▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Capture The Flag (CTF) Information :

WHAT IS ?

Capture the flag (CTF) is a computer security competition that is designed for educational purposes. In Lesson 6.4, "Learning How to Host Enterprise Capture the Flag Events" of the "Enterprise Penetration Testing and Continuous Monitoring (the Art of Hacking Series) LiveLessons" video course, you learned how these CTF work and how you can potentially create these as a "cyber range" within your enterprise. The following are a few links that provide numerous resources and references to past and current CTF events, as well as online practice sites.

🦑This is one of the best resources:
* https://github.com/apsdehal/awesome-ctf

## Some others:
* https://trailofbits.github.io/ctf/
* https://ctftime.org
* https://ctf365.com
* http://captf.com
* https://pentesterlab.com/exercises
* http://vulnhub.com
* https://challenges.re
* http://cryptopals.com
* https://github.com/CTFd/CTFd


> git sources
@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Cloud Security Resources

* [Cloud Security Resources from AWS](https://aws.amazon.com/security/security-resources)

* [Penetration Testing in Microsoft Azure](https://docs.microsoft.com/en-us/azure/security/azure-security-pen-testing)

* [Penetration Testing in AWS](https://aws.amazon.com/security/
penetration-testing)

* [Penetration Testing in Google Cloud Platform](https://cloud.google.com/security/overview)

* [Google Cloud Security Center](https://cloud.google.com/security)



> git sources
@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Additional AWS Pen Testing References

- [PENETRATION TESTING AWS STORAGE: KICKING THE S3 BUCKET](https://rhinosecuritylabs.com/penetration-testing/penetration-testing-aws-storage/) - Written by Dwight Hohnstein from [Rhino Security Labs](https://rhinosecuritylabs.com/).

- [AWS PENETRATION TESTING PART 1. S3 BUCKETS](https://www.virtuesecurity.com/blog/aws-penetration-testing-s3-buckets/) - Written by [@VirtueSecurity](https://twitter.com/VirtueSecurity).

- [AWS PENETRATION TESTING PART 2. S3, IAM, EC2](https://www.virtuesecurity.com/blog/aws-penetration-testing-part-2-s3-iam-ec2/) - Written by [@VirtueSecurity](https://twitter.com/VirtueSecurity).

#Kali in AWS
Kali Linux is already available at Amazon's AWS marketplace at:
https://aws.amazon.com/marketplace/pp/B01M26MMTT


> git sources
@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

#Cracked Passwords Example
Cracking Passwords with John the Ripper" of the Safary :


root@kali:~# john hashes
Warning: detected hash type "sha512crypt", but the string is also recognized as "crypt"
Use the "--format=crypt" option to force loading these as that type instead
Using default input encoding: UTF-8
Loaded 3 password hashes with 3 different salts (sha512crypt, crypt(3) $6$ [SHA512 128/128 AVX 2x])
Press 'q' or Ctrl-C to abort, almost any other key for status
letmein (batman)
password1 (superman)
password (spiderman)
3g 0:00:00:08 DONE 2/3 (2019-01-12 21:22) 0.3496g/s 1038p/s 1053c/s 1053C/s 123456..green
Use the "--show" option to display all of the cracked passwords reliably
Session completed
root@kali:~#

🦑example 2 

root@kali:~# cat cracked.txt
476c6c4a9735ecaff882a6e01bcda6e8:blue123
17a807c3a10ee2d8ed555ddfb8c0f790:boricua
d0f98c2b1656b2f20c731d086dc68d1c:destiny1
dc647eb65e6711e155375218212b3964:Password
```




▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Cryptographic Algorithms


<table>
<tbody>
<tr>
<th scope="col">Algorithm</th>
<th scope="col">Operation</th>
<th scope="col">Status</th>
<th scope="col">Alternative</th>
<th scope="col">QCR</th>
</tr>
<tr>
<td>DES</td>
<td>Encryption</td>
<td>Avoid</td>
<td>AES</td>
<td>&mdash;</td>
</tr>
<tr>
<td>3DES</td>
<td>Encryption</td>
<td>Legacy</td>
<td>AES</td>
<td>&mdash;</td>
</tr>
<tr>
<td>RC4</td>
<td>Encryption</td>
<td>Avoid</td>
<td>AES</td>
<td>&mdash;</td>
</tr>
<tr>
<td>
<p>AES-CBC mode</p>
<p>AES-GCM mode</p>
</td>
<td>
<p>Encryption</p>
<p>Authenticated encryption</p>
</td>
<td>
<p>Acceptable</p>
<p>NGE</p>
</td>
<td>
<p>AES-GCM</p>
<p>&mdash;</p>
</td>
<td>
<p>✓ (256-bit)</p>
<p>✓ (256-bit)</p>
</td>
</tr>
<tr>
<td>
<p>DH-768, -1024</p>
<p>RSA-768, -1024</p>
DSA-768, -1024</td>
<td>
<p>Key exchange</p>
<p>Encryption</p>
<p>Authentication</p>
</td>
<td>
<p>Avoid</p>
</td>
<td>
<p>DH-3072 (Group 15)</p>
<p>RSA-3072</p>
DSA-3072</td>
<td>
<p>&mdash;</p>
<p>&mdash;</p>
<p>&mdash;</p>
</td>
</tr>
<tr>
<td>
<p>DH-2048</p>
<p>RSA-2048</p>
DSA-2048</td>
<td>
<p>Key exchange</p>
<p>Encryption</p>
<p>Authentication</p>
</td>
<td>
<p>Acceptable</p>
</td>
<td>
<p>ECDH-256</p>
<p>&mdash;</p>
ECDSA-256</td>
<td>
<p>&mdash;</p>
<p>&mdash;</p>
<p>&mdash;</p>
</td>
</tr>
<tr>
<td>
<p>DH-3072</p>
<p>RSA-3072</p>
<p>DSA-3072</p>
</td>
<td>
<p>Key exchange</p>
<p>Encryption</p>
<p>Authentication</p>
</td>
<td>Acceptable</td>
<td>
<p>ECDH-256</p>
<p>&mdash;</p>
ECDSA-256</td>
<td>
<p>&mdash;</p>
<p>&mdash;</p>
<p>&mdash;</p>
</td>
</tr>
<tr>
<td>MD5</td>
<td>Integrity</td>
<td>Avoid</td>
<td>SHA-256</td>
<td>&mdash;</td>
</tr>
<tr>
<td>
<p>SHA-1</p>
</td>
<td>
<p>Integrity</p>
</td>
<td>
<p>Legacy</p>
</td>
<td>
<p>SHA-256</p>
</td>
<td>&mdash;</td>
</tr>
<tr>
<td>
<p>SHA-256</p>
<p>SHA-384</p>
<p>SHA-512</p>
</td>
<td>
<p>Integrity</p>
</td>
<td>
<p>NGE</p>
</td>
<td>
<p>SHA-384</p>
<p>&mdash;</p>
<p>&mdash;</p>
</td>
<td>
<p>&mdash;</p>
<p>✓</p>
<p>✓</p>
</td>
</tr>
<tr>
<td>HMAC-MD5</td>
<td>Integrity</td>
<td>Legacy</td>
<td>HMAC-SHA-256</td>
<td>&mdash;</td>
</tr>
<tr>
<td>HMAC-SHA-1</td>
<td>Integrity</td>
<td>Acceptable</td>
<td>HMAC-SHA-256</td>
<td>&mdash;</td>
</tr>
<tr>
<td>HMAC-SHA-256</td>
<td>Integrity</td>
<td>NGE</td>
<td>&mdash;</td>
<td>✓</td>
</tr>
<tr>
<td>
<p>ECDH-256</p>
ECDSA-256</td>
<td>
<p>Key exchange</p>
<p>Authentication</p>
</td>
<td>
<p>Acceptable</p>
</td>
<td>
<p>ECDH-384</p>
ECDSA-384</td>
<td>
<p>&mdash;</p>
<p>&mdash;</p>
</td>
</tr>
<tr>
<td>
<p>ECDH-384</p>
ECDSA-384</td>
<td>
<p>Key exchange</p>
<p>Authentication</p>
</td>
<td>
<p>NGE</p>
</td>
<td>
<p>&mdash;</p>
<p>&mdash;</p>
</td>
<td>
<p>&mdash;</p>
<p>&mdash;</p>
</td>
</tr>
<tr>
<td colspan="5"><a name="ftn1"></a>
<p>1. QCR = quantum computer resistant.</p>
<a name="ftn2"></a>
<p>2. NGE = next generation encryption.</p>
</td>
</tr>
</tbody>
</table>


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Notes about Cryptographic Algorithms :

- Avoid: Algorithms that are marked as Avoid do not provide adequate security against modern threats and should not be used to protect sensitive information. It is recommended that these algorithms be replaced with stronger algorithms.

- Legacy: Legacy algorithms provide a marginal but acceptable security level. They should be used only when no better alternatives are available, such as when interoperating with legacy equipment. It is recommended that these legacy algorithms be phased out and replaced with stronger algorithms.

- Acceptable: Acceptable algorithms provide adequate security.

- Next generation encryption (NGE): NGE algorithms are expected to meet the security and scalability requirements of the next two decades. For more information, see Next Generation Encryption.

- Quantum computer resistant (QCR): There's a lot of research around quantum computers (QCs) and their potential impact on current cryptography standards. Although practical QCs would pose a threat to crypto standards for public-key infrastructure (PKI) key exchange and encryption, no one has demonstrated a practical quantum computer yet. It is an area of active research and growing interest. Although it is possible, it can't be said with certainty whether practical QCs will be built in the future. An algorithm that would be secure even after a QC is built is said to have postquantum security or be quantum computer resistant (QCR). AES-256, SHA-384, and SHA-512 are believed to have postquantum security. There are public key algorithms that are believed to have postquantum security too, but there are no standards for their use in Internet protocols yet.


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

#Additional References :
(Cryptographic Algorithms)

- NIST Post-Quantum Cryptography Project: https://csrc.nist.gov/projects/post-quantum-cryptography
- Post Quantum Cryptography (Wikipedia): https://en.wikipedia.org/wiki/Post-quantum_cryptography

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Bug Bounty Tips and Information

Getting Started :

- Bug Bounties 101

- The life of a bug bounty hunter

- Awesome list of bugbounty cheatsheets

- Getting Started - Bug Bounty Hunter Methodology

- How to Become a Successful Bug Bounty Hunter

- Researcher Resources - How to become a Bug Bounty Hunter

🦑 Write Ups and Walkthroughs
- Awesome Bug Bounty Writeups



> git sources
@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#DOCKERS 2020 FOR Container Composition

- bocker (2) - Write Dockerfile completely in Bash. Extensible and simple. --> Reusable by @icy

- box - Build Dockerfile images with a mruby DSL, includes flattening and layer manipulation

- Capitan - Composable docker orchestration with added scripting support by @byrnedo.

- compose_plantuml - Generate Plantuml graphs from docker-compose files by @funkwerk

- Composerize - Convert docker run commands into docker-compose files

- crowdr - Tool for managing multiple Docker containers (docker-compose alternative) by @polonskiy

- docker-compose-graphviz - Turn a docker-compose.yml files into Graphviz .dot files by @abesto

- draw-compose - Utility to draw a schema of a docker compose by @Alexis-benoist

- elsy - An opinionated, multi-language, build tool based on Docker and Docker Compose

- habitus - A Build Flow Tool for Docker by @cloud66

- plash - A container run and build engine - runs inside docker.

- rocker-compose - Docker composition tool with idempotency features for deploying apps composed of multiple containers. By @grammarly

- rocker - Extended Dockerfile builder. Supports multiple FROMs, MOUNTS, templates, etc. by grammarly.

- Stacker - Docker Compose Templates. Stacker provides an abstraction layer over Docker Compose and a better DX (developer experience)


> git sources
@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Deployment and Infrastructure tools-tips-dockers 2020 :


- blackfish - a CoreOS VM to build swarm clusters for Dev & Production by @DataMC

- Centurion - Centurion is a mass deployment tool for Docker fleets. It takes containers from a Docker registry and runs them on a fleet of hosts with the correct environment variables, host volume mappings, and port mappings. By @newrelic

- Clocker - Clocker creates and manages a Docker cloud infrastructure. Clocker supports single-click deployments and runtime management of multi-node applications that run as containers distributed across multiple hosts, on both Docker and Marathon. It leverages Calicocalico and Weaveweave for networking and Brooklynbrooklyn for application blueprints. By @brooklyncentral

- Conduit - Experimental deployment system for Docker by @ehazlett

- depcon - Depcon is written in Go and allows you to easily deploy Docker containers to Apache Mesos/Marathon, Amazon ECS and Kubernetes. By @gonodrgondor

- Grafeas - A common API for metadata about containers, from image and build details to security vulnerabilities. By Grafeas

> git sources
@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

#Building Your Own Penetration Testing Lab :
t.me/UndercodeTesting


The following are some tips and instructions on how you can build your own lab for penetration testing and to practice different defensive techniques helpful for incident response and digital forensics.

🦑Pen Testing Linux Distributions

While most of the penetration testing tools can be downloaded in isolation and installed in many different operating systems, several popular security-related Linux distributions package hundreds of tools. These distributions make it easy for you to get started and not having to worry about many dependencies, libraries, and compatibility issues you may encounter. The following are the three most popular Linux distributions for ethical hacking (penetration testing):

- Kali Linux: probably the most popular distribution of the three. This distribution is primarily supported and maintained by Offensive Security and can be downloaded from https://www.kali.org. You can easily install it in bare-metal systems, virtual machines, and even in devices like the Raspberry Pi, Chromebooks, and many others.
Note: The folks at Offensive Security have created a free training and book that guides you how to install it in your system. Those resources can be accessed at: https://kali.training

- Parrot: is another popular Linux distribution used by many pen testers and security researchers. You can also install it in bare-metal and in virtual machines. You can download Parrot from https://www.parrotsec.org

- BlackArch Linux: this distribution comes with over 2300 different tools and packages and it is also gaining popularity. You can download BlackArch Linux from: https://blackarch.org

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 #monitor your network-Systems like :

Security Onion

RedHuntOS come with


with Snort,

Suricata, ELK, and many other security tools that allow you to monitor your network.

1) You have to setup port mirroring for IDS/IPS systems like Snort to be able to monitor traffic.

2) In Proxmox, you can setup Linux bridges and Open vSwitch (OVS) bridges.



▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

5️⃣ovs-vsctl -- --id=@p get port tap106i1 \
-- --id=@m create mirror name=span1 select-all=true output-port=@p \
-- set bridge vmbr3 mirrors=@m

6️⃣vmbr3 is the OVS bridge for that internal network. This creates a new “mirror” object named “span1”. Span1 will send any IP traffic on the vmbr3 OVS bridge to the second virtual interface on VM 106 (tap106i1).


@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 OVS Setup
I strongly recommend to use OVS bridges to send traffic to your Security Onion VM (or whatever other VM you would like to capture packets or monitor for IDS/IPS functions.

- Note: A bridge is another term for a Switch. It directs traffic to the appropriate interface based on mac address. Open vSwitch bridges should contain raw ethernet devices, along with virtual interfaces such as OVSBonds or OVSIntPorts. These bridges can carry multiple vlans, and be broken out into 'internal ports' to be used as vlan interfaces on the host.

1️⃣First, you need to update the package index and then install the Open vSwitch packages by executing:

apt update
apt install openvswitch-switch

2️⃣Then you can create an OVS bridge and assign the interfaces of each VM that you want to capture packets to that OVS bridge.

3️⃣You then configure the tap interfaces. These are only visible in the system shell (not in the Proxmox GUI) and are added automatically for VMs attached to an OVS-bridge interface. The naming convention of the tap interfaces is based on the ID of the VM they are assigned to, with the name tap[VM-ID]i[interface#].

For example, these are some of the interfaces in one of the Proxmox nodes/servers in one of my clusters:

┌─[root@hermes]─[~]
└──╼ #ip -brie a
lo UNKNOWN 127.0.0.1/8 ::1/128
enp0s31f6 DOWN
enp1s0f0 UP
enp1s0f1 DOWN
enp3s0f0 UP
enp3s0f1 DOWN
vmbr0 UP 192.168.78.10/24 fe80::92e2:baff:fe84:dbd0/64
vmbr1 UP 10.1.1.10/24 fe80::a236:9fff:fe1c:2430/64
vmbr2 UNKNOWN fe80::f84b:12ff:fe3c:6e61/64
ovs-system DOWN
vmbr3 UNKNOWN fe80::208a:52ff:fe6d:504f/64
tap109i0 UNKNOWN
fwbr109i0 UP
fwpr109p0@fwln109i0 UP
fwln109i0@fwpr109p0 UP
tap109i1 UNKNOWN
tap109i2 UNKNOWN
fwbr109i2 UP
fwpr109p2@fwln109i2 UP
fwln109i2@fwpr109p2 UP
tap112i0 UNKNOWN
fwbr112i0 UP
fwpr112p0@fwln112i0 UP
fwln112i0@fwpr112p0 UP
tap112i1 UNKNOWN
fwbr112i1 UP
fwpr112p1@fwln112i1 UP
fwln112i1@fwpr112p1 UP
tap114i0 UNKNOWN
tap119i0 UNKNOWN
fwbr119i0 UP
fwpr119p0@fwln119i0 UP
fwln119i0@fwpr119p0 UP
tap119i1 UNKNOWN
fwbr119i1 UP
fwpr119p1@fwln119i1 UP
fwln119i1@fwpr119p1 UP
tap121i0 UNKNOWN
veth122i0@if59 UP
fwbr122i0 UP
fwpr122p0@fwln122i0 UP
fwln122i0@fwpr122p0 UP
veth122i1@if64 UP
fwbr122i1 UP
fwpr122p1@fwln122i1 UP
fwln122i1@fwpr122p1 UP
tap126i0 UNKNOWN
fwbr126i0 UP
fwpr126p0@fwln126i0 UP
fwln126i0@fwpr126p0 UP
veth130i0@if73 UP
fwbr130i0 UP
fwpr130p0@fwln130i0 UP
fwln130i0@fwpr130p0 UP
veth136i0@if78 UP
fwbr136i0 UP
fwpr136p0@fwln136i0 UP
fwln136i0@fwpr136p0 UP
fwbr109i1 UP
fwln109o1 UNKNOWN
veth115i0@if89 UP
fwbr115i0 UP
fwln115o0 UNKNOWN
tap106i0 UNKNOWN
fwbr106i0 UP
fwpr106p0@fwln106i0 UP
fwln106i0@fwpr106p0 UP
tap106i1 UNKNOWN

tap106i0 is the first (0) virtual interface created for VM with ID 106, and tap106i1 is the second such interface.

4️⃣In order to send all traffic on the OVS bridge to the Security Onion VM (VM 106). I use the following command in the Proxmox node:

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Digital #Forensics and Incident Response (DFIR) Resources

🦑Incident Response

[Cyphon](https://www.cyphon.io/) - Cyphon eliminates the headaches of incident management by streamlining a multitude of related tasks through a single platform. It receives, processes and triages events to provide an all-encompassing solution for your analytic workflow — aggregating data, bundling and prioritizing alerts, and empowering analysts to investigate and document incidents.

Demisto - Demisto community edition(free) offers full Incident lifecycle management, Incident Closure Reports, team assignments and collaboration, and many integrations to enhance automations (like Active Directory, PagerDuty, Jira and much more...)

[FIR](https://github.com/certsocietegenerale/FIR/) - Fast Incident Response (FIR) is an cybersecurity incident management platform designed with agility and speed in mind. It allows for easy creation, tracking, and reporting of cybersecurity incidents and is useful for CSIRTs, CERTs and SOCs alike

RTIR - Request Tracker for Incident Response (RTIR) is the premier open source incident handling system targeted for computer security teams. We worked with over a dozen CERT and CSIRT teams around the world to help you handle the ever-increasing volume of incident reports. RTIR builds on all the features of Request Tracker

[SCOT](http://getscot.sandia.gov/) - Sandia Cyber Omni Tracker (SCOT) is an Incident Response collaboration and knowledge capture tool focused on flexibility and ease of use. Our goal is to add value to the incident response process without burdening the user

threat_note - A lightweight investigation notebook that allows security researchers the ability to register and retrieve indicators related to their research



@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 #Playbooks new list :

[Demisto Playbooks Collection](https://www.demisto.com/category/playbooks/) - Playbooks collection

IRM - Incident Response Methodologies by CERT Societe Generale

[IR Workflow Gallery](https://www.incidentresponse.com/playbooks/) - Different generic incident response workflows, e.g. for malware outbreak, data theft, unauthorized access,... Every workflow constists of seven steps: prepare, detect, analyze, contain, eradicate, recover, post-incident handling. The workflows are online available or for download

PagerDuty Incident Response Documentation - Documents that describe parts of the PagerDuty Incident Response process. It provides information not only on preparing for an incident, but also what to do during and after. Source is available on GitHub.

> git sources
@UndercodeTesting
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Game Hacking

- The Ultimate Game Hacking Resource: A curated list of tools, tutorials, and much more for reverse engineering video games!
https://github.com/dsasmblr/game-hacking

- The Ultimate Online Game Hacking Resource: https://github.com/dsasmblr/hacking-online-games


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁