▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁▁

🦑Warez DARKWEB- .ONION 2020 SITES
7/24 & 24/24 ONLINE


http://2gxxzwnj52jutais.onion/ – The Nowhere Server (restored from backup after FH)

http://jntlesnev5o7zysa.onion/ – The Pirate Bay – Torrents

http://am4wuhz3zifexz5u.onion/ – Tor Library – library of books and other media files

http://uj3wazyk5u4hnvtk.onion/ – The Pirate Bay – Torrents (official .onion)

http://doxbindtelxceher.onion/ – DOXBIN

http://wuvdsbmbwyjzsgei.onion/ – Music Downloads

http://lolicore75rq3tm5.onion/ – Lolicore and Speedcore Music

http://xfmro77i3lixucja.onion/ – ebooks

http://vt27twhtksyvjrky.onion/ – lol 20th Century Western Music Recordings and Scores

http://2ygbaoezjdmacnro.onion/ – Pony at Noisebridge

http://xfmro77i3lixucja.onion/ – Imperial Library of Trantor

http://c3jemx2ube5v5zpg.onion/ – Jotunbane’s Reading Club

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁▁

Follow Undercode On

> T.me/UndercodeTesting hacking tips

> Fb.com/UndercodeTesting

> instagram.com/UndercodeTesting

> twitter.com/UndercodeNews

> Youtube.com/Undercode

> Pinterest.com/Undercode_Testing

> ...

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁▁

🦑 updated Dark Web OSINT Tool
Xd Some Noobs govs use this :

Dark Web OSINT Tool


🦑 Features :
Onion Crawler (.onion).(Completed)
Returns Page title and address with a short description about the site.(Partially Completed)
Save links to database.(PR to be reviewed)
Get emails from site.(Completed)
Save crawl info to JSON file.(Completed)
Crawl custom domains.(Completed)
Check if the link is live.(Completed)
Built-in Updater.(Completed)
TorBot GUI(see branch frontend)
Social Media integration.(not Started) ...(will be updated)

🦑OS Dependencies
Tor
Python 3.x
Golang 1.x (Not Currently Used)

🦑Python Dependencies
beautifulsoup4
pyinstaller
PySocks
termcolor
requests
requestsmock
yattag

🦑INSTALLISATION & RUN :

git clone https://github.com/DedSecInside/TorBot

cd TorBot

python3 torBot.py or use the -h -help argument

✅

@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁▁

🦑Install Google Gadgets (Google Gadgets) on traditional Linux desktop

1) Google recently released the Linux version of Google Gadgets (Google Gadgets). Prior to this, Google Gadgets on the desktop released by Google only supports Windows and Mac. As a Linux desktop user, why not try this beautiful and useful Google gadget (Google Gadgets) launched by Google? Currently, Google only releases the source package of Google Gadgets (Google Gadgets), which we can only install by compiling. Whether you are a GNOME user or a KDE user, you can install Google Gadgets (Google Gadgets) on your Linux desktop. Let ’s install Google Gadgets on your Linux desktop with OwnLinux!

2) Download and unzip Google Gadgets (Google Gadgets)

Google Gadgets (Google Gadgets) is published on Google as a compressed package in .tar.gz format, you need to unzip it after downloading.from google or here
> CLICK HERE
3) Install dependent environment required for compilation

4) Open the terminal and enter the following code

> sudo apt-get -y install libtool automake autoconf libxul-dev libghc6-mozembed-dev libcurl4-gnutls-dev libxml2-dev zlib1g-dev xulrunner xulrunner-1.9-dev libgtk2.0-dev libcairo2-dev libdbus-1-dev libdbus-glib-1-dev libgstreamer0.10-dev libgstreamer-plugins-base0.10-dev libqt4-dev


5) Configure compile and install Google Gadgets (Google Gadgets)

6) Open the terminal and enter the following codes in sequence

7) ./configure --prefix=/usr
make
sudo make install


8) Run Google Gadgets (Google Gadgets)

If all goes well, you can run Google Gadgets (Google Gadgets). Use ALT + F2 to bring up the "run application" GNOME user input ggl-gtk, KDE user input ggl-qt, so that you can start the Google Gadgets (Google Gadgets) application.

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁▁

🦑2020 MOST POPULAR PLUGINS FOR WORDPRESS :

https://wordpress.org/plugins/wordpress-seo/

https://wordpress.org/plugins/elementor/

https://wordpress.org/plugins/coming-soon/

https://wordpress.org/plugins/shortcodes-ultimate/

https://wordpress.org/plugins/smart-slider-3/

https://wordpress.org/plugins/woocommerce/

https://wordpress.org/plugins/wpdiscuz/

https://wordpress.org/plugins/sucuri-scanner/

https://wordpress.org/plugins/pretty-link/

https://wordpress.org/plugins/google-analytics-for-wordpress/

https://wordpress.org/plugins/wp-smushit/

https://wordpress.org/plugins/wp-super-cache/#installation

https://wordpress.org/plugins/updraftplus/


@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁▁

🦑SOME DEFINITIONS IMPORTANT +HOW THEY ATTACK API ✅

A) User Spoofing

> User spoofing is when an attacker pretends to be someone they’re not. Often, the attacker will attempt to portray themselves as a trusted user in order to pivot to additional users, allowing them free access to data and the ability to deal more damage without being readily discovered. These attacks often use data discovered through phishing or other such credential leaks in order to prevent other alarms, such as those found in reverse engineering, from going off.

> Once the attacker has broached the system, the attack often attempts to inject some sort of privilege escalation attack by directing URI functions to other URIs (as is the case in media encoding APIs), inserting code acting as text (as in the case of translation APIs), or just flooding APIs with more data that it can handle, forcing an overflow failure.

B) MITM OR Man in the Middle Attack

> In this type of attack, the attacker will pose as an element either in the chain of communication to the server, or the server itself. The attacker’s aim here is to act as if they are some trusted link in the API chain, intercepting data either for morphing or offloading.

>Sometimes, this attack can be done by squatting on a domain that is similar to the API URI scheme and copying the format of the API request/resource location (or at least, making it seem the same). In this case, a user might be requesting a call using a resource located at API.io/media/function, and a squatter might sit on APO.io/media/function. A single character’s difference could make all the difference in the world, and open up the requester to the reality of sending their credentials to the wrong server.

C) Session Replays

> Session replays are specifically against websites and other systems that generate and store sessions. While proper RESTful design should not deal with state, that’s not always the reality of the situation – many APIs, whether for valid reasons or not, have state as part of their core flow, even if they call themselves
> “RESTful”. When sessions are part of the equation, this type of attack is designed to capture the session, and replay it to the server. In effect, the attacker is rewinding time and forcing the server to divulge data as if the same interaction is occurring once more.

D) Social Engineering
While this is not in and of itself technically an “API hack”, it directly affects the API. Social engineering is attacking not the machine code and the API itself, but the weakest element of all – the human element. Humans are fallible, and they can be tricked – often very easily. Social engineering takes advantage of this in a multitude of ways.

>Phishing is the process of sending out mass contact to known users, often using cleverly crafted emails providing links to reset a password or validate a security incident. The catch is that these links aren’t real, and instead result in the attacker grabbing credentials. Spear phishing is much the same but focuses on one high-value target, often providing additional data, typically stolen in some sort of security incident, to instill trust in the user that the communication is indeed valid.

this postispoweredbywiki
@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁▁

🦑Verified hulu premium

pastebin.com/YqxxyZP9

THIS CHANNEL STARTING 24/24 POSTS 😊
,excepting days when undercode is closed :)

> Use all tutorials For learning Only !!!!