UNDERCODE COMMUNITY

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Microsoft releases emergency security update to fix security vulnerabilities in Windows 10/Server
#UndercodeNews

> There are about two weeks away from this month's patch Tuesday event day, but due to security vulnerabilities found in Windows 10 and Windows Server, today Microsoft released two emergency security updates. Microsoft said that although the two vulnerabilities have not been publicly disclosed and are less likely to be exploited by hackers, the company can't wait for the July 14 patch to release the update on Tuesday's event day.

> Microsoft wrote in a security bulletin: "There is a remote code execution vulnerability in the way Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information and further harm the user's system."

> It is reported that the affected versions of Windows include

Windows 10 version 1709

Windows 10 version 1803

Windows 10 version 1809

Windows 10 version 1903

Windows 10 version 1909

Windows 10 version 2004

Windows Server 2019

Windows Server version 1803

Windows Server version 1903

Windows Server version 1909

Windows Server version 2004

@UndercodeNews
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

239 views16:38

UNDERCODE COMMUNITY

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Topic Pentesting tools
➕Termux-Linux
SIPVicious OSS security tools

>svmap - this is a sip scanner. Lists SIP devices found on an IP range
>svwar - identifies active extensions on a PBX
>svcrack - an online password cracker for SIP PBX
>svreport - manages sessions and exports reports to various formats
>svcrash - attempts to stop unauthorized svwar and svcrack scans

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣git clone https://github.com/EnableSecurity/sipvicious.git

2️⃣cd sipvicious

3️⃣python setup.py install

4️⃣Fire-up the scripts one by one:

sipvicious_svmap --help
sipvicious_svcrack --help
sipvicious_svcrash --help
sipvicious_svwar --help
sipvicious_svreport --help

🦑Tested by Undercode On :

> ubuntu

✅git sources 2020
Enjoy ❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

GitHub

GitHub - EnableSecurity/sipvicious: SIPVicious OSS is a VoIP security testing toolset. It helps security teams, QA and developers…

SIPVicious OSS is a VoIP security testing toolset. It helps security teams, QA and developers test SIP-based VoIP systems and applications. This toolset is useful in simulating VoIP hacking attacks...

234 views17:36

UNDERCODE COMMUNITY

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑Why wifi hacking not recommended for Windows :
Hacking Wi-Fi in Windows

> To be able to crack Wi-Fi in Windows, you need a wireless card that supports monitor mode, and its driver must have support for this mode. For Windows Wi-Fi adapter drivers, this support is not available. Therefore, in Windows it is impossible to capture a handshake.

>There are a few exceptions - high-cost commercial products that include wireless card drivers that support monitor mode. Like Linux, only some hardware is supported.

>Although almost all programs for auditing Wi-Fi networks are made under Linux and only there work great, some of them are cross-platform. For example, to search using graphics cards on Windows, you can use Hashcat, which works great on this operating system.

>In general, of course, it is recommended to use Linux for testing wireless networks, especially such specialized distributions as Kali Linux and BlackArch.

@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

242 views19:49

UNDERCODE COMMUNITY

HackerOne

Bookfresh - Bug Bounty Program | HackerOne

The Bookfresh Bug Bounty Program enlists the help of the hacker community at HackerOne to make Bookfresh more secure. HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminally…

279 viewsedited 21:13

UNDERCODE COMMUNITY

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to set up a connection to RDP from the Internet ?

> RDP allows any connection, whether from a local network or from the Internet. Connecting from the Internet requires your computer to have a white IP .

> If your ISP uses NAT , then you need to rent an external (white) IP address.

> If you are connected to a router (they also always use NAT), then you need to configure port forwarding (forwarding, forwarding) as follows:

1) You need to start with " Permanent IP Settings in Windows ."

2) Subsequent settings must be made in the router. Since everyone has different models of routers, the specific actions and names of the tabs in the administration panel of routers may vary. The main thing is to understand the essence and find the appropriate tab in the router. Remember that you need to forward TCP and UDP ports with the number 3389.

3) Go to the control panel of the router . In the settings of the router, go to "section of the Internet " (may be referred to the WAN ), then the tab " Port Forwarding " (may be called " Port Forwarding ", " Port Forwarding "):

4) Add a new rule:

>Service Name - enter any
>Source IP leave blank
>Port Range - Specify Port 3389
>Local IP address - specify the IP address of the Windows computer to >which RDP connection will be made
>Local port - specify port 3389
>Protocol - specify Both (both)
And click the " Add " button .

5) Save your changes.

Written by Undercode
#FastTips
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

238 views21:50

UNDERCODE COMMUNITY

Follow & first 20 comments they will get about 30 follower from few minutes till 1 day max

& thanks you❤️

Instagram.com/UndercodeNews 🌝
& this happen everytime we send new posts on :

>instagram.com/Undercodetesting
>Instagram.com/UndercodeNews

238 viewsedited 22:32

UNDERCODE COMMUNITY

Footprinting a target with datasploit.pdf

4.7 MB

#Tutorial

294 views00:50

UNDERCODE COMMUNITY

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is Best wifi Hacking Adapter ?- recommended 2020
#Requested

🕳 Atheros (AR5XXX, AR9XXX)
Atheros chipsets have been used by many pen testers in the industry because the ability to perform well with many different systems and because it is open source. The main challenge with these drivers is that many laptops have migrated from PCMCIA bus and support for external Atheros-based cards is pretty limited.

🕳 Realtek (RTL8187)
The RTL8187 driver is used in many Alfa adapters (USB adapters). The RTL8187 driver is supported by the Linux kernel for years and has been the choice for many pen testers out there. The main challenge with this driver is the lack of 802.11 a, n, and ac support. It can be used for injecting packets into the wireless network and it works with MAC OS X.

🕳 Intel Pro Wireless (iwlwifi)
Many vendors out there use Intel 802.11 chipsets in their laptops and desktop systems in the PCIe bus.

Note: Latest versions of the Intel chipsets are supported by the iwlwifi or the iwlagn Linux drivers and supported by recent kernels.

🕳 The Alfa External Wireless Adapters
The Alfa adapters have been used by many pen testers in the industry for years.

🕳 The original Alfa AWUS306H
This is the legacy model and basically obsolete.

🕳 The Alfa AWUS036NEH
Is the newer version of the AWUS306H and provides support for 802.11n and it is smaller than its predecessor. One of the main challenges out there is that it is not supported by MAC OS X with KisMAC. However, many people use them in laptops or desktop machines using Kali Linux.

🕳 The Alfa Atheros AR9271 AWUS036NHA
Compatible with 802.11b, 802.11g or 802.11n using 2.4 GHZ wavelength.

🕳 The Alfa AWUS051NH
It's basically the same as the AWUS036NEH, but it adds support for 5 GHz. It is also not supported by MAC OS X.

🕳 Panda PAU05
The Panda PAU05 is a 2.4 GHz wireless N adapter that uses the Ralink RT3070 Chipset.

🕳 TP-Link TL-WN722N (100mW)
Very cheap and compatible with Kali Linux. It is not perfect for packet injection.

🕳 TP-Link N150 Wireless High Gain USB Adapter (TL-WN722N)
The TP-LINK TL-WN722N uses the Atheros AR9271 Chipset and is a wireless N adapter. Newer versions may not use the same chipset and you may run into problems with Kali Linux.

✅2020 git sources
enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

302 views01:50

UNDERCODE COMMUNITY

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑#ProUsers The Yardstick One and RFcat Notes

The Yardstick One is a very useful piece of hardware to perform testing of RF devices that communicate in frequencies under 1GHz. It can be combined with many tools, including RFcat. The following are a few links and resources that we discussed in the video course related to these tools:

🕳Yardstick One
Yardstick One website: https://greatscottgadgets.com/2015/09-30-introducing-yard-stick-one/

🕳RFcat
RFcat website: https://bitbucket.org/atlas0fd00m/rfcat

The following are several useful RFcat commands:
`d._debug = 1` â€“ dumps debug messages to the screen
d.debug() - prints state information every second
`d.discover()` - listens for specific SYNCWORDS
d.lowball() - disables most â€œfiltersâ€ to see more packets
`d.lowballRestore()` - restores the configuration before calling lowball()
d.RFlisten() - listens for signals and dumps data to the screen
`d.RFcapture()` - dumps data to screen, returns list of packets
d.scan() - scans a configurable frequency range
`d.setChannel()` - sets the channel to be used
d.setFHSSstate() - sets the FHSS state to be used
`d.setFreq()` - sets the frequency to be used
d.specan() - a spectrum analyzer

Source: ✅2020 git sources
enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

231 views03:50

UNDERCODE COMMUNITY

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑New Tips: #ZigBee Resources

Good explanation and introduction to Zigbee: http://resources.infosecinstitute.com/hacking-zigbee-networks/

KillerBee Presentation: http://www.willhackforsushi.com/presentations/toorcon11-wright.pdf

KillerBee Framework: https://github.com/riverloopsec/killerbee

The KillerBee framework is being expanded to support multiple devices. Currently there is support for the River Loop ApiMote, Atmel RZ RAVEN USB Stick, MoteIV Tmote Sky, TelosB mote, and Sewino Sniffer.

Open source hardware: https://github.com/riverloopsec/apimote

Attify ZigBee Framework GitHub Repo: https://github.com/attify/Attify-Zigbee-Framework

✅2020 git sources
enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

Infosec Resources

Hacking ZigBee Networks

What is ZigBee? Internet of Things (IoT) is what most experts consider as the next step of the Internet revolution where physical objects are invariably

264 views04:50

UNDERCODE COMMUNITY

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 Only usefull Hacking tools #list 3 :

- BaseQuery - A Way To Organize Public Combo-Lists And Leaks In A Way That You Can Easily Search Through Everything

- Attack Monitor - Endpoint Detection And Malware Analysis Software

- Crashcast-Exploit - This Tool Allows You Mass Play Any YouTube Video With Chromecasts Obtained From Shodan.io

- SQLMap v1.3 - Automatic SQL Injection And Database Takeover Tool

- Stretcher - Tool Designed To Help Identify Open Elasticsearch Servers That Are Exposing Sensitive Information
- Aztarna - A Footprinting Tool For Robots

- Hediye - Hash Generator & Cracker Online Offline

- Killcast - Manipulate Chromecast Devices In Your Network

- bypass-firewalls-by-DNS-history - Firewall Bypass Script Based On DNS History Records

- WiFi-Pumpkin v0.8.7 - Framework for Rogue Wi-Fi Access Point Attack

- H8Mail - Email OSINT And Password Breach Hunting

- Kube-Hunter - Hunt For Security Weaknesses In Kubernetes Clusters

- Metasploit 5.0 - The Worldâ€™s Most Used Penetration Testing Framework

- Interlace - Easily Turn Single Threaded Command Line Applications Into Fast, Multi Threaded Ones With CIDR And Glob Support

- Twifo-Cli - Get User Information Of A Twitter User

- Sitadel - Web Application Security Scanner

- Pe-Sieve - Recognizes And Dumps A Variety Of Potentially Malicious Implants (Replaced/Injected PEs, Shellcodes, Hooks, In-Memory Patches)

- Malboxes - Builds Malware Analysis Windows VMs So That You Don'T Have To

- Snyk - CLI And Build-Time Tool To Find & Fix Known Vulnerabilities In Open-Source Dependencies

- Shed - .NET Runtime Inspector

- Stardox - Github Stargazers Information Gathering Tool

✅2020 git sources
enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

KitPloit - PenTest & Hacking Tools

BaseQuery - A Way To Organize Public Combo-Lists And Leaks In A Way That You Can Easily Search Through Everything

287 views05:50

UNDERCODE COMMUNITY

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑How medical equipment should resist hacker attacks ?
#News

For hospitals, the best way to prevent network attacks and protect IoMT devices from infection is to isolate the most vulnerable and critical devices from each other or maintain a virtual distance, which is called network segmentation.

Hospitals can take the following practical steps to segment clinical networks, reduce the attack surface, and protect patients from cyber attacks:

1️⃣First clear who is responsible

Traditionally, the safety of medical equipment has always been the responsibility of experts in biomedical engineering equipment.

> However, with the increasing popularity of IoMT devices and the increase of cyber attacks against healthcare, the IT team of the hospital information department had to invest more energy in medical device security. Therefore, there is a need for close cooperation between the information department and the biomedical engineering research team to design and implement safe and effective security policies for clinical networks.

>In order to ensure the safety of medical equipment and integrate IT and biomedical teams across departments, a separate, final IoMT cybersecurity policy decision maker is needed. Some large institutions have even added the role of medical equipment security officer (MDSO), which is directly responsible for the safety of medical equipment in the entire clinical network of the entire hospital.

2️⃣ Create a reliable equipment list

If you do not have a deep understanding of the medical equipment connected to the hospital, the configuration files on the equipment, and the communication mode, you cannot set a network segmentation strategy.

Automated inventory tools must also be able to perform continuous analysis of equipment while understanding the behavior, criticality, and vulnerability of IoMT equipment.

3️⃣ Assess the risk of each device

> The risk score should be calculated based on the criticality and medical impact of the equipment. The risk assessment should be carried out continuously, and the abnormal behavior of the network should be continuously monitored. In order to assess risk, the following factors must be considered:

> Communicate with external servers required for normal device function (i.e. vendor communication)

>The device needs to store and send ePHI, and for what purpose?

🕳Device usage mode

Is the device running an unsupported operating system or are there any known vulnerabilities? If yes, do you use patches or network segmentation to protect the device?

4️⃣ Follow regulatory guidelines and rules in real time

If the hospital does not comply with federal and state regulatory standards, it will face millions of dollars in fines. Aside from the loss of money, failure to comply with cybersecurity guidelines puts medical equipment at risk and may endanger the safety of patients, business integrity, and the reputation of the hospital.

Guidelines and regulations concerning health care and medical equipment are regularly updated. To maintain compliance, hospitals must pay close attention to regulatory standards and updates issued by state federal agencies, including:

U.S. Food and Drug Administration (FDA)
Medical Device Information Sharing and Analysis (MDISS) Initiative
Health Insurance Portability and Accountability Act (HIPAA)

5️⃣Design, verify and execute segmentation strategies

Segmentation strategies are used to reduce the attack surface and prevent potential threats. Network segmentation can also help the network run more smoothly by restricting traffic to designated areas and reducing network load.

share us❤️👍🏻
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

238 views06:50

UNDERCODE COMMUNITY

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is Goaccess ? #term

GoAccess is a powerful Apache log analyzer, the program creates interactive reports that can be viewed in any browser. It works on both Linux and Windows. Suitable for general analysis of web server logs, for real-time monitoring of activity, or for analysis of certain aspects of activity or problems

🦑The following log formats and values are supported for the --log-format option :

🕳COMBINED - combined journal format,
🕳VCOMBINED - combined log format with a virtual host,
🕳COMMON is a regular log format,
🕳VCOMMON is a regular log format with a virtual host,
🕳W3C is an extended W3C log format,
🕳SQUID - Squid's native log format,
🕳CLOUDFRONT - Amazon CloudFront Web Distribution,
🕳CLOUDSTORAGE - Google Cloud Storage,
🕳AWSELB - Amazon Elastic Load Balancing,
🕳AWSS3 - Amazon Simple Storage Service (S3)

share us❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

204 views07:55

UNDERCODE COMMUNITY

T.me/UndercodeTesting

217 views10:44

UNDERCODE COMMUNITY

🦑Some interesting Termux/Linux #tool

> httptunnel creates a bidirectional virtual data path tunnelled in HTTP
requests. The requests can be sent via an HTTP proxy if so desired.

>This can be useful for users behind restrictive firewalls. If WWW
access is allowed through an HTTP proxy, it's possible to use
httptunnel and, say, telnet or PPP to connect to a computer outside
the firewall.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣git clone https://github.com/larsbrinkhoff/httptunnel.git

2️⃣cd httptunnel

3️⃣chmod 777 autogen.sh

4️⃣./autogen.sh

5️⃣EXAMPLES

🕳 start httptunnel server:

1) At host REMOTE, start hts like this:
hts -F localhost:23 8888 (set up httptunnel server to listen on port 8888 and forward to localhost:23)

2) start httptunnel client:
At host LOCAL, start htc like this:
htc -F 2323 -P PROXY_ADDRESS:8000 REMOTE_IP:8888 (set up httptunnel client to forward localhost:2323 to REMOTE_IP:8888 via a local proxy at PROXY_ADDRESS:8000)

3) or, if using a buffering HTTP proxy:
htc -F 2323 -P PROXY_ADDRESS:8000 -B 48K REMOTE_IP:8888

4) Now you can do this at host LOCAL:
telnet localhost 2323 (telnet in to REMOTE_IP:8888 via your httptunnel you just configured above on port localhost:2323)
...and you will hopefully get a login prompt from host REMOTE_IP.

🕳Debugging:

5) For debug output, add -Dn to the end of a command, where n is the level of debug output you'd like to see, with 0 meaning no debug messages at all, and 5 being the highest level (verbose).

6) ex: htc -F 10001 -P PROXY_ADDRESS:8000 REMOTE_IP:8888 -D5 will show verbose debug output (level 5 debugging) while setting up an httptunnel client to forward localhost:10001 to REMOTE_IP:8888 via a local proxy at PROXY_ADDRESS:8000

6️⃣Related Docs :

🕳https://sergvergara.files.wordpress.com/2011/04/http_tunnel.pdf - excellent httptunnel tutorial, examples, & info

🕳http://sebsauvage.net/punching/ - another excellent example

🕳https://daniel.haxx.se/docs/sshproxy.html - more useful info

🕳http://neophob.com/2006/10/gnu-httptunnel-v33-windows-binaries/ -

🕳httptunnel Win32 binaries (download here)

🕳Google search for "http tunnel v3.3" - brings up lots of good links to httptunnel (this search seems to work better than searching for "httptunnel" alone since the latter brings up many generic search results or results pertaining to other tools)

enjoy❤️👍🏻
✅Topic git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

GitHub

larsbrinkhoff/httptunnel

Bidirectional data stream tunnelled in HTTP requests. - larsbrinkhoff/httptunnel

245 views11:43

UNDERCODE COMMUNITY

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑Self-tuning VDS / VPS :
#FastTips

> VDS (or VPS, which is the same) - translates as “virtual dedicated server” or “virtual private server”. In simple words, this is a computer on which you can install any operating system, and in this operating system any programs. Another key feature of VDS is the presence of white IP.

> Pentester can use VDS for long scanning, for implementing attacks (as a DNS proxy, phishing web server, VPN server), for long-term information collection (creating a website mirror, working with a large number of sites or data), for anonymity (proxy, VPN server), for the exchange of information (mail server, web server, environments for mutual work and file sharing, hidden Tor services and much more), as a target for attacks (you can install vulnerable applications, vulnerable sites for training skills), for training defense skills and analysis of attacks and the consequences of compromise.

> The material selection currently includes instructions for Arch Linux. In the near future, similar instructions will appear for Debian and Ubuntu. The range of issues addressed will also be greatly expanded.

>Most of the instructions describe the configuration inside VDS, and they are identical no matter where you purchased the server. The exceptions are instructions describing the process of installing the OS and the process of making a DNS record about a domain name. These instructions are made on the example of one Russian hoster (selected for low cost) and one foreign hoster (to be added soon).

enjoy❤️👍🏻
✅Topic git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

244 views12:44

About

Blog

Apps

Platform