β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦NETWORK HACKING MATERIAL 2020 :
http://www.milescan.com ParosPro
https://www.qualys.com/enterprises/qualysguard/web-application-scanning/ Qualys Web Application Scanning
http://www.beyondtrust.com/Products/RetinaNetworkSecurityScanner/ Retina
https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework Xenotix XSS Exploit Framework
https://github.com/future-architect/vuls Vulnerability scanner for Linux, agentless, written in golang.
https://github.com/rastating/wordpress-exploit-framework A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.
http://www.xss-payloads.com/ XSS Payloads to leverage XSS vulnerabilities, build custom payloads, practice penetration testing skills.
https://github.com/joaomatosf/jexboss JBoss (and others Java Deserialization Vulnerabilities) verify and EXploitation Tool
https://github.com/commixproject/commix Automated All-in-One OS command injection and exploitation tool
https://github.com/pathetiq/BurpSmartBuster A Burp Suite content discovery plugin that add the smart into the Buster!
https://github.com/GoSecure/csp-auditor Burp and ZAP plugin to analyze CSP headers
https://github.com/ffleming/timing_attack Perform timing attacks against web applications
https://github.com/lalithr95/fuzzapi Fuzzapi is a tool used for REST API pentesting
https://github.com/owtf/owtf Offensive Web Testing Framework (OWTF)
https://github.com/nccgroup/wssip Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.
https://github.com/tijme/angularjs-csti-scanner Automated client-side template injection (sandbox escape/bypass) detection for AngularJS (ACSTIS).
https://reshift.softwaresecured.com A source code analysis tool for detecting and managing Java security vulnerabilities.
https://encoding.tools Web app for transforming binary data and
strings, including hashes and various encodings. GPLv3 offline version available.
https://gchq.github.io/CyberChef/ A "Cyber Swiss Army Knife" for carrying out various encodings and transformations of binary data and strings.
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦NETWORK HACKING MATERIAL 2020 :
http://www.milescan.com ParosPro
https://www.qualys.com/enterprises/qualysguard/web-application-scanning/ Qualys Web Application Scanning
http://www.beyondtrust.com/Products/RetinaNetworkSecurityScanner/ Retina
https://www.owasp.org/index.php/OWASP_Xenotix_XSS_Exploit_Framework Xenotix XSS Exploit Framework
https://github.com/future-architect/vuls Vulnerability scanner for Linux, agentless, written in golang.
https://github.com/rastating/wordpress-exploit-framework A Ruby framework for developing and using modules which aid in the penetration testing of WordPress powered websites and systems.
http://www.xss-payloads.com/ XSS Payloads to leverage XSS vulnerabilities, build custom payloads, practice penetration testing skills.
https://github.com/joaomatosf/jexboss JBoss (and others Java Deserialization Vulnerabilities) verify and EXploitation Tool
https://github.com/commixproject/commix Automated All-in-One OS command injection and exploitation tool
https://github.com/pathetiq/BurpSmartBuster A Burp Suite content discovery plugin that add the smart into the Buster!
https://github.com/GoSecure/csp-auditor Burp and ZAP plugin to analyze CSP headers
https://github.com/ffleming/timing_attack Perform timing attacks against web applications
https://github.com/lalithr95/fuzzapi Fuzzapi is a tool used for REST API pentesting
https://github.com/owtf/owtf Offensive Web Testing Framework (OWTF)
https://github.com/nccgroup/wssip Application for capturing, modifying and sending custom WebSocket data from client to server and vice versa.
https://github.com/tijme/angularjs-csti-scanner Automated client-side template injection (sandbox escape/bypass) detection for AngularJS (ACSTIS).
https://reshift.softwaresecured.com A source code analysis tool for detecting and managing Java security vulnerabilities.
https://encoding.tools Web app for transforming binary data and
strings, including hashes and various encodings. GPLv3 offline version available.
https://gchq.github.io/CyberChef/ A "Cyber Swiss Army Knife" for carrying out various encodings and transformations of binary data and strings.
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Qualys
Web Application Scanning | Qualys, Inc.
Robust cloud solution for continuous web app discovery and detection of vulnerabilities and misconfigurations.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to set unlimited users and file descriptions on Linux server:
If you get βtoo many files open limitβ error on Linux server because there is a limit on opening files in Linux according to user session.
1) We need to add a line to /etc/sysctl.conf and run sysctl -p:
fs.file-max = 80000
2) We can check the default limits using the following command:
cat / proc / sys / fs / file-max
3) file-max is the maximum file descriptor. This is a kernel setting applied at the system level.
4) Similarly, you can check the default values ββfor the root user.
ulimit -a
5) We can also set hard and soft limits by editing this vim file /etc/security/limits.conf
* hard nofile 600000
* soft nofile 600000
6) Set hard and soft limits for Linux user
linux hard nofile 600000
linux soft nofile 600000
7) Then run sysctl -p to make the changes.
We can also set the process limit for the root user to unlimited with ulimit -u unlimited and store these lines in /root/.bashrc forever.
We can also check how many files are currently open using lsof | wc -l
8) Check how many file descriptions are currently in use: more / proc / sys / fs / file-nr
9) Check the limit on the currently open file descriptor using the following commands.
more / proc / sys / fs / file-max
sysctl -a | grep fs.file-max
10) After making the changes, you need to log out and log back in. There are many options available and you can check them out on the official RedHat page.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to set unlimited users and file descriptions on Linux server:
If you get βtoo many files open limitβ error on Linux server because there is a limit on opening files in Linux according to user session.
1) We need to add a line to /etc/sysctl.conf and run sysctl -p:
fs.file-max = 80000
2) We can check the default limits using the following command:
cat / proc / sys / fs / file-max
3) file-max is the maximum file descriptor. This is a kernel setting applied at the system level.
4) Similarly, you can check the default values ββfor the root user.
ulimit -a
5) We can also set hard and soft limits by editing this vim file /etc/security/limits.conf
* hard nofile 600000
* soft nofile 600000
6) Set hard and soft limits for Linux user
linux hard nofile 600000
linux soft nofile 600000
7) Then run sysctl -p to make the changes.
We can also set the process limit for the root user to unlimited with ulimit -u unlimited and store these lines in /root/.bashrc forever.
We can also check how many files are currently open using lsof | wc -l
8) Check how many file descriptions are currently in use: more / proc / sys / fs / file-nr
9) Check the limit on the currently open file descriptor using the following commands.
more / proc / sys / fs / file-max
sysctl -a | grep fs.file-max
10) After making the changes, you need to log out and log back in. There are many options available and you can check them out on the official RedHat page.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The NetWalker ransomware group has made 25 million USD since March 2020 :
#news
> Security company McAfee said today that operators of NetWalker ransomware are believed to have earned more than $25 million in ransom payments since March this year. Although there are no accurate and up-to-date statistics, the $25 million figure put NetWalker at the top of the most successful ransomware gangs currently known. Other known names include Ryuk, Dharma, and REvil (Sodinokibi).
> McAfee recently released a comprehensive report on NetWalker's operations, which can track payments made by victims to the Bitcoin address of the ransomware group. However, security experts believe that because their views are incomplete, the gang may gain more benefits from their illegal actions.
#News
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦The NetWalker ransomware group has made 25 million USD since March 2020 :
#news
> Security company McAfee said today that operators of NetWalker ransomware are believed to have earned more than $25 million in ransom payments since March this year. Although there are no accurate and up-to-date statistics, the $25 million figure put NetWalker at the top of the most successful ransomware gangs currently known. Other known names include Ryuk, Dharma, and REvil (Sodinokibi).
> McAfee recently released a comprehensive report on NetWalker's operations, which can track payments made by victims to the Bitcoin address of the ransomware group. However, security experts believe that because their views are incomplete, the gang may gain more benefits from their illegal actions.
#News
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HomeHackingUltimate Guide To : Ethical Hacking With Termux
Lazymux contains Several Hacking Tools of Kali Linux at One Place so now its easy to Install Lazymux In Termux
Lazymux Contains the Following Hacking Tools
01 Sudo 11 SQLMap
02 NMap 12 Black Hydra
03 Hydra 13 Fl00d & Fl00d2
04 FB Brute Force 14 Infoga
05 Webdav 15 LANs.py
06 RED HAWK 16 Pagodo
07 Brutal 17 FBUP
08 Metasploit 18 KnockMail
09 1337Hash 19 Ufonet
10 IPLoc 20 Commix
21 D-Tect 31 ReconDog
22 A-Rat 32 Meisha
23 Torshammer 33 Kali NetHunter
24 Slowloris 34 Ngrok
25 DSSS 35 Weeman
26 SQLiv 36 Cupp
27 Wifite 37 Hash-Buster
28 Wifite 2 38 Routersploit
29 MSFPC 39 Ubuntu
30 Kwetza 40 Fedora
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Then Type this Command
1) apt Update && apt upgrade
Now We have to Install git by typing this command
pkg install git
2) Then Now We need Python2 environment in Termux so type the command pkg install python to install python
3) Now almost done type below command to install Lazymux on Termux
git clone https://github.com/Gameye98/Lazymux
4) After Cloning successful
> cd Lazymux && ls
5) Now you have to type below command for menu of Lazymux Hacking Tools
> python lazymux.py
6) Now select your Desired Tool To Install and us
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HomeHackingUltimate Guide To : Ethical Hacking With Termux
Lazymux contains Several Hacking Tools of Kali Linux at One Place so now its easy to Install Lazymux In Termux
Lazymux Contains the Following Hacking Tools
01 Sudo 11 SQLMap
02 NMap 12 Black Hydra
03 Hydra 13 Fl00d & Fl00d2
04 FB Brute Force 14 Infoga
05 Webdav 15 LANs.py
06 RED HAWK 16 Pagodo
07 Brutal 17 FBUP
08 Metasploit 18 KnockMail
09 1337Hash 19 Ufonet
10 IPLoc 20 Commix
21 D-Tect 31 ReconDog
22 A-Rat 32 Meisha
23 Torshammer 33 Kali NetHunter
24 Slowloris 34 Ngrok
25 DSSS 35 Weeman
26 SQLiv 36 Cupp
27 Wifite 37 Hash-Buster
28 Wifite 2 38 Routersploit
29 MSFPC 39 Ubuntu
30 Kwetza 40 Fedora
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
Then Type this Command
1) apt Update && apt upgrade
Now We have to Install git by typing this command
pkg install git
2) Then Now We need Python2 environment in Termux so type the command pkg install python to install python
3) Now almost done type below command to install Lazymux on Termux
git clone https://github.com/Gameye98/Lazymux
4) After Cloning successful
> cd Lazymux && ls
5) Now you have to type below command for menu of Lazymux Hacking Tools
> python lazymux.py
6) Now select your Desired Tool To Install and us
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - Gameye98/Lazymux: termux tool installer
termux tool installer. Contribute to Gameye98/Lazymux development by creating an account on GitHub.
Magento 2.3.1_ Unauthenticated Stored XSS to RCE.pdf
499.7 KB
Unauthenticated Stored XSS to RCE
#full with pictures
#full with pictures
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Why don't hackers attack online lending platforms?
#FastTips
1) The risk of attack outweighs the benefit
For example, I might get 200,000 yuan from this online lending platform, but according to the "Internet Security Law" I have to go in and squat for 5 or 6 years. It is not guilty to go in for a small profit. And you may not know how powerful our cyber police are. Letβs just say: my countryβs current cyber security risk handling system is very complete, and it can "look for you along the network cable." The Internet is not a place outside the law! ! !
2) Not bad money
Powerful hackers (technologists) have long since become the executives of listed technology companies (such as Ali, Tencent, Baidu, 360, etc.).
Moreover, the online loan platform is also undergoing risk testing before being launched. Behind a complete product is a very large and detailed risk control system. If the technology is not enough, it is definitely not black. To put it simply: Technologists can't keep up with this little money and are too lazy to attack, and rookie skills can't keep up with the attack.
3) Attacks are always there.
Yes, of course there are people who have the technology but some are not afraid of death and lack of money. So they will take risks to attack online loan platforms, payment platforms, etc. But there are also white hats (specially against hackers) who work for the company to defend and trace the source & counter-attack. The war between hackers and white hats on the Internet has been in fierce confrontation. For example, the app suddenly fails to open, your computer has a blue screen inadvertently, your computer is poisoned, and so on. Network offense and defense is like a war without gunpowder, which takes place 24 hours a day.
4) There are online lending platforms that have been hacked, but ordinary people will never know
According to my industry experience, there are indeed platforms that have been hacked, trousers removed, black pages posted, data tampered and so on. Most of them were done by foreign APT organizations, and many of them were "instructed"
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Why don't hackers attack online lending platforms?
#FastTips
1) The risk of attack outweighs the benefit
For example, I might get 200,000 yuan from this online lending platform, but according to the "Internet Security Law" I have to go in and squat for 5 or 6 years. It is not guilty to go in for a small profit. And you may not know how powerful our cyber police are. Letβs just say: my countryβs current cyber security risk handling system is very complete, and it can "look for you along the network cable." The Internet is not a place outside the law! ! !
2) Not bad money
Powerful hackers (technologists) have long since become the executives of listed technology companies (such as Ali, Tencent, Baidu, 360, etc.).
Moreover, the online loan platform is also undergoing risk testing before being launched. Behind a complete product is a very large and detailed risk control system. If the technology is not enough, it is definitely not black. To put it simply: Technologists can't keep up with this little money and are too lazy to attack, and rookie skills can't keep up with the attack.
3) Attacks are always there.
Yes, of course there are people who have the technology but some are not afraid of death and lack of money. So they will take risks to attack online loan platforms, payment platforms, etc. But there are also white hats (specially against hackers) who work for the company to defend and trace the source & counter-attack. The war between hackers and white hats on the Internet has been in fierce confrontation. For example, the app suddenly fails to open, your computer has a blue screen inadvertently, your computer is poisoned, and so on. Network offense and defense is like a war without gunpowder, which takes place 24 hours a day.
4) There are online lending platforms that have been hacked, but ordinary people will never know
According to my industry experience, there are indeed platforms that have been hacked, trousers removed, black pages posted, data tampered and so on. Most of them were done by foreign APT organizations, and many of them were "instructed"
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Bruteforce admin login for website topic git :
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) pip2 install selenium
2) pip2 install requests
3) git clone https://github.com/MetaChar/Hatch
4) python2 main.py
5)COMMANDS :
-h, --help show this help message and exit
-u USERNAME, --username=USERNAME Choose the username
--usernamesel=USERNAMESEL Choose the username selector
--passsel=PASSSEL Choose the password selector
--loginsel=LOGINSEL Choose the login button selector
--passlist=PASSLIST Enter the password list directory
--website=WEBSITE choose a website
dont worry if you load up the tool without any args youll go to the default wizard! Also i removed the apt xvfb and pip2 pyvirtualdisplay
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Bruteforce admin login for website topic git :
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) pip2 install selenium
2) pip2 install requests
3) git clone https://github.com/MetaChar/Hatch
4) python2 main.py
5)COMMANDS :
-h, --help show this help message and exit
-u USERNAME, --username=USERNAME Choose the username
--usernamesel=USERNAMESEL Choose the username selector
--passsel=PASSSEL Choose the password selector
--loginsel=LOGINSEL Choose the login button selector
--passlist=PASSLIST Enter the password list directory
--website=WEBSITE choose a website
dont worry if you load up the tool without any args youll go to the default wizard! Also i removed the apt xvfb and pip2 pyvirtualdisplay
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
exploit.py
2.6 KB
π¦interesting 2020 exploit :
1.- Run the python script, it will create a new file "exploit.txt"
2.- Copy the content of the new file 'exploit.txt' to clipboard
3.- Turn off DEP for startup-manger.exe
4.- Open 'startup-manger.exe'
5.- Click 'New' or go to 'File' and click 'New'
6.- Paste content from clipboard into 'File' parameter
7.- Click on 'OK'
8.- Calc.exe runs.
β β β Uππ»βΊπ«Δπ¬πβ β β β
1.- Run the python script, it will create a new file "exploit.txt"
2.- Copy the content of the new file 'exploit.txt' to clipboard
3.- Turn off DEP for startup-manger.exe
4.- Open 'startup-manger.exe'
5.- Click 'New' or go to 'File' and click 'New'
6.- Paste content from clipboard into 'File' parameter
7.- Click on 'OK'
8.- Calc.exe runs.
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦LIST 2 NETWORK HACKING MATERIALS & TOOLS 2020 TOPIC :
http://www.metasploit.com/ - World's most used penetration testing software
https://findsubdomains.com - Online subdomains scanner service with lots of additional data. works using OSINT.
https://github.com/bjeborn/basic-auth-pot HTTP Basic Authentication honeyPot.
http://www.arachni-scanner.com/ - Web Application Security Scanner Framework
https://github.com/sullo/nikto - Nikto web server scanner
http://www.tenable.com/products/nessus-vulnerability-scanner - Nessus Vulnerability Scanner
http://www.portswigger.net/burp/intruder.html - Burp Intruder is a tool for automating customized attacks against web apps.
http://www.openvas.org/ - The world's most advanced Open Source vulnerability scanner and manager.
https://github.com/iSECPartners/Scout2 - Security auditing tool for AWS environments
https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project - Is a multi threaded java application designed to brute force directories and files names on web/application servers.
https://www.owasp.org/index.php/ZAP - The Zed Attack Proxy is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.
https://github.com/tecknicaltom/dsniff - dsniff is a collection of tools for network auditing and penetration testing. https://github.com/WangYihang/Webshell-Sniper - Manage your webshell via terminal. https://github.com/DanMcInerney/dnsspoof - DNS spoofer. Drops DNS responses from the router and replaces it with the spoofed DNS response
https://github.com/trustedsec/social-engineer-toolkit - The Social-Engineer Toolkit (SET) repository from TrustedSec
https://github.com/sqlmapproject/sqlmap - Automatic SQL injection and database takeover tool
https://github.com/beefproject/beef - The Browser Exploitation Framework Project
http://w3af.org/ - w3af is a Web Application Attack and Audit Framework
https://github.com/espreto/wpsploit - WPSploit, Exploiting Wordpress With Metasploit https://github.com/WangYihang/Reverse-Shell-Manager - Reverse shell manager via terminal. https://github.com/RUB-NDS/WS-Attacker - WS-Attacker is a modular framework for web services penetration testing
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦LIST 2 NETWORK HACKING MATERIALS & TOOLS 2020 TOPIC :
http://www.metasploit.com/ - World's most used penetration testing software
https://findsubdomains.com - Online subdomains scanner service with lots of additional data. works using OSINT.
https://github.com/bjeborn/basic-auth-pot HTTP Basic Authentication honeyPot.
http://www.arachni-scanner.com/ - Web Application Security Scanner Framework
https://github.com/sullo/nikto - Nikto web server scanner
http://www.tenable.com/products/nessus-vulnerability-scanner - Nessus Vulnerability Scanner
http://www.portswigger.net/burp/intruder.html - Burp Intruder is a tool for automating customized attacks against web apps.
http://www.openvas.org/ - The world's most advanced Open Source vulnerability scanner and manager.
https://github.com/iSECPartners/Scout2 - Security auditing tool for AWS environments
https://www.owasp.org/index.php/Category:OWASP_DirBuster_Project - Is a multi threaded java application designed to brute force directories and files names on web/application servers.
https://www.owasp.org/index.php/ZAP - The Zed Attack Proxy is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.
https://github.com/tecknicaltom/dsniff - dsniff is a collection of tools for network auditing and penetration testing. https://github.com/WangYihang/Webshell-Sniper - Manage your webshell via terminal. https://github.com/DanMcInerney/dnsspoof - DNS spoofer. Drops DNS responses from the router and replaces it with the spoofed DNS response
https://github.com/trustedsec/social-engineer-toolkit - The Social-Engineer Toolkit (SET) repository from TrustedSec
https://github.com/sqlmapproject/sqlmap - Automatic SQL injection and database takeover tool
https://github.com/beefproject/beef - The Browser Exploitation Framework Project
http://w3af.org/ - w3af is a Web Application Attack and Audit Framework
https://github.com/espreto/wpsploit - WPSploit, Exploiting Wordpress With Metasploit https://github.com/WangYihang/Reverse-Shell-Manager - Reverse shell manager via terminal. https://github.com/RUB-NDS/WS-Attacker - WS-Attacker is a modular framework for web services penetration testing
E N J O Y β€οΈππ»
U S E F O R L E A R N
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Metasploit
Metasploit | Penetration Testing Software, Pen Testing Security | Metasploit
Find security issues, verify vulnerability mitigations & manage security assessments with Metasploit. Get the world's best penetration testing software now.
π¦FOR BEGINERS AND EXPERTS AWESOME COLLECTION :
-Security and Hacking Tools
-Exploits
-Proof of Concepts
-ShellcodeS
-Scripts.
free dl https://github.com/nullsecuritynet/tools
enjoy
β β β Uππ»βΊπ«Δπ¬πβ β β β
-Security and Hacking Tools
-Exploits
-Proof of Concepts
-ShellcodeS
-Scripts.
free dl https://github.com/nullsecuritynet/tools
enjoy
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - nullsecuritynet/tools: Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.
Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts. - nullsecuritynet/tools
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ MIT and MIT-Style Licenses :
bililiteRange.js https://github.com/dwachss/bililiteRange
handlebars.js https://github.com/wycats/handlebars.js/blob/master/LICENSE
html5shiv https://code.google.com/p/html5shiv/
i18next http://i18next.com/
JQuery http://jquery.com/
JQueryUI http://jqueryui.com/
jquery.ajaxqueue.js http://www.onemoretake.com/2009/10/11/ajaxqueue-and-jquery-1-3/
jquery.autocomplete.js http://bassistance.de/jquery-plugins/jquery-plugin-autocomplete/
jquery.ba-dotimeout.min.js http://benalman.com/projects/jquery-dotimeout-plugin/
jquery.color.js https://github.com/jquery/jquery-color
jquery.contextMenu.js https://github.com/medialize/jQuery-contextMenu
jquery.customSelect.js https://github.com/adamcoulombe/jquery.customSelect
jquery.embedly.js https://github.com/embedly/embedly-jquery
jquery.handsontable.js http://handsontable.com/
jquery.placeholder.js https://github.com/mathiasbynens/jquery-placeholder
jquery.sendkeys.js https://github.com/dwachss/bililiteRange
jquery.tablesorter.js http://tablesorter.com/docs/
jquery.textcomplete.min.js https://github.com/yuku-t/jquery-textcomplete/
jquery.tinysort.js http://tinysort.sjeiti.com/
jquery.ui.position.js http://jqueryui.com/
jquery.ui.touch-punch.min.js http://touchpunch.furf.com/
jquery.validate.js http://bassistance.de/jquery-plugins/jquery-plugin-validation/
jquery.transition.js https://github.com/louisremi/jquery.transition.js/
less-1.4.1.min.js http://www.lesscss.org/
LESS Hat http://LESSHat.com/
pagedown https://code.google.com/p/pagedown/source/browse/LICENSE.txt
require.js http://github.com/jrburke/requirejs
selectivizr-min.js http://selectivizr.com/
simplewebrtc.bundle.js https://github.com/HenrikJoreteg/SimpleWebRTC
socket.io.js https://github.com/LearnBoost/socket.io-client
ACE Syntax Highlighter (tokenizer.js) http://ace.c9.io/
to-markdown https://github.com/domchristie/to-markdown
unicode.js http://xregexp.com
MBProgressHUD https://github.com/jdg/MBProgressHUD
WebViewJavascriptBridge https://github.com/marcuswestin/WebViewJavascriptBridge/blob/master/LICENSE
JavaScript Pretty Date http://ejohn.org/blog/javascript-pretty-date/
JSON Framework https://code.google.com/p/json-framework/
Emoji One Non-Artwork https://github.com/Ranks/emojione
ZeroClipboard https://github.com/zeroclipboard/zeroclipboar
Topic git 2020
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ MIT and MIT-Style Licenses :
bililiteRange.js https://github.com/dwachss/bililiteRange
handlebars.js https://github.com/wycats/handlebars.js/blob/master/LICENSE
html5shiv https://code.google.com/p/html5shiv/
i18next http://i18next.com/
JQuery http://jquery.com/
JQueryUI http://jqueryui.com/
jquery.ajaxqueue.js http://www.onemoretake.com/2009/10/11/ajaxqueue-and-jquery-1-3/
jquery.autocomplete.js http://bassistance.de/jquery-plugins/jquery-plugin-autocomplete/
jquery.ba-dotimeout.min.js http://benalman.com/projects/jquery-dotimeout-plugin/
jquery.color.js https://github.com/jquery/jquery-color
jquery.contextMenu.js https://github.com/medialize/jQuery-contextMenu
jquery.customSelect.js https://github.com/adamcoulombe/jquery.customSelect
jquery.embedly.js https://github.com/embedly/embedly-jquery
jquery.handsontable.js http://handsontable.com/
jquery.placeholder.js https://github.com/mathiasbynens/jquery-placeholder
jquery.sendkeys.js https://github.com/dwachss/bililiteRange
jquery.tablesorter.js http://tablesorter.com/docs/
jquery.textcomplete.min.js https://github.com/yuku-t/jquery-textcomplete/
jquery.tinysort.js http://tinysort.sjeiti.com/
jquery.ui.position.js http://jqueryui.com/
jquery.ui.touch-punch.min.js http://touchpunch.furf.com/
jquery.validate.js http://bassistance.de/jquery-plugins/jquery-plugin-validation/
jquery.transition.js https://github.com/louisremi/jquery.transition.js/
less-1.4.1.min.js http://www.lesscss.org/
LESS Hat http://LESSHat.com/
pagedown https://code.google.com/p/pagedown/source/browse/LICENSE.txt
require.js http://github.com/jrburke/requirejs
selectivizr-min.js http://selectivizr.com/
simplewebrtc.bundle.js https://github.com/HenrikJoreteg/SimpleWebRTC
socket.io.js https://github.com/LearnBoost/socket.io-client
ACE Syntax Highlighter (tokenizer.js) http://ace.c9.io/
to-markdown https://github.com/domchristie/to-markdown
unicode.js http://xregexp.com
MBProgressHUD https://github.com/jdg/MBProgressHUD
WebViewJavascriptBridge https://github.com/marcuswestin/WebViewJavascriptBridge/blob/master/LICENSE
JavaScript Pretty Date http://ejohn.org/blog/javascript-pretty-date/
JSON Framework https://code.google.com/p/json-framework/
Emoji One Non-Artwork https://github.com/Ranks/emojione
ZeroClipboard https://github.com/zeroclipboard/zeroclipboar
Topic git 2020
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - dwachss/bililiteRange: Library for manipulating text ranges and selections, and assorted other programs that use that
Library for manipulating text ranges and selections, and assorted other programs that use that - GitHub - dwachss/bililiteRange: Library for manipulating text ranges and selections, and assorted ot...
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Is my website data secured in the data center?
> Now this question will revolve around you. Many times you may have seen people hacking into the system and stealing data. Data centers are essential for storing data, but the information security of a data center depends on various factors. Many companies lose huge amounts of money every year due to cyberattacks.
> With the revolution in IT sectors, cyber attackers are becoming more active every day. If you want your data to be safe, make sure you choose a hosting provider that has the most reliable protocol for your data center.
1) Data center information security components
Physical security
> The data center will be located in a fixed location, and all data will be stored in a physical data center. The data center provider must ensure that the physical servers are secure and secure. Physical security includes the construction of the center, its infrastructure, and its ability to withstand natural disasters and terrorist attacks. Infrastructure safety includes building construction, thick walls, fewer protected windows, fire safety, video surveillance, security, etc.
2) Limited secure access
The security system for entering the data center must be very tough. Each visitor must provide proof of identity, and the security service must closely monitor each visitor. We must control all activities within the Data Center 24/7. The entire data center crew must be thoroughly surveyed when entering and exiting the premises.
3) Online data protection
This is an important task. All clients transfer data online, so the data center must ensure that the transfer is safe and secure. You need to use different encryption methods that attackers cannot encrypt. Sometimes attackers try to connect to datacenters as a client, so the datacenter administration should only provide space for legitimate people. Install firewalls to protect heavy traffic. A reliable protocol should be designed to continuously monitor internal traffic if any threats bypassed the firewall and entered the data center.
4) Protection of hosted data
It is very important to protect the data that is already in the data center. Data centers manage to protect data by backing up and restoring data. They perform encryption of information in the exchange of documents, confirming the latest information security recommendations and comprehensive traffic monitoring.
5) Secure server
Information security guidelines must be followed to ensure complete server security with 24/7 monitoring, intrusion detection, and threat protection. Data centers must use robust security techniques to prevent cyberattacks in both virtual and physical environments.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Is my website data secured in the data center?
> Now this question will revolve around you. Many times you may have seen people hacking into the system and stealing data. Data centers are essential for storing data, but the information security of a data center depends on various factors. Many companies lose huge amounts of money every year due to cyberattacks.
> With the revolution in IT sectors, cyber attackers are becoming more active every day. If you want your data to be safe, make sure you choose a hosting provider that has the most reliable protocol for your data center.
1) Data center information security components
Physical security
> The data center will be located in a fixed location, and all data will be stored in a physical data center. The data center provider must ensure that the physical servers are secure and secure. Physical security includes the construction of the center, its infrastructure, and its ability to withstand natural disasters and terrorist attacks. Infrastructure safety includes building construction, thick walls, fewer protected windows, fire safety, video surveillance, security, etc.
2) Limited secure access
The security system for entering the data center must be very tough. Each visitor must provide proof of identity, and the security service must closely monitor each visitor. We must control all activities within the Data Center 24/7. The entire data center crew must be thoroughly surveyed when entering and exiting the premises.
3) Online data protection
This is an important task. All clients transfer data online, so the data center must ensure that the transfer is safe and secure. You need to use different encryption methods that attackers cannot encrypt. Sometimes attackers try to connect to datacenters as a client, so the datacenter administration should only provide space for legitimate people. Install firewalls to protect heavy traffic. A reliable protocol should be designed to continuously monitor internal traffic if any threats bypassed the firewall and entered the data center.
4) Protection of hosted data
It is very important to protect the data that is already in the data center. Data centers manage to protect data by backing up and restoring data. They perform encryption of information in the exchange of documents, confirming the latest information security recommendations and comprehensive traffic monitoring.
5) Secure server
Information security guidelines must be followed to ensure complete server security with 24/7 monitoring, intrusion detection, and threat protection. Data centers must use robust security techniques to prevent cyberattacks in both virtual and physical environments.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦hacking topic git-Termux/Linux
F E A T U R E S :
1) svmap
this is a sip scanner. When launched against
ranges of ip address space, it will identify any SIP servers
which it finds on the way. Also has the option to scan hosts
on ranges of ports.
2) svwar
identifies working extension lines on a PBX. A working
extension is one that can be registered.
Also tells you if the extension line requires authentication or not.
3) svcrack
a password cracker making use of digest authentication.
It is able to crack passwords on both registrar servers and proxy
servers. Current cracking modes are either numeric ranges or
words from dictionary files.
4) svreport
able to manage sessions created by the rest of the tools
and export to pdf, xml, csv and plain text.
5) svcrash
responds to svwar and svcrack SIP messages with a message that
causes old versions to crash.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/enablesecurity/sipvicious.git
2) cd sipvicious/
> Setup the tool.
3) python setup.py install
4) Fire-up the scripts one by one.
sipvicious_svmap --help
sipvicious_svcrack --help
sipvicious_svcrash --help
sipvicious_svwar --help
sipvicious_svreport --help
Simply using pip install sipvicious
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦hacking topic git-Termux/Linux
F E A T U R E S :
1) svmap
this is a sip scanner. When launched against
ranges of ip address space, it will identify any SIP servers
which it finds on the way. Also has the option to scan hosts
on ranges of ports.
2) svwar
identifies working extension lines on a PBX. A working
extension is one that can be registered.
Also tells you if the extension line requires authentication or not.
3) svcrack
a password cracker making use of digest authentication.
It is able to crack passwords on both registrar servers and proxy
servers. Current cracking modes are either numeric ranges or
words from dictionary files.
4) svreport
able to manage sessions created by the rest of the tools
and export to pdf, xml, csv and plain text.
5) svcrash
responds to svwar and svcrack SIP messages with a message that
causes old versions to crash.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/enablesecurity/sipvicious.git
2) cd sipvicious/
> Setup the tool.
3) python setup.py install
4) Fire-up the scripts one by one.
sipvicious_svmap --help
sipvicious_svcrack --help
sipvicious_svcrash --help
sipvicious_svwar --help
sipvicious_svreport --help
Simply using pip install sipvicious
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - EnableSecurity/sipvicious: SIPVicious OSS is a VoIP security testing toolset. It helps security teams, QA and developersβ¦
SIPVicious OSS is a VoIP security testing toolset. It helps security teams, QA and developers test SIP-based VoIP systems and applications. This toolset is useful in simulating VoIP hacking attacks...
Organic HTTP File Transfer.pdf
312.5 KB
Bash One-Liner to Check Your Password(s) via pwnedpasswords.comβs API Using the k-Anonymity Method
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Decryption and encryption for beginers :
#forbeginers
1) Encryption and decryption of software is a fascinating field of research, which can be closely integrated with almost any computer technology-cryptography, programming languages, operating systems, and data structures. Without encryption technology,
2) any network security is empty talk, and the application of encryption runs through the entire network security learning process.
3) Let's first understand the program in the computer. Programs written in high-level languages will be compiled into machine language and executed on the CPU, such as Visual C++. Since machine language and assembly language have a one-to-one correspondence, machine language can be converted into assembly language. This process is called disassembly.
The assembly language may be more readable, so you can analyze the program flow and analyze its functions. This process is decryption (commonly known as cracking). In other words, the basis of decryption is built on the level of assembly language, so friends who want to get involved in this field must learn assembly language well.
4) After you have learned the assembly, it is recommended to master Win32 programming.Learning to decrypt and encrypt is very tiring, it takes a lot of time, and often hits the wall. It is very common to make no progress for three to five days. There is no secret other than diligence + perseverance. But mastering this technology can improve one's own debugging skills through tracking software, understand others' program ideas, and write better programs.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Decryption and encryption for beginers :
#forbeginers
1) Encryption and decryption of software is a fascinating field of research, which can be closely integrated with almost any computer technology-cryptography, programming languages, operating systems, and data structures. Without encryption technology,
2) any network security is empty talk, and the application of encryption runs through the entire network security learning process.
3) Let's first understand the program in the computer. Programs written in high-level languages will be compiled into machine language and executed on the CPU, such as Visual C++. Since machine language and assembly language have a one-to-one correspondence, machine language can be converted into assembly language. This process is called disassembly.
The assembly language may be more readable, so you can analyze the program flow and analyze its functions. This process is decryption (commonly known as cracking). In other words, the basis of decryption is built on the level of assembly language, so friends who want to get involved in this field must learn assembly language well.
4) After you have learned the assembly, it is recommended to master Win32 programming.Learning to decrypt and encrypt is very tiring, it takes a lot of time, and often hits the wall. It is very common to make no progress for three to five days. There is no secret other than diligence + perseverance. But mastering this technology can improve one's own debugging skills through tracking software, understand others' program ideas, and write better programs.
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Firewall technology for beginers :
#fastTips
Firewall technology is an important element in network security, a barrier and a guard when the external network communicates with the internal network. In addition to having a deep understanding of the types and working principles of firewall technology, as a network security manager,
> you should also be familiar with the configuration and maintenance of various common firewalls.You should at least understand the simple configuration of the following firewalls:
1) The use of various common personal firewall software;
2) ACL-based packet filtering firewall configuration (such as Windows-based IPSec configuration, Cisco router-based ACL configuration, etc.;
3) Firewall configuration based on Linux operating system (Ipchains/Iptables);
4) ISA configuration;
5) Cisco PIX configuration;
6) Check Point firewall configuration;
7) VPN configuration based on Windows, Unix, and Cisco routers.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Firewall technology for beginers :
#fastTips
Firewall technology is an important element in network security, a barrier and a guard when the external network communicates with the internal network. In addition to having a deep understanding of the types and working principles of firewall technology, as a network security manager,
> you should also be familiar with the configuration and maintenance of various common firewalls.You should at least understand the simple configuration of the following firewalls:
1) The use of various common personal firewall software;
2) ACL-based packet filtering firewall configuration (such as Windows-based IPSec configuration, Cisco router-based ACL configuration, etc.;
3) Firewall configuration based on Linux operating system (Ipchains/Iptables);
4) ISA configuration;
5) Cisco PIX configuration;
6) Check Point firewall configuration;
7) VPN configuration based on Windows, Unix, and Cisco routers.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β