waste no time and contact your bank. Please, let them know about your issues.
If your business was affected, you should also let all your customers know about that. Asking them to change their passwords and another login information is always a good idea.
2) To avoid programs that are used for identity theft, you should install a reliable anti-spyware. We highly recommend the following tools that have been tested by our team and received the biggest ranking: Reimage , SpyHunter 5.
3) Donβt forget to update your programs (security software as well) to avoid vulnerabilities. These βholesβ can be used for installing new malware on your computer that can additionally be used for tracking you and stealing your personal data.
4) Stay away from illegal websites, suspicious Facebook pages and email messages from unknown senders. Each of them can lead you to the loss of your sensitive information, including your financial data.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦SPAM TOOLS :
tfb.com/UndercodeTesting
The main categories of Spam Tools:
Depending on their functionality, Spam tools are usually divided into these categories:
1) E-mail extraction software. Such Spam tools are mostly used for collecting e-mail addresses from various websites, documents and other resources. Once they are collected, they are added to mailing lists and prepared for the use;
2) Mass mailing programs. This category of Spam Tools is usually used to spread email messages. They help spammers to send their emails to thousands of different recipients;
3) E-mail management programs. Such software can be applied for identifying and removing useless email addresses from the list of email recipients. These addresses usually include emails of specific organizations that are capable of identifying the owner of the Spam tool.
4) Referral spam. This technique is used to abuse websiteβs referrer and change its URL to a needed web page. By using it, spammers expect that websiteβs owner will see this link in his/hers Google analytics and will think that this site is important. Beware that the most of websites that rely on referrer spam are harmful and visiting them can cause infiltration of malware!
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦SPAM TOOLS :
tfb.com/UndercodeTesting
The main categories of Spam Tools:
Depending on their functionality, Spam tools are usually divided into these categories:
1) E-mail extraction software. Such Spam tools are mostly used for collecting e-mail addresses from various websites, documents and other resources. Once they are collected, they are added to mailing lists and prepared for the use;
2) Mass mailing programs. This category of Spam Tools is usually used to spread email messages. They help spammers to send their emails to thousands of different recipients;
3) E-mail management programs. Such software can be applied for identifying and removing useless email addresses from the list of email recipients. These addresses usually include emails of specific organizations that are capable of identifying the owner of the Spam tool.
4) Referral spam. This technique is used to abuse websiteβs referrer and change its URL to a needed web page. By using it, spammers expect that websiteβs owner will see this link in his/hers Google analytics and will think that this site is important. Beware that the most of websites that rely on referrer spam are harmful and visiting them can cause infiltration of malware!
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ SPAM TOOLS
T.me/UndercodeTesting
The most common characteristics of Spam messages:
1) Tricky address of the message sender. Spammers seek to make the user think that he/she received an email from the familiar person.
2) The eye-catching theme of the subject.
3) The content. Spam tools are usually set to spread emails filled with advertising content. Such messages can also promote links to third party websites (legitimate and illegal) and malicious email attachments.
4) No Reply address.
Unsubscribe button. This button has been actively used for spreading malware, so you should NEVER click it.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ SPAM TOOLS
T.me/UndercodeTesting
The most common characteristics of Spam messages:
1) Tricky address of the message sender. Spammers seek to make the user think that he/she received an email from the familiar person.
2) The eye-catching theme of the subject.
3) The content. Spam tools are usually set to spread emails filled with advertising content. Such messages can also promote links to third party websites (legitimate and illegal) and malicious email attachments.
4) No Reply address.
Unsubscribe button. This button has been actively used for spreading malware, so you should NEVER click it.
written by undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ SPAM TOOLS SITES :
t.me/UndercodeTesting
π¦ Examples of Spam Tools and spam by undercode:
1) 1st Mass Mailer is a Spam Tool also known as Mass Mailer. It is presented as a very powerful software dedicated for spreading personalized email messages. However, if this program gets into a spammerβs hands, he or she can use it for distributing malicious messages. The program allows creating an internal database and importing a list of subscribers into it.
> https://www.2-spyware.com/remove-1st-mass-mailer.html
2) βYou are cordially invited to celebrate our weddingβ. This is the latest Spam campaign, which was initiated with the help of the Spam Tool. It is known that this campaign was used to spread the worm called Kuluoz, which is considered a very serious cyber threat capable of stealing personal information. Security experts believe that there are thousands of people who have been tricked by this misleading email message. If you think that you could be one of them, you should immediately scan your computer with the reliable security tool. In this case, using an anti-spyware is highly recommended.
> https://www.2-spyware.com/remove-you-are-cordially-invited-to-celebrate-our-wedding-virus.html
3) Copyrightclaims.org is a referrer spam that may show up in your Google Analytics and falsify its data. Visiting this domain is not the best idea as this is a fake site used to collect visitorsβ traffic and redirect people to additional domains. Copyrightclaims.org referrer spam is mostly spread with the help of spam bots. While this link is not related to any copyright claims, it can increase your websiteβs load time, the bounce rate and may decrease the ranking.
WRITTEN BY UNDERCODERS
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ SPAM TOOLS SITES :
t.me/UndercodeTesting
π¦ Examples of Spam Tools and spam by undercode:
1) 1st Mass Mailer is a Spam Tool also known as Mass Mailer. It is presented as a very powerful software dedicated for spreading personalized email messages. However, if this program gets into a spammerβs hands, he or she can use it for distributing malicious messages. The program allows creating an internal database and importing a list of subscribers into it.
> https://www.2-spyware.com/remove-1st-mass-mailer.html
2) βYou are cordially invited to celebrate our weddingβ. This is the latest Spam campaign, which was initiated with the help of the Spam Tool. It is known that this campaign was used to spread the worm called Kuluoz, which is considered a very serious cyber threat capable of stealing personal information. Security experts believe that there are thousands of people who have been tricked by this misleading email message. If you think that you could be one of them, you should immediately scan your computer with the reliable security tool. In this case, using an anti-spyware is highly recommended.
> https://www.2-spyware.com/remove-you-are-cordially-invited-to-celebrate-our-wedding-virus.html
3) Copyrightclaims.org is a referrer spam that may show up in your Google Analytics and falsify its data. Visiting this domain is not the best idea as this is a fake site used to collect visitorsβ traffic and redirect people to additional domains. Copyrightclaims.org referrer spam is mostly spread with the help of spam bots. While this link is not related to any copyright claims, it can increase your websiteβs load time, the bounce rate and may decrease the ranking.
WRITTEN BY UNDERCODERS
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ ROGUE-MALWARE HOW WORK ?
t.me/UndercodeTesting
1) Blocking legitimate security software and websites. This is an important task in the functionality of rogue anti-spyware because it helps the virus to prevent its elimination from the system. The only way to unblock legitimate websites and launch legitimate anti-spyware is to remove the threat.
2) Causing continuous system scanners and warning messages. It may seem that Rogue anti-spyware software is capable of scanning computer just like legitimate anti-spyware. However, this activity is corrupted and used just for misleading the victim into thinking that his/hers computer is infected with tens or even hundreds of different threats. If the victim ignores the warning, rogue continues pretending to scan the system and keeps displaying its fake warning messages.
3) Slowing down the whole PCβs functionality. For trying to convince its victim that computer is seriously infected, the rogue anti-spyware can cause system slowdowns, system crashes, and similar performance-related issues.
4) Initiating redirects to its purchase page. From time to time, you can be redirected by a rogue anti-spyware to its purchase page. The most of such websites can be very dangerous, so it is not recommended visiting them
WRITTEN BY UNDERCODERS
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ ROGUE-MALWARE HOW WORK ?
t.me/UndercodeTesting
1) Blocking legitimate security software and websites. This is an important task in the functionality of rogue anti-spyware because it helps the virus to prevent its elimination from the system. The only way to unblock legitimate websites and launch legitimate anti-spyware is to remove the threat.
2) Causing continuous system scanners and warning messages. It may seem that Rogue anti-spyware software is capable of scanning computer just like legitimate anti-spyware. However, this activity is corrupted and used just for misleading the victim into thinking that his/hers computer is infected with tens or even hundreds of different threats. If the victim ignores the warning, rogue continues pretending to scan the system and keeps displaying its fake warning messages.
3) Slowing down the whole PCβs functionality. For trying to convince its victim that computer is seriously infected, the rogue anti-spyware can cause system slowdowns, system crashes, and similar performance-related issues.
4) Initiating redirects to its purchase page. From time to time, you can be redirected by a rogue anti-spyware to its purchase page. The most of such websites can be very dangerous, so it is not recommended visiting them
WRITTEN BY UNDERCODERS
β β β ο½ππ»βΊπ«Δπ¬πβ β β β