▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HTTP protocol and work with headers guide :
twitter.com/UnderodeNews

🦑 𝕃𝔼𝕋𝕊 𝕊𝕋𝔸ℝ𝕋 :

> HTTP protocol
How WWW (World Wide Web, Web) works in a nutshell:

1) the user's browser (client) sends a request to the server with the site address (URL);

2) the server receives this request and gives the client the content it needs.

3) In other words, the entire modern web is built on a model of client-server interaction. And to make this whole process possible, a universal protocol language is needed that both the server and browser will understand. There is such a protocol, but it is called HTTP.

🦑 How HTTP works, and why do we need to know ? 🦑

> You can program in PHP without knowing the HTTP protocol, but there are a number of situations where you need to know how the web server works to solve problems. After all, PHP is, first of all, a server programming language.

> The HTTP protocol is very simple and consists essentially of two parts:

Request / response headers
Request / Response Bodies.
First comes a list of headers, then an empty string, and then (if any) the body of the request / response.

> Both the client and the server can send headers and the response body to each other, but in the case of the client, the available headers will be one, and the server will be different. Let's take a step-by-step look at how the work using the HTTP protocol will look in the case when the user wants to download the main page of the Vkontakte social network.

1) The user's browser establishes a connection with the vk.com server and sends the following request:

GET / HTTP / 1.1
Host: vk.com

2) The server accepts the request and sends a response:

HTTP/1.1 200 OK
Server: Apache

<html>
<head>
<title>ВКонтакте</title>
</head>
<!-- остальной контент страницы ниже -->

3) The browser accepts the response and displays the finished page

> Most of all, we are interested in the very first step, where the browser initiates a request to the vk.com server.
Let us consider in more detail what is happening there. The first line of the query defines several important parameters, namely:

> The method by which the content will be requested;
Page address;
Protocol version.
GETIs a method (verb) that we use to access the specified page.
GETis the most commonly used method because it tells the server that the client just wants to read the specified document. But besides GETthere are other methods, we will consider one of them in the next section.

> After the method there is an indication of the page address - URI (universal resource identifier). In our case, we request the main page of the site, so just a slash is used /.
The last in this line is the protocol version and almost always it will beHTTP/1.1

> After a line indicating the main parameters, a list of headers always fo1llows, which give the server additional useful information: the name and version of the browser, language, encoding, caching parameters, and so on.

> Among all these headers that are transmitted during each request, there is one mandatory and most important one - this is the heading Host. It determines the domain address that the client browser requests.

> Having received a request, the server searches for a site with a domain from the header Host, as well as the specified page.
If the requested site and page are found, a response is sent to the client:
HTTP/1.1 200 OK

> This answer means that everything is fine, the document is found and will be sent to the client.

Written by UndercOde
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 collection of android Exploits and Hacks
instagram.com/UndercOdeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/sundaysec/Android-Exploits.git

> Recommend you grab exploitpack latest version

wget https://github.com/juansacco/exploitpack/archive/master.zip

2) Extract then Navigate into the folder and type:

3) java -jar ExploitPack.jar

4) Load the exploits

🦑Common Tools(In mobile Exploits):

> SSH

> VNC server

> A compiler (gcc / agcc)

> Android SDK (adb!)

> XCode

> Jailbroken iDevice

> Rooted Android Device


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Simple Linux Bash Server Administration Scripts

> FTP Backup Script For any linux server which backs up critical system files and folders and also all your MySQL Databases.

> The script uses the NCFTP client, it deletes backups older than X days and also emails you with a success or failure message.


🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/mitchellkrogza/linux-server-administration-scripts

2) cd linux-server-administration-scripts

3) chmod 777 ftpbackup.sh

4) ./ftpbackup.sh

That s all

@UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

🦑The Ultimate Unified Hosts file
t.me/UnderCodeTesting
> for protecting your network, computer, smartphones and Wi-Fi devices against millions of bad web sites.

> Protect your children and family from gaining access to bad web sites and protect your devices and pc from being infected with Malware or Ransomware.

> Without any Paid services !

🦑DAILY UPDATED !!!!!!!!!!!🦑

𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/mitchellkrogza/Ultimate.Hosts.Blacklist

2) AUTOMATe Run:

> cd installer-windows

3) Now

> Press ⊞ Win+R. This opens the Run dialog.

4) If you need to run the batch file as an administrator, see this method instead.

> go to file then

5) OPEn cmd & Click Run as Administrator

> windows-install-hosts.bat

6 ) MANUAL

Now its not installing like a normal script so you need to edit some in your ip & dns / adapter & Hosts settings


> A hosts file, named hosts (with no file extension), is a plain-text file used by all operating systems to map hostnames to IP addresses.

> In most operating systems, the hosts file is preferential to DNS. Therefore if a domain name is resolved by the hosts file, the request never leaves your computer.

> Having a smart hosts file goes a long way towards blocking malware, adware, ransomware, porn and other nuisance web sites.

> A hosts file like this causes any lookups to any of the listed domains to resolve back to your localhost so it prevents any outgoing connections to the listed domains.

🦑For example, to drop all requests to certain domains or servers, adding lines to your hosts file as below will achieve this for you. You can create your own custom hosts or simply use ours which covers you for well over 1 million bad domains and web sites out there.

# Block Bad Domains and Servers with Hosts File
0.0.0.0 doubleclick.net
0.0.0.0 18chinese.com
0.0.0.0 gatekeeper.tss.net
0.0.0.0 www.gatekeeper.tss.net
0.0.0.0 cdn.gatekeeper.tss.net
0.0.0.0 youporn.com
0.0.0.0 www.youporn.com
0.0.0.0 x-lime.net
0.0.0.0 www.x-lime.net
# etc ... etc .... etc ...

3) So go to hosts file
example on windows :

> C:\Windows\System32\drivers\etc\hosts

4) open it in any text editor app example Notpad
> change hosts by adding this repo hosts

Or

🦑For linux

1) hosts.deny

is a plain-text file for Linux/Unix based operating systems only which blocks a list of IP addresses on the outside of your network from gaining any access to your computer.

2) A hosts.deny file will not work on a Windows operating system.

3) same in Linux You can modifie hosts file by opening in leafpad example

🦑 Or Automate run :

1) cd Installer-Linux

2) Chmod 777 linux-hosts-installer.sh

3) ./ linux-hosts-installer.sh

E N J O Y NO NEED FOR PAID SERVICES FOR BLOCKING MALWARES ADDS......


WRITTEN BY @UndercOdeOfficial
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

🦑2019 Phishing Database Tested by UndercOde:
Phishing Domains, urls websites and threats database. We use the PyFunceble testing tool to validate the status of all known Phishing domains and provide stats to reveal how many unique domains used for Phishing are still active.
t.me/UnderCodeTesting


🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:


🦑Phishing Domaines Status

1) Active :

>Database On
https://raw.githubusercontent.com/mitchellkrogza/Phishing.Database/master/phishing-domains-ACTIVE.txt

2) Anactive :

> https://raw.githubusercontent.com/mitchellkrogza/Phishing.Database/master/phishing-domains-INACTIVE.txt

3) Invalid :

> https://github.com/mitchellkrogza/Phishing.Database

🦑Phishing Links Status

1)Active :

https://raw.githubusercontent.com/mitchellkrogza/Phishing.Database/master/phishing-links-ACTIVE.txt

2) Inactive:

> https://raw.githubusercontent.com/mitchellkrogza/Phishing.Database/master/phishing-links-INACTIVE.txt

3) Invalid :

> https://raw.githubusercontent.com/mitchellkrogza/Phishing.Database/master/phishing-links-INVALID.txt

🦑 All the following HTTP status codes we regard as ACTIVE or still POTENTIALLY ACTIVE.

🦑ACTIVE HTTP Codes

- 100
- 101
- 200
- 201
- 202
- 203
- 204
- 205
- 206
🦑 POTENTIALLY ACTIVE HTTP Codes
- 000
- 300
- 301
- 302
- 303
- 304
- 305
- 307
- 403
- 405
- 406
- 407
- 408
- 411
- 413
- 417
- 500
- 501
- 502
- 503
- 504
- 505
🦑POTENTIALLY INACTIVE HTTP Codes
- 400
- 402
- 403
- 404
- 409
- 410
- 412
- 414
- 415
- 416

🦑Criminals planting Phishing links often resort to a variety of techniques like returning a variety of HTTP failure codes to trick people into thinking the link is gone but in reality if you test a bit later it is often back.


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

🦑 All in One

> Apache Block Bad Bots
> (Referer) Spam Referrer Blocker,
> Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites,
> Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
instagram.com/UnderCodeTesting
🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:


1) clone https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker

2) COPY THE GLOBALBLACKLIST.CONF FILE FROM THE REPO $APACHE_CONF is generally located at /etc/apache2 or /etc/httpd depending on OS

3) Copy the contents of globalblacklist.conf into your $APACHE_CONF/custom.d folder. e.g. /etc/apache2/custom.d on Ubuntu/Debian /etc/httpd on RHEL/centos You need to create this folder.

4) The following directions use /etc/apache2 as an example.

> sudo mkdir /etc/apache2/custom.d

> sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/globalblacklist.conf -O /etc/apache2/custom.d/globalblacklist.conf

5) If your Linux distribution does not have wget you can replace the wget commands using curl as follows:

> curl -sL https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/globalblacklist.conf -o /etc/apache2/custom.d/globalblacklist.conf

6) Please do NOT ever use 127.0.0.1 as a whitelisted IP address in whitelist-ips.conf it will cause the blocker to stop functioning.

> copy the whitelist-ips.conf file into that folder

7) sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/whitelist-ips.conf -O /etc/apache2/custom.d/whitelist-ips.conf

8) copy the whitelist-domains.conf file into the same folder

9) sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/whitelist-domains.conf -O /etc/apache2/custom.d/whitelist-domains.conf

10) Use nano, vim or any other text editor to edit both whitelist-ips.conf and whitelist-domains.conf to include all your own domain names and IP addresses that you want to specifically whitelist from the blocker script.

11) copy the blacklist-ips.conf file into that folder

> sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/blacklist-ips.conf -O /etc/apache2/custom.d/blacklist-ips.conf

12) copy the bad-referrer-words.conf file into that folder

> sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/bad-referrer-words.conf -O /etc/apache2/custom.d/bad-referrer-words.conf

13) Allows you to add your own custom list of user agents with this new include file.

> copy the blacklist-user-agents.conf file into that folder

> sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/blacklist-user-agents.conf -O /etc/apache2/custom.d/blacklist-user-agents.conf

14) INCLUDE THE GLOBALBLACKLIST.CONF

Include the globalblacklist.conf file in the beginning of a directory block just after your opening Options statements and before the rest of your host config example below. Remove the "<<<<<< This needs to be added" part

<VirtualHost *:80>
ServerName local.dev
DocumentRoot /var/www/html
ErrorLog /tmp/error.log

<Directory "/var/www/html">
Options +Includes
Options +FollowSymLinks -Indexes
Include custom.d/globalblacklist.conf
</Directory>
</VirtualHost>

15) You can include globalblacklist.conf globally (for all virtual hosts) if you put the following configuration after virtual host configuration.

16) Do an Apache2 Config Test

> sudo apache2ctl configtest

> sudo service apache2 reload

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

🦑 from 2 months All in One

> Apache Block Bad Bots

> (Referer) Spam Referrer Blocker,

> Vulnerability Scanners, Malware, Adware, Ransomware, Malicious Sites,

> Wordpress Theme Detectors and Fail2Ban Jail for Repeat Offenders
instagram.com/UnderCodeTestingCompany

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:


1) clone https://github.com/mitchellkrogza/apache-ultimate-bad-bot-blocker

2) COPY THE GLOBALBLACKLIST.CONF FILE FROM THE REPO $APACHE_CONF is generally located at /etc/apache2 or /etc/httpd depending on OS

3) Copy the contents of globalblacklist.conf into your $APACHE_CONF/custom.d folder. e.g. /etc/apache2/custom.d on Ubuntu/Debian /etc/httpd on RHEL/centos You need to create this folder.

4) The following directions use /etc/apache2 as an example.

> sudo mkdir /etc/apache2/custom.d

> sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/globalblacklist.conf -O /etc/apache2/custom.d/globalblacklist.conf

5) If your Linux distribution does not have wget you can replace the wget commands using curl as follows:

> curl -sL https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/globalblacklist.conf -o /etc/apache2/custom.d/globalblacklist.conf

6) Please do NOT ever use 127.0.0.1 as a whitelisted IP address in whitelist-ips.conf it will cause the blocker to stop functioning.

> copy the whitelist-ips.conf file into that folder

7) sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/whitelist-ips.conf -O /etc/apache2/custom.d/whitelist-ips.conf

8) copy the whitelist-domains.conf file into the same folder

9) sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/whitelist-domains.conf -O /etc/apache2/custom.d/whitelist-domains.conf

10) Use nano, vim or any other text editor to edit both whitelist-ips.conf and whitelist-domains.conf to include all your own domain names and IP addresses that you want to specifically whitelist from the blocker script.

11) copy the blacklist-ips.conf file into that folder

> sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/blacklist-ips.conf -O /etc/apache2/custom.d/blacklist-ips.conf

12) copy the bad-referrer-words.conf file into that folder

> sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/bad-referrer-words.conf -O /etc/apache2/custom.d/bad-referrer-words.conf

13) Allows you to add your own custom list of user agents with this new include file.

> copy the blacklist-user-agents.conf file into that folder

> sudo wget https://raw.githubusercontent.com/mitchellkrogza/apache-ultimate-bad-bot-blocker/master/Apache_2.2/custom.d/blacklist-user-agents.conf -O /etc/apache2/custom.d/blacklist-user-agents.conf

14) INCLUDE THE GLOBALBLACKLIST.CONF

Include the globalblacklist.conf file in the beginning of a directory block just after your opening Options statements and before the rest of your host config example below. Remove the "<<<<<< This needs to be added" part

<VirtualHost *:80>
ServerName local.dev
DocumentRoot /var/www/html
ErrorLog /tmp/error.log

<Directory "/var/www/html">
Options +Includes
Options +FollowSymLinks -Indexes
Include custom.d/globalblacklist.conf
</Directory>
</VirtualHost>

15) You can include globalblacklist.conf globally (for all virtual hosts) if you put the following configuration after virtual host configuration.

16) Do an Apache2 Config Test

> sudo apache2ctl configtest

> sudo service apache2 reload

17) Now Open Terminal & Type :

> curl -A "googlebot" http://yourdomain.com

Should respond with 200 OK

> curl -A "80legs" http://yourdomain.com

> curl -A "masscan" http://yourdomain.com

Should respond with 403 Forbidden

> curl -I http://yourdomain.com -e http://100dollars-seo.com

> curl -I http://yourdomain.com -e http://zx6.ru

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂

🦑Termux 2019 tool :
PentBox is a tool that allows us to create honeypot in systema this is written in ruby language
t.me/UnderCodeTesting

🦑Features:

> Command execution in gets (STDIN) implemented. (!command)

> Honeypot now shows attacker's IP and port (thx Shyish)

> Ip grabber direct targeting from email: yahoo,gmail,hotmail & sites like facebook gmail ...etc

> Included log options.

> Wordlist is bigger now.

> Included "back" option on menus. New tools:

> Included new area, Web tools.

> Included new module MAC address geolocation (samy.pl).

> Included new module HTTP directory bruteforce.

> Included new module HTTP common files bruteforce.

> Included exploits for DoS [other/http] 3Com SuperStack Switch DoS [other/http] 3Com OfficeConnect Routers DoS (Content-Type) [windows/

>ftp] Windows 7 IIS7.5 FTPSVC UNAUTH'D DoS [windows/ftp] Solar FTP Server 2.1 DoS [windows/pptp] MS02-063 PPTP Malformed Control Data

>Kernel DoS [windows/smb] Windows Vista/7 SMB2.0 Negotiate Protocol Request DoS BSOD

> Included pb_update.rb to update PenTBox from the SVN repository. Bugfixing:

> Fixed issue with SHODAN API.

> Deleted l33t speak and extra menu.

> Improved permissions checking, now it's done by euid, not username (thx r4mosg)

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/technicaldada/pentbox

2) cd pentbox

3) tar -zxvf pentbox.tar.gz

4) cd pentbox

5) chmod 777 pentbox.rb

6) ./pentbox.rb

Written by ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Termux/Kali/Parrot package manager script 2019
package manager for hacker's. onex manage large number's of hacking tools that can be installed on single click. Using onex, you can install all hacking tools in Termux and other Linux based distributions. onex can install more than 370+ kali linux hacking tools. use onex install [tool_name] command to install any hacking tool.
instagram.com/UnderCodeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

Open the terminal and type following commands.

1) apt update

2) apt install git

3) git clone https://github.com/Rajkumrdusad/onex.git

4) chmod +x onex/install

5) sh onex/install if not work than use ./onex/install

🦑onex start to start onex menu mode:

> Enter a Number for a specific output:

(1) : To show all available tools and type the number of a tool which you want to install.

(2) : To show tools category.

(3) : If you want to update onex.

(4) : If you want to know About Us.

(5) : To exit the tool.

Written by ̵͑M̵͘ ̠̖r̶̕.̵́ ̷͠B̴͘O̷̓T̶̆Ń̴E̶͛T̶̅(tm
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Remote Access Tool/Botnet
Loki is Remote Access Tool.
Loki uses RSA-2048 with AES-256 to keep your communication secure.
Warning: DO NOT upload any samples generated by this program to online scanners.
\
🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/Pure-L0G1C/Loki

2) pip install -r requirements.txt

3)open /lib/const.py & configure your private and public IP's

4) start loki.py

5) navigate to http://127.0.0.1:5000

6) login, Username: loki Password: ikol

7) navigate to settings, selected server tab and start the server on the same IP as your private IP

8) Click the home button

9) Generate a payload


10) Navigate to the agent directory

> Run: python builder.py -h

It will not compile inside a virtual enivornment
> After connection

11) You can click the hostname of the bot once it connects

> Explore

🦑Features:

>Upload & Download
> Chrome Launching
> Persistence
> Screenshot
> Keylogger
> Ddos
> SFTP
> SSH

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to get MacOs ? And How To convert to .iso?
instagram.com/UnderCodeTesting

1) There is no way to legitimately get the file without having access to a Mac, and a licensed copy of the OS via a purchase (unless you are a member of the Developer Program, for which you can expect to pay far more than the cost of the OS, what with it being free)

2) But if you can blag some access time on a Mac, then you can download the OS from the Mac App Store (You may need to Option+Click the Purchased section to force it to reshow them if you have downloaded them at least once already).

3)Once you have the installer downloaded and sat in your dock, you can simply pick it apart and get to the image file that is inside it.

4) This is the official way to get the file direct from Apple, but there is still work to do to make it into an ISO

5) Once you’ve downloaded Mavericks, find the installer on your Mac. It’s called Install OS X Mavericks.app and it should have been downloaded to your main Applications folder or be sat in your Dock.

6) Right-click (or Control+click) the installer, and choose Show Package Contents from the resulting contextual menu.

7) In the folder that appears, open Contents > Shared Support; you’ll see a disk image file called InstallESD.dmg

8) This dmg file is in essence an ISO file in s slightly different format. We'll need to convert it. Open up Disk Utility and:

9) From the menu bar, select Images > Convert and point it to your .dmg file

10) In the Save As dialog that follows, select DVD/CD master. Disk Utility will insist on saving the new ISO as a .cdr file, but it is really an ISO.

11) When complete, you can rename it to .iso in Finder.

12) Use an external HD or thumb drive which is in ExFAT format (Compared to FAT format, this allows for single files larger than 4GB).

13) Copy the .iso file and access it on the other system or vm...


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑what is AOXdeface tools?
AOXdeface is a tool for defacing dozens or hundreds of sites at once,depending on the number of sites that have been determined by you, this is not dangerous, and this is only the file upload method


🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

A)Termux:

pkg install python2
pip2 install requests
pkg install git
git clone https://github.com/Ranginang67/AOXdeface
cd AOXdeface
python2 aox.py

B)Linux:

apt-get install python
apt-get install pthon-pip
pip install requests
apt-get install git
git clone https://github.com/Ranginang67/AOXdeface
cd AOXdeface
python aox.py

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑what is Crypton tools?
cryton this a tools usefull for penetration testing, information gathering,
and for ethical hacking and this tools easy to use and easy to install
instagram.com/UnderCodeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

> install on kali, ubuntu, and parrot:

1) apt-get install git

2) git clone https://github.com/Ranginang67/Crypton

3) chmod 777 install.sh

4) ./install.sh

5) type crypton in term to run it

🦑Features:

feature information

> credit card validator checker to check whether the credit card is active

> Facebook account information to see all the information on your Facebook account

> social media name checker search for social media users associated with that username

> website backdoor scanner looking for a backdoor shell that is embedded on the website

>http header information get http header information from website
website analyze scanner scanning website vulnerability

>find admin login page for find the admin login page
gmail account checker checking if gmail account is exists


>find my facebook id find facebook user id

>dump all friend id dump all your friend ID on Facebook
domain age checker checking age of domain

>md5 hash cracker crack md5 password
ip adres checker search for information from the ip


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑So we ve heared alot about Md5 and Still alot don t know exact definition for it so :

1) MD5 is a type of algorithm that is known as a cryptographic hash algorithm.

2) MD5 produces a hash value in a hexadecimal format. This competes with other designs where hash functions take in a certain piece of data, and change it to provide a key or value that can be used in place of the original value.

3) Security engineers and others are familiar with long lists of hash algorithms with different properties.

4) MD5 and other types of hash algorithms are often referred to as "message digest" functions.

5) The idea here is that a hash "digests" an original value and outputs a replacement value that is significantly different from the original.

6) Hashes have several main uses in security and database efficiency, related to the use of replacement values in searches and in data storage.

7) With the development of various hash algorithms, experts have noted that engineers found MD5 to have serious weaknesses in terms of not being "collision resistant." A collision happens when two hash values are found to be similar or the same.


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Crack hashes in seconds: Md5 Cracker 2019 :
t.me/UnderCodeTesting

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/s0md3v/Hash-Buster

2) cd Hash-Buster

3) Hash-Buster can be run directly from the python script but I highly suggest you to install it with

> make install

4) python hash.py/

5) buster -s <hash>

6) Finding hashes from a directory
just specify a directory and Hash Buster will go through all the files and directories present in it, looking for hashes.

> buster -d /root/Documents

7) Hash Buster can find your hashes even if they are stored in a file like this

🦑Tested On:

> Kali

> Debian


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Most advanced XSS scanner
> XSStrike is a Cross Site Scripting detection suite equipped with four hand written parsers, an intelligent payload generator, a powerful fuzzing engine and an incredibly fast crawler.

> Instead of injecting payloads and checking it works like all the other tools do, XSStrike analyses the response with multiple parsers and then crafts payloads that are guaranteed to work by context analysis integrated with a fuzzing engine. Here are some examples of the payloads generated by XSStrike:

}]};(confirm)()//\
<A%0aONMouseOvER%0d=%0d[8].find(confirm)>z
</tiTlE/><a%0donpOintErentER%0d=%0d(prompt)``>z
</SCRiPT/><DETAILs/+/onpoINTERenTEr%0a=%0aa=prompt,a()//
t.me/UndercOdeTestingOfficial

🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/s0md3v/XSStrike

2) cd XSSrtike

3) pip install -m requirements.txt

4) python xsstrike.py

🦑Features:

> Reflected and DOM XSS scanning

> Multi-threaded crawling

> Context analysis

> Configurable core

> WAF detection & evasion

> Outdated JS lib scanning

> Intelligent payload generator

> Handmade HTML & JavaScript parser

> Powerful fuzzing engine

> Blind XSS support


> Highly researched work-flow

> Complete HTTP support

> Bruteforce payloads from a file

> Powered by Photon, Zetanize and Arjun

> Payload Encoding

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Network Trick
Tensorflow implementation of Deep Convolutional Generative Adversarial Networks which is a stabilize Generative Adversarial Networks


🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/carpedm20/DCGAN-tensorflow

2) cd DCGAN-tensorflow

3) python download.py mnist celebA

4) To train a model with downloaded dataset:

> python main.py --dataset mnist --input_height=28 --output_height=28 --train

> python main.py --dataset celebA --input_height=108 --train --crop

🦑 To test with an existing model:

1) python main.py --dataset mnist --input_height=28 --output_height=28

2) python main.py --dataset celebA --input_height=108 --crop

> Or, you can use your own dataset (without central crop) by:

3) mkdir data/DATASET_NAME
... add images to data/DATASET_NAME ...

4) python main.py --dataset DATASET_NAME --train

5) python main.py --dataset DATASET_NAME

6) # example

7) python main.py --dataset=eyes --input_fname_pattern="*_cropped.png" --train

8) If your dataset is located in a different root directory:

> python main.py --dataset DATASET_NAME --data_dir DATASET_ROOT_DIR --train

9) python main.py --dataset DATASET_NAME --data_dir DATASET_ROOT_DIR
> # example

10) python main.py --dataset=eyes --data_dir ../datasets/ --input_fname_pattern="*_cropped.png" --train



▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to Discover Cross-Domain Relations with Generative Adversarial Networks


🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

1) git clone https://github.com/carpedm20/DiscoGAN-pytorch

2) cd DiscoGAN-pytorch

3) Or > sudo apt-get install imagemagick (avaible ata ubanto Repo)

> mogrify -resize 256x256! -quality 100 -path YOUR_DATASET_NAME/A/*.jpg

> mogrify -resize 256x256! -quality 100 -path YOUR_DATASET_NAME/B/*.jpg

🦑 for Mac

1) brew install imagemagick

> mogrify -resize 256x256! -quality 100 -path YOUR_DATASET_NAME/A/*.jpg
$ mogrify -resize 256x256! -quality 100 -path YOUR_DATASET_NAME/B/*.jpg

2) for scale and center crop
$ mogrify -resize 256x256^ -gravity center -crop 256x256+0+0 -quality 100 -path ../A/*.jpg

🦑To train a model:

1) python main.py --dataset=edges2shoes --num_gpu=1

2) python main.py --dataset=YOUR_DATASET_NAME --num_gpu=4

> To test a model (use your load_path):

3) python main.py --dataset=edges2handbags --load_path=logs/edges2handbags_2017-03-18_10-55-37 --num_gpu=0 --is_train=False


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is PostgreSQL ? (@ wikipedia)


> PostgreSQL is a general purpose and object-relational database management system, the most advanced open source database system. PostgreSQL was developed based on POSTGRES 4.2 at Berkeley Computer Science Department, University of California.

>PostgreSQL was designed to run on UNIX-like platforms. However, PostgreSQL was then also designed to be portable so that it could run on various platforms such as Mac OS X, Solaris, and Windows.

>PostgreSQL is free and open source software. Its source code is available under PostgreSQL license, a liberal open source license. You are free to use, modify and distribute PostgreSQL in any form.

>PostgreSQL requires very minimum maintained efforts because of its stability. Therefore, if you develop applications based on PostgreSQL, the total cost of ownership is low in comparison with other database management systems.

🦑Features:

> User-defined types

> Table inheritance

> Sophisticated locking mechanism

> Foreign key referential integrity

> Views, rules, subquery

🦑Official Download Link:

>https://www.postgresql.org/

> Nested transactions (savepoints)

> Multi-version concurrency control (MVCC)

> Asynchronous replication


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Best IKE Scanner Original Tool


🦑𝕀ℕ𝕊𝕋𝔸𝕃𝕃𝕀𝕊𝔸𝕋𝕀𝕆ℕ & ℝ𝕌ℕ:

Termux-root/Kali/Debian/Parrot

1) git clone https://github.com/royhills/ike-scan

2) cd ike-scan

3) autoreconf --install to generate a viable ./configure file

4) Run ./configure or ./configure --with-openssl to use the OpenSSL libraries

5) Run make to build the project

6) Run make check to verify that everything works as expected

7) Run make install

8) ike-scan -h

🦑Features:

1) Discovery Determine which hosts in a given IP range are running IKE. This is done by displaying those hosts which respond to the IKE requests sent by ike-scan.

2) Fingerprinting Determine which IKE implementation the hosts are using, and in some cases determine the version of software that they are running. This is done in two ways: firstly by UDP backoff fingerprinting which involves recording the times of the IKE response packets from the target hosts and comparing the observed retransmission backoff pattern against known patterns; and secondly by Vendor ID fingerprinting which compares Vendor ID payloads from the VPN servers against known vendor id patterns.

3) Transform Enumeration Find which transform attributes are supported by the VPN server for IKE Phase-1 (e.g. encryption algorithm, hash algorithm etc.).

4) User Enumeration For some VPN systems, discover valid VPN usernames.

5) Pre-Shared Key Cracking Perform offline dictionary or brute-force password cracking for IKE Aggressive Mode with Pre-Shared Key authentication. This uses ike-scan to obtain the hash and other parameters, and psk-crack (which is part of the ike-scan package) to perform the cracking

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁