β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems
t.me/UndercodeTesting
π¦ππΌπ'π πππΈβπ :
1) Clone or download the project files (no compilation nor installation is required) ;
git clone https://github.com/CISOfy/lynis
Execute:
2) cd lynis; ./lynis audit system
> If you want to run the software as root, we suggest changing the ownership of the files. Use chown -R 0:0 to recursively alter the owner and group and set it to user ID 0 (root).
π¦FEATURES :
System administrators
Auditors
Security officers
Penetration testers
Security professionals
Automated security auditing
Compliance testing (e.g. ISO27001, PCI-DSS, HIPAA)
Vulnerability detection
β VERIFIED
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems
t.me/UndercodeTesting
π¦ππΌπ'π πππΈβπ :
1) Clone or download the project files (no compilation nor installation is required) ;
git clone https://github.com/CISOfy/lynis
Execute:
2) cd lynis; ./lynis audit system
> If you want to run the software as root, we suggest changing the ownership of the files. Use chown -R 0:0 to recursively alter the owner and group and set it to user ID 0 (root).
π¦FEATURES :
System administrators
Auditors
Security officers
Penetration testers
Security professionals
Automated security auditing
Compliance testing (e.g. ISO27001, PCI-DSS, HIPAA)
Vulnerability detection
β VERIFIED
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ NETFLIX PREM AFTER LOGIN SEND SC
semhartekle53@gmail.com:mskdwx12
nadams@winterscott.co.uk:qwdsdw
jeanphi.pernin@orange.fr:ac;lmsci8a12
justinepalacio95@gmail.com:nsdavil12
semhartekle53@gmail.com:mskdwx12
nadams@winterscott.co.uk:qwdsdw
jeanphi.pernin@orange.fr:ac;lmsci8a12
justinepalacio95@gmail.com:nsdavil12
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦How to check if the website if vulnerable of clickjacking
> and create a poc-termux-linux
t.me/UndercodeTesting
π¦ππΌπ'π πππΈβπ :
1) git clone https://github.com/D4Vinci/Clickjacking-Tester.git
2) cd Clickjacking-Tester
3) python(3) clickjacking_tester.py <file_name>
4) Example
Input
> python clickjacking_tester.py sites.txt
sites.txt
www.google.com
www.turkhackteam.com
5) Output
[*] Checking www.google.com
[-] Website is not vulnerable!
[*] Checking www.turkhackteam.org
[+] Website is vulnerable!
[*] Created a poc and saved to <URL>.html
β verified
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦How to check if the website if vulnerable of clickjacking
> and create a poc-termux-linux
t.me/UndercodeTesting
π¦ππΌπ'π πππΈβπ :
1) git clone https://github.com/D4Vinci/Clickjacking-Tester.git
2) cd Clickjacking-Tester
3) python(3) clickjacking_tester.py <file_name>
4) Example
Input
> python clickjacking_tester.py sites.txt
sites.txt
www.google.com
www.turkhackteam.com
5) Output
[*] Checking www.google.com
[-] Website is not vulnerable!
[*] Checking www.turkhackteam.org
[+] Website is vulnerable!
[*] Created a poc and saved to <URL>.html
β verified
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦nsa leak tool
> Decrypted content of odd.tar.xz.gpg, swift.tar.xz.gpg and windows.tar.xz.gpg
t.me/UndercodeTesting
π¦ππΌπ'π πππΈβπ :
π¦sha256 hashes
> Original archives
7c19a67d728bc700d18d2ed389a80de495681b7097222d9b8f1d696f0986f9a2 odd.tar.xz.gpg
78b89b2c4b129400150c7b60a426ff469aaea31da1588d2abc4180feaa9c41d3 swift.tar.xz.gpg
c28d5c10ec78bc66d3868e4862c7f801ffd561e2116b529e0782bf78f3ef3255 windows.tar.xz.gpg
>Decrypted archives
85e03866ae7eaaedd9462054b62a10f2180983bdfd086b29631173ae4422f524 odd.tar.xz
df468f01e65f3f1bc18f844d7f7bac8f8eec3664a131e2fb67ae3a55f8523004 swift.tar.xz
5bb9ddfbcefb75d017a9e745b83729390617b16f4079356579ef00e5e6b5fbd0 windows.tar.xz
π¦1) DOWNLOAD : https://github.com/x0rz/EQGRP_Lost_in_Translationhttps://github.com/x0rz/EQGRP_Lost_in_Translation
> 3 folders :
Windows: contains Windows exploits, implants and payloads
swift: contains operational notes from banking attacks
oddjob: docs related to the ODDJOB backdoor
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦nsa leak tool
> Decrypted content of odd.tar.xz.gpg, swift.tar.xz.gpg and windows.tar.xz.gpg
t.me/UndercodeTesting
π¦ππΌπ'π πππΈβπ :
π¦sha256 hashes
> Original archives
7c19a67d728bc700d18d2ed389a80de495681b7097222d9b8f1d696f0986f9a2 odd.tar.xz.gpg
78b89b2c4b129400150c7b60a426ff469aaea31da1588d2abc4180feaa9c41d3 swift.tar.xz.gpg
c28d5c10ec78bc66d3868e4862c7f801ffd561e2116b529e0782bf78f3ef3255 windows.tar.xz.gpg
>Decrypted archives
85e03866ae7eaaedd9462054b62a10f2180983bdfd086b29631173ae4422f524 odd.tar.xz
df468f01e65f3f1bc18f844d7f7bac8f8eec3664a131e2fb67ae3a55f8523004 swift.tar.xz
5bb9ddfbcefb75d017a9e745b83729390617b16f4079356579ef00e5e6b5fbd0 windows.tar.xz
π¦1) DOWNLOAD : https://github.com/x0rz/EQGRP_Lost_in_Translationhttps://github.com/x0rz/EQGRP_Lost_in_Translation
> 3 folders :
Windows: contains Windows exploits, implants and payloads
swift: contains operational notes from banking attacks
oddjob: docs related to the ODDJOB backdoor
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Comprehensive analysis of VLAN attacks
1) The VLAN attack method is an attack method adopted by hackers based on the application of VLAN technology. In the face of these tricky refurbished attack methods, how to take effective preventive measures? In this article, we will introduce the hacker's attack methods and methods for networks managed by VLAN technology We can take defensive measures.
π¦ The common VLAN attacks are as follows:
1) VLAN attack 1.802.1Q and ISL tag attack
A tag attack is a malicious attack. With it, users on one VLAN can illegally access another VLAN. For example, if the switch port is configured as DTP (DYNAMIC TRUNK PROTCOL) auto to receive fake DTP (DYNAMIC TRUNK PROTCOL) packets, it will become a trunk port and may receive traffic to any VLAN. Thus, malicious users can communicate with other VLANs through the controlled ports. Sometimes even if only receiving ordinary packets, the switch port may violate its original intention and operate like an all-round trunk port (for example, receiving packets from other VLANs than the local one). This phenomenon is often called "VLAN leakage."
> For this kind of attack, simply set the DTP (DYNAMIC TRUNK PROTCOL) on all untrusted ports (not meeting the trust condition) to "Off" to prevent this kind of attack. The software and hardware running on the Cisco Catalyst 2950, ββCatalyst 3550, Catalyst 4000, and Catalyst 6000 series switches can also implement proper traffic classification and isolation on all ports.
2) VLAN attack 2. Double encapsulation 802.1Q / nested VLAN attack
Inside the switch, VLAN numbers and identifications are expressed in a special extended format, the purpose is to keep the forwarding path independent of the end-to-end VLAN without losing any information. Outside the switch, the marking rules are specified by standards such as ISL or 802.1Q.
> ISL belongs to Cisco's proprietary technology and is a compact form of the extended packet header used in the device. Each packet always gets a mark, and there is no risk of logo loss, which can improve security.
> On the other hand, the IEEE committee that developed 802.1Q decided that for backward compatibility, it is best to support intrinsic VLANs, that is, VLANs that are not explicitly related to any tags on the 802.1Q link. This VLAN is used implicitly to receive all untagged traffic on the 802.1Q port.
> This feature is what users want, because with this feature, the 802.1Q port can directly talk to the old 802.3 port by sending and receiving unmarked traffic. However, in all other cases, this feature can be very harmful, because when transmitted over an 802.1Q link, packets associated with the native VLAN will lose their tags, such as their class of service (802.1p bits).
2) Stripped first, then sent back to the attacker 802.1q frame, VLAN A, VLAN B data contains the trunk VLAN B data of the native VLAN A
Note: Only if the trunk's native VLAN is the same as the attacker's, will it take effect.
3) When double-encapsulated 802.1Q packets happen to enter the network from devices with the same VLAN as the eigen VLAN of the trunk, the VLAN IDs of these packets will not be retained end-to-end, because the 802.1Q trunk will always modify the packet, that is, strip off its outside mark. After removing the external tag, the internal tag will become the unique VLAN identifier of the packet. Therefore, if the packet is double-encapsulated with two different tags, the traffic can jump between different VLANs.
π¦Comprehensive analysis of VLAN attacks
1) The VLAN attack method is an attack method adopted by hackers based on the application of VLAN technology. In the face of these tricky refurbished attack methods, how to take effective preventive measures? In this article, we will introduce the hacker's attack methods and methods for networks managed by VLAN technology We can take defensive measures.
π¦ The common VLAN attacks are as follows:
1) VLAN attack 1.802.1Q and ISL tag attack
A tag attack is a malicious attack. With it, users on one VLAN can illegally access another VLAN. For example, if the switch port is configured as DTP (DYNAMIC TRUNK PROTCOL) auto to receive fake DTP (DYNAMIC TRUNK PROTCOL) packets, it will become a trunk port and may receive traffic to any VLAN. Thus, malicious users can communicate with other VLANs through the controlled ports. Sometimes even if only receiving ordinary packets, the switch port may violate its original intention and operate like an all-round trunk port (for example, receiving packets from other VLANs than the local one). This phenomenon is often called "VLAN leakage."
> For this kind of attack, simply set the DTP (DYNAMIC TRUNK PROTCOL) on all untrusted ports (not meeting the trust condition) to "Off" to prevent this kind of attack. The software and hardware running on the Cisco Catalyst 2950, ββCatalyst 3550, Catalyst 4000, and Catalyst 6000 series switches can also implement proper traffic classification and isolation on all ports.
2) VLAN attack 2. Double encapsulation 802.1Q / nested VLAN attack
Inside the switch, VLAN numbers and identifications are expressed in a special extended format, the purpose is to keep the forwarding path independent of the end-to-end VLAN without losing any information. Outside the switch, the marking rules are specified by standards such as ISL or 802.1Q.
> ISL belongs to Cisco's proprietary technology and is a compact form of the extended packet header used in the device. Each packet always gets a mark, and there is no risk of logo loss, which can improve security.
> On the other hand, the IEEE committee that developed 802.1Q decided that for backward compatibility, it is best to support intrinsic VLANs, that is, VLANs that are not explicitly related to any tags on the 802.1Q link. This VLAN is used implicitly to receive all untagged traffic on the 802.1Q port.
> This feature is what users want, because with this feature, the 802.1Q port can directly talk to the old 802.3 port by sending and receiving unmarked traffic. However, in all other cases, this feature can be very harmful, because when transmitted over an 802.1Q link, packets associated with the native VLAN will lose their tags, such as their class of service (802.1p bits).
2) Stripped first, then sent back to the attacker 802.1q frame, VLAN A, VLAN B data contains the trunk VLAN B data of the native VLAN A
Note: Only if the trunk's native VLAN is the same as the attacker's, will it take effect.
3) When double-encapsulated 802.1Q packets happen to enter the network from devices with the same VLAN as the eigen VLAN of the trunk, the VLAN IDs of these packets will not be retained end-to-end, because the 802.1Q trunk will always modify the packet, that is, strip off its outside mark. After removing the external tag, the internal tag will become the unique VLAN identifier of the packet. Therefore, if the packet is double-encapsulated with two different tags, the traffic can jump between different VLANs.
5) This situation will be regarded as a misconfiguration, because the 802.1Q standard does not force users to use the native VLAN in these situations. In fact, the proper configuration that should always be used is to clear the native VLAN from all 802.1Q trunks (setting it to 802.1q-all-tagged mode can achieve the exact same effect). When the local VLAN cannot be cleared, the unused VLAN should be selected as the local VLAN of all trunk roads, and the VLAN cannot be used for any other purpose. Protocols such as STP, DTP (DYNAMIC TRUNK PROTCOL) and UDLD should be the only legal users of the local VLAN, and their traffic should be completely isolated from all data packets.
6) VLAN attack 3. VLAN hopping attack
Virtual local area network (VLAN) is a method of segmenting the broadcast domain. VLANs are also often used to provide additional security for the network because computers on one VLAN cannot talk to users on another VLAN without explicit access. However, VLAN itself is not enough to protect the security of the environment. Malicious hackers can jump from one VLAN to another even if they are not authorized.
7) VLAN hopping (VLAN hopping) relies on the dynamic relay protocol (DTP (DYNAMIC TRUNK PROTCOL)). If there are two interconnected switches, DTP (DYNAMIC TRUNK PROTCOL) can negotiate the two to determine whether they will become 802.1Q trunks. The negotiation process is done by checking the configuration status of the port.
8) The VLAN hopping attack makes full use of DTP (DYNAMIC TRUNK PROTCOL). In the VLAN hopping attack, a hacker can deceive the computer and impersonate another switch to send a fake DTP (DYNAMIC TRUNK PROTCOL) negotiation message, announcing that it wants to become a relay; the real one After receiving this DTP (DYNAMIC TRUNK PROTCOL) message, the switch thought that it should enable the 802.1Q relay function, and once the relay function was enabled, the information flow through all VLANs would be sent to the hacker's computer.
10) After the relay is established, the hacker can continue to detect the information flow, or it can specify the VLAN to which the attack traffic is sent by adding 802.1Q information to the frame.
11) VLAN attack 4. VTP attack
VLAN Trunk Protocol (VTP, VLAN Trunk Protocol) is a management protocol that can reduce the number of configurations in the switching environment. As far as VTP is concerned, the switch can be a VTP server, a VTP client, or a VTP transparent switch. Here we focus on the VTP server and the VTP client. Every time the user changes the configuration of the switch working in the VTP server mode, the VTP configuration version number will increase by 1 whether the VLAN is added, modified or removed. After the VTP client sees that the configuration version number is greater than the current version number, It will automatically synchronize with the VTP server.
12) A malicious hacker can use VTP for his own purposes and remove all VLANs on the network (except the default VLAN), so that he can enter the same VLAN where every other user is. However, the user may still be on a different network segment, so a malicious hacker needs to change his IP address to enter the same network segment as the host he wants to attack.
A malicious hacker can make full use of VTP by connecting to the switch and establishing a relay between his computer and the switch. A hacker can send a VTP message to the VTP server whose configuration version number is higher than the current one. This will cause all switches to synchronize with the malicious hacker's computer, thereby removing all non-default VLANs from the VLAN database.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
6) VLAN attack 3. VLAN hopping attack
Virtual local area network (VLAN) is a method of segmenting the broadcast domain. VLANs are also often used to provide additional security for the network because computers on one VLAN cannot talk to users on another VLAN without explicit access. However, VLAN itself is not enough to protect the security of the environment. Malicious hackers can jump from one VLAN to another even if they are not authorized.
7) VLAN hopping (VLAN hopping) relies on the dynamic relay protocol (DTP (DYNAMIC TRUNK PROTCOL)). If there are two interconnected switches, DTP (DYNAMIC TRUNK PROTCOL) can negotiate the two to determine whether they will become 802.1Q trunks. The negotiation process is done by checking the configuration status of the port.
8) The VLAN hopping attack makes full use of DTP (DYNAMIC TRUNK PROTCOL). In the VLAN hopping attack, a hacker can deceive the computer and impersonate another switch to send a fake DTP (DYNAMIC TRUNK PROTCOL) negotiation message, announcing that it wants to become a relay; the real one After receiving this DTP (DYNAMIC TRUNK PROTCOL) message, the switch thought that it should enable the 802.1Q relay function, and once the relay function was enabled, the information flow through all VLANs would be sent to the hacker's computer.
10) After the relay is established, the hacker can continue to detect the information flow, or it can specify the VLAN to which the attack traffic is sent by adding 802.1Q information to the frame.
11) VLAN attack 4. VTP attack
VLAN Trunk Protocol (VTP, VLAN Trunk Protocol) is a management protocol that can reduce the number of configurations in the switching environment. As far as VTP is concerned, the switch can be a VTP server, a VTP client, or a VTP transparent switch. Here we focus on the VTP server and the VTP client. Every time the user changes the configuration of the switch working in the VTP server mode, the VTP configuration version number will increase by 1 whether the VLAN is added, modified or removed. After the VTP client sees that the configuration version number is greater than the current version number, It will automatically synchronize with the VTP server.
12) A malicious hacker can use VTP for his own purposes and remove all VLANs on the network (except the default VLAN), so that he can enter the same VLAN where every other user is. However, the user may still be on a different network segment, so a malicious hacker needs to change his IP address to enter the same network segment as the host he wants to attack.
A malicious hacker can make full use of VTP by connecting to the switch and establishing a relay between his computer and the switch. A hacker can send a VTP message to the VTP server whose configuration version number is higher than the current one. This will cause all switches to synchronize with the malicious hacker's computer, thereby removing all non-default VLANs from the VLAN database.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦hack twitter
> Multi-thread Twitter BruteForcer in Shell Script
π¦ππΌπ'π πππΈβπ :
1) git clone https://github.com/thelinuxchoice/tweetshell
2) cd tweetshell
3) chmod +x tweetshell.sh
4) sudo ./tweetshell.sh
π¦Install requirements (Curl):
chmod +x install.sh
sudo ./install.sh
β verified
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦hack twitter
> Multi-thread Twitter BruteForcer in Shell Script
π¦ππΌπ'π πππΈβπ :
1) git clone https://github.com/thelinuxchoice/tweetshell
2) cd tweetshell
3) chmod +x tweetshell.sh
4) sudo ./tweetshell.sh
π¦Install requirements (Curl):
chmod +x install.sh
sudo ./install.sh
β verified
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
800k prem proxies.txt
15.2 MB
β β β ο½ππ»βΊπ«Δπ¬πβ β β β