▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Looking for 2020 good proxies free services ?

https://www.proxysite.com/

https://hide.me/en/proxy

https://whoer.net/webproxy

https://www.4everproxy.com/

https://www.hidemyass.com/ (proxie & vpn)

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 ANDROID APPS TO KNOW THE DEVICES CONNECTED TO YOUR WI-FI :

- https://play.google.com/store/apps/details?id=com.easymobile.lan.scanner

- https://play.google.com/store/apps/details?id=com.tools.netgel.netx

- https://newzoogle.com/7-best-android-apps-know-devices-connected-wi-fi/

- https://play.google.com/store/apps/details?id=com.overlook.android.fing

- https://apkpure.com/who-s-on-my-wifi/com.whoisonmywifi.agent

- https://apkpure.com/who-uses-my-wifi-network-scanner/com.phuongpn.whousemywifi.networkscanner/download?from=details

E N J O Y ❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BEST VIDEO EDITORS FOR ANDROID 2020 :

https://play.google.com/store/apps/details?id=com.quvideo.xiaoying

https://play.google.com/store/apps/details?id=com.stupeflix.replay

https://play.google.com/store/apps/details?id=com.cyberlink.powerdirector.DRA140225_01

https://play.google.com/store/apps/details?id=com.alivestory.android.alive

https://play.google.com/store/apps/details?id=com.nexstreaming.app.kinemasterfree

https://play.google.com/store/apps/details?id=com.camerasideas.instashot

https://play.google.com/store/apps/details?id=com.adobe.premiererush.videoeditor


https://play.google.com/store/apps/details?id=com.wondershare.filmorago

E N J O Y ❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Best free DNS servers of 2020 :

OpenDNS
208.67.222.222

Owned by Cisco, OpenDNS has two free options: Family Shield and Home. Family Shield is good for parents who want to make sure their kids can’t access inappropriate content. Home focuses on internet safety and performance.

Cloudflare
1.1.1.1

The “fastest DNS resolver on Earth,” Cloudflare’s free DNS service has:

Unmetered mitigation of DDoS
Global CDN
Shared SSL certificate
Three-page rules
Unlimited bandwidth
1.1.1.1 with Warp
1.1.1.1

A Cloudflare subproduct, 1.1.1.1 with Warp is designed for mobile devices. When you download the app on your smartphone or tablet, it “replaces the connection between your phone and the internet with a modern, optimized, protocol.” They also pledge to never sell your data.

Google Public DNS
8.8.8.8

Google’s own DNS product is also free. It focuses on “speed, security, and validity of results.” It only offers DNS resolution and caching — there is no site-blocking with Public DNS.

Comodo Secure DNS
8.26.56.26

Comodo Secure DNS’s cloud-based Dome Shield Gold package is free (up to 300,000 monthly DNS requests). This gets you:

Protection against malicious domain requests and IP responses
Security from advanced threats like phishing, malware, malicious sites, botnets, C&C callback events, spyware, drive-by-downloads, XXS-injected sites, cookie stealing, anonymizers, TOR encrypted files and web attacks
Multi-location, multi-user and the ability to control network protection remotely
Block pages and domain filtering
Mobile apps
Reporting
Off-network protection
Quad9
9.9.9.9

Quad9 emphasizes security, privacy and performance — the company was founded on the goal to make the internet safer for everyone. It blocks malicious domains, phishing and malware while maintaining your anonymity. Quad9 is constantly expanding to new regions. Right now, it comes in at No. 6 on the DNS Performance Analytics and Comparison ratings.

Verisign Public DNS
64.6.65.6

Verisign touts its superior stability and security features, plus the fact that they don’t sell user data to any third-party companies or for selling/targeting ads.

OpenNIC
13.239.157.177

At its core, OpenNIC is an attempt to combat censorship. Volunteer-run, this free DNS server makes the entire web accessible to everyone. They also prevent “DNS hijacking” which is when an ISP takes over commonly mistyped URLs.

UncensoredDNS
91.239.100.100

Completely run and funded by founder Thomas Steen Rasmussen, UncensoredDNS is based in Denmark. It’s a great option for those local to FreeDNS, complete with security features, performance enhancement and reliability.

CleanBrowsing
185.228.168.168

Both free and paid versions of CleanBrowsing are available. The free DNS server focuses on privacy, especially for households with children. It comes with three free filters and blocks most adult content.

Yandex DNS
77.88.8.7

This Russia-based option has a whole list of features:

Performance – Gets you faster access to the web
Protection – Blocks malware and bots
Content filtering – Prohibits access to adult content
UltraRecursive DNS
156.154.70.1

Neustar’s UltraRecursive DNS is also a well-rounded option. It offers performance enhancement with quick query resolution and a reliable infrastructure. It also blocks malware, malicious websites, phishing, spyware and bots (plus DDoS protection). It’ll also block inappropriate or adult content.


Alternate DNS
198.101.242.72

Sick of seeing so many ads online? Alternate DNS is the solution for you. They maintain a database of known ad-serving domains and send a null response to block ads before they connect to your network.

AdGuard DNS
176.103.130.130

AdGuard DNS also focuses on ad blocking. It also blocks counters, malicious websites, and adult content.



E N J O Y ❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑AdGuard exposes 295 malicious Chrome extensions that hijack Google and Bing search results


> AdGuard, an ad blocking solution company, pointed out that it recently discovered 295 malicious Chrome extensions. Its characteristic is to hijack the search results of Google and Bing and insert advertisements in them. It is reported that AdGuard employees are researching a series of methods to find fake ad blocking extensions from Google’s official Chrome web store, and also found some malicious extensions posing as weather forecast widgets or screenshot tools.

> Most of the malicious extensions (245/295) found by AdGuard are fairly simple utilities. Apart from applying a custom background for Chrome’s "New Tab Page", there is no additional use.

However, in the technical analysis shared with ZDNet, AdGuard stated that it found malicious code loaded from the fly-analytics.com domain in all these malicious extensions, and the follow-up was to secretly inject ads into the search results of Google and Bing. .

🦑ormat: extension ID extension name

● flbcjbhgomclbhlchggbmnpekhfeacim, "ScreenShot & Screen Capture Elite"

● aadmpgppfacognoeobmheghfiibdplcf, "Kawaii Wallpaper HD Custom New Tab"

● abgfholnofpihncfdmombecmohpkojdb, “Shadow Of The Tomb Raider Wallpaper New Tab”

● aciloeifdphkogbpagikkpiecbjkmedn, "Kpop SHINee Wallpapers HD New Tab"

● acmgemnaochmalgkipbamjddcplkdmjm, "Tokyo Ghoul Wallpaper HD Custom New Tab"

● addpbbembilhmnkjpenjgcgmihlcofja, "Mega Man Wallpaper HD Custom New Tab"

● adfjcmhegakkhojnallobfjbhenbkopj, “Weather forecast for Chrome™”

● aeklcpmgaadjpglhjmcidlekijpnmdhc, "Kpop Blackpink Wallpaper HD Custom New Tab"

● afifalglopajkmdkgnphpfkmgpgdngfj, “Kpop Red Velvet HD NewTab Themes”

● agldjlpmeladgadoikdbndmeljpmnajl, "Tumblr Wallpapers Wallpaper HD Custom New Tab"

● ahmmgfhcokekfofjdndgmkffifklogbo, "season 6 fortnite HD Wallpapers NewTab"

● aippaajbmefpjeajhgaahmicdpgepnnm, "Unicorn Wallpaper HD Custom New Tab"

● akdpobnbjepjbnjklkkbdafemhnbfldj, "My Hero Academia Wallpaper HD Custom New Tab"

● akhiflcfcbnheaofcaflofbmnkmjlnno, “Cs Go Wallpaper HD Custom New Tab”

● aklklkifmplgnobmieahildcfble AMD b, "Super Junior Wallpapers Eunhyuk"

● alppaffmlaefpmopolgpkgmncopkbbep, "Boku No Hero Academia Wallpaper HD New Tab"

● amdnpfcpjglkdfcigaccfgmlmdepdpeo, "D.Gray-man Backgrounds New Tab"

● aomepndmhbbklcjcknnhdabaaofahjcj, "Super Cars – Sports Cars Wallpaper HD New Tab"

● badbchbijjjadlpjkkhmefaghggjjeha, “Lil Pump HD New Tab”

● bbbdfjdplonnggfjjbjhggobffkggnkm, "3D Wallpaper HD Custom New Tab"

● bbdldenhkjcoikalkfkgolomdpnncofc, "Snowman & Gingerbread New Tab Constellations"

● bcdjcbgogdomoebdcbniaifnacjbglil, “Gucci Tab Themes HD Bape”

● bcepmajicjlaoleoljbpaemkfghohmib, “Bulldogs Tab”

● bdbablmeheiahecklheciomhmkplcoml, "Kobe Bryant – Black Mamba New Tab Themes HD"

● bfeecodfffgkdedfhmgbfindokikafid, "GTA 5 Grand Theft Auto"

● bhifimmocncplbnikchffepggmofkake, "Bangtan Boys Wallpaper HD Custom New Tab"

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 How to learn software reverse engineering skills :


1) In reverse analysis, many people will go to the Internet to learn tutorials such as shelling, and will teach you where to place a breakpoint. After pressing F7, F8, F9 a few times, you will reach the designated position and right-click to shell. This series The operation is the accumulation of years of experience of the master.

- You may have learned this simplest solution, but you do not understand the specific principles. The first person to propose a solution needs to walk through the various pits of this shell to form this so-called skill. It is to save time and labor costs, repeat the work countless times without affecting the quality of the solution.

2) As far as the confrontation industry is concerned, there is no chance. If you can rub your opponent on the ground, you will win. Similarly, many times we only see the glamorous side of security analysts, and only see the patch and attack in the last few seconds, but we don’t know that the analyst has been tortured by this shell and debugging. Repeatedly lying in the pit can finally solve it. . Therefore, what confronts the test is human willfulness and basic skills.

🅰️Willfulness: Supported by Belief

🅱️Basic skills: write code, read code

3) Basic skills are very important. There are a lot of tutorials on the Internet, such as learning to shell out in three days and anti-debugging in two days, but we need basic skills. For example, during the reverse analysis of minesweeping, there are also many tutorials about OllyDbg.

4) They explain in detail what each function does. These functions can actually be learned briefly. What we need to do is to make the code of the disassembly window shown in in @UndercodeTesting next this chat
. It's OK to understand. These automated tools may not be very familiar, but work efficiency is slower; but from another perspective, if you can use every function and shortcut in the OD tool, but the code in the disassembly window is not understandable, then you will use it. ? Therefore, everyone's attention should be placed on the disassembly window.

written
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁


🦑BEST IP Camera CVE :


1) CVE-2020-3110 A vulnerability in the Cisco Discovery Protocol implementation for the Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to execute code remotely or cause a reload of an affected IP Camera. The vulnerability is due to missing checks when processing Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to the targeted IP Camera. A successful exploit could allow the attacker to expose the affected IP Camera for remote code execution or cause it to reload unexpectedly, resulting in a denial of service (DoS) condition. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). This vulnerability is fixed in Video Surveillance 8000 Series IP Camera Firmware Release 1.0.7 and later.


2) CVE-2020-11625 An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. Failed web UI login attempts elicit different responses depending on whether a user account exists. Because the responses indicate whether a submitted username is valid or not, they make it easier to identify legitimate usernames. If a login request is sent to ISAPI/Security/sessionLogin/capabilities using a username that exists, it will return the value of the salt given to that username, even if the password is incorrect. However, if a login request is sent using a username that is not present in the database, it will return an empty salt value. This allows attackers to enumerate legitimate usernames, facilitating brute-force attacks. NOTE: this is different from

3) CVE-2020-7057.
CVE-2020-11624 An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. They do not require users to change the default password for the admin account. They only show a pop-up window suggesting a change but there's no enforcement. An administrator can click Cancel and proceed to use the device without changing the password. Additionally, they disclose the default username within the login.js script. Since many attacks for IoT devices, including malware and exploits, are based on the usage of default credentials, it makes these cameras an easy target for malicious actors.

4) CVE-2020-11623 An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. An attacker with physical access to the UART interface could access additional diagnostic and configuration functionalities as well as the camera's bootloader. Successful exploitation could compromise confidentiality, integrity, and availability of the affected system. It could even render the device inoperable.

5) CVE-2019-9676 Buffer overflow vulnerability found in some Dahua IP Camera devices IPC-HFW1XXX,IPC-HDW1XXX,IPC-HFW2XXX Build before 2018/11. The vulnerability exits in the function of redirection display for serial port printing information, which can not be used by product basic functions. After an attacker logs in locally, this vulnerability can be exploited to cause device restart or arbitrary code execution. Dahua has identified the corresponding security problems in the static code auditing process, so it has gradually deleted this function, which is no longer available in the newer devices and softwares. Dahua has released versions of the affected products to fix the vulnerability.

6) CVE-2019-7315 Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera devices through 3.x are vulnerable to directory traversal via the web interface, as demonstrated by reading /etc/shadow. NOTE: this product is discontinued, and its final firmware version has this vulnerability (4.x versions exist only for other Genie Access products).

7) CVE-2019-18382 An issue was discovered on AVStar PE204 3.10.70 IP camera devices. A denial of service can occur on open TCP port 23456. After a TELNET connection, no TCP ports are open.
CVE-2019-14458 VIVOTEK IP Camera devices with firmware before 0x20x allow a denial of service via a crafted HTTP header.

5) CVE-2019-14457 VIVOTEK IP Camera devices with firmware before 0x20x have a stack-based buffer overflow via a crafted HTTP header.

cve dark wiki source
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BEST IP Camera CVE

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Parsero is a free script written in Python which reads the Robots.txt file of a web server and looks at the Disallow entries. The Disallow entries tell the search engines what directories or files hosted on a web server mustn't be indexed. For example, "Disallow: /portal/login" means that the content on www.example.com/portal/login it's not allowed to be indexed by crawlers like Google, Bing, Yahoo... This is the way the administrator have to not share sensitive or private information with the search engines.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/behindthefirewalls/Parsero.git

2) cd Parsero

3) By using setup.py script

sudo setup.py install

4) By using pip3

sudo apt-get install python3-pip
sudo pip3 install parsero

5) In Kali Linux

sudo apt-get update
sudo apt-get install parsero

6) example usage :

root@kali:~# parsero -u www.example.com -sb

🦑compatible with termux

E N J O Y ❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

24/24 posts enjoy & share us ❤️👍🏻

T.me/UndercodeTesting

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 FACEBOOK HACKING :

🦑FEATURES :

Facebook friend info fetcher
Get ID from friend
Get ID friend from friend
Get group member ID
Get email friend
Get email friend from friend
Get a friend's phone number
Get a friend's phone number from friend
Mini Hack Facebook(Target)
Multi Bruteforce Facebook
Super Multi Bruteforce Facebook
BruteForce(Target)
Yahoo Checker
Bot Reactions Target Post
Bot Reactions group Post
BOT COMMENT Target Post
BOT COMMENT group Post
Mass delete Post
Mass accept friends
Mass delete friend
ACreate Post
Create Wordlist
Account Checker
See my group list
Profile Guard

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) $ git clone https://github.com/mkdirlove/FBTOOL

2) $ cd FBTOOL
USAGE

3) $ sudo python2 fbtool.py
or

$ python2 fbtool.py
or
$ sudo python2 fbtool-v2.py

E N J O Y ❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑APACHE CONFIGURATION :

[root@localhost opt]# tar zxvf apr-1.7.0.tar.gz -C /opt
[root@localhost opt]# tar zxvf apr-util-1.6.1.tar.gz -C /opt
[root@localhost opt]# tar zxvf httpd-2.4.25.tar.gz -C /opt
[root@localhost opt]# mv apr-1.7.0/ httpd-2.4.25/srclib/apr
[root@localhost opt]# mv apr-util-1.6.1/ httpd-2.4.25/srclib/apr-util
[root@localhost opt]# yum -y install gcc gcc-c++ make pcre-devel expat-devel perl

[root@localhost opt]# yum -y install zlib-devel /
[root@localhost httpd-2.4.25]# ./configure \
>--prefix=/usr/local/httpd \
>--enable-so--enable-rewrite\
>--enable-charset-lite\
>--enable-cgi
>--enable-deflate
[root@localhost httpd-2.4.25]#make
[root@localhost httpd-2.4.25]#make install
[root@localhost httpd-2.4.25]# cd /usr/local/
[root@localhost local]# cd httpd/
[root@localhost httpd]# cd conf/
[root@promote bin]# cp /usr/local/httpd/bin/apachectl /etc/init.d/httpd
[root@promote bin]# ls /etc/init.d
functions httpd netconsole network README
[root@promote bin]# vim /etc/init.d
[root@promote bin]# vim /etc/init.d/httpd

#!/bin/sh
#description:Apache is a World Wide Web server

[root@promote local]# chkconfig --add httpd
[root@promote /]# ln -s /usr/local/httpd/conf/httpd.conf /etc/httpd.conf

[root@promote local]# cd /usr/local/httpd/conf

[root@promote conf]# vim httpd.conf

Listen 192.168.75.134:80 /
#Listen 80
#ServerName www.kgc.com:80 //

[root@promote /]# ln -s /usr/local/httpd//bin/* /usr/local/bin /

/usr/local/bin
[root@promote /]# ls /usr/local/httpd//bin
ab checkgid htcacheclean httxt2dbm
apachectl dbmmanage htdbm logresolve
apr-1-config envvars htdigest rotatelogs
apu-1-config envvars-std htpasswd
apxs fcgistarter httpd
[root@promote /]# service httpd start
httpd (pid 66785) already running

[root@promote /]# httpd -t
Syntax OK
[root@promote /]# netstat -ntap | grep 80
tcp 0 0 192.168.75.134:80 0.0.0.0:* LISTEN 66785/httpd
tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN 8031/dnsmasq
[root@promote /]#
[root@promote /]# iptables -F
[root@promote /]# setenforce 0

E N J O Y ❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁