▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑A Java based HTTP/HTTPS proxy

> for assessing web application vulnerability.

>It supports editing/viewing HTTP messages on-the-fly. Other featuers include spiders, client certificate, proxy-chaining, intelligent scanning for XSS and SQL injections etc.

 for Windows-Linux-Mac :

> https://sourceforge.net/projects/paros/files/latest/download

@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What this ☠️ project can do in hacking ?

> Download :

https://wiki.owasp.org/index.php/Category:OWASP_WebScarab_Project

FEATURES :

>Fragments - extracts Scripts and HTML comments from HTML pages as they are seen via the proxy, or other plugins

>Proxy - observes traffic between the browser and the web server. The WebScarab proxy is able to observe both HTTP and encrypted HTTPS traffic, by negotiating an SSL connection between WebScarab and the browser instead of simply connecting the browser to the server and allowing an encrypted stream to pass through it. Various proxy plugins have also been developed to allow the operator to control the requests and responses that pass through the proxy.

> Manual intercept - allows the user to modify HTTP and HTTPS requests and responses on the fly, before they reach the server or browser.

>Beanshell - allows for the execution of arbitrarily complex operations on requests and responses. Anything that can be expressed in Java can be executed.

>Reveal hidden fields - sometimes it is easier to modify a hidden field in the page itself, rather than intercepting the request after it has been sent. This plugin simply changes all hidden fields found in HTML pages to text fields, making them visible, and editable.
Bandwidth simulator - allows the user to emulate a slower network, in order to observe how their website would perform when accessed over, say, a modem.

>Spider - identifies new URLs on the target site, and fetches them on command.

>Manual request - Allows editing and replay of previous requests, or creation of entirely new requests.
SessionID analysis - collects and analyzes a number of cookies to visually determine the degree of randomness and unpredictability. Note that this analysis is rather trivial, and does not do any serious checks, such as FIPS, etc.

>Scripted - operators can use BeanShell (or any other BSF supported language found on the classpath) to write a script to create requests and fetch them from the server. The script can then perform some analysis on the responses, with all the power of the WebScarab Request and Response object model to simplify things.

>Parameter fuzzer - performs automated substitution of parameter values that are likely to expose incomplete parameter validation, leading to vulnerabilities like Cross Site Scripting (XSS) and SQL Injection.

>Search - allows the user to craft arbitrary BeanShell expressions to identify conversations that should be shown in the list.
Compare - calculates the edit distance between the response bodies of the conversations observed, and a selected baseline conversation. The edit distance is "the number of edits required to transform one document into another". For performance reasons, edits are calculated using word tokens, rather than byte by byte.

>SOAP - There is a plugin that parses WSDL, and presents the various functions and the required parameters, allowing them to be edited before being sent to the server. NOTE: This plugin is deprecated, and may be removed in the future. SOAPUI is streets beyond anything that Webscarab can do, or will ever do, and is

>Extensions - automates checks for files that were mistakenly left in web server's root directory (e.g. .bak, ~, etc). Checks are performed for both, files and directories (e.g. /app/login.jsp will be checked for /app/login.jsp.bak, /app/login.jsp~, /app.zip, /app.tar.gz, etc). Extensions for files and directories can be edited by user.

>XSS/CRLF - passive analysis plugin that searches for user-controlled data in HTTP response headers and body to identify potential CRLF injection (HTTP response splitting) and reflected cross-site scripting (XSS) vulnerabilities.

@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

not all verified

Magento WooCommerce CardGate Payment Gateway 2.0.30 - Payment Process Bypass

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Vulnerable Servers :

> There are a series of vulnerable web applications that you can use to practice your skills in a safe environment. You can get more information about them in the [vulnerable_servers directory in this repository](https://github.com/The-Art-of-Hacking/art-of-hacking/tree/master/vulnerable_servers).

#How to Integrate OWASP ZAP with Jenkins :

-You can integrate ZAP with Jenkins and even automatically create Jira issues based on your findings. You can download the [ZAP plug in here](https://wiki.jenkins.io/display/JENKINS/zap+plugin).

-[This video](https://www.youtube.com/watch?v=mmHZLSffCUg) provides an overview of how to integrate


#Docker Security

- [OWASP Docker security resources](https://github.com/OWASP/Docker-Security)

- [Docker Bench for Security](https://github.com/docker/docker-bench-security)

- [Dockerscan](https://github.com/cr0hn/dockerscan)

- [Docker Security Playground](https://github.com/giper45/DockerSecurityPlayground)

#Javascript Tools :

* [Retire.js](https://retirejs.github.io/retire.js)

>git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Kaspery 2020 new serials :

73ENT-NF8V4-9RPKP-EHWHB Internet Security


VPWAM-6JRYT-HXWCB-ED5JC Internet Security


32RVA-GG3T6-MESQX-1FM9X Internet Security


ZQN5F-F23T4-GWBHC-BNQXW Total Security



U3V84-2RJ5E-FFMBQ-K8M7G Total Security

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to get a Premium Account-Crack spootify :

> Several years ago, it was possible to pay for a subscription in the United States or another region using some domestic payment services or bank cards. Then they closed the loophole and to activate the premium they began to demand the binding of a local bank card.

1️⃣Now many users practice registering family accounts for several people, one of which has the necessary physical or virtual card. So you can get a premium and save on the cost of the service.

2️⃣In order not to look for such a “family” and not depend on the whims of its other members, it is better to buy a premium yourself. Make it easier and more profitable not in the US, but in another region.

3️⃣When registering an American account, the premium will cost a significant $ 9.99 per month. The most affordable prices differ Malaysia and the Philippines . In the first case, the premium account will cost about 180 and in the second - 270 rubles.
Regional catalogs have minor differences; most music lovers will not notice them.

4️⃣Here's what you need to do to listen to music at a nice price:


1) Change the country in the existing account to Malaysia or the Philippines. To do this, go to the account settings, select the Edit Profile item and change the Country field.

> Just because the right state does not appear there. You need to "move" to the region through VPN / PROXY. It is more convenient to do this on a computer through a PROXY replacement. Here you can find the addresses you need.
Finding a free VPN with servers in these countries will be difficult.

2) Go to the Seagm service website and register. VPN and PROXY can already be disabled, at registration you should indicate the current country of residence for the convenience of payment.

3) On the service’s website, in search we search for Spotify and select maps for the desired region: Malaysia (MY) or Philippines (PH).

4) Choose a subscription period (one, three or six months) and purchase a card.

> The following payment methods are available:
There is a small commission for each payment method. There is a possibility to pay via WebMoney without commission, but the operation is manual, you will have to make a payment for the specified details and write to the support team to confirm the payment, and then send the activation code.
It’s better not to spare the extra 20 rubles for the payment to go automatically.

5) A few minutes after payment in your account, we will receive a card with a code to activate the premium subscription.

6) We go here and activate the received code.
All! Enjoy the benefits of a premium account.
What's next

> Unfortunately, there are not always cards with codes in the store. If you see a half-year on a Philippine account - immediately buy.

7) When the subscription term comes to an end, just buy another code on the Seagm website

No PROXY or VPN will be required anymore, except Spotify will not require a connection from its home country every two weeks.

> use this tutorial for learn-not for steal !


@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Insecure Protocols and Services

#Insecure Protocols
The following are also some of the protocols that are considered insecure:

- Rlogin: https://linux.die.net/man/1/rlogin
- Rsh: https://linux.die.net/man/1/rsh
- Finger: https://linux.die.net/man/1/finger


#Insecure Services
The following services should be carefully implemented and not exposed to untrusted networks:

- Authd (or Identd): https://linux.die.net/man/3/ident
- Netdump: https://linux.die.net/man/8/netdump
- Netdump-server: https://linux.die.net/man/8/netdump-server
- Nfs: https://linux.die.net/man/5/nfs
- Rwhod: https://linux.die.net/man/8/rwhod
- Sendmail: https://linux.die.net/man/8/sendmail.sendmail
- Samba: https://linux.die.net/man/7/samba
- Yppasswdd: https://linux.die.net/man/8/yppasswdd
- Ypserv: https://linux.die.net/man/8/ypserv
- Ypxfrd: https://linux.die.net/man/8/ypxfrd

@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FULL ALL VPN 2020 RESOURCES

> How it work
> configure
> hack

#IKEv2 and FlexVPN
- [Configuring IKEv2 VRF aware SVTI]()

#Cisco ASA IPsec VPN
- [ASA IKEv2 RA VPN With Windows or Android VPN Clients and Certificate Authentication Configuration](https://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/213246-asa-ikev2-ra-vpn-with-windows-7-or-andro.html)


#Troubleshooting Commands
- [IPsec Troubleshooting: Understanding and Using debug Commands](https://www.cisco.com/c/en/us/support/docs/security-vpn/ipsec-negotiation-ike-protocols/5409-ipsec-debug-00.html)
- [IPSec show commands Reference](https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/security/s1/sec-s1-cr-book/sec-cr-s3.html#wp3114534247)


## Additional GET VPN Resources

- [GETVPN Deployment Guide ](https://www.cisco.com/c/en/us/products/collateral/security/group-encrypted-transport-vpn/deployment_guide_c07_554713.html)
- [GETVPN Sample Configurations](https://www.cisco.com/c/en/us/products/collateral/security/group-encrypted-transport-vpn/deployment_guide_c07_554713.html)


@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Useful `tcpdump` commands

1️⃣TCPDUMP Cheat Sheet
* [TCPDUMP Cheat Sheet](http://packetlife.net/media/library/12/tcpdump.pdf) is a good resource (I also have a local copy in this repository)

2️⃣TCP traffic on port 80-88
tcpdump -nvvX -sO -i ethO tcp portrange 80-88

3️⃣Capturing traffic to specific IP address excluding specific subnet
tcpdump -I ethO -tttt dst ip and not net 10.10.10.0/24

4️⃣Capturing traffic for a specific host
tcpdump host 10.1.1.1

5️⃣Capturing traffic for a specific subnet
tcpdump net 10.1.1

6️⃣Capturing traffic for a given duration in seconds
dumpcap -I ethO -a duration: sec -w file myfile.pcap

7️⃣Replaying a PCAP
file2cable -i ethO -f file.pcap

8️⃣Replaying packets (to fuzz/DoS)
`tcpreplay--topspeed --loop=O --intf=ethO pcap_file_to_replay mbps=10|100|1000


@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 ONLINE 7/24-24/24 MARKETS POPULAR & TRUSTED SERVICES :

http://mobil7rab6nuf7vx.onion/ – Mobile Store

http://54flq67kqr5wvjqf.onion/ – MSR Shop

http://yth5q7zdmqlycbcz.onion/ – Old Man Fixer’s Fixing Services

http://matrixtxri745dfw.onion/neo/uploads/

MATRIXtxri745dfwONION_130827231336IPA_pc.png – PC Shop

http://storegsq3o5mfxiz.onion/ – Samsung StorE

http://sheep5u64fi457aw.onion/ – Sheep Marketplace

http://nr6juudpp4as4gjg.onion/betcoin.htm – Tor BetCoin

http://qizriixqwmeq4p5b.onion/ – Tor Web Developer

http://vfqnd6mieccqyiit.onion/ – UK Passports

http://en35tuzqmn4lofbk.onion/ – US Fake ID Store

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑NORDVPN PREMIUM✅ :

Aarprovince@gmail.com:Omega290 @undercodeTesting Expires at: 2020/07/06
heuninckloris@gmail.com:pepsi2009 @undercodeTesting Expires at: 2020/06/15
jaferbassam@gmail.com:lol654123 @undercodeTesting Expires at: 2020/06/16
jbriois59@gmail.com:jujubri59 @undercodeTesting Expires at: 2020/07/06
jeremy.burri@hotmail.com:jeremy12 @undercodeTesting Expires at: 2020/07/09
ernstkoekemoer05@gmail.com:Corvini5 @undercodeTesting Expires at: 2020/06/25
millimanjp@gmail.com:jjj081323 @undercodeTesting Expires at: 2020/07/02
kris.soonaugle20@gmail.com:Colonel12 @undercodeTesting Expires at: 2020/12/23
mikael.derrien@yahoo.fr:M05pee91 @undercodeTesting Expires at: 2020/10/18
brindusa.istrate@calirom.ro:marketing29 @undercodeTesting Expires at: 2020/07/15
achatortalberto@gmail.com:BALTAZAR1 @undercodeTesting Expires at: 2020/10/05
ajgomes200029@gmail.com:Umbreonrox56 @undercodeTesting Expires at: 2020/07/13
mostafahamdy6@gmail.com:159753221993 @undercodeTesting Expires at: 2020/09/21
jacques.laffargue@hotmail.fr:Lucifer66 @undercodeTesting Expires at: 2020/07/03
skoldsie@gmail.com:Discodog420 @undercodeTesting Expires at: 2020/09/28
melchorbryan273@gmail.com:opguy1632 @undercodeTesting Expires at: 2020/06/19
patrickmrc110@gmail.com:patrick110 @undercodeTesting Expires at: 2020/06/14
mr.pancake9@gmail.com:Pancakeslap9 @undercodeTesting Expires at: 2020/10/08
manne.jag@gmail.com:Aiqts520! @undercodeTesting Expires at: 2020/08/18
dawsonshelley99@live.com:472919Aa! @undercodeTesting Expires at: 2020/06/29
bkeller2010@yahoo.com:Lovelife7! @undercodeTesting Expires at: 2020/07/10
52coolsam@gmail.com:Littlechicken10 @undercodeTesting Expires at: 2020/09/02
gstoroschuk@icloud.com:Goovin56 @undercodeTesting Expires at: 2020/10/05
cfr476@gmail.com:Spoons05 @undercodeTesting Expires at: 2020/08/10
brianpedson@gmail.com:Jester2161! @undercodeTesting Expires at: 2020/06/29
antti.kivi98@gmail.com:Oskari98 @undercodeTesting Expires at: 2020/09/06
mr.knaub@gmail.com:Robert02 @undercodeTesting Expires at: 2020/12/12
chrisskake@gmail.com:Monsterhunter1 @undercodeTesting Expires at: 2020/06/29
ryan.a.williams@outlook.com:Qdc61abc123 @undercodeTesting Expires at: 2020/07/11
jeroenbauwen@gmail.com:Spider120 @undercodeTesting Expires at: 2020/10/09
felix_bender1994@web.de:Ronhill1234 @undercodeTesting Expires at: 2020/06/30
hopsinfand1@gmail.com:780basswood @undercodeTesting Expires at: 2020/08/16
nqjacknguyen@yahoo.com:Kwazieboi1 @undercodeTesting Expires at: 2020/07/01
howard8844@gmail.com:RootBeer4 @undercodeTesting Expires at: 2020/07/12
jareddavenport12@gmail.com:Yoville12 @undercodeTesting Expires at: 2020/06/28
game.alromaithi@gmail.com:5665950ad @undercodeTesting Expires at: 2020/07/10
ginocicerone3@gmail.com:7272PCpc @undercodeTesting Expires at: 2020/06/20
grimaian@hotmail.com:21667696Ian @undercodeTesting Expires at: 2020/06/22
gmanhilton@icloud.com:Heather314 @undercodeTesting Expires at: 2020/06/28
donutguy12@gmail.com:P90silenced @undercodeTesting Expires at: 2020/11/29
tomedgibbs@gmail.com:Beanz191 @undercodeTesting Expires at: 2020/07/03
stevenwang125@gmail.com:Qq1324798qq @undercodeTesting Expires at: 2020/11/26
samfaalilo@gmail.com:Superman200 @undercodeTesting Expires at: 2020/06/25
myerslane1@gmail.com:Myerslane12 @undercodeTesting Expires at: 2020/06/30
alexpatriots96@comcast.net:HackersSuck78 @undercodeTesting Expires at: 2020/07/10
selshalman1@gmail.com:emmanuel1992 @undercodeTesting Expires at: 2020/06/15
hoomanfarhadi86@yahoo.com:Minecraft12 @undercodeTesting Expires at: 2020/07/12
consult1967@hotmail.com:biscuit1967 @undercodeTesting Expires at: 2020/09/01
jessyc09@yahoo.com:ladybug05 @undercodeTesting Expires at: 2022/03/02
jmrichards1@gmail.com:gurlie425 @undercodeTesting Expires at: 2020/07/03
mckethan@icloud.com:123qweasdzxC @undercodeTesting Expires at: 2020/06/17
k21k@ymail.com:Vacuite21 @undercodeTesting Expires at: 2020/08/31
stepong@gmail.com:Passme02 @undercodeTesting Expires at: 2021/08/06
abhishek.chy23@gmail.com:jairamjiki @undercodeTesting Expires at: 2022/06/18

abc123_yoyoyo@yahoo.com:irule123 @undercodeTesting Expires at: 2023/04/01
gary.sizemore@yahoo.com:Grady123 @undercodeTesting Expires at: 2023/02/26
cotk77338@yahoo.com:Diablo69 @undercodeTesting Expires at: 2020/06/29
dsants@gmail.com:cstrike123 @undercodeTesting Expires at: 2021/07/17
nikpearson980@gmail.com:Nikolas1 @undercodeTesting Expires at: 2020/07/12
carissabryn@gmail.com:2274cari @undercodeTesting Expires at: 2021/03/24
dcaplan000@gmail.com:apple123 @undercodeTesting Expires at: 2020/06/22
alexrosenthalmft@gmail.com:personal4 @undercodeTesting Expires at: 2022/08/16
daniel_vukovic@hotmail.com:tiempo13 @undercodeTesting Expires at: 2021/02/15
snoop97dawg@msn.com:SUSIEM25 @undercodeTesting Expires at: 2020/06/18
pete_barker@live.com.au:Lambylamb @undercodeTesting Expires at: 2022/07/14
zheeney@gmail.com:heeney92 @undercodeTesting Expires at: 2020/11/29
darrenmichaud@hotmail.com:Chito_Kai1 @undercodeTesting Expires at: 2021/06/03
bddonner@hotmail.com:Fallout2og @undercodeTesting Expires at: 2020/11/14
spanosnikolaos1@gmail.com:medical314 @undercodeTesting Expires at: 2020/06/22
ethantownsend@live.com:Qwertyuiop1 @undercodeTesting Expires at: 2021/07/07
smelting58@yahoo.com:nigger06 @undercodeTesting Expires at: 2022/07/10
miraneitan@gmail.com:4589asdf @undercodeTesting Expires at: 2020/07/10
familycumberland@gmail.com:freddyfan1 @undercodeTesting Expires at: 2020/11/22
jjis76@hotmail.com:Buster08 @undercodeTesting Expires at: 2023/05/04
deanandnostrand@gmail.com:crazyman2 @undercodeTesting Expires at: 2020/06/29
timothyharaldson@gmail.com:879234bo @undercodeTesting Expires at: 2020/11/04
robertmiddleton42@gmail.com:lockheed1 @undercodeTesting Expires at: 2023/03/20
keithlyanderson@yahoo.com:Awesnap1 @undercodeTesting Expires at: 2020/07/03
zacschwa@hotmail.com:GKs339Ww @undercodeTesting Expires at: 2020/06/30
bigzed31@gmail.com:tomtom1331 @undercodeTesting Expires at: 2022/08/21
joeyjohnson1997@gmail.com:Peanutbutter1 @undercodeTesting Expires at: 2020/06/17
chichingyui@gmail.com:chi08050040 @undercodeTesting Expires at: 2023/03/15
axel.eriksson@live.com:astor123 @undercodeTesting Expires at: 2020/07/05
jeremysnow404@yahoo.com:Gr8tt!me @undercodeTesting Expires at: 2021/11/17
Patrickbo001@outlook.com:Pencil12345 @undercodeTesting Expires at: 2020/06/13
juliesalgat@me.com:VaBu6242 @undercodeTesting Expires at: 2022/05/31
chen_zhu87@hotmail.com:Sw0rdf!sh @undercodeTesting Expires at: 2022/05/26
stevegads19@yahoo.com:soccer19 @undercodeTesting Expires at: 2022/10/04
maddoxw0606@gmail.com:daddy1026 @undercodeTesting Expires at: 2020/07/05
stvda@hotmail.com:Noah1313 @undercodeTesting Expires at: 2020/12/27
greenSnake98@gmail.com:lenovo2013 @undercodeTesting Expires at: 2023/04/23
ryan.roy122@gmail.com:Norman2013 @undercodeTesting Expires at: 2020/07/11
jeremyayoub04@gmail.com:deadpool4 @undercodeTesting Expires at: 2020/07/14
thefattoaster@gmail.com:S5r8x1o0 @undercodeTesting Expires at: 2022/08/12
damienfarcy65@gmail.com:chouchou65 @undercodeTesting Expires at: 2023/04/03
luxx.ozzo@gmail.com:1q2ws3edc @undercodeTesting Expires at: 2021/05/25
guffeydonovon@gmail.com:Guitar2@ @undercodeTesting Expires at: 2020/08/20
tham17584@gmail.com:HaMaTi23 @undercodeTesting Expires at: 2020/06/29
ashesburnsfire@gmail.com:As501119 @undercodeTesting Expires at: 2023/06/13
zhangyuhanyh@gmail.com:83779690Yh @undercodeTesting Expires at: 2023/03/12
themessshow@gmail.com:Nike1865! @undercodeTesting Expires at: 2020/08/02
sven02sm@gmail.com:lollypop12 @undercodeTesting Expires at: 2020/06/21
Catherinembilodeau@gmail.com:JSBach1999! @undercodeTesting Expires at: 2020/06/23
dvnwoodd@gmail.com:Qdrop123 @undercodeTesting Expires at: 2022/07/06
mshard@live.com:Matty2004 @undercodeTesting Expires at: 2022/05/05
Matthiasdavidm@gmail.com:matti2004 @undercodeTesting Expires at: 2020/07/01
shockflare100@gmail.com:coolguy22 @undercodeTesting Expires at: 2021/05/01
saibaba.sairam12345@gmail.com:saibaba12345 @undercodeTesting Expires at: 2020/06/15
maximdebolle@hotmail.com:max74503632 @undercodeTesting Expires at: 2023/04/16

djsigthor@gmail.com:larus123 @undercodeTesting Expires at: 2022/10/12
alexandregutknecht2000@gmail.com:bouboule28 @undercodeTesting Expires at: 2020/06/28
dylanwillcut@gmail.com:Hidiho123 @undercodeTesting Expires at: 2020/07/07
narin4life@hotmail.com:!P3452879p! @undercodeTesting Expires at: 2022/10/05
rufusdavies242@gmail.com:HazarD10 @undercodeTesting Expires at: 2020/08/20
aaronkim53@gmail.com:a3k3knjn @undercodeTesting Expires at: 2022/07/05
amer.ali7@gmail.com:Aa786786 @undercodeTesting Expires at: 2022/05/07
mailubeitches@gmail.com:Sammy345 @undercodeTesting Expires at: 2021/11/10
stephankreuzer1@gmail.com:Teddy123 @undercodeTesting Expires at: 2020/07/01
francispashaj@gmail.com:Franciscool01 @undercodeTesting Expires at: 2022/04/06
lamarmchaney@yahoo.com:Lamar235187 @undercodeTesting Expires at: 2021/01/03
rehorsam@gmail.com:tumeg500 @undercodeTesting Expires at: 2022/09/18
devonhester100@gmail.com:onepiece01 @undercodeTesting Expires at: 2022/06/20
kjmcnutt@gmail.com:Molson88 @undercodeTesting Expires at: 2021/12/12
spikesama@gmail.com:maispormenos0 @undercodeTesting Expires at: 2023/02/28
stevenlythe@gmail.com:Password1 @undercodeTesting Expires at: 2021/05/27
drouinmatthieu22@gmail.com:tomate11 @undercodeTesting Expires at: 2023/02/20
andrewaskew5@gmail.com:ask19550 @undercodeTesting Expires at: 2022/06/12
jn_dufresne@hotmail.com:3061Trustno1 @undercodeTesting Expires at: 2021/07/15
kaleb@bowen.com:Goober1234 @undercodeTesting Expires at: 2023/03/02
rmmayfield2001@gmail.com:pops4444 @undercodeTesting Expires at: 2022/08/04
areynolds0059@outlook.com:Fuckyou13 @undercodeTesting Expires at: 2020/07/17
j.ayers.mann@gmail.com:Jam228903 @undercodeTesting Expires at: 2021/06/16
tobias2000cc@hotmail.com:reuben101 @undercodeTesting Expires at: 2022/09/11
crimsonconcept@gmail.com:Warhammer2 @undercodeTesting Expires at: 2020/07/15
dwarfmonkey564@yahoo.com:Skippy123 @undercodeTesting Expires at: 2023/01/12
Terrence1111@yahoo.com:Scarface11 @undercodeTesting Expires at: 2020/06/25
kc70@hotmail.com:kerim123 @undercodeTesting Expires at: 2023/03/16

NOT CRACKED BY UNDERCODE-TESTING !!!

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

nordvpn premium✅

> provide with screanshoats to @Undercode_bot

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Resources for Windows-based Assessments 2020 v

#Tools used for Windows-based Assessments

- PowerShell Empire
- CimSweep
- Responder - A LLMNR, NBT-NS and MDNS poisoner
- BloodHound - Six Degrees of Domain Admin
- AD Control Path - Active Directory Control Paths auditing and graphing tools
- PowerSploit - A PowerShell Post-Exploitation Framework
- PowerView - Situational Awareness PowerShell framework
- PowerSCCM - Functions to facilitate connections to and queries from SCCM databases and WMI interfaces for both offensive and defensive applications.
- Empire - PowerShell and Python post-exploitation agent
- Mimikatz - Utility to extract plaintexts passwords, hash, PIN code and kerberos tickets from memory but also perform pass-the-hash, pass-the-ticket or build Golden tickets
- UACME - Defeating Windows User Account Control
- Windows System Internals - (Including Sysmon etc.)
- Hardentools - Collection of simple utilities designed to disable a number of "features" exposed by Windows
- CrackMapExec - A swiss army knife for pentesting Windows/Active Directory environments

#Additional Resources

- PaulSec Windows Resource Repository
- Tools Cheatsheets - (Beacon, PowerView, PowerUp, Empire, ...)
- SANS PowerShell Cheat Sheet
- The Active Directory module for Windows PowerShell is a PowerShell module that consolidates a group of cmdlets.

>git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁


🦑Patch for wordpress 2020- to httaccess against 30% of sql :

1️⃣Open .httaccess

2️⃣add those lines :

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_METHOD} ^(HEAD|TRACE|DELETE|TRACK) [NC]
RewriteRule ^(.*)$ - [F,L]
RewriteCond %{QUERY_STRING} \.\.\/ [NC,OR]
RewriteCond %{QUERY_STRING} boot\.ini [NC,OR]
RewriteCond %{QUERY_STRING} tag\= [NC,OR]
RewriteCond %{QUERY_STRING} ftp\: [NC,OR]
RewriteCond %{QUERY_STRING} http\: [NC,OR]
RewriteCond %{QUERY_STRING} https\: [NC,OR]
RewriteCond %{QUERY_STRING} (\<|%3C).*script.*(\>|%3E) [NC,OR]
RewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR]
RewriteCond %{QUERY_STRING} base64_encode.*\(.*\) [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(\[|\]|\(|\)|<|>|ê|"|;|\?|\*|=$).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(&#x22;|&#x27;|&#x3C;|&#x3E;|&#x5C;|&#x7B;|&#x7C;).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(%24&x).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F|127\.0).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]
RewriteCond %{QUERY_STRING} ^.*(request|select|insert|union|declare).* [NC]
RewriteCond %{HTTP_COOKIE} !^.*WordPress_logged_in_.*$
RewriteRule ^(.*)$ - [F,L]
</IfModule>

@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁