β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST 2020 ANDROID REMOTE DESKTOP APPS :
https://play.google.com/store/apps/details?id=com.anydesk.anydeskandroid
https://play.google.com/store/apps/details?id=com.google.chromeremotedesktop
https://play.google.com/store/apps/details?id=com.teamviewer.teamviewer.market.mobile
https://play.google.com/store/apps/details?id=com.microsoft.rdc.androidx
https://play.google.com/store/apps/details?id=com.sand.airdroid
https://play.google.com/store/apps/details?id=com.realvnc.viewer.android
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST 2020 ANDROID REMOTE DESKTOP APPS :
https://play.google.com/store/apps/details?id=com.anydesk.anydeskandroid
https://play.google.com/store/apps/details?id=com.google.chromeremotedesktop
https://play.google.com/store/apps/details?id=com.teamviewer.teamviewer.market.mobile
https://play.google.com/store/apps/details?id=com.microsoft.rdc.androidx
https://play.google.com/store/apps/details?id=com.sand.airdroid
https://play.google.com/store/apps/details?id=com.realvnc.viewer.android
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Google Play
AnyDesk Remote Desktop - Apps on Google Play
Remote access from anywhere. Fast and secure. All operating systems and devices
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 new update location tracking for beginers - Programs for finding user location
We need two programs:
11) seeker - launches a phishing site and analyzes the received data.
2) ngrok - in case you don't have a white IP address (or hosting); this program allows you to create links to your site so that the site on your local computer can be opened on the Internet. More details about this program can be found in the article " How to make a local web server accessible from the Internet without a white IP ."
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) sudo apt update
2) sudo apt install python3 python3-pip php ssh git
3) pip3 install requests
4) git clone https://github.com/thewhiteh4t/seeker
5) cd seeker /
6) python3 ./seeker.py -h
π¦Installing ngrok on Kali Linux
1) wget
3) chmod + x ./ngrok
4) ./ngrok -h
5) python3 ./seeker.py -t manual
Note: if you run into problems while trying to start the built-in PHP server, look at the contents of the ./logs/php.log file. If you find errors mentioning openbasedir there , see the article " Error" Warning: Unknown: openbasedir restriction in effect. " (RESOLVED) ".
π¦+ Select a Template :
1 NearYou
2 Google Drive
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 new update location tracking for beginers - Programs for finding user location
We need two programs:
11) seeker - launches a phishing site and analyzes the received data.
2) ngrok - in case you don't have a white IP address (or hosting); this program allows you to create links to your site so that the site on your local computer can be opened on the Internet. More details about this program can be found in the article " How to make a local web server accessible from the Internet without a white IP ."
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) sudo apt update
2) sudo apt install python3 python3-pip php ssh git
3) pip3 install requests
4) git clone https://github.com/thewhiteh4t/seeker
5) cd seeker /
6) python3 ./seeker.py -h
π¦Installing ngrok on Kali Linux
1) wget
curl -s https://ngrok.com/download | grep -o -E 'https://bin.equinox.io/c/[A-Za-z0-9]{4,}/ngrok-stable-linux-amd64.zip'
2) unzip ngrok-stable-linux-amd64.zip3) chmod + x ./ngrok
4) ./ngrok -h
5) python3 ./seeker.py -t manual
Note: if you run into problems while trying to start the built-in PHP server, look at the contents of the ./logs/php.log file. If you find errors mentioning openbasedir there , see the article " Error" Warning: Unknown: openbasedir restriction in effect. " (RESOLVED) ".
π¦+ Select a Template :
1 NearYou
2 Google Drive
E N J O Y β€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - thewhiteh4t/seeker: Accurately Locate Smartphones using Social Engineering
Accurately Locate Smartphones using Social Engineering - GitHub - thewhiteh4t/seeker: Accurately Locate Smartphones using Social Engineering
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HACK CCTV 2020 USING LINUX OR TERMUX :
#Reposted
1) pkg install git python -y
2) git clone https://github.com/AngelSecurityTeam/Cam-Hackers
3) cd Cam-Hackers
4) pip3 install requests
5) python3 cam-hackers.py
6) Now Select any country You want from this list and press Enter.for example : You can type 1 and press enter to select USA.
7) Now you will see a list of URLs, just copy anyone URL from the list.
8) Paste URL into a Chrome Tab on Google and you'll be able to see a Camera Control feature as well as use it from the phone.
9) When you see Login Window and query for Username and Password then you should use the most popular Default Username and Passwords, provided Combinations.
Username: admin password: administrator
Username: admin password: (Password blank)
10) When you are still unable to sign in, you can search the camera business name to find the default username and password for that service.
enjoy β€οΈππ»
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HACK CCTV 2020 USING LINUX OR TERMUX :
#Reposted
1) pkg install git python -y
2) git clone https://github.com/AngelSecurityTeam/Cam-Hackers
3) cd Cam-Hackers
4) pip3 install requests
5) python3 cam-hackers.py
6) Now Select any country You want from this list and press Enter.for example : You can type 1 and press enter to select USA.
7) Now you will see a list of URLs, just copy anyone URL from the list.
8) Paste URL into a Chrome Tab on Google and you'll be able to see a Camera Control feature as well as use it from the phone.
9) When you see Login Window and query for Username and Password then you should use the most popular Default Username and Passwords, provided Combinations.
Username: admin password: administrator
Username: admin password: (Password blank)
10) When you are still unable to sign in, you can search the camera business name to find the default username and password for that service.
enjoy β€οΈππ»
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Differences between tcpdump and Wireshark :
Wireshark is also designed to capture and analyze network packets. Wireshark has a graphical interface and a command line interface; tcpdump has a command line interface only
Wireshark supports two types of filters:
1) capture filters
2) display filters
π¦ Wireshark capture filters are identical to tcpdump filters. In Wireshark and tcpdump, capture filters are used to filter the data that will be saved to a file (or displayed). As for the Wireshark display filters, they do not affect the amount of captured and saved data, but are used only to filter the displayed information. Wireshark display filters and tcpdump / Wireshark capture filters support:
1) Data link protocol traffic
2) Gateway protocol traffic
3) Transport layer protocol traffic
4) Filters for Wi-Fi frames
5) Wireshark Display Filters support all of the Capture Filters capabilities, plus additionally:
> Application protocol traffic (HTTP, DNS, SSH, FTP, SMTP, RDP, SNMP, RTSP, GQUIC, CDP, LLMNR, SSDP and many others)
In addition, Wireshark has more tools for analyzing network data and visualizing it.
6) So, Wireshark is more suitable for analyzing application layer protocol traffic and analyzing related data streams.
As for tcpdump, it will work in the absence of a graphical environment. Also, this program is great for capturing network traffic and filtering it according to specified criteria. Tcpdump can also be used to perform all sorts of analysis and testing of network settings.
enjoy β€οΈππ»
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Differences between tcpdump and Wireshark :
Wireshark is also designed to capture and analyze network packets. Wireshark has a graphical interface and a command line interface; tcpdump has a command line interface only
Wireshark supports two types of filters:
1) capture filters
2) display filters
π¦ Wireshark capture filters are identical to tcpdump filters. In Wireshark and tcpdump, capture filters are used to filter the data that will be saved to a file (or displayed). As for the Wireshark display filters, they do not affect the amount of captured and saved data, but are used only to filter the displayed information. Wireshark display filters and tcpdump / Wireshark capture filters support:
1) Data link protocol traffic
2) Gateway protocol traffic
3) Transport layer protocol traffic
4) Filters for Wi-Fi frames
5) Wireshark Display Filters support all of the Capture Filters capabilities, plus additionally:
> Application protocol traffic (HTTP, DNS, SSH, FTP, SMTP, RDP, SNMP, RTSP, GQUIC, CDP, LLMNR, SSDP and many others)
In addition, Wireshark has more tools for analyzing network data and visualizing it.
6) So, Wireshark is more suitable for analyzing application layer protocol traffic and analyzing related data streams.
As for tcpdump, it will work in the absence of a graphical environment. Also, this program is great for capturing network traffic and filtering it according to specified criteria. Tcpdump can also be used to perform all sorts of analysis and testing of network settings.
enjoy β€οΈππ»
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Exploit_Mitigation_Techniques_Data_Execution_Prevention_DEP_.pdf
276.5 KB
Exploit Mitigation Techniques - Data Execution Prevention (DEP)
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦MySQL Super Dump is a tool to efficiently create filtered and manipulated database dumps. It relies in the power of the SQL native language to do this, using WHERE clauses and complete SELECT statements with aliases to do this.
π¦ F E A T U R E S :
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Install the latest Go compiler installed (check instructions at: http://golang.org)
2) Check you environment with go env:
The repository will be clones at $GOPATH/src/github.com/hgfischer/mysqlsuperdump
3) The binary will be installed in $GOBIN
4) Then run go get to download, build and install mysqlsuperdump: go get github.com/hgfischer/mysqlsuperdump
5) Create a config file based on example.cfg and place where you like it.
6) Run mysqlsuperdump -h to see command line options and voilΓ‘.
π¦Configuration Example
[mysql]
# See https://github.com/Go-SQL-Driver/MySQL for details on this
dsn = username:password@protocol(address)/dbname?charset=utf8
extended_insert_rows = 1000
#use_table_lock = true
max_open_conns = 50
# Use this to restrict exported data. These are optional
[where]
sales_order = created_at >= DATE_SUB(NOW(), INTERVAL 7 DAY)
customer_upload = created_at >= DATE_SUB(NOW(), INTERVAL 7 DAY)
newsletter_subscriber = created_at >= DATE_SUB(NOW(), INTERVAL 7 DAY)
# Use this to override value returned from tables. These are optional
[select]
system_user.salt = 'reset salt of all system users'
system_user.password = 'reset password of all system users'
customer.first_name = CONCAT('Charlie ', id)
customer.last_name = 'Last'
customer.salt = 'reset salt of all customers'
customer.password = 'reset password of all customers'
customer.username = CONCAT(id, '@fiction.tld')
customer.username_canonical = CONCAT(id, '@fiction.tld')
customer.email = CONCAT(id, '@fiction.tld')
customer.email_canonical = CONCAT(id, '@fiction.tld')
newsletter_subscriber.email = CONCAT(id, '@fiction.tld')
customer_address.recipient_name = CONCAT('Recipient Name ', id)
customer_address.company = CONCAT('Company Name ', id)
customer_address.phone = CONCAT('(', id, ') 1234-1234')
sales_order_address.recipient_name = CONCAT('Recipient Name ', id)
sales_order_address.company = CONCAT('Company Name ', id)
sales_order_address.phone = CONCAT('(', id, ') 1234-1234')
system_dump_version.created_at = NOW()
# Use this to filter entire table (ignore) or data only (nodata)
[filter]
customer_stats = nodata
customer_private = ignore
enjoy β€οΈππ»
GIT TOPIC
@undercodeTesting
@UNDERCODEHACKING
@undercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦MySQL Super Dump is a tool to efficiently create filtered and manipulated database dumps. It relies in the power of the SQL native language to do this, using WHERE clauses and complete SELECT statements with aliases to do this.
π¦ F E A T U R E S :
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) Install the latest Go compiler installed (check instructions at: http://golang.org)
2) Check you environment with go env:
The repository will be clones at $GOPATH/src/github.com/hgfischer/mysqlsuperdump
3) The binary will be installed in $GOBIN
4) Then run go get to download, build and install mysqlsuperdump: go get github.com/hgfischer/mysqlsuperdump
5) Create a config file based on example.cfg and place where you like it.
6) Run mysqlsuperdump -h to see command line options and voilΓ‘.
π¦Configuration Example
[mysql]
# See https://github.com/Go-SQL-Driver/MySQL for details on this
dsn = username:password@protocol(address)/dbname?charset=utf8
extended_insert_rows = 1000
#use_table_lock = true
max_open_conns = 50
# Use this to restrict exported data. These are optional
[where]
sales_order = created_at >= DATE_SUB(NOW(), INTERVAL 7 DAY)
customer_upload = created_at >= DATE_SUB(NOW(), INTERVAL 7 DAY)
newsletter_subscriber = created_at >= DATE_SUB(NOW(), INTERVAL 7 DAY)
# Use this to override value returned from tables. These are optional
[select]
system_user.salt = 'reset salt of all system users'
system_user.password = 'reset password of all system users'
customer.first_name = CONCAT('Charlie ', id)
customer.last_name = 'Last'
customer.salt = 'reset salt of all customers'
customer.password = 'reset password of all customers'
customer.username = CONCAT(id, '@fiction.tld')
customer.username_canonical = CONCAT(id, '@fiction.tld')
customer.email = CONCAT(id, '@fiction.tld')
customer.email_canonical = CONCAT(id, '@fiction.tld')
newsletter_subscriber.email = CONCAT(id, '@fiction.tld')
customer_address.recipient_name = CONCAT('Recipient Name ', id)
customer_address.company = CONCAT('Company Name ', id)
customer_address.phone = CONCAT('(', id, ') 1234-1234')
sales_order_address.recipient_name = CONCAT('Recipient Name ', id)
sales_order_address.company = CONCAT('Company Name ', id)
sales_order_address.phone = CONCAT('(', id, ') 1234-1234')
system_dump_version.created_at = NOW()
# Use this to filter entire table (ignore) or data only (nodata)
[filter]
customer_stats = nodata
customer_private = ignore
enjoy β€οΈππ»
GIT TOPIC
@undercodeTesting
@UNDERCODEHACKING
@undercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
go.dev
The Go Programming Language
Go is an open source programming language that makes it simple to build secure, scalable systems.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Samurai Web Testing Framework is a virtual machine that can run in VirtualBox and VMWare, It has been pre-configured to function as a penetration testing environment. It contains the best open source and free tools that focus on testing and attacking websites.
It also contains vulnerable web applications and scripts for practical application of penetration testing skills and testing tools designed to audit web application security.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/SamuraiWTF/samuraiwtf.git
2) cd samuraiwtf
3) cd /vagrant
4) ansible-playbook -i /etc/ansible/hosts install/tools.yml
5) From a command-line terminal in the project directory, run the command vagrant up. Then sit back and wait for it to finish.
6) (Optional) If you want to understand this process a little more, we have a video that discusses what is happening with more detail. It is listed as a free course on our training site: https://training.secureideas.com/course/foldingsteel/
enjoy β€οΈππ»
@undercodeTesting
#UndercodeHacking
@Undercodesecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Samurai Web Testing Framework is a virtual machine that can run in VirtualBox and VMWare, It has been pre-configured to function as a penetration testing environment. It contains the best open source and free tools that focus on testing and attacking websites.
It also contains vulnerable web applications and scripts for practical application of penetration testing skills and testing tools designed to audit web application security.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/SamuraiWTF/samuraiwtf.git
2) cd samuraiwtf
3) cd /vagrant
4) ansible-playbook -i /etc/ansible/hosts install/tools.yml
5) From a command-line terminal in the project directory, run the command vagrant up. Then sit back and wait for it to finish.
6) (Optional) If you want to understand this process a little more, we have a video that discusses what is happening with more detail. It is listed as a free course on our training site: https://training.secureideas.com/course/foldingsteel/
enjoy β€οΈππ»
@undercodeTesting
#UndercodeHacking
@Undercodesecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - SamuraiWTF/samuraiwtf: The main SamuraiWTF collaborative distro repo.
The main SamuraiWTF collaborative distro repo. Contribute to SamuraiWTF/samuraiwtf development by creating an account on GitHub.
Forwarded from UNDERCODE HACKING
Slurp β Amazon AWS S3 Bucket Enumerator.pdf
518.5 KB
-Scan via domain(s); you can target a single domain or a list of domains
-Scan via keyword(s); you can target a single keyword or a list of keywords
-Scan via AWS credentials; you can target your own AWS account to see which buckets have been exposed Colorized output for visual grep Currently generates over 28,000 permutations per domain and keyword Punycode support for internationalized domains
#Full with pictures
-Scan via keyword(s); you can target a single keyword or a list of keywords
-Scan via AWS credentials; you can target your own AWS account to see which buckets have been exposed Colorized output for visual grep Currently generates over 28,000 permutations per domain and keyword Punycode support for internationalized domains
#Full with pictures