β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦File #Carving #Mlawares
carving tool.
EVTXtract - Carve Windows
Event Log files from raw binary data.
[Foremost](http://foremost.sourceforge.net/) - File carving tool designed
by the US Air Force.
hachoir3 - Hachoir is a Python library
to view and edit a binary stream field by field.
[Scalpel](https://github.com/sleuthkit/scalpel) - Another data carving
tool.
SFlock - Nested archive
extraction/unpacking (used in Cuckoo Sandbox).
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦File #Carving #Mlawares
extracting files from inside disk and memory images.[bulk_extractor](https://github.com/simsong/bulk_extractor) - Fast file
carving tool.
EVTXtract - Carve Windows
Event Log files from raw binary data.
[Foremost](http://foremost.sourceforge.net/) - File carving tool designed
by the US Air Force.
hachoir3 - Hachoir is a Python library
to view and edit a binary stream field by field.
[Scalpel](https://github.com/sleuthkit/scalpel) - Another data carving
tool.
SFlock - Nested archive
extraction/unpacking (used in Cuckoo Sandbox).
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - simsong/bulk_extractor: This is the development tree. Production downloads are at:
This is the development tree. Production downloads are at: - simsong/bulk_extractor
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦WHEN SANDBOX BECOME A MALWARE ?
#FastTip
Nearly every malware analysis sandbox looks at the system call interface or the Windows API when monitoring the behavior of a user mode process. ...
> In other words, a sandbox may see a malware read from a script, but it can not tell how the malware actually handles the data.
π¦WHEN SANDBOX BECOME A MALWARE ?
#FastTip
Nearly every malware analysis sandbox looks at the system call interface or the Windows API when monitoring the behavior of a user mode process. ...
> In other words, a sandbox may see a malware read from a script, but it can not tell how the malware actually handles the data.
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Essential malware analysis reading material #resources
#Malware/
[Learning Malware Analysis](https://www.packtpub.com/networking-and-servers/learning-malware-analysis) - Learning Malware Analysis: Explore the concepts, tools, and techniques to analuze and investigate Windows malware
Mastering Malware Analysis - Mastering Malware Analysis: The complete malware analyst's guide to combating malicious software, APT, cybercime, and IoT attacks
[Mastering Reverse Engineering](https://www.packtpub.com/networking-and-servers/mastering-reverse-engineering) - Mastering Reverse Engineering: Re-engineer your ethical hacking skills
Practical Malware Analysis - The Hands-On
Guide to Dissecting Malicious Software.
[Practical Reverse Engineering](https://www.amzn.com/dp/1118787315/) -
Intermediate Reverse Engineering.
Real Digital Forensics - Computer
Security and Incident Response.
[Rootkits and Bootkits](https://www.amazon.com/dp/1593277164) - Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats
The Art of Memory Forensics - Detecting
Malware and Threats in Windows, Linux, and Mac Memory.
[The IDA Pro Book](https://amzn.com/dp/1593272898) - The Unofficial Guide
to the World's Most Popular Disassembler.
The Rootkit Arsenal - The Rootkit Arsenal:
Escape and Evasion in the Dark Corners of the System
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Essential malware analysis reading material #resources
#Malware/
[Learning Malware Analysis](https://www.packtpub.com/networking-and-servers/learning-malware-analysis) - Learning Malware Analysis: Explore the concepts, tools, and techniques to analuze and investigate Windows malware
Mastering Malware Analysis - Mastering Malware Analysis: The complete malware analyst's guide to combating malicious software, APT, cybercime, and IoT attacks
[Mastering Reverse Engineering](https://www.packtpub.com/networking-and-servers/mastering-reverse-engineering) - Mastering Reverse Engineering: Re-engineer your ethical hacking skills
Practical Malware Analysis - The Hands-On
Guide to Dissecting Malicious Software.
[Practical Reverse Engineering](https://www.amzn.com/dp/1118787315/) -
Intermediate Reverse Engineering.
Real Digital Forensics - Computer
Security and Incident Response.
[Rootkits and Bootkits](https://www.amazon.com/dp/1593277164) - Rootkits and Bootkits: Reversing Modern Malware and Next Generation Threats
The Art of Memory Forensics - Detecting
Malware and Threats in Windows, Linux, and Mac Memory.
[The IDA Pro Book](https://amzn.com/dp/1593272898) - The Unofficial Guide
to the World's Most Popular Disassembler.
The Rootkit Arsenal - The Rootkit Arsenal:
Escape and Evasion in the Dark Corners of the System
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Packt
Learning Malware Analysis | Packt
Understand malware analysis and its practical implementation
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ #Awesome repo Lists new :
[Android Security](https://github.com/ashishb/android-security-awesome)
AppSec
[CTFs](https://github.com/apsdehal/awesome-ctf)
Forensics
["Hacking"](https://github.com/carpedm20/awesome-hacking)
Honeypots
[Industrial Control System Security](https://github.com/hslatman/
awesome-industrial-control-system-security)
Incident-Response
[Infosec](https://github.com/onlurking/awesome-infosec)
PCAP Tools
[Pentesting](https://github.com/enaqx/awesome-pentest)
Security
[Threat Intelligence](https://github.com/hslatman/awesome-threat-
intelligence)
YARA
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ #Awesome repo Lists new :
[Android Security](https://github.com/ashishb/android-security-awesome)
AppSec
[CTFs](https://github.com/apsdehal/awesome-ctf)
Forensics
["Hacking"](https://github.com/carpedm20/awesome-hacking)
Honeypots
[Industrial Control System Security](https://github.com/hslatman/
awesome-industrial-control-system-security)
Incident-Response
[Infosec](https://github.com/onlurking/awesome-infosec)
PCAP Tools
[Pentesting](https://github.com/enaqx/awesome-pentest)
Security
[Threat Intelligence](https://github.com/hslatman/awesome-threat-
intelligence)
YARA
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - ashishb/android-security-awesome: A collection of android security related resources
A collection of android security related resources - ashishb/android-security-awesome
π¦Bin For Spotify 3 Months Premium + ATRESplayer Premium
BIN: 5183024500xxxxxx
DATE: Rnd
CVV: Rnd
IP: USA πΊπΈ
β Spotify
β AteresPlayer
How use bin https://t.me/UnderCodeTesting/3768
BIN: 5183024500xxxxxx
DATE: Rnd
CVV: Rnd
IP: USA πΊπΈ
β Spotify
β AteresPlayer
How use bin https://t.me/UnderCodeTesting/3768
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦MALWARE RESOURCES :
* [SMRT](https://github.com/pidydx/SMRT) - Sublime Malware Research Tool, a
plugin for Sublime 3 to aid with malware analyis.
* [strace](https://sourceforge.net/projects/strace/) - Dynamic analysis for
* [StringSifter](https://github.com/fireeye/stringsifter) - A machine learning tool
that automatically ranks strings based on their relevance for malware analysis.
* [Triton](https://triton.quarkslab.com/) - A dynamic binary analysis (DBA) framework.
* [Udis86](https://github.com/vmt/udis86) - Disassembler library and tool
for x86 and x86_64.
* [Vivisect](https://github.com/vivisect/vivisect) - Python tool for
malware analysis.
* [WinDbg](https://developer.microsoft.com/en-us/windows/hardware/download-windbg) - multipurpose debugger for the Microsoft Windows computer operating system, used to debug user mode applications, device drivers, and the kernel-mode memory dumps.
* [X64dbg](https://github.com/x64dbg/) - An open-source x64/x32 debugger for windows.
* [iocextract](https://github.com/InQuest/python-iocextract) - Advanced Indicator
of Compromise (IOC) extractor, Python library and command-line tool.
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦MALWARE RESOURCES :
* [SMRT](https://github.com/pidydx/SMRT) - Sublime Malware Research Tool, a
plugin for Sublime 3 to aid with malware analyis.
* [strace](https://sourceforge.net/projects/strace/) - Dynamic analysis for
* [StringSifter](https://github.com/fireeye/stringsifter) - A machine learning tool
that automatically ranks strings based on their relevance for malware analysis.
* [Triton](https://triton.quarkslab.com/) - A dynamic binary analysis (DBA) framework.
* [Udis86](https://github.com/vmt/udis86) - Disassembler library and tool
for x86 and x86_64.
* [Vivisect](https://github.com/vivisect/vivisect) - Python tool for
malware analysis.
* [WinDbg](https://developer.microsoft.com/en-us/windows/hardware/download-windbg) - multipurpose debugger for the Microsoft Windows computer operating system, used to debug user mode applications, device drivers, and the kernel-mode memory dumps.
* [X64dbg](https://github.com/x64dbg/) - An open-source x64/x32 debugger for windows.
* [iocextract](https://github.com/InQuest/python-iocextract) - Advanced Indicator
of Compromise (IOC) extractor, Python library and command-line tool.
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
pidydx/SMRT
Sublime Malware Research Tool. Contribute to pidydx/SMRT development by creating an account on GitHub.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦helpfull termux tool :
FEATURES :
>Grabb email passwords NEW!
>Check passwords leaked.
>Check hash code leaked.
>Check email leaked!
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦helpfull termux tool :
FEATURES :
>Grabb email passwords NEW!
>Check passwords leaked.
>Check hash code leaked.
>Check email leaked!
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£
sudo apt update && sudo apt install python3 python3-pip
2οΈβ£git clone https://github.com/GitHackTools/Leaked
3οΈβ£cd Leaked
4οΈβ£bash install_update.sh
5οΈβ£python3 leaked.py
6οΈβ£CHOOSE OPTIONS VIA NUMBER SIMPLY@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Apache Log Modules
Apache has several modules that are responsible for weblogs:
1οΈβ£mod_log_config . Keeps a log of requests made to the server. This is the main module, which is enabled by default, and it is he who saves information about requests. Basically, here we will consider this particular module and its settings. Provides access log operation .
2οΈβ£mod_log_debug . Additional custom debug logs. Enables Additional configurable debug logging. It has an experimental status.
3οΈβ£mod_log_forensic . Forensic registration of server requests. Provides Forensic (forensic logs).
4οΈβ£mod_logio . Registration of input and output bytes of each request. This module must be included in the Apache configuration if you want to log information about the amount of data transferred and / or received. Provides some of the features of the Access Log format (access log).
5οΈβ£Apache Core Features - The main Apache HTTP Server features that are always available. It also provides the operation of Error Log and Per-module logging .
6οΈβ£mod_cgi and mod_cgid . Provides the work of the CGI Script Execution Log.
Written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Apache Log Modules
Apache has several modules that are responsible for weblogs:
1οΈβ£mod_log_config . Keeps a log of requests made to the server. This is the main module, which is enabled by default, and it is he who saves information about requests. Basically, here we will consider this particular module and its settings. Provides access log operation .
2οΈβ£mod_log_debug . Additional custom debug logs. Enables Additional configurable debug logging. It has an experimental status.
3οΈβ£mod_log_forensic . Forensic registration of server requests. Provides Forensic (forensic logs).
4οΈβ£mod_logio . Registration of input and output bytes of each request. This module must be included in the Apache configuration if you want to log information about the amount of data transferred and / or received. Provides some of the features of the Access Log format (access log).
5οΈβ£Apache Core Features - The main Apache HTTP Server features that are always available. It also provides the operation of Error Log and Per-module logging .
6οΈβ£mod_cgi and mod_cgid . Provides the work of the CGI Script Execution Log.
Written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 BRUTEFORCE RDP BEST METHODE USING HYDRA THE FAMOUS TOOL-
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
-Kali
-Parrot
-Debian 10/9
- work's for ubuntu Systems
π¦
ENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 BRUTEFORCE RDP BEST METHODE USING HYDRA THE FAMOUS TOOL-
RUSSIAN CODE
Script for automatic scanning of the address list for the presence of open 3389 ports, and then selecting the method and starting busting pair login / password. πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/getdrive/Lazy-RDP3οΈβ£Installing dependencies
2οΈβ£cd Lazy-RDP && chmod +x hydra/configure hydra/hydra src/rdp_brute.sh patator.py start INSTALL
./INSTALL4οΈβ£Running the script
./start
π¦Tested On :-Kali
-Parrot
-Debian 10/9
- work's for ubuntu Systems
π¦
VIDEO TUTORIAL (BRUTEFORCE RDP)
https://www.youtube.com/watch?v=Kpl8l6YQq48&feature=youtu.beENJOY β€οΈππ»
β 2020 GIT SOURCES
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
YouTube
Lab Pentestit v.11 - RDP vs Lazy-RDP+MS16-032
Π Π²ΠΎΠΏΡΠΎΡΡ ΠΎ ΡΠΎΠΌ, ΠΊ ΡΠ΅ΠΌΡ ΠΌΠΎΠ³ΡΡ ΠΏΡΠΈΠ²Π΅ΡΡΠΈ ΡΠ»Π°Π±ΡΠ΅ ΠΏΠ°ΡΠΎΠ»ΠΈ, Π΄Π°ΠΆΠ΅ Π½Π΅ΠΏΡΠΈΠ²ΠΈΠ»Π΅Π³ΠΈΡΠΎΠ²Π°Π½Π½ΡΡ
Π°ΠΊΠΊΠ°ΡΠ½ΡΠΎΠ².
Link Lazy-RDP: https://github.com/getdrive/Lazy-RDP
Track: Electric Universe - Visiting Venus
Network diagram: https://drive.google.com/open?id=1RfsGBmTA-BaD5XA2xQC08nfgN9eiG0Pr
Link Lazy-RDP: https://github.com/getdrive/Lazy-RDP
Track: Electric Universe - Visiting Venus
Network diagram: https://drive.google.com/open?id=1RfsGBmTA-BaD5XA2xQC08nfgN9eiG0Pr
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦How to change x11vnc options without restarting the service ??
> The x11vnc service can be controlled remotely, for example, terminate its work or change options on the fly. To do this, use the same command that runs the VNC server, that is, x11vnc with the -remote option . This option has two aliases: -R and -r
The list of supported commands is large, let's consider only a few examples:
To install an already running VNC server, use any of the following commands:
1οΈβ£x11vnc -remote stop<font></font>
x11vnc -R stop
2οΈβ£To enable shared connections:
x11vnc -R shared
3οΈβ£The following command will scale the desktop:
x11vnc -R scale:3/4
π¦The command to allow connections if the VNC server was started with the -deny_all option :
1οΈβ£ x11vnc -remote nodeny
To run a sequence of commands, use something like this:
2οΈβ£x11vnc -R 'script:
To read commands from a file, use:
x11vnc -R script:file...
3οΈβ£A file can consist of several lines and use the ' # ' symbol for commenting. In any case, you need to use split ' ; 'to separate each team.
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦How to change x11vnc options without restarting the service ??
> The x11vnc service can be controlled remotely, for example, terminate its work or change options on the fly. To do this, use the same command that runs the VNC server, that is, x11vnc with the -remote option . This option has two aliases: -R and -r
The list of supported commands is large, let's consider only a few examples:
To install an already running VNC server, use any of the following commands:
1οΈβ£x11vnc -remote stop<font></font>
x11vnc -R stop
2οΈβ£To enable shared connections:
x11vnc -R shared
3οΈβ£The following command will scale the desktop:
x11vnc -R scale:3/4
π¦The command to allow connections if the VNC server was started with the -deny_all option :
1οΈβ£ x11vnc -remote nodeny
To run a sequence of commands, use something like this:
2οΈβ£x11vnc -R 'script:
To read commands from a file, use:
x11vnc -R script:file...
3οΈβ£A file can consist of several lines and use the ' # ' symbol for commenting. In any case, you need to use split ' ; 'to separate each team.
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#DefinitionS HACKING TERMS
1οΈβ£SOCIAL WORKERS VULNERABILITY :
When you specifically Google:) /Baidu social worker, the answer is social work, we said that social workers would have nothing to do with this. Social workers are called social engineering, which is a technology that studies the weakness of human nature to attack. For instance the website administrator is called Xiao Ming.Then the administrator password of the website is likely to be xiaoming, or even xiaohong, why is it with Xiaohong? Because it may be the person Xiao Ming likes, of course, it may also have xiaofeng, but the probability is very low, at least much lower than the previous two. Social work attacks are usually attacked with this idea. To put it simply, you can also understand it as human flesh, and some of the materials that are extracted from human flesh on the Internet all use social engineering technology. Xiaofeng gives a simple example. For example, if you are looking for the qq number of a star, you can search for the name of his company in the qq group. The xx company group may appear, and then you know how to find the qq number.
2οΈβ£WebShell
WebShell is a command environment that exists in the form of asp, php, jsp and other web files, and it can also be called a web page backdoor. After a hacker has invaded a website, these asp or php backdoor files are usually mixed with the normal web page files in the WEB directory of the website server, and they are usually hidden deeper because they cannot be found by the administrator and cannot be accessed after being deleted. Take control. A website is hung with a webshell backdoor, basically you can do whatever you want, you can modify any part of the website or delete it. The web transactions between hackers are carried out through webshell. For example, how much do I spend to buy webshell permissions for this website, and the attacker is responsible for finding a way to put a webshell backdoor in this website, so that everyone should understand.
ENJOY π¦ππ»
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#DefinitionS HACKING TERMS
1οΈβ£SOCIAL WORKERS VULNERABILITY :
When you specifically Google:) /Baidu social worker, the answer is social work, we said that social workers would have nothing to do with this. Social workers are called social engineering, which is a technology that studies the weakness of human nature to attack. For instance the website administrator is called Xiao Ming.Then the administrator password of the website is likely to be xiaoming, or even xiaohong, why is it with Xiaohong? Because it may be the person Xiao Ming likes, of course, it may also have xiaofeng, but the probability is very low, at least much lower than the previous two. Social work attacks are usually attacked with this idea. To put it simply, you can also understand it as human flesh, and some of the materials that are extracted from human flesh on the Internet all use social engineering technology. Xiaofeng gives a simple example. For example, if you are looking for the qq number of a star, you can search for the name of his company in the qq group. The xx company group may appear, and then you know how to find the qq number.
2οΈβ£WebShell
WebShell is a command environment that exists in the form of asp, php, jsp and other web files, and it can also be called a web page backdoor. After a hacker has invaded a website, these asp or php backdoor files are usually mixed with the normal web page files in the WEB directory of the website server, and they are usually hidden deeper because they cannot be found by the administrator and cannot be accessed after being deleted. Take control. A website is hung with a webshell backdoor, basically you can do whatever you want, you can modify any part of the website or delete it. The web transactions between hackers are carried out through webshell. For example, how much do I spend to buy webshell permissions for this website, and the attacker is responsible for finding a way to put a webshell backdoor in this website, so that everyone should understand.
ENJOY π¦ππ»
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β