β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦DIFFERENCE BETWEEN INTRANET & EXTRANET :
> Intranet
Generally speaking, local area networks, such as Internet cafes, campus networks, and corporate intranets, all fall into this category. If the IP address is within the following three ranges, it means that we are in the internal network: 10.0.0.0β10.255.255.255, 172.16.0.0β172.31.255.255, 192.168.0.0β192.168.255.255.
> Extranet
Direct connection to the Internet (Internet) allows any computer to access each other, and the external network needs to be connected to broadband to achieve.
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦DIFFERENCE BETWEEN INTRANET & EXTRANET :
> Intranet
Generally speaking, local area networks, such as Internet cafes, campus networks, and corporate intranets, all fall into this category. If the IP address is within the following three ranges, it means that we are in the internal network: 10.0.0.0β10.255.255.255, 172.16.0.0β172.31.255.255, 192.168.0.0β192.168.255.255.
> Extranet
Direct connection to the Internet (Internet) allows any computer to access each other, and the external network needs to be connected to broadband to achieve.
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Exploit-vm.py
5.7 KB
2020 VMWAre Exploit vCloud Director 9.7.0.15498291 - Remote Code Execution
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Best ways for Cracking Passwords :
1) Record the screen
In order to prevent the keyboard recording tool, a method of entering the password using the mouse and the picture is generated. At this time, the hacker can take a screenshot of the user's screen through the Trojan program and then record the position of the mouse click, and record the position of the mouse to compare the screenshot of the screenshot to crack this method. User password.
2) Multiple monitoring of the keyboard
If the user password is more complicated, it is difficult to use brute force cracking. At this time, hackers often install a Trojan virus to the user, design a "keylogger" program, record and monitor the user's keyboard operation, and then record it through various methods. The user's keyboard content is transmitted to the hacker, so that the hacker can crack the user's password by analyzing the user's keyboard information.
3) Phishing and fake website fraud
"Phishing" attacks use fraudulent emails and forged websites to log in to conduct fraudulent activities. Fraudees often reveal their sensitive information (such as user name, password, account number, PIN code or credit card details), phishing Mainly by sending e-mails to lure users to log in to fake online banking and online securities websites, to defraud users' account passwords for theft.
4) Brute force cracking
The most basic of password cracking techniques is brute force cracking, also called password cracking, which Xiaofeng calls the most brainless operation. If the hacker knows the account number in advance, such as mail account, QQ user account, online banking account, birthday, etc., and the user's password is set very simple, such as using a simple combination of numbers, hackers can quickly crack using brute force tools Come out the password. Therefore, users should try to set the password more complicated.
5) Use a sniffer to obtain
On a local area network, if a hacker wants to quickly obtain a large number of accounts (including user name and password), the most effective method is to use the Sniffer program.
6) Bad habits of using passwords
Some employees of the company set a long password, but they wrote the password on paper. Others used their own names or their birthdays as passwords, and some people used commonly used words as passwords. These bad habits will lead to Passwords can be easily cracked.
7) Remote control by implanting a Trojan
Use the remote control Trojan to monitor all operations of the user's local computer. Any keyboard and mouse operations of the user will be intercepted by the remote hacker.
SHARE US β€οΈππ»
WRITTEN BY
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Best ways for Cracking Passwords :
1) Record the screen
In order to prevent the keyboard recording tool, a method of entering the password using the mouse and the picture is generated. At this time, the hacker can take a screenshot of the user's screen through the Trojan program and then record the position of the mouse click, and record the position of the mouse to compare the screenshot of the screenshot to crack this method. User password.
2) Multiple monitoring of the keyboard
If the user password is more complicated, it is difficult to use brute force cracking. At this time, hackers often install a Trojan virus to the user, design a "keylogger" program, record and monitor the user's keyboard operation, and then record it through various methods. The user's keyboard content is transmitted to the hacker, so that the hacker can crack the user's password by analyzing the user's keyboard information.
3) Phishing and fake website fraud
"Phishing" attacks use fraudulent emails and forged websites to log in to conduct fraudulent activities. Fraudees often reveal their sensitive information (such as user name, password, account number, PIN code or credit card details), phishing Mainly by sending e-mails to lure users to log in to fake online banking and online securities websites, to defraud users' account passwords for theft.
4) Brute force cracking
The most basic of password cracking techniques is brute force cracking, also called password cracking, which Xiaofeng calls the most brainless operation. If the hacker knows the account number in advance, such as mail account, QQ user account, online banking account, birthday, etc., and the user's password is set very simple, such as using a simple combination of numbers, hackers can quickly crack using brute force tools Come out the password. Therefore, users should try to set the password more complicated.
5) Use a sniffer to obtain
On a local area network, if a hacker wants to quickly obtain a large number of accounts (including user name and password), the most effective method is to use the Sniffer program.
6) Bad habits of using passwords
Some employees of the company set a long password, but they wrote the password on paper. Others used their own names or their birthdays as passwords, and some people used commonly used words as passwords. These bad habits will lead to Passwords can be easily cracked.
7) Remote control by implanting a Trojan
Use the remote control Trojan to monitor all operations of the user's local computer. Any keyboard and mouse operations of the user will be intercepted by the remote hacker.
SHARE US β€οΈππ»
WRITTEN BY
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦YOU MUST KNOW THOSE :
1οΈβ£Remote control
A very popular type of tool, the most famous of which is the gray pigeon. The main function of remote control is to control the computer. It is generally used for batch management of enterprise computers, school computer rooms, Internet cafes, etc., but after being used by hackers, many new Functions, such as keyloggers and peeking at videos, are serious violations in a sense. With the upgrade of anti-virus software and the crackdown on such software, fewer and fewer people play remote control.
2οΈβ£Broiler
The so-called "broiler chicken" is a very vivid analogy, used to compare to those computers or servers that we can control at will. That is the machine controlled by the remote control software.
3οΈβ£Trojan
It is those programs that pretend to be normal, but when these are run by the program, they will get the entire control of the computer. There are many hackers that use Trojan horses to destroy computers. For example, the premise of remote control to control computers is to first generate Trojan horses, and then find a way to let the other party run to control them.
4οΈβ£Web Trojan
On the surface, it pretends to be a normal webpage file, but the virus code is directly inserted into the normal webpage file. When someone visits, the webpage Trojan will execute the corresponding vulnerability code to destroy it. For example, someone visits a pornographic site and finds that the CPU is very high. In fact, the mining code is called inside. When you visit the website, you will use your computer to mine.
5οΈβ£Hanging horse
It is to put a web Trojan in someone else's website file, and insert malicious code into the other party's normal web file, so that the reader hits the horse and hangs the horse to describe an operation behavior, not a technology.
6οΈβ£back door
This is an image analogy. For example, if you want to download a Tencent QQ, but you downloaded it from an online file that is not an official file, but someone else first binds the virus file to a normal file, which will be poisoned when opened. Usually this The virus is called a backdoor because the victim cannot find it.
7οΈβ£Weak password
Refers to those passwords that are not strong enough to be guessed easily. Passwords (passwords) like 123456, abc123, abcdefg, woainixiaofeng are common intrusion methods for hackers. About 20 out of 100 passwords are such weak passwords.
8οΈβ£shell
Refers to a command execution environment. For example, when we press the "windows key + R" on the keyboard, the "Run" dialog box appears. Entering "cmd" in it will present a black window that can run commands. I have used it on the Internet or watched it in a hacker movie. This is the Windows Shell execution environment. In the past, when there was no mouse and only a keyboard, all computer operations were completed by this!
ENJOY π¦ππ»
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦YOU MUST KNOW THOSE :
1οΈβ£Remote control
A very popular type of tool, the most famous of which is the gray pigeon. The main function of remote control is to control the computer. It is generally used for batch management of enterprise computers, school computer rooms, Internet cafes, etc., but after being used by hackers, many new Functions, such as keyloggers and peeking at videos, are serious violations in a sense. With the upgrade of anti-virus software and the crackdown on such software, fewer and fewer people play remote control.
2οΈβ£Broiler
The so-called "broiler chicken" is a very vivid analogy, used to compare to those computers or servers that we can control at will. That is the machine controlled by the remote control software.
3οΈβ£Trojan
It is those programs that pretend to be normal, but when these are run by the program, they will get the entire control of the computer. There are many hackers that use Trojan horses to destroy computers. For example, the premise of remote control to control computers is to first generate Trojan horses, and then find a way to let the other party run to control them.
4οΈβ£Web Trojan
On the surface, it pretends to be a normal webpage file, but the virus code is directly inserted into the normal webpage file. When someone visits, the webpage Trojan will execute the corresponding vulnerability code to destroy it. For example, someone visits a pornographic site and finds that the CPU is very high. In fact, the mining code is called inside. When you visit the website, you will use your computer to mine.
5οΈβ£Hanging horse
It is to put a web Trojan in someone else's website file, and insert malicious code into the other party's normal web file, so that the reader hits the horse and hangs the horse to describe an operation behavior, not a technology.
6οΈβ£back door
This is an image analogy. For example, if you want to download a Tencent QQ, but you downloaded it from an online file that is not an official file, but someone else first binds the virus file to a normal file, which will be poisoned when opened. Usually this The virus is called a backdoor because the victim cannot find it.
7οΈβ£Weak password
Refers to those passwords that are not strong enough to be guessed easily. Passwords (passwords) like 123456, abc123, abcdefg, woainixiaofeng are common intrusion methods for hackers. About 20 out of 100 passwords are such weak passwords.
8οΈβ£shell
Refers to a command execution environment. For example, when we press the "windows key + R" on the keyboard, the "Run" dialog box appears. Entering "cmd" in it will present a black window that can run commands. I have used it on the Internet or watched it in a hacker movie. This is the Windows Shell execution environment. In the past, when there was no mouse and only a keyboard, all computer operations were completed by this!
ENJOY π¦ππ»
written by Undercode
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦several methods of hacking :
1οΈβ£ tx database
The tx database has been leaked, and the password is queried through the database
2οΈβ£ Intranet capture
Sometimes, the internal network sniffing packet capture can also intercept the password, Xiaofeng has not tested qq, but now it seems unlikely.
3οΈβ£ Fishing
Phishing software, phishing websites, etc., imitating the official trick to entice users to enter the account password to send to the server.
(Have you ever seen anything in the QQ space message board of other people, "Why are your photos in other people's space?" and then a URL. You click to enter a disguised space page to log you in. Once you log in, sorry your space will be sent automatically. Countless ads)
4οΈβ£ Social workers
Based on the understanding of the user, the password combination is derived.
5οΈβ£Remote control The remote control goes online and the keyboard records.
6οΈβ£ Brute force cracking is
generally aimed at weak passwords, strong passwords are not easy to be cracked.
7οΈβ£ Ask him directly.
This method is simple and rude. Of course, the other party's behavior may also be simple and rude.
8οΈβ£Account appeal
One of the methods of social work, which requires all kinds of kinky ideas to obtain all kinds of information
9οΈβ£Disguise security center mail
(If there is an email sent to your secret security mailbox asking you to fill in the verification code you just received, then this must be fake)
SHARE US β€οΈππ»
WRITTEN BY
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦several methods of hacking :
1οΈβ£ tx database
The tx database has been leaked, and the password is queried through the database
2οΈβ£ Intranet capture
Sometimes, the internal network sniffing packet capture can also intercept the password, Xiaofeng has not tested qq, but now it seems unlikely.
3οΈβ£ Fishing
Phishing software, phishing websites, etc., imitating the official trick to entice users to enter the account password to send to the server.
(Have you ever seen anything in the QQ space message board of other people, "Why are your photos in other people's space?" and then a URL. You click to enter a disguised space page to log you in. Once you log in, sorry your space will be sent automatically. Countless ads)
4οΈβ£ Social workers
Based on the understanding of the user, the password combination is derived.
5οΈβ£Remote control The remote control goes online and the keyboard records.
6οΈβ£ Brute force cracking is
generally aimed at weak passwords, strong passwords are not easy to be cracked.
7οΈβ£ Ask him directly.
This method is simple and rude. Of course, the other party's behavior may also be simple and rude.
8οΈβ£Account appeal
One of the methods of social work, which requires all kinds of kinky ideas to obtain all kinds of information
9οΈβ£Disguise security center mail
(If there is an email sent to your secret security mailbox asking you to fill in the verification code you just received, then this must be fake)
SHARE US β€οΈππ»
WRITTEN BY
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Powerefull Web Hacking root termuxβ any Linux :
FEATURES :
-Real platform independence. Tested on Windows, Linux, BSD and OS X.
-No native library dependencies. All of the framework has been written in pure Python.
-Good performance when compared with other frameworks written in Python and other scripting languages.
-Very easy to use.
-Plugin development is extremely simple.
-The framework also collects and unifies the results of well known tools:
-sqlmap, xsser, openvas, dnsrecon, theharvester...ππ
-Integration with standards: CWE, CVE and OWASP.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
```1οΈβ£sudo bash
2οΈβ£apt-get install python2.7 python2.7-dev python-pip python-docutils
3οΈβ£git perl nmap sslscan
4οΈβ£cd /opt
5οΈβ£git clone https://github.com/golismero/golismero.git
6οΈβ£cd golismero
7οΈβ£pip install -r requirements.txt
8οΈβ£pip install -r requirements_unix.txt
9οΈβ£ln -s ${PWD}/golismero.py /usr/bin/golismero
exit
```π¦If you have an API key for Shodan, or an OpenVAS server or SpiderFoot server you want to integrate with GoLismero, run the following commands:
mkdir ~/.golismero
touch ~/.golismero/user.conf
chmod 600 ~/.golismero/user.conf
nano ~/.golismero/user.conf
πAt the editor, add the following sections to the file, as appropriate:
[shodan:Configuration]
apikey = <INSERT YOUR SHODAN API KEY HERE>
[openvas]
host = <INSERT THE OPENVAS HOST HERE>
user = <INSERT THE OPENVAS USERNAME HERE>
password = <INSERT THE OPENVAS PASSWORD HERE>
spiderfoot
url = <INSERT THE SPIDERFOOT URL HERE>
π¦This command will launch GoLismero with all default options and show the report on standard output:
golismero scan <target>
> If you omit the default command "scan" GoLismero is smart enough to figure out what you're trying to do, so this works too:
golismero <target>
> You can also set a name for your audit with --audit-name:
golismero scan <target> --audit-name <name>
> And you can produce reports in different file formats. The format is guessed from the file extension, and you can write as many files as you want:
golismero scan <target> -o <output file name>
β git 2020 sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Powerefull Web Hacking root termuxβ any Linux :
FEATURES :
-Real platform independence. Tested on Windows, Linux, BSD and OS X.
-No native library dependencies. All of the framework has been written in pure Python.
-Good performance when compared with other frameworks written in Python and other scripting languages.
-Very easy to use.
-Plugin development is extremely simple.
-The framework also collects and unifies the results of well known tools:
-sqlmap, xsser, openvas, dnsrecon, theharvester...ππ
-Integration with standards: CWE, CVE and OWASP.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
```1οΈβ£sudo bash
2οΈβ£apt-get install python2.7 python2.7-dev python-pip python-docutils
3οΈβ£git perl nmap sslscan
4οΈβ£cd /opt
5οΈβ£git clone https://github.com/golismero/golismero.git
6οΈβ£cd golismero
7οΈβ£pip install -r requirements.txt
8οΈβ£pip install -r requirements_unix.txt
9οΈβ£ln -s ${PWD}/golismero.py /usr/bin/golismero
exit
```π¦If you have an API key for Shodan, or an OpenVAS server or SpiderFoot server you want to integrate with GoLismero, run the following commands:
mkdir ~/.golismero
touch ~/.golismero/user.conf
chmod 600 ~/.golismero/user.conf
nano ~/.golismero/user.conf
πAt the editor, add the following sections to the file, as appropriate:
[shodan:Configuration]
apikey = <INSERT YOUR SHODAN API KEY HERE>
[openvas]
host = <INSERT THE OPENVAS HOST HERE>
user = <INSERT THE OPENVAS USERNAME HERE>
password = <INSERT THE OPENVAS PASSWORD HERE>
spiderfoot
url = <INSERT THE SPIDERFOOT URL HERE>
π¦This command will launch GoLismero with all default options and show the report on standard output:
golismero scan <target>
> If you omit the default command "scan" GoLismero is smart enough to figure out what you're trying to do, so this works too:
golismero <target>
> You can also set a name for your audit with --audit-name:
golismero scan <target> --audit-name <name>
> And you can produce reports in different file formats. The format is guessed from the file extension, and you can write as many files as you want:
golismero scan <target> -o <output file name>
β git 2020 sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - golismero/golismero: GoLismero - The Web Knife
GoLismero - The Web Knife. Contribute to golismero/golismero development by creating an account on GitHub.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦SOME IP ATTACKS #DEFINITIONS
> Hide server ip
Using CDN acceleration can hide the real ip of the server , resulting in the attacker not being able to attack the real ip, but this can only prevent some of the more attackers unless you really hide the ip.
> Prohibit proxy access
As mentioned earlier, the attacker attacks through a large number of proxies. Setting up to prohibit proxy access or limit the number of proxy connections can also play a certain role in protection.
> Shield attack ip
Thousands of tcp connections usually appear on the server when being attacked by cc. Open cmd and enter netstat -an. If a large number of external IPs appear, you will be attacked. At this time, you can use protective software to block the attack ip or manually block. This method is often used. passive.
Share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦SOME IP ATTACKS #DEFINITIONS
> Hide server ip
Using CDN acceleration can hide the real ip of the server , resulting in the attacker not being able to attack the real ip, but this can only prevent some of the more attackers unless you really hide the ip.
> Prohibit proxy access
As mentioned earlier, the attacker attacks through a large number of proxies. Setting up to prohibit proxy access or limit the number of proxy connections can also play a certain role in protection.
> Shield attack ip
Thousands of tcp connections usually appear on the server when being attacked by cc. Open cmd and enter netstat -an. If a large number of external IPs appear, you will be attacked. At this time, you can use protective software to block the attack ip or manually block. This method is often used. passive.
Share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Fasttip : Network configuration-Find computer IP based on NETBIOS name special old bios versions :
1οΈβ£Use the nmblookup test to find the IP of the machine with the NETBIOS name test in the same network, if This machine
has multiple IPs, which are also listed.
2οΈβ£My linux forcibly died under yesterday's sudden power failure.
When I enter again, I cannot enter KDE.
What should I do?
π¦#Fasttip : Network configuration-Find computer IP based on NETBIOS name special old bios versions :
1οΈβ£Use the nmblookup test to find the IP of the machine with the NETBIOS name test in the same network, if This machine
has multiple IPs, which are also listed.
2οΈβ£My linux forcibly died under yesterday's sudden power failure.
When I enter again, I cannot enter KDE.
What should I do?
-s -y /β β β ο½ππ»βΊπ«Δπ¬πβ β β β
fsck -s -y /var
fsck -s -y /usr
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦HACK CAM IP WAY 3(SEARCH FOR WAY 2-1 ON @UndercodeTesting)
> Termux-Linux 2020 tool :
Shodanwave is a tool for exploring and obtaining information from cameras specifically Netwave IP Camera. The tool uses a search engine called shodan that makes it easy to search for cameras online.
π¦What does the tool to? Look, a list!
>Search
> Brute force
> SSID and WPAPSK Password Disclosure
> E-mail, FTP, DNS, MSN Password Disclosure
> Exploit
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£
https://www.shodan.io/
Requests Requests: HTTP for Humans
http://docs.python-requests.org/en/master/
Netwave Exploit Netwave IP Camera - Password Disclosure
https://www.exploit-db.com/exploits/41236/
ENJOY β€οΈππ»
β topic git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦HACK CAM IP WAY 3(SEARCH FOR WAY 2-1 ON @UndercodeTesting)
> Termux-Linux 2020 tool :
Shodanwave is a tool for exploring and obtaining information from cameras specifically Netwave IP Camera. The tool uses a search engine called shodan that makes it easy to search for cameras online.
π¦What does the tool to? Look, a list!
>Search
> Brute force
> SSID and WPAPSK Password Disclosure
> E-mail, FTP, DNS, MSN Password Disclosure
> Exploit
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£
git clone https://github.com/jimywork/shodanwave.git
2οΈβ£$ cd /opt/
3οΈβ£$ git clone https://github.com/fbctf/shodanwave.git
4οΈβ£$ cd shodanwave
5οΈβ£$ pip install -r requirements.txt
6οΈβ£python shodanwave.py -u usernames.txt -w passwords.txt -k Shodan API key --t OUTPUT
python shodanwave.py --help
7οΈβ£Required if using Proxy!!!> Modify your Tsocks config!!8οΈβ£Shodan API search engine for Internet-connected devices.
> Add/Modify the following at the bottom:
server =
server_type = <4 or 5>
server_port =
default_pass = (Might be required for proxy)
https://www.shodan.io/
Requests Requests: HTTP for Humans
http://docs.python-requests.org/en/master/
Netwave Exploit Netwave IP Camera - Password Disclosure
https://www.exploit-db.com/exploits/41236/
ENJOY β€οΈππ»
β topic git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
Exploit Database
Netwave IP Camera - Password Disclosure
Netwave IP Camera - Password Disclosure.. remote exploit for Hardware platform
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦What is VNC?
2οΈβ£By application, VNC is an analog of RDP (Remote Desktop Protocol). But RDP is associated primarily with Windows, since it was initially distributed on this operating system. And VNC is more associated with Linux. However, the clients and servers of these technologies are cross-platform. RDP software (both server and client) is preinstalled on Windows, but you must enable this service to use. VNC software is written by third-party developers, so you must install it before using it. The most popular VNC clients and servers are free and open source.
3οΈβ£One of the significant advantages of VNC over RDP is that it does not require a user to log out of the session on behalf of which the user is logged on to the remote system. That is, the user in front of the computer and the user on VNC can work simultaneously. It is allowed to connect several users at once via VNC, which is impossible with RDP.
4οΈβ£The VNC system is platform independent: a VNC client called a VNC viewer running on one operating system can connect to a VNC server running on any other OS. There are client and server implementations for almost all operating systems. Multiple clients can connect to one VNC server at the same time. The most popular ways to use VNC are remote technical support and access to a working computer from home.
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦What is VNC?
recently send how hack Rdp but about vnc #Definition1οΈβ£VNC (Virtual Network Computing) is a system of remote access to the computer desktop using the RFB protocol (Remote FrameBuffer, a remote frame buffer). Management is carried out by transmitting keystrokes on the keyboard and mouse movements from one computer to another and relaying the contents of the screen through a computer network. In simple terms, using VNC you can connect to another computer and work at it as if you were sitting in front of it.
2οΈβ£By application, VNC is an analog of RDP (Remote Desktop Protocol). But RDP is associated primarily with Windows, since it was initially distributed on this operating system. And VNC is more associated with Linux. However, the clients and servers of these technologies are cross-platform. RDP software (both server and client) is preinstalled on Windows, but you must enable this service to use. VNC software is written by third-party developers, so you must install it before using it. The most popular VNC clients and servers are free and open source.
3οΈβ£One of the significant advantages of VNC over RDP is that it does not require a user to log out of the session on behalf of which the user is logged on to the remote system. That is, the user in front of the computer and the user on VNC can work simultaneously. It is allowed to connect several users at once via VNC, which is impossible with RDP.
4οΈβ£The VNC system is platform independent: a VNC client called a VNC viewer running on one operating system can connect to a VNC server running on any other OS. There are client and server implementations for almost all operating systems. Multiple clients can connect to one VNC server at the same time. The most popular ways to use VNC are remote technical support and access to a working computer from home.
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#FASTTIP :log formats and values are supported for the --log-format option :
COMBINED - combined journal format,
VCOMBINED - combined log format with a virtual host,
COMMON is a regular log format,
VCOMMON - a regular log format with a virtual host,
W3C is an extended W3C log format,
SQUID - Squid's native log format,
CLOUDFRONT - Amazon CloudFront Web Distribution,
CLOUDSTORAGE - Google Cloud Storage,
AWSELB - Amazon Elastic Load Balancing,
AWSS3 - Amazon Simple Storage Service (S3)
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#FASTTIP :log formats and values are supported for the --log-format option :
COMBINED - combined journal format,
VCOMBINED - combined log format with a virtual host,
COMMON is a regular log format,
VCOMMON - a regular log format with a virtual host,
W3C is an extended W3C log format,
SQUID - Squid's native log format,
CLOUDFRONT - Amazon CloudFront Web Distribution,
CLOUDSTORAGE - Google Cloud Storage,
AWSELB - Amazon Elastic Load Balancing,
AWSS3 - Amazon Simple Storage Service (S3)
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Hacking framework This framework is designed to perform penetration testing. Its functions:
> Scan sql vulnerability
> Scan xxs vulnerability
>Dos sites
>Brutforce Ftp
> Brutforse SSh
> Brutforse mail Accounts
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
4οΈβ£for launching only hacking modules
launch as python
>cd modules
banner.py
dos.py
ftp.py
hun_listener.py
Update mail.py
ssh.py
5οΈβ£include passwordlist
Share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
> Scan sql vulnerability
> Scan xxs vulnerability
>Dos sites
>Brutforce Ftp
> Brutforse SSh
> Brutforse mail Accounts
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/b3-v3r/Hunner.git(choose options via numbers)
2οΈβ£cd Hunner
3οΈβ£python2 hunner.py
4οΈβ£for launching only hacking modules
launch as python
>cd modules
banner.py
dos.py
ftp.py
hun_listener.py
Update mail.py
ssh.py
5οΈβ£include passwordlist
Share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦What does that mean?
It simply means that you can throw any suspicious file at it and in a matter of seconds Cuckoo will provide you back some detailed results outlining what such file did when executed inside an isolated environment.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
π¦FOR PARROT-KALI :
You will end up with a file Cuckoo-2.0.0.tar.gz (or a higher number, depending on the latest released stable version) as well as all of its dependencies (e.g., alembic-0.8.8.tar.gz).
1οΈβ£DOWNLOAD https://cuckoosandbox.org/
Share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦What does that mean?
It simply means that you can throw any suspicious file at it and in a matter of seconds Cuckoo will provide you back some detailed results outlining what such file did when executed inside an isolated environment.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
π¦FOR PARROT-KALI :
You can either run Cuckoo from your own user or create a new one dedicated just for your sandbox setup. Make sure that the user that runs Cuckoo is the same user that you will use to create and run the virtual machines (at least in the case of VirtualBox), otherwise Cuckoo wonβt be able to identify and launch these Virtual Machines.1οΈβ£
clone https://github.com/cuckoosandbox/cuckoo
or open terminal and type
$ sudo pip install -U pip setuptools
2οΈβ£$ sudo pip install -U cuckoo
3οΈβ£$ virtualenv venv
4οΈβ£$ . venv/bin/activate
5οΈβ£(venv)$ pip install -U pip setuptools
6οΈβ£(venv)$ pip install -U cuckoo
π¦Install Cuckoo from file methode 2 -You will end up with a file Cuckoo-2.0.0.tar.gz (or a higher number, depending on the latest released stable version) as well as all of its dependencies (e.g., alembic-0.8.8.tar.gz).
1οΈβ£DOWNLOAD https://cuckoosandbox.org/
2οΈβ£$ pip download cuckoo
3οΈβ£$ pip install Cuckoo-2.0.0.tar.gz
4οΈβ£$ pip install *.tar.gz
5οΈβ£choose option simplyShare usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ANONYMOUS VPN/PROXIES 2020
- 7Proxies https://www.7proxies.com/
- AirVPN https://airvpn.org/
- Cryptostorm https://cryptostorm.is/
- Cyberghost https://www.cyberghostvpn.com/en_US/
- ExpressVPN https://www.expressvpn.com
- FreeVPN https://freevpn.me/
- HideMyAss https://www.hidemyass.com/
- IpPVanish https://www.ipvanish.com/
- NordVPN https://nordvpn.com
- PIA https://www.privateinternetaccess.com/
- ProntonVPN https://protonvpn.com/
- Proxy.sh https://proxy.sh/
- SlickVPN https://www.slickvpn.com
- StrongVPN https://strongvpn.com/
- TorGuard https://torguard.net/
- TunnelBear https://www.tunnelbear.com/
- VPNBook (por defecto) http://www.vpnbook.com/
- VPNGate http://www.vpngate.net/en/
- VPNKeys https://www.vpnkeys.com/
- VPNMe https://www.vpnme.me/
- Vyprvpn https://www.goldenfrog.com/es/vyprvpn
Share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦ANONYMOUS VPN/PROXIES 2020
- 7Proxies https://www.7proxies.com/
- AirVPN https://airvpn.org/
- Cryptostorm https://cryptostorm.is/
- Cyberghost https://www.cyberghostvpn.com/en_US/
- ExpressVPN https://www.expressvpn.com
- FreeVPN https://freevpn.me/
- HideMyAss https://www.hidemyass.com/
- IpPVanish https://www.ipvanish.com/
- NordVPN https://nordvpn.com
- PIA https://www.privateinternetaccess.com/
- ProntonVPN https://protonvpn.com/
- Proxy.sh https://proxy.sh/
- SlickVPN https://www.slickvpn.com
- StrongVPN https://strongvpn.com/
- TorGuard https://torguard.net/
- TunnelBear https://www.tunnelbear.com/
- VPNBook (por defecto) http://www.vpnbook.com/
- VPNGate http://www.vpngate.net/en/
- VPNKeys https://www.vpnkeys.com/
- VPNMe https://www.vpnme.me/
- Vyprvpn https://www.goldenfrog.com/es/vyprvpn
Share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
7Proxies
7Proxies - Best Wireguard Services
We create Wireguard solutions that work brilliantly, deliver fantastic speed and security. Talk to us about solving your VPN challenges.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Get rid of the spy in your own pocket. make sure the story doesn't repeat itself:
#FastTips
1) Strengthening protection. Create a complex password consisting of numbers and letters of different registers and change it regularly. Do not use known data (pet name, date of birth, etc.). Turn off storage and use different passwords for different devices;
2) Reliable sources. Download and install applications only from official sites and markets;
3) Advance action. Install anti-virus programs that can protect your data.
4) Regular cleaning. Create an additional storage space for important files and delete unnecessary ones, including messages.
5) Inlet filter. Do not follow suspicious links or open messages from strangers using your mobile email client .
Share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Get rid of the spy in your own pocket. make sure the story doesn't repeat itself:
#FastTips
1) Strengthening protection. Create a complex password consisting of numbers and letters of different registers and change it regularly. Do not use known data (pet name, date of birth, etc.). Turn off storage and use different passwords for different devices;
2) Reliable sources. Download and install applications only from official sites and markets;
3) Advance action. Install anti-virus programs that can protect your data.
4) Regular cleaning. Create an additional storage space for important files and delete unnecessary ones, including messages.
5) Inlet filter. Do not follow suspicious links or open messages from strangers using your mobile email client .
Share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β