β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Microsoft releases emergency security update to fix security vulnerabilities in Windows 10/Server
#UndercodeNews
> There are about two weeks away from this month's patch Tuesday event day, but due to security vulnerabilities found in Windows 10 and Windows Server, today Microsoft released two emergency security updates. Microsoft said that although the two vulnerabilities have not been publicly disclosed and are less likely to be exploited by hackers, the company can't wait for the July 14 patch to release the update on Tuesday's event day.
> Microsoft wrote in a security bulletin: "There is a remote code execution vulnerability in the way Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information and further harm the user's system."
> It is reported that the affected versions of Windows include
Windows 10 version 1709
Windows 10 version 1803
Windows 10 version 1809
Windows 10 version 1903
Windows 10 version 1909
Windows 10 version 2004
Windows Server 2019
Windows Server version 1803
Windows Server version 1903
Windows Server version 1909
Windows Server version 2004
@UndercodeNews
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Microsoft releases emergency security update to fix security vulnerabilities in Windows 10/Server
#UndercodeNews
> There are about two weeks away from this month's patch Tuesday event day, but due to security vulnerabilities found in Windows 10 and Windows Server, today Microsoft released two emergency security updates. Microsoft said that although the two vulnerabilities have not been publicly disclosed and are less likely to be exploited by hackers, the company can't wait for the July 14 patch to release the update on Tuesday's event day.
> Microsoft wrote in a security bulletin: "There is a remote code execution vulnerability in the way Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information and further harm the user's system."
> It is reported that the affected versions of Windows include
Windows 10 version 1709
Windows 10 version 1803
Windows 10 version 1809
Windows 10 version 1903
Windows 10 version 1909
Windows 10 version 2004
Windows Server 2019
Windows Server version 1803
Windows Server version 1903
Windows Server version 1909
Windows Server version 2004
@UndercodeNews
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Topic Pentesting tools
βTermux-Linux
SIPVicious OSS security tools
>svmap - this is a sip scanner. Lists SIP devices found on an IP range
>svwar - identifies active extensions on a PBX
>svcrack - an online password cracker for SIP PBX
>svreport - manages sessions and exports reports to various formats
>svcrash - attempts to stop unauthorized svwar and svcrack scans
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/EnableSecurity/sipvicious.git
2οΈβ£cd sipvicious
3οΈβ£python setup.py install
4οΈβ£Fire-up the scripts one by one:
sipvicious_svmap --help
sipvicious_svcrack --help
sipvicious_svcrash --help
sipvicious_svwar --help
sipvicious_svreport --help
π¦Tested by Undercode On :
> ubuntu
β git sources 2020
Enjoy β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Topic Pentesting tools
βTermux-Linux
SIPVicious OSS security tools
>svmap - this is a sip scanner. Lists SIP devices found on an IP range
>svwar - identifies active extensions on a PBX
>svcrack - an online password cracker for SIP PBX
>svreport - manages sessions and exports reports to various formats
>svcrash - attempts to stop unauthorized svwar and svcrack scans
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/EnableSecurity/sipvicious.git
2οΈβ£cd sipvicious
3οΈβ£python setup.py install
4οΈβ£Fire-up the scripts one by one:
sipvicious_svmap --help
sipvicious_svcrack --help
sipvicious_svcrash --help
sipvicious_svwar --help
sipvicious_svreport --help
π¦Tested by Undercode On :
> ubuntu
β git sources 2020
Enjoy β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
GitHub
GitHub - EnableSecurity/sipvicious: SIPVicious OSS is a VoIP security testing toolset. It helps security teams, QA and developersβ¦
SIPVicious OSS is a VoIP security testing toolset. It helps security teams, QA and developers test SIP-based VoIP systems and applications. This toolset is useful in simulating VoIP hacking attacks...
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Why wifi hacking not recommended for Windows :
Hacking Wi-Fi in Windows
> To be able to crack Wi-Fi in Windows, you need a wireless card that supports monitor mode, and its driver must have support for this mode. For Windows Wi-Fi adapter drivers, this support is not available. Therefore, in Windows it is impossible to capture a handshake.
>There are a few exceptions - high-cost commercial products that include wireless card drivers that support monitor mode. Like Linux, only some hardware is supported.
>Although almost all programs for auditing Wi-Fi networks are made under Linux and only there work great, some of them are cross-platform. For example, to search using graphics cards on Windows, you can use Hashcat, which works great on this operating system.
>In general, of course, it is recommended to use Linux for testing wireless networks, especially such specialized distributions as Kali Linux and BlackArch.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Why wifi hacking not recommended for Windows :
Hacking Wi-Fi in Windows
> To be able to crack Wi-Fi in Windows, you need a wireless card that supports monitor mode, and its driver must have support for this mode. For Windows Wi-Fi adapter drivers, this support is not available. Therefore, in Windows it is impossible to capture a handshake.
>There are a few exceptions - high-cost commercial products that include wireless card drivers that support monitor mode. Like Linux, only some hardware is supported.
>Although almost all programs for auditing Wi-Fi networks are made under Linux and only there work great, some of them are cross-platform. For example, to search using graphics cards on Windows, you can use Hashcat, which works great on this operating system.
>In general, of course, it is recommended to use Linux for testing wireless networks, especially such specialized distributions as Kali Linux and BlackArch.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Helpful Hacking Programs :
- [Bookfresh](https://hackerone.com/bookfresh)
- [Brussels Airlines](https://go.intigriti.com/brusselsairlines)
- [BTC_sx](https://cobalt.io/btc-sx)
- [Buffer](mailto:security@bufferapp.com)
- [BX.in.th](https://cobalt.io/bx-in-th)
- [C2FO](https://hackerone.com/c2fo)
- [Campaign Monitor](https://help.campaignmonitor.com/contact)
- [CARD.com](https://bugcrowd.com/card)
- [Catchafire](https://cobalt.io/catchafire)
- [Caviar](https://hackerone.com/caviar)
- [CCBill](mailto:bugrewards@ccbill.com)
- [CERT/CC](https://hackerone.com/cert)
- [Certly](https://hackerone.com/certly)
- [ChainPay](https://cobalt.io/chainpay)
- [ChangeTip](https://cobalt.io/changetip)
- [Chargify](https://bugcrowd.com/chargify)
- [Chromium Project](https://code.google.com/p/chromium/issues/entry?template=Security%20Bug)
- [Circle](https://cobalt.io/circle)
- [CircleCI](mailto:security@circleci.com)
- [Cisco](http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html#roosfassv)
- [ClickUp](https://clickup.com/bug-bounty)
- [Clojars](mailto:contact@clojars.org)
- [CloudFlare](https://hackerone.com/cloudflare)
- [Cobalt](https://cobalt.io/cobalt)
- [Code Climate](mailto:security@codeclimate.com)
- [CodeIgniter](https://hackerone.com/codeigniter)
- [CodePen](https://bugcrowd.com/codepen)
- [Coin Republic](https://cobalt.io/coin-republic)
- [Coin.Space](https://hackerone.com/coinspace)
Enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Helpful Hacking Programs :
- [Bookfresh](https://hackerone.com/bookfresh)
- [Brussels Airlines](https://go.intigriti.com/brusselsairlines)
- [BTC_sx](https://cobalt.io/btc-sx)
- [Buffer](mailto:security@bufferapp.com)
- [BX.in.th](https://cobalt.io/bx-in-th)
- [C2FO](https://hackerone.com/c2fo)
- [Campaign Monitor](https://help.campaignmonitor.com/contact)
- [CARD.com](https://bugcrowd.com/card)
- [Catchafire](https://cobalt.io/catchafire)
- [Caviar](https://hackerone.com/caviar)
- [CCBill](mailto:bugrewards@ccbill.com)
- [CERT/CC](https://hackerone.com/cert)
- [Certly](https://hackerone.com/certly)
- [ChainPay](https://cobalt.io/chainpay)
- [ChangeTip](https://cobalt.io/changetip)
- [Chargify](https://bugcrowd.com/chargify)
- [Chromium Project](https://code.google.com/p/chromium/issues/entry?template=Security%20Bug)
- [Circle](https://cobalt.io/circle)
- [CircleCI](mailto:security@circleci.com)
- [Cisco](http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html#roosfassv)
- [ClickUp](https://clickup.com/bug-bounty)
- [Clojars](mailto:contact@clojars.org)
- [CloudFlare](https://hackerone.com/cloudflare)
- [Cobalt](https://cobalt.io/cobalt)
- [Code Climate](mailto:security@codeclimate.com)
- [CodeIgniter](https://hackerone.com/codeigniter)
- [CodePen](https://bugcrowd.com/codepen)
- [Coin Republic](https://cobalt.io/coin-republic)
- [Coin.Space](https://hackerone.com/coinspace)
Enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
HackerOne
Bookfresh - Bug Bounty Program | HackerOne
The Bookfresh Bug Bounty Program enlists the help of the hacker community at HackerOne to make Bookfresh more secure. HackerOne is the #1 hacker-powered security platform, helping organizations find and fix critical vulnerabilities before they can be criminallyβ¦
β β β Uππ»βΊπ«6π¬πβ β β β
π¦How to set up a connection to RDP from the Internet ?
> RDP allows any connection, whether from a local network or from the Internet. Connecting from the Internet requires your computer to have a white IP .
> If your ISP uses NAT , then you need to rent an external (white) IP address.
> If you are connected to a router (they also always use NAT), then you need to configure port forwarding (forwarding, forwarding) as follows:
1) You need to start with " Permanent IP Settings in Windows ."
2) Subsequent settings must be made in the router. Since everyone has different models of routers, the specific actions and names of the tabs in the administration panel of routers may vary. The main thing is to understand the essence and find the appropriate tab in the router. Remember that you need to forward TCP and UDP ports with the number 3389.
3) Go to the control panel of the router . In the settings of the router, go to "section of the Internet " (may be referred to the WAN ), then the tab " Port Forwarding " (may be called " Port Forwarding ", " Port Forwarding "):
4) Add a new rule:
>Service Name - enter any
>Source IP leave blank
>Port Range - Specify Port 3389
>Local IP address - specify the IP address of the Windows computer to >which RDP connection will be made
>Local port - specify port 3389
>Protocol - specify Both (both)
And click the " Add " button .
5) Save your changes.
Written by Undercode
#FastTips
β β β Uππ»βΊπ«6π¬πβ β β β
π¦How to set up a connection to RDP from the Internet ?
> RDP allows any connection, whether from a local network or from the Internet. Connecting from the Internet requires your computer to have a white IP .
> If your ISP uses NAT , then you need to rent an external (white) IP address.
> If you are connected to a router (they also always use NAT), then you need to configure port forwarding (forwarding, forwarding) as follows:
1) You need to start with " Permanent IP Settings in Windows ."
2) Subsequent settings must be made in the router. Since everyone has different models of routers, the specific actions and names of the tabs in the administration panel of routers may vary. The main thing is to understand the essence and find the appropriate tab in the router. Remember that you need to forward TCP and UDP ports with the number 3389.
3) Go to the control panel of the router . In the settings of the router, go to "section of the Internet " (may be referred to the WAN ), then the tab " Port Forwarding " (may be called " Port Forwarding ", " Port Forwarding "):
4) Add a new rule:
>Service Name - enter any
>Source IP leave blank
>Port Range - Specify Port 3389
>Local IP address - specify the IP address of the Windows computer to >which RDP connection will be made
>Local port - specify port 3389
>Protocol - specify Both (both)
And click the " Add " button .
5) Save your changes.
Written by Undercode
#FastTips
β β β Uππ»βΊπ«6π¬πβ β β β
Follow & first 20 comments they will get about 30 follower from few minutes till 1 day max
& thanks youβ€οΈ
Instagram.com/UndercodeNews π
& this happen everytime we send new posts on :
>instagram.com/Undercodetesting
>Instagram.com/UndercodeNews
& thanks youβ€οΈ
Instagram.com/UndercodeNews π
& this happen everytime we send new posts on :
>instagram.com/Undercodetesting
>Instagram.com/UndercodeNews
β β β Uππ»βΊπ«6π¬πβ β β β
π¦What is Best wifi Hacking Adapter ?- recommended 2020
#Requested
π³ Atheros (AR5XXX, AR9XXX)
Atheros chipsets have been used by many pen testers in the industry because the ability to perform well with many different systems and because it is open source. The main challenge with these drivers is that many laptops have migrated from PCMCIA bus and support for external Atheros-based cards is pretty limited.
π³ Realtek (RTL8187)
The RTL8187 driver is used in many Alfa adapters (USB adapters). The RTL8187 driver is supported by the Linux kernel for years and has been the choice for many pen testers out there. The main challenge with this driver is the lack of 802.11 a, n, and ac support. It can be used for injecting packets into the wireless network and it works with MAC OS X.
π³ Intel Pro Wireless (iwlwifi)
Many vendors out there use Intel 802.11 chipsets in their laptops and desktop systems in the PCIe bus.
Note: Latest versions of the Intel chipsets are supported by the iwlwifi or the iwlagn Linux drivers and supported by recent kernels.
π³ The Alfa External Wireless Adapters
The Alfa adapters have been used by many pen testers in the industry for years.
π³ The original Alfa AWUS306H
This is the legacy model and basically obsolete.
π³ The Alfa AWUS036NEH
Is the newer version of the AWUS306H and provides support for 802.11n and it is smaller than its predecessor. One of the main challenges out there is that it is not supported by MAC OS X with KisMAC. However, many people use them in laptops or desktop machines using Kali Linux.
π³ The Alfa Atheros AR9271 AWUS036NHA
Compatible with 802.11b, 802.11g or 802.11n using 2.4 GHZ wavelength.
π³ The Alfa AWUS051NH
It's basically the same as the AWUS036NEH, but it adds support for 5 GHz. It is also not supported by MAC OS X.
π³ Panda PAU05
The Panda PAU05 is a 2.4 GHz wireless N adapter that uses the Ralink RT3070 Chipset.
π³ TP-Link TL-WN722N (100mW)
Very cheap and compatible with Kali Linux. It is not perfect for packet injection.
π³ TP-Link N150 Wireless High Gain USB Adapter (TL-WN722N)
The TP-LINK TL-WN722N uses the Atheros AR9271 Chipset and is a wireless N adapter. Newer versions may not use the same chipset and you may run into problems with Kali Linux.
β 2020 git sources
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦What is Best wifi Hacking Adapter ?- recommended 2020
#Requested
π³ Atheros (AR5XXX, AR9XXX)
Atheros chipsets have been used by many pen testers in the industry because the ability to perform well with many different systems and because it is open source. The main challenge with these drivers is that many laptops have migrated from PCMCIA bus and support for external Atheros-based cards is pretty limited.
π³ Realtek (RTL8187)
The RTL8187 driver is used in many Alfa adapters (USB adapters). The RTL8187 driver is supported by the Linux kernel for years and has been the choice for many pen testers out there. The main challenge with this driver is the lack of 802.11 a, n, and ac support. It can be used for injecting packets into the wireless network and it works with MAC OS X.
π³ Intel Pro Wireless (iwlwifi)
Many vendors out there use Intel 802.11 chipsets in their laptops and desktop systems in the PCIe bus.
Note: Latest versions of the Intel chipsets are supported by the iwlwifi or the iwlagn Linux drivers and supported by recent kernels.
π³ The Alfa External Wireless Adapters
The Alfa adapters have been used by many pen testers in the industry for years.
π³ The original Alfa AWUS306H
This is the legacy model and basically obsolete.
π³ The Alfa AWUS036NEH
Is the newer version of the AWUS306H and provides support for 802.11n and it is smaller than its predecessor. One of the main challenges out there is that it is not supported by MAC OS X with KisMAC. However, many people use them in laptops or desktop machines using Kali Linux.
π³ The Alfa Atheros AR9271 AWUS036NHA
Compatible with 802.11b, 802.11g or 802.11n using 2.4 GHZ wavelength.
π³ The Alfa AWUS051NH
It's basically the same as the AWUS036NEH, but it adds support for 5 GHz. It is also not supported by MAC OS X.
π³ Panda PAU05
The Panda PAU05 is a 2.4 GHz wireless N adapter that uses the Ralink RT3070 Chipset.
π³ TP-Link TL-WN722N (100mW)
Very cheap and compatible with Kali Linux. It is not perfect for packet injection.
π³ TP-Link N150 Wireless High Gain USB Adapter (TL-WN722N)
The TP-LINK TL-WN722N uses the Atheros AR9271 Chipset and is a wireless N adapter. Newer versions may not use the same chipset and you may run into problems with Kali Linux.
β 2020 git sources
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«6π¬πβ β β β
π¦#ProUsers The Yardstick One and RFcat Notes
The Yardstick One is a very useful piece of hardware to perform testing of RF devices that communicate in frequencies under 1GHz. It can be combined with many tools, including RFcat. The following are a few links and resources that we discussed in the video course related to these tools:
π³Yardstick One
Yardstick One website: https://greatscottgadgets.com/2015/09-30-introducing-yard-stick-one/
π³RFcat
RFcat website: https://bitbucket.org/atlas0fd00m/rfcat
The following are several useful RFcat commands:
`d._debug = 1` Γ’β¬β dumps debug messages to the screen
`d.discover()` - listens for specific SYNCWORDS
`d.lowballRestore()` - restores the configuration before calling lowball()
`d.RFcapture()` - dumps data to screen, returns list of packets
`d.setChannel()` - sets the channel to be used
`d.setFreq()` - sets the frequency to be used
Source: β 2020 git sources
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦#ProUsers The Yardstick One and RFcat Notes
The Yardstick One is a very useful piece of hardware to perform testing of RF devices that communicate in frequencies under 1GHz. It can be combined with many tools, including RFcat. The following are a few links and resources that we discussed in the video course related to these tools:
π³Yardstick One
Yardstick One website: https://greatscottgadgets.com/2015/09-30-introducing-yard-stick-one/
π³RFcat
RFcat website: https://bitbucket.org/atlas0fd00m/rfcat
The following are several useful RFcat commands:
`d._debug = 1` Γ’β¬β dumps debug messages to the screen
d.debug() - prints state information every second`d.discover()` - listens for specific SYNCWORDS
d.lowball() - disables most Γ’β¬ΕfiltersΓ’β¬Β to see more packets`d.lowballRestore()` - restores the configuration before calling lowball()
d.RFlisten() - listens for signals and dumps data to the screen`d.RFcapture()` - dumps data to screen, returns list of packets
d.scan() - scans a configurable frequency range `d.setChannel()` - sets the channel to be used
d.setFHSSstate() - sets the FHSS state to be used`d.setFreq()` - sets the frequency to be used
d.specan() - a spectrum analyzerSource: β 2020 git sources
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«6π¬πβ β β β
π¦New Tips: #ZigBee Resources
Good explanation and introduction to Zigbee: http://resources.infosecinstitute.com/hacking-zigbee-networks/
KillerBee Presentation: http://www.willhackforsushi.com/presentations/toorcon11-wright.pdf
KillerBee Framework: https://github.com/riverloopsec/killerbee
The KillerBee framework is being expanded to support multiple devices. Currently there is support for the River Loop ApiMote, Atmel RZ RAVEN USB Stick, MoteIV Tmote Sky, TelosB mote, and Sewino Sniffer.
Open source hardware: https://github.com/riverloopsec/apimote
Attify ZigBee Framework GitHub Repo: https://github.com/attify/Attify-Zigbee-Framework
β 2020 git sources
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦New Tips: #ZigBee Resources
Good explanation and introduction to Zigbee: http://resources.infosecinstitute.com/hacking-zigbee-networks/
KillerBee Presentation: http://www.willhackforsushi.com/presentations/toorcon11-wright.pdf
KillerBee Framework: https://github.com/riverloopsec/killerbee
The KillerBee framework is being expanded to support multiple devices. Currently there is support for the River Loop ApiMote, Atmel RZ RAVEN USB Stick, MoteIV Tmote Sky, TelosB mote, and Sewino Sniffer.
Open source hardware: https://github.com/riverloopsec/apimote
Attify ZigBee Framework GitHub Repo: https://github.com/attify/Attify-Zigbee-Framework
β 2020 git sources
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
Infosec Resources
Hacking ZigBee Networks
What is ZigBee? Internet of Things (IoT) is what most experts consider as the next step of the Internet revolution where physical objects are invariably
β β β Uππ»βΊπ«6π¬πβ β β β
π¦2020 Only usefull Hacking tools #list 3 :
- BaseQuery - A Way To Organize Public Combo-Lists And Leaks In A Way That You Can Easily Search Through Everything
- Attack Monitor - Endpoint Detection And Malware Analysis Software
- Crashcast-Exploit - This Tool Allows You Mass Play Any YouTube Video With Chromecasts Obtained From Shodan.io
- SQLMap v1.3 - Automatic SQL Injection And Database Takeover Tool
- Stretcher - Tool Designed To Help Identify Open Elasticsearch Servers That Are Exposing Sensitive Information
- Aztarna - A Footprinting Tool For Robots
- Hediye - Hash Generator & Cracker Online Offline
- Killcast - Manipulate Chromecast Devices In Your Network
- bypass-firewalls-by-DNS-history - Firewall Bypass Script Based On DNS History Records
- WiFi-Pumpkin v0.8.7 - Framework for Rogue Wi-Fi Access Point Attack
- H8Mail - Email OSINT And Password Breach Hunting
- Kube-Hunter - Hunt For Security Weaknesses In Kubernetes Clusters
- Metasploit 5.0 - The WorldΓ’β¬β’s Most Used Penetration Testing Framework
- Interlace - Easily Turn Single Threaded Command Line Applications Into Fast, Multi Threaded Ones With CIDR And Glob Support
- Twifo-Cli - Get User Information Of A Twitter User
- Sitadel - Web Application Security Scanner
- Pe-Sieve - Recognizes And Dumps A Variety Of Potentially Malicious Implants (Replaced/Injected PEs, Shellcodes, Hooks, In-Memory Patches)
- Malboxes - Builds Malware Analysis Windows VMs So That You Don'T Have To
- Snyk - CLI And Build-Time Tool To Find & Fix Known Vulnerabilities In Open-Source Dependencies
- Shed - .NET Runtime Inspector
- Stardox - Github Stargazers Information Gathering Tool
β 2020 git sources
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦2020 Only usefull Hacking tools #list 3 :
- BaseQuery - A Way To Organize Public Combo-Lists And Leaks In A Way That You Can Easily Search Through Everything
- Attack Monitor - Endpoint Detection And Malware Analysis Software
- Crashcast-Exploit - This Tool Allows You Mass Play Any YouTube Video With Chromecasts Obtained From Shodan.io
- SQLMap v1.3 - Automatic SQL Injection And Database Takeover Tool
- Stretcher - Tool Designed To Help Identify Open Elasticsearch Servers That Are Exposing Sensitive Information
- Aztarna - A Footprinting Tool For Robots
- Hediye - Hash Generator & Cracker Online Offline
- Killcast - Manipulate Chromecast Devices In Your Network
- bypass-firewalls-by-DNS-history - Firewall Bypass Script Based On DNS History Records
- WiFi-Pumpkin v0.8.7 - Framework for Rogue Wi-Fi Access Point Attack
- H8Mail - Email OSINT And Password Breach Hunting
- Kube-Hunter - Hunt For Security Weaknesses In Kubernetes Clusters
- Metasploit 5.0 - The WorldΓ’β¬β’s Most Used Penetration Testing Framework
- Interlace - Easily Turn Single Threaded Command Line Applications Into Fast, Multi Threaded Ones With CIDR And Glob Support
- Twifo-Cli - Get User Information Of A Twitter User
- Sitadel - Web Application Security Scanner
- Pe-Sieve - Recognizes And Dumps A Variety Of Potentially Malicious Implants (Replaced/Injected PEs, Shellcodes, Hooks, In-Memory Patches)
- Malboxes - Builds Malware Analysis Windows VMs So That You Don'T Have To
- Snyk - CLI And Build-Time Tool To Find & Fix Known Vulnerabilities In Open-Source Dependencies
- Shed - .NET Runtime Inspector
- Stardox - Github Stargazers Information Gathering Tool
β 2020 git sources
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
KitPloit - PenTest & Hacking Tools
BaseQuery - A Way To Organize Public Combo-Lists And Leaks In A Way That You Can Easily Search Through Everything
β β β Uππ»βΊπ«6π¬πβ β β β
π¦How medical equipment should resist hacker attacks ?
#News
For hospitals, the best way to prevent network attacks and protect IoMT devices from infection is to isolate the most vulnerable and critical devices from each other or maintain a virtual distance, which is called network segmentation.
Hospitals can take the following practical steps to segment clinical networks, reduce the attack surface, and protect patients from cyber attacks:
1οΈβ£First clear who is responsible
Traditionally, the safety of medical equipment has always been the responsibility of experts in biomedical engineering equipment.
> However, with the increasing popularity of IoMT devices and the increase of cyber attacks against healthcare, the IT team of the hospital information department had to invest more energy in medical device security. Therefore, there is a need for close cooperation between the information department and the biomedical engineering research team to design and implement safe and effective security policies for clinical networks.
>In order to ensure the safety of medical equipment and integrate IT and biomedical teams across departments, a separate, final IoMT cybersecurity policy decision maker is needed. Some large institutions have even added the role of medical equipment security officer (MDSO), which is directly responsible for the safety of medical equipment in the entire clinical network of the entire hospital.
2οΈβ£ Create a reliable equipment list
If you do not have a deep understanding of the medical equipment connected to the hospital, the configuration files on the equipment, and the communication mode, you cannot set a network segmentation strategy.
Automated inventory tools must also be able to perform continuous analysis of equipment while understanding the behavior, criticality, and vulnerability of IoMT equipment.
3οΈβ£ Assess the risk of each device
> The risk score should be calculated based on the criticality and medical impact of the equipment. The risk assessment should be carried out continuously, and the abnormal behavior of the network should be continuously monitored. In order to assess risk, the following factors must be considered:
> Communicate with external servers required for normal device function (i.e. vendor communication)
>The device needs to store and send ePHI, and for what purpose?
π³Device usage mode
Is the device running an unsupported operating system or are there any known vulnerabilities? If yes, do you use patches or network segmentation to protect the device?
4οΈβ£ Follow regulatory guidelines and rules in real time
If the hospital does not comply with federal and state regulatory standards, it will face millions of dollars in fines. Aside from the loss of money, failure to comply with cybersecurity guidelines puts medical equipment at risk and may endanger the safety of patients, business integrity, and the reputation of the hospital.
Guidelines and regulations concerning health care and medical equipment are regularly updated. To maintain compliance, hospitals must pay close attention to regulatory standards and updates issued by state federal agencies, including:
U.S. Food and Drug Administration (FDA)
Medical Device Information Sharing and Analysis (MDISS) Initiative
Health Insurance Portability and Accountability Act (HIPAA)
5οΈβ£Design, verify and execute segmentation strategies
Segmentation strategies are used to reduce the attack surface and prevent potential threats. Network segmentation can also help the network run more smoothly by restricting traffic to designated areas and reducing network load.
share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦How medical equipment should resist hacker attacks ?
#News
For hospitals, the best way to prevent network attacks and protect IoMT devices from infection is to isolate the most vulnerable and critical devices from each other or maintain a virtual distance, which is called network segmentation.
Hospitals can take the following practical steps to segment clinical networks, reduce the attack surface, and protect patients from cyber attacks:
1οΈβ£First clear who is responsible
Traditionally, the safety of medical equipment has always been the responsibility of experts in biomedical engineering equipment.
> However, with the increasing popularity of IoMT devices and the increase of cyber attacks against healthcare, the IT team of the hospital information department had to invest more energy in medical device security. Therefore, there is a need for close cooperation between the information department and the biomedical engineering research team to design and implement safe and effective security policies for clinical networks.
>In order to ensure the safety of medical equipment and integrate IT and biomedical teams across departments, a separate, final IoMT cybersecurity policy decision maker is needed. Some large institutions have even added the role of medical equipment security officer (MDSO), which is directly responsible for the safety of medical equipment in the entire clinical network of the entire hospital.
2οΈβ£ Create a reliable equipment list
If you do not have a deep understanding of the medical equipment connected to the hospital, the configuration files on the equipment, and the communication mode, you cannot set a network segmentation strategy.
Automated inventory tools must also be able to perform continuous analysis of equipment while understanding the behavior, criticality, and vulnerability of IoMT equipment.
3οΈβ£ Assess the risk of each device
> The risk score should be calculated based on the criticality and medical impact of the equipment. The risk assessment should be carried out continuously, and the abnormal behavior of the network should be continuously monitored. In order to assess risk, the following factors must be considered:
> Communicate with external servers required for normal device function (i.e. vendor communication)
>The device needs to store and send ePHI, and for what purpose?
π³Device usage mode
Is the device running an unsupported operating system or are there any known vulnerabilities? If yes, do you use patches or network segmentation to protect the device?
4οΈβ£ Follow regulatory guidelines and rules in real time
If the hospital does not comply with federal and state regulatory standards, it will face millions of dollars in fines. Aside from the loss of money, failure to comply with cybersecurity guidelines puts medical equipment at risk and may endanger the safety of patients, business integrity, and the reputation of the hospital.
Guidelines and regulations concerning health care and medical equipment are regularly updated. To maintain compliance, hospitals must pay close attention to regulatory standards and updates issued by state federal agencies, including:
U.S. Food and Drug Administration (FDA)
Medical Device Information Sharing and Analysis (MDISS) Initiative
Health Insurance Portability and Accountability Act (HIPAA)
5οΈβ£Design, verify and execute segmentation strategies
Segmentation strategies are used to reduce the attack surface and prevent potential threats. Network segmentation can also help the network run more smoothly by restricting traffic to designated areas and reducing network load.
share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«6π¬πβ β β β
π¦What is Goaccess ? #term
GoAccess is a powerful Apache log analyzer, the program creates interactive reports that can be viewed in any browser. It works on both Linux and Windows. Suitable for general analysis of web server logs, for real-time monitoring of activity, or for analysis of certain aspects of activity or problems
π¦The following log formats and values are supported for the --log-format option :
π³COMBINED - combined journal format,
π³VCOMBINED - combined log format with a virtual host,
π³COMMON is a regular log format,
π³VCOMMON is a regular log format with a virtual host,
π³W3C is an extended W3C log format,
π³SQUID - Squid's native log format,
π³CLOUDFRONT - Amazon CloudFront Web Distribution,
π³CLOUDSTORAGE - Google Cloud Storage,
π³AWSELB - Amazon Elastic Load Balancing,
π³AWSS3 - Amazon Simple Storage Service (S3)
share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦What is Goaccess ? #term
GoAccess is a powerful Apache log analyzer, the program creates interactive reports that can be viewed in any browser. It works on both Linux and Windows. Suitable for general analysis of web server logs, for real-time monitoring of activity, or for analysis of certain aspects of activity or problems
π¦The following log formats and values are supported for the --log-format option :
π³COMBINED - combined journal format,
π³VCOMBINED - combined log format with a virtual host,
π³COMMON is a regular log format,
π³VCOMMON is a regular log format with a virtual host,
π³W3C is an extended W3C log format,
π³SQUID - Squid's native log format,
π³CLOUDFRONT - Amazon CloudFront Web Distribution,
π³CLOUDSTORAGE - Google Cloud Storage,
π³AWSELB - Amazon Elastic Load Balancing,
π³AWSS3 - Amazon Simple Storage Service (S3)
share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Some interesting Termux/Linux #tool
> httptunnel creates a bidirectional virtual data path tunnelled in HTTP
requests. The requests can be sent via an HTTP proxy if so desired.
>This can be useful for users behind restrictive firewalls. If WWW
access is allowed through an HTTP proxy, it's possible to use
httptunnel and, say, telnet or PPP to connect to a computer outside
the firewall.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/larsbrinkhoff/httptunnel.git
2οΈβ£cd httptunnel
3οΈβ£chmod 777 autogen.sh
4οΈβ£./autogen.sh
5οΈβ£EXAMPLES
π³ start httptunnel server:
1) At host REMOTE, start hts like this:
hts -F localhost:23 8888 (set up httptunnel server to listen on port 8888 and forward to localhost:23)
2) start httptunnel client:
At host LOCAL, start htc like this:
htc -F 2323 -P PROXY_ADDRESS:8000 REMOTE_IP:8888 (set up httptunnel client to forward localhost:2323 to REMOTE_IP:8888 via a local proxy at PROXY_ADDRESS:8000)
3) or, if using a buffering HTTP proxy:
htc -F 2323 -P PROXY_ADDRESS:8000 -B 48K REMOTE_IP:8888
4) Now you can do this at host LOCAL:
telnet localhost 2323 (telnet in to REMOTE_IP:8888 via your httptunnel you just configured above on port localhost:2323)
...and you will hopefully get a login prompt from host REMOTE_IP.
π³Debugging:
5) For debug output, add -Dn to the end of a command, where n is the level of debug output you'd like to see, with 0 meaning no debug messages at all, and 5 being the highest level (verbose).
6) ex: htc -F 10001 -P PROXY_ADDRESS:8000 REMOTE_IP:8888 -D5 will show verbose debug output (level 5 debugging) while setting up an httptunnel client to forward localhost:10001 to REMOTE_IP:8888 via a local proxy at PROXY_ADDRESS:8000
6οΈβ£Related Docs :
π³https://sergvergara.files.wordpress.com/2011/04/http_tunnel.pdf - excellent httptunnel tutorial, examples, & info
π³http://sebsauvage.net/punching/ - another excellent example
π³https://daniel.haxx.se/docs/sshproxy.html - more useful info
π³http://neophob.com/2006/10/gnu-httptunnel-v33-windows-binaries/ -
π³httptunnel Win32 binaries (download here)
π³Google search for "http tunnel v3.3" - brings up lots of good links to httptunnel (this search seems to work better than searching for "httptunnel" alone since the latter brings up many generic search results or results pertaining to other tools)
enjoyβ€οΈππ»
β Topic git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
> httptunnel creates a bidirectional virtual data path tunnelled in HTTP
requests. The requests can be sent via an HTTP proxy if so desired.
>This can be useful for users behind restrictive firewalls. If WWW
access is allowed through an HTTP proxy, it's possible to use
httptunnel and, say, telnet or PPP to connect to a computer outside
the firewall.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/larsbrinkhoff/httptunnel.git
2οΈβ£cd httptunnel
3οΈβ£chmod 777 autogen.sh
4οΈβ£./autogen.sh
5οΈβ£EXAMPLES
π³ start httptunnel server:
1) At host REMOTE, start hts like this:
hts -F localhost:23 8888 (set up httptunnel server to listen on port 8888 and forward to localhost:23)
2) start httptunnel client:
At host LOCAL, start htc like this:
htc -F 2323 -P PROXY_ADDRESS:8000 REMOTE_IP:8888 (set up httptunnel client to forward localhost:2323 to REMOTE_IP:8888 via a local proxy at PROXY_ADDRESS:8000)
3) or, if using a buffering HTTP proxy:
htc -F 2323 -P PROXY_ADDRESS:8000 -B 48K REMOTE_IP:8888
4) Now you can do this at host LOCAL:
telnet localhost 2323 (telnet in to REMOTE_IP:8888 via your httptunnel you just configured above on port localhost:2323)
...and you will hopefully get a login prompt from host REMOTE_IP.
π³Debugging:
5) For debug output, add -Dn to the end of a command, where n is the level of debug output you'd like to see, with 0 meaning no debug messages at all, and 5 being the highest level (verbose).
6) ex: htc -F 10001 -P PROXY_ADDRESS:8000 REMOTE_IP:8888 -D5 will show verbose debug output (level 5 debugging) while setting up an httptunnel client to forward localhost:10001 to REMOTE_IP:8888 via a local proxy at PROXY_ADDRESS:8000
6οΈβ£Related Docs :
π³https://sergvergara.files.wordpress.com/2011/04/http_tunnel.pdf - excellent httptunnel tutorial, examples, & info
π³http://sebsauvage.net/punching/ - another excellent example
π³https://daniel.haxx.se/docs/sshproxy.html - more useful info
π³http://neophob.com/2006/10/gnu-httptunnel-v33-windows-binaries/ -
π³httptunnel Win32 binaries (download here)
π³Google search for "http tunnel v3.3" - brings up lots of good links to httptunnel (this search seems to work better than searching for "httptunnel" alone since the latter brings up many generic search results or results pertaining to other tools)
enjoyβ€οΈππ»
β Topic git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
GitHub
larsbrinkhoff/httptunnel
Bidirectional data stream tunnelled in HTTP requests. - larsbrinkhoff/httptunnel
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Self-tuning VDS / VPS :
#FastTips
> VDS (or VPS, which is the same) - translates as βvirtual dedicated serverβ or βvirtual private serverβ. In simple words, this is a computer on which you can install any operating system, and in this operating system any programs. Another key feature of VDS is the presence of white IP.
> Pentester can use VDS for long scanning, for implementing attacks (as a DNS proxy, phishing web server, VPN server), for long-term information collection (creating a website mirror, working with a large number of sites or data), for anonymity (proxy, VPN server), for the exchange of information (mail server, web server, environments for mutual work and file sharing, hidden Tor services and much more), as a target for attacks (you can install vulnerable applications, vulnerable sites for training skills), for training defense skills and analysis of attacks and the consequences of compromise.
> The material selection currently includes instructions for Arch Linux. In the near future, similar instructions will appear for Debian and Ubuntu. The range of issues addressed will also be greatly expanded.
>Most of the instructions describe the configuration inside VDS, and they are identical no matter where you purchased the server. The exceptions are instructions describing the process of installing the OS and the process of making a DNS record about a domain name. These instructions are made on the example of one Russian hoster (selected for low cost) and one foreign hoster (to be added soon).
enjoyβ€οΈππ»
β Topic git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Self-tuning VDS / VPS :
#FastTips
> VDS (or VPS, which is the same) - translates as βvirtual dedicated serverβ or βvirtual private serverβ. In simple words, this is a computer on which you can install any operating system, and in this operating system any programs. Another key feature of VDS is the presence of white IP.
> Pentester can use VDS for long scanning, for implementing attacks (as a DNS proxy, phishing web server, VPN server), for long-term information collection (creating a website mirror, working with a large number of sites or data), for anonymity (proxy, VPN server), for the exchange of information (mail server, web server, environments for mutual work and file sharing, hidden Tor services and much more), as a target for attacks (you can install vulnerable applications, vulnerable sites for training skills), for training defense skills and analysis of attacks and the consequences of compromise.
> The material selection currently includes instructions for Arch Linux. In the near future, similar instructions will appear for Debian and Ubuntu. The range of issues addressed will also be greatly expanded.
>Most of the instructions describe the configuration inside VDS, and they are identical no matter where you purchased the server. The exceptions are instructions describing the process of installing the OS and the process of making a DNS record about a domain name. These instructions are made on the example of one Russian hoster (selected for low cost) and one foreign hoster (to be added soon).
enjoyβ€οΈππ»
β Topic git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Google was sued by the Arizona Attorney General for alleged fraud
#News
> According to foreign media reports, on Wednesday , local time, Google was sued by Arizona Attorney General Mark Brnovich, who accused the search giant of deceiving users and collecting location data from their mobile phones. We know that the vast majority of Googleβs revenue comes from its huge advertising business, and the personal information that Google collects when users use its products provides support for it.
> In this regard, Brnovich posted on Twitter that the user was deceived by a false sense of security because Google made the user think that they disabled the location data collection settings, but in fact these settings are still turned on. The lawsuit requires Google to provide damages, but the exact amount is unclear. Brnovich's office also did not respond to requests for comment.
>Google has defended its policy on location data in a statement. Spokesperson Jose Castaneda said: "The Attorney General and the lawyers who charge for litigation seem to have wrongly described our services. We have always built privacy features into our products and provided strong control over location data. We look forward to clarifying the facts. "
#News
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Google was sued by the Arizona Attorney General for alleged fraud
#News
> According to foreign media reports, on Wednesday , local time, Google was sued by Arizona Attorney General Mark Brnovich, who accused the search giant of deceiving users and collecting location data from their mobile phones. We know that the vast majority of Googleβs revenue comes from its huge advertising business, and the personal information that Google collects when users use its products provides support for it.
> In this regard, Brnovich posted on Twitter that the user was deceived by a false sense of security because Google made the user think that they disabled the location data collection settings, but in fact these settings are still turned on. The lawsuit requires Google to provide damages, but the exact amount is unclear. Brnovich's office also did not respond to requests for comment.
>Google has defended its policy on location data in a statement. Spokesperson Jose Castaneda said: "The Attorney General and the lawyers who charge for litigation seem to have wrongly described our services. We have always built privacy features into our products and provided strong control over location data. We look forward to clarifying the facts. "
#News
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is OpenSSL and what is it used for ?
OpenSSL is a cryptographic toolkit that implements the Secure Sockets Layer (SSL v2 / v3) and Transport Layer Security (TLS v1) network protocols and their corresponding cryptography standards.
The openssl program is a command-line tool for using various cryptographic functions of the OpenSSL cryptographic library in the console. Main features:
1) Create and manage private keys, public keys and parameters.
2) Public Key Cryptographic Operations
3) Create X.509, CSR, and CRL certificates
4) Message Digest Calculation
5) Encryption and decryption using ciphers
6) Client / Server SSL / TLS Tests
7) S / MIME signed or encrypted mail processing
8) Time stamp requests, generation and validation
share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦What is OpenSSL and what is it used for ?
OpenSSL is a cryptographic toolkit that implements the Secure Sockets Layer (SSL v2 / v3) and Transport Layer Security (TLS v1) network protocols and their corresponding cryptography standards.
The openssl program is a command-line tool for using various cryptographic functions of the OpenSSL cryptographic library in the console. Main features:
1) Create and manage private keys, public keys and parameters.
2) Public Key Cryptographic Operations
3) Create X.509, CSR, and CRL certificates
4) Message Digest Calculation
5) Encryption and decryption using ciphers
6) Client / Server SSL / TLS Tests
7) S / MIME signed or encrypted mail processing
8) Time stamp requests, generation and validation
share usβ€οΈππ»
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β