β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Speedup internet via DNS :
A) ROUTER
If you're using a router for your office network DNS settingsβand you probably areβlog into it and find your DNS server settings. Once there, note down your existing DNS records and replace them with the following:
-For IPv4: 1.1.1.1 and 1.0.0.1
-For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
That's it. The next time your computers look up a website, they'll use the 1.1.1.1 DNS services.
B) WINDOWS
With Windows 10:
1) Click on the Start menu.
2) Click on the Settings icon.
3) Click on Network & Internet.
4) Click on Change adapter options.
5)Double-click on the active network adapter.
6)Write down any existing DNS server entries for future reference.
7)Click Use The Following DNS Server Addresses.
8)Replace those addresses with the 1.1.1.1 DNS addresses:
For IPv4: 1.1.1.1 and 1.0.0.1
For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
9) With Windows 7 and earlier, click on the Start menu, then click on Control Panel and follow these instructions:
10) Click on Network and Internet.
11) Click on Change Adapter Settings.
12) Right click on the Wi-Fi network you are connected to, then click Properties.
13) Select Internet Protocol Version 4 (or Version 6 if desired).
14) Click Properties.
15) Write down any existing DNS server entries for future reference.
16) Click Use The Following DNS Server Addresses.
17) Replace those addresses with the 1.1.1.1 DNS addresses:
For IPv4: 1.1.1.1 and 1.0.0.1
For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Speedup internet via DNS :
A) ROUTER
If you're using a router for your office network DNS settingsβand you probably areβlog into it and find your DNS server settings. Once there, note down your existing DNS records and replace them with the following:
-For IPv4: 1.1.1.1 and 1.0.0.1
-For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
That's it. The next time your computers look up a website, they'll use the 1.1.1.1 DNS services.
B) WINDOWS
With Windows 10:
1) Click on the Start menu.
2) Click on the Settings icon.
3) Click on Network & Internet.
4) Click on Change adapter options.
5)Double-click on the active network adapter.
6)Write down any existing DNS server entries for future reference.
7)Click Use The Following DNS Server Addresses.
8)Replace those addresses with the 1.1.1.1 DNS addresses:
For IPv4: 1.1.1.1 and 1.0.0.1
For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
9) With Windows 7 and earlier, click on the Start menu, then click on Control Panel and follow these instructions:
10) Click on Network and Internet.
11) Click on Change Adapter Settings.
12) Right click on the Wi-Fi network you are connected to, then click Properties.
13) Select Internet Protocol Version 4 (or Version 6 if desired).
14) Click Properties.
15) Write down any existing DNS server entries for future reference.
16) Click Use The Following DNS Server Addresses.
17) Replace those addresses with the 1.1.1.1 DNS addresses:
For IPv4: 1.1.1.1 and 1.0.0.1
For IPv6: 2606:4700:4700::1111 and 2606:4700:4700::1001
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A GOOD 2020 of LIST TERMUX-LINUX TOOLS :
- Threadtear - Multifunctional Java Deobfuscation Tool Suite
- Wifipumpkin3 - Powerful Framework For Rogue Access Point Attack
- Catchyou - FUD Win32 Msfvenom Payload Generator
- PayloadsAllTheThings - A List Of Useful Payloads And Bypass For Web Application Security And Pentest/CTF
- Exegol - Exegol Is A Kali Light Base With A Few Useful Additional Tools And Some Basic Configuration
- GDBFrontend - An Easy, Flexible And Extensionable GUI Debugger
- Shellerator - Simple CLI Tool For The Generation Of Bind And Reverse Shells In Multiple Languages
- Powerob - An On-The-Fly Powershell Script Obfuscator Meant For Red Team Engagements
- How to Set Up a VPN on Kodi in 2 Minutes or Less
- PowerSploit - A PowerShell Post-Exploitation Framework
- HiveJack - This Tool Can Be Used During Internal Penetration Testing To Dump Windows Credentials From An Already-Compromised Host
- Nexphisher - Advanced Phishing Tool For Linux & Termux
- TorghostNG - Make All Your Internet Traffic Anonymized Through Tor Network
- Sshprank - A Fast SSH Mass-Scanner, Login Cracker And Banner Grabber Tool Using The Python-Masscan Module
- Generator-Burp-Extension - Everything You Need About Burp Extension Generation
- Parsec - Secure Cloud Framework
- Invoker - Penetration Testing Utility
- Authelia - The Single Sign-On Multi-Factor Portal For Web Apps
- OSSEM - A Tool To Assess Data Quality
- Klar - Integration Of Clair And Docker Registry
- Powershell-Reverse-Tcp - PowerShell Script For Connecting To A Remote Host.
from git 2020β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦A GOOD 2020 of LIST TERMUX-LINUX TOOLS :
- Threadtear - Multifunctional Java Deobfuscation Tool Suite
- Wifipumpkin3 - Powerful Framework For Rogue Access Point Attack
- Catchyou - FUD Win32 Msfvenom Payload Generator
- PayloadsAllTheThings - A List Of Useful Payloads And Bypass For Web Application Security And Pentest/CTF
- Exegol - Exegol Is A Kali Light Base With A Few Useful Additional Tools And Some Basic Configuration
- GDBFrontend - An Easy, Flexible And Extensionable GUI Debugger
- Shellerator - Simple CLI Tool For The Generation Of Bind And Reverse Shells In Multiple Languages
- Powerob - An On-The-Fly Powershell Script Obfuscator Meant For Red Team Engagements
- How to Set Up a VPN on Kodi in 2 Minutes or Less
- PowerSploit - A PowerShell Post-Exploitation Framework
- HiveJack - This Tool Can Be Used During Internal Penetration Testing To Dump Windows Credentials From An Already-Compromised Host
- Nexphisher - Advanced Phishing Tool For Linux & Termux
- TorghostNG - Make All Your Internet Traffic Anonymized Through Tor Network
- Sshprank - A Fast SSH Mass-Scanner, Login Cracker And Banner Grabber Tool Using The Python-Masscan Module
- Generator-Burp-Extension - Everything You Need About Burp Extension Generation
- Parsec - Secure Cloud Framework
- Invoker - Penetration Testing Utility
- Authelia - The Single Sign-On Multi-Factor Portal For Web Apps
- OSSEM - A Tool To Assess Data Quality
- Klar - Integration Of Clair And Docker Registry
- Powershell-Reverse-Tcp - PowerShell Script For Connecting To A Remote Host.
from git 2020β
β β β Uππ»βΊπ«Δπ¬πβ β β β
KitPloit - PenTest & Hacking Tools
Threadtear - Multifunctional Java Deobfuscation Tool Suite
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Explain Filezilla server privilege escalation :
Server privilege escalation is abbreviated as privilege escalation, which refers to the promotion of the original 80 port low privileges, such as ordinary network privileges, to system privileges, thereby obtaining all control rights of the server.
Rights escalation can be roughly divided into three types, namely:
1) Stack Overflow executes arbitrary code;
2) Uses existing running software with system permissions;
3) Matches the password of the administrator account through social engineering.
> This undercode tutorial is talking about the second type, using the existing system permission program Filezilla to obtain permissions.
4) Filezilla is the same as a normal Web site. The front desk has a normal FTP account to perform upload, download, delete and other actions, while the backend has an administrator console to set the front desk account and account permissions.
5) The foreground is port 21, and the background is port 14147 by default. Our method of escalation is to illegally connect directly to port 14147, illegally log in to the remote Filezilla, and create an FTP account with all the permissions of the hard disk directory.
6) Confirm that the server is running Filezilla and port 14147 is opened, the steps are as follows:
7) The first step is to find the Filezilla directory. If you can't find it, just guess.
I directly packaged the entire filezilla directory and downloaded it, running on a remote independent ip server, and the connection port was changed from 14147 to 4444
The second step is to run lcx on the independent IP server to monitor and forward the port
> lcx -l 3333 4444
8) The third step is to run Filezilla on an independent ip server, and the connection port is 4444
& now you can see pass
9) The fourth step is to use Filezilla to create an account with C drive permissions. You must have the permissions to read, write, create, delete.
10) If the network speed is unstable and the account creation fails, you can select one option and confirm it once, then reopen the settings card and select the next option.
11) Now as long as you connect to FTP and replace sethc.exe, you can log in with 3389 connection and 5 shifts.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Explain Filezilla server privilege escalation :
Server privilege escalation is abbreviated as privilege escalation, which refers to the promotion of the original 80 port low privileges, such as ordinary network privileges, to system privileges, thereby obtaining all control rights of the server.
Rights escalation can be roughly divided into three types, namely:
1) Stack Overflow executes arbitrary code;
2) Uses existing running software with system permissions;
3) Matches the password of the administrator account through social engineering.
> This undercode tutorial is talking about the second type, using the existing system permission program Filezilla to obtain permissions.
4) Filezilla is the same as a normal Web site. The front desk has a normal FTP account to perform upload, download, delete and other actions, while the backend has an administrator console to set the front desk account and account permissions.
5) The foreground is port 21, and the background is port 14147 by default. Our method of escalation is to illegally connect directly to port 14147, illegally log in to the remote Filezilla, and create an FTP account with all the permissions of the hard disk directory.
6) Confirm that the server is running Filezilla and port 14147 is opened, the steps are as follows:
7) The first step is to find the Filezilla directory. If you can't find it, just guess.
I directly packaged the entire filezilla directory and downloaded it, running on a remote independent ip server, and the connection port was changed from 14147 to 4444
The second step is to run lcx on the independent IP server to monitor and forward the port
> lcx -l 3333 4444
8) The third step is to run Filezilla on an independent ip server, and the connection port is 4444
& now you can see pass
9) The fourth step is to use Filezilla to create an account with C drive permissions. You must have the permissions to read, write, create, delete.
10) If the network speed is unstable and the account creation fails, you can select one option and confirm it once, then reopen the settings card and select the next option.
11) Now as long as you connect to FTP and replace sethc.exe, you can log in with 3389 connection and 5 shifts.
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Hacking_with_ZANTI_The_mobile_pentesting_Toolkit_2019_latest_update.pdf
3.3 MB
Letβs first see what exactly can you do using zANTI
1. Hijack HTTP Sessions via MITM 2. Capture Downloads 3. Modify HTTP requests and responses via MITM 4. Exploit routers 5. Hack Passwords 6. Check a Device for Shellshock and SSL Poodle Vulnerabilities 7. Do a nmap detailed scan
1. Hijack HTTP Sessions via MITM 2. Capture Downloads 3. Modify HTTP requests and responses via MITM 4. Exploit routers 5. Hack Passwords 6. Check a Device for Shellshock and SSL Poodle Vulnerabilities 7. Do a nmap detailed scan
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Nmap ("Network Mapper") tutorial termux
1) apt install nmap (linux)
2) pkg get nmap (termux)
3) to start Nmap simply type and hit enter.
4) type nmap
you will get options for scanning.
5) now you can use nmap using commands like.
nmap -v -A 204.14.72.187
6) spoof or decoy scan
Nmap allows us to use decoy IP addresses in order that it's like many IP addresses are scanning the target.
When we are scanning machines that aren't ours, we frequently want to cover our IP (our identity). Obviously, every packet must contain our source address alternatively the response from the target system won't know where to return to.
nmap -sS 192.168.0.0 -D 10.0.0.1,10.0.0.2,10.0.0.4
7) Output to a File
many times we need output of scans for later references and use with other tools. to save lots of output in NMAP simply use -oN switch.
add -oN command and after that name of the file you want to output in. Here, I have used a file named "nmapscan.txt"
nmap -sS 192.168.89.191 -oN nmapscan
now cat this output to see what's in it using the command
> cat nmapscan
8) ARP scan (Address Resolution Protocol) :
> nmap --arp-type ARP (target IP)
9) TCP connect scan:
nmap -sT (IP address)
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Nmap ("Network Mapper") tutorial termux
1) apt install nmap (linux)
2) pkg get nmap (termux)
3) to start Nmap simply type and hit enter.
4) type nmap
you will get options for scanning.
5) now you can use nmap using commands like.
nmap -v -A 204.14.72.187
6) spoof or decoy scan
Nmap allows us to use decoy IP addresses in order that it's like many IP addresses are scanning the target.
When we are scanning machines that aren't ours, we frequently want to cover our IP (our identity). Obviously, every packet must contain our source address alternatively the response from the target system won't know where to return to.
nmap -sS 192.168.0.0 -D 10.0.0.1,10.0.0.2,10.0.0.4
7) Output to a File
many times we need output of scans for later references and use with other tools. to save lots of output in NMAP simply use -oN switch.
add -oN command and after that name of the file you want to output in. Here, I have used a file named "nmapscan.txt"
nmap -sS 192.168.89.191 -oN nmapscan
now cat this output to see what's in it using the command
> cat nmapscan
8) ARP scan (Address Resolution Protocol) :
> nmap --arp-type ARP (target IP)
9) TCP connect scan:
nmap -sT (IP address)
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Detecting_malicious_downloads_with_Osquery,_Rsyslog,_Kafka,_Python3.pdf
1.4 MB
-Learning to use Kafka with Python Learn
-how to leverage VirusTotal to detect malicious files Deploying Kafka and Rsyslog server on Docker
-how to leverage VirusTotal to detect malicious files Deploying Kafka and Rsyslog server on Docker
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#forbeginers Google AdSense allows modification of Western Unionβs phonetic name
> In the Google AdSense account settings, our pinyin name is always set upside down for us. According to the custom of foreign countries, the surname is always placed after the name, so we always hit a wall when we withdraw money in Western Union. According to many people's feedback, GG finally made today's decision to allow the modification of Western Union's phonetic name.
> The following is the content announced on the GG official website: Since the opening of Western Union, many publishers need to write us an email to modify the pinyin name to receive payment. In order to facilitate the smooth withdrawal of funds from publishers, we are happy to inform you that now you can directly modify the pinyin name in your account!
The modification steps are very simple:
1οΈβ£ Log in to your AdSense account and click on the My Account link.
2οΈβ£ Click the edit link next to the payment details.
3οΈβ£Select Set up Western Union Quick Cash and click Continue.
Then you will see the page to modify the pinyin name: you only need to fill in the pinyin of your name in the corresponding box, the case of the pinyin has no effect, but do not add spaces between the names.
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#forbeginers Google AdSense allows modification of Western Unionβs phonetic name
> In the Google AdSense account settings, our pinyin name is always set upside down for us. According to the custom of foreign countries, the surname is always placed after the name, so we always hit a wall when we withdraw money in Western Union. According to many people's feedback, GG finally made today's decision to allow the modification of Western Union's phonetic name.
> The following is the content announced on the GG official website: Since the opening of Western Union, many publishers need to write us an email to modify the pinyin name to receive payment. In order to facilitate the smooth withdrawal of funds from publishers, we are happy to inform you that now you can directly modify the pinyin name in your account!
The modification steps are very simple:
1οΈβ£ Log in to your AdSense account and click on the My Account link.
2οΈβ£ Click the edit link next to the payment details.
3οΈβ£Select Set up Western Union Quick Cash and click Continue.
Then you will see the page to modify the pinyin name: you only need to fill in the pinyin of your name in the corresponding box, the case of the pinyin has no effect, but do not add spaces between the names.
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST 2020 IDE FOR ANDROID :
https://play.google.com/store/apps/details?id=ch.tanapro.JavaIDEdroid
https://play.google.com/store/apps/details?id=air.JavaEditor
https://play.google.com/store/apps/details?id=com.aor.droidedit&feature=also_installed
https://play.google.com/store/apps/details?id=org.pocketworkstation.pckeyboard
https://play.google.com/store/apps/details?id=com.paprbit.dcoder
https://play.google.com/store/apps/details?id=twig.nguyen.codepeeker.pro
https://play.google.com/store/apps/details?id=com.aide.ui
https://play.google.com/store/apps/details?id=com.majosoft.anacode
https://play.google.com/store/apps/details?id=com.henrythompson.quoda
https://play.google.com/store/apps/details?id=com.duy.compiler.javanide
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦BEST 2020 IDE FOR ANDROID :
https://play.google.com/store/apps/details?id=ch.tanapro.JavaIDEdroid
https://play.google.com/store/apps/details?id=air.JavaEditor
https://play.google.com/store/apps/details?id=com.aor.droidedit&feature=also_installed
https://play.google.com/store/apps/details?id=org.pocketworkstation.pckeyboard
https://play.google.com/store/apps/details?id=com.paprbit.dcoder
https://play.google.com/store/apps/details?id=twig.nguyen.codepeeker.pro
https://play.google.com/store/apps/details?id=com.aide.ui
https://play.google.com/store/apps/details?id=com.majosoft.anacode
https://play.google.com/store/apps/details?id=com.henrythompson.quoda
https://play.google.com/store/apps/details?id=com.duy.compiler.javanide
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Google Play
JavaIDEdroid - Apps on Google Play
Develop Android and Java applications on Android devices
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦now avaible for termux facebook account information gathering :
1) $ pkg update upgrade
2) $ pkg install git python2
3) $ git clone https://github.com/ciku370/OSIF
4) $ cd OSIF
5) $ pip2 install -r requirements.txt
6) $ python2 osif.py
7) if you are confused how to use it, please type 'help' to display the help menu
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦now avaible for termux facebook account information gathering :
1) $ pkg update upgrade
2) $ pkg install git python2
3) $ git clone https://github.com/ciku370/OSIF
4) $ cd OSIF
5) $ pip2 install -r requirements.txt
6) $ python2 osif.py
7) if you are confused how to use it, please type 'help' to display the help menu
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - jsonluca/OSIF: Open Source Information Facebook
Open Source Information Facebook. Contribute to jsonluca/OSIF development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦methods to solve blocked IP (website)
1οΈβ£Method 1.
Due to the company's project needs, we have collected Google map data and some large-scale website data.
The experience is as follows:
1. IP must be required, as @alswl said is very correct, ADSL. If you have the conditions, you can actually apply for extra IP from the computer room.
2. Deploy a proxy server on the machine with an external network IP.
3. Your program uses rotation training to replace the proxy server to access the website you want to collect.
Benefits:
1. The program logic changes little, only the agent function is needed.
2. According to the blocking rules of the other party's website, you only need to add more agents.
3. Even if the specific IP is blocked, you can directly log off the proxy server and it will be OK, and the program logic does not need to be changed.
2οΈβ£Method 2.
Some websites have weak preventive measures. You can disguise the IP and modify the X-Forwarded-for (it looks like this spelling...) to bypass it.
For most websites, if you want to crawl frequently, you still need more IPs. The solution I prefer is that foreign VPSs are equipped with multiple IPs, and IP switching is realized through default gateway switching, which is much more efficient than HTTP proxy, and is estimated to be more efficient than ADSL switching in most cases.
3οΈβ£Method 3.
ADSL + script, monitor whether it is blocked, and then constantly switch ip
settings to query frequency limits. The
orthodox approach is to call the service interface provided by the website.
4οΈβ£Method 4. People
with more than 8 years of crawling experience tell you that domestic ADSL is the kingly way. Apply for more lines and distribute them in different telecommunications districts. It is better to be able to cross provinces and cities. Write your own disconnection redial components. Write your own dynamic IP tracking service, remote hardware reset (mainly for ADSL modems to prevent its downtime), other task allocation, data recovery, are not a big problem. Mine has been running stably for several years, and it's done!
5οΈβ£Method 5.
1 User agent disguise and rotation
2 Use proxy ip and rotation
3 Cookies processing, some websites have a looser policy on login users.
Friendly reminder: Consider the burden of crawlers on other websites, be a responsible crawler :)
6οΈβ£Method 6.
As much as possible The simulated user behavior:
1. The UserAgent is changed frequently;
2. The visit time interval is set longer, and the visit time is set to a random number;
3. The order of visiting pages can also be random.
7οΈβ£Method 7
The basis for website blocking is generally unit The number of visits to a specific IP within a period of time.
I group the collected tasks according to the IP of the target site by controlling the number of tasks sent by each IP in a unit time to avoid being blocked. Of course, the premise is that you collect a lot Website. If you only collect one website, it can only be achieved through multiple external IPs.
6οΈβ£Method 8
1. Pressure control on crawler crawling;
2. You can consider using a proxy to access the target site.
-Reduce the frequency of crawling, set a longer time, and use random numbers for access time
-Switch UserAgent frequently (simulate browser access)-Multi
-page data, random access and then grab data
-Change user IP
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦methods to solve blocked IP (website)
1οΈβ£Method 1.
Due to the company's project needs, we have collected Google map data and some large-scale website data.
The experience is as follows:
1. IP must be required, as @alswl said is very correct, ADSL. If you have the conditions, you can actually apply for extra IP from the computer room.
2. Deploy a proxy server on the machine with an external network IP.
3. Your program uses rotation training to replace the proxy server to access the website you want to collect.
Benefits:
1. The program logic changes little, only the agent function is needed.
2. According to the blocking rules of the other party's website, you only need to add more agents.
3. Even if the specific IP is blocked, you can directly log off the proxy server and it will be OK, and the program logic does not need to be changed.
2οΈβ£Method 2.
Some websites have weak preventive measures. You can disguise the IP and modify the X-Forwarded-for (it looks like this spelling...) to bypass it.
For most websites, if you want to crawl frequently, you still need more IPs. The solution I prefer is that foreign VPSs are equipped with multiple IPs, and IP switching is realized through default gateway switching, which is much more efficient than HTTP proxy, and is estimated to be more efficient than ADSL switching in most cases.
3οΈβ£Method 3.
ADSL + script, monitor whether it is blocked, and then constantly switch ip
settings to query frequency limits. The
orthodox approach is to call the service interface provided by the website.
4οΈβ£Method 4. People
with more than 8 years of crawling experience tell you that domestic ADSL is the kingly way. Apply for more lines and distribute them in different telecommunications districts. It is better to be able to cross provinces and cities. Write your own disconnection redial components. Write your own dynamic IP tracking service, remote hardware reset (mainly for ADSL modems to prevent its downtime), other task allocation, data recovery, are not a big problem. Mine has been running stably for several years, and it's done!
5οΈβ£Method 5.
1 User agent disguise and rotation
2 Use proxy ip and rotation
3 Cookies processing, some websites have a looser policy on login users.
Friendly reminder: Consider the burden of crawlers on other websites, be a responsible crawler :)
6οΈβ£Method 6.
As much as possible The simulated user behavior:
1. The UserAgent is changed frequently;
2. The visit time interval is set longer, and the visit time is set to a random number;
3. The order of visiting pages can also be random.
7οΈβ£Method 7
The basis for website blocking is generally unit The number of visits to a specific IP within a period of time.
I group the collected tasks according to the IP of the target site by controlling the number of tasks sent by each IP in a unit time to avoid being blocked. Of course, the premise is that you collect a lot Website. If you only collect one website, it can only be achieved through multiple external IPs.
6οΈβ£Method 8
1. Pressure control on crawler crawling;
2. You can consider using a proxy to access the target site.
-Reduce the frequency of crawling, set a longer time, and use random numbers for access time
-Switch UserAgent frequently (simulate browser access)-Multi
-page data, random access and then grab data
-Change user IP
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦[5G Core Network] Deregistration procedures
we should write & send this one in 2021 :)
1) Deregistratio Request
The UE sends a NAS message deregistration request (5G-GUTI, Deregistration type (eg Switch off), Access Type) to the AMF. The UE has a logical connection to the AMF and needs to go through the RAN
> Access type indicates whether the logout process is applicable to 3GPP access, non-3GPP access, or applicable to both types of access served by the same AMF (see TS 23.501 [2]). AMF will call the logout procedure for the target access indicated by the UE.
2) Nsmf_PDUSession_ReleaseSMContext Request
[Conditional] AMF to SMF, Comprehensive, SUPI, PDU Session ID
If the UE has no established PDU session on the target access indicated in step 1, steps 2 to 5 are not executed. For each PDU session, AMF sends a Nsmf_PDUSession_ReleaseSMContext request (SUPI, PDU Session ID) message to SMF to release all PDU sessions belonging to UE's target access to SMF.
3) SMF releases all resources
[Conditional] AMF to SMF, the IP address/prefix assigned to the PDU session and releasing the corresponding user plane resources:
a) N4 Session Release Request
[Conditional] SMF to UPF, SMF sends the N4 Session Release Request (N4 Session ID) message to the UPF of the PDU session. UPF will discard all remaining data packets of the PDU session and release all tunnel resources and contexts related to the N4 session.
b) N4 Session Release Response
[Conditional] UPF to SMF, UPF confirms the N4 session release request by sending the N4 Session Release Response (N4 Session ID) message to the SMF.
4) Nsmf_PDUSession_ReleaseSMContext Response
[Conditional] SMF to AMF, SMF responds with Nsmf_PDUSession_ReleaseSMContext
a) SM Policy Association Termnation
[Conditional] If the dynamic PCC applies the session, the SMF will execute the SM policy association termination process defined in Section 4.16.6.
b-c) Nudm_SDM_Unsubscribe Nudm_UECM Deregistration
[Conditional] If it is the last PDU session that the SMF is processing for the UE associated (DNN, S-NSSAI), the SMF unsubscribes the session management subscription data change notification from the UDM through the Nudm_SDM_Unsubscribe service operation. SMF calls the Nudm_UECM_Deregistration service operation so that UDM deletes the association between the SMF ID stored in the SMF and the associated DNN and PDU session ID.
6) AMF-initiated AM Policy Association Termination
[Conditional] If there is any association with this UE and PCF, and the UE is no longer registered through any access, AMF executes the AM policy association termination process initiated by AMF defined in section 4.16.3.2, and deletes the association with PCF .
a) AMF-initiated UE Policy Association Termination
[Conditional] If there is any association with this UE and PCF, and the UE is no longer registered through any access, AMF executes the AM policy association termination process initiated by AMF defined in section 4.16.3.2, and deletes the association with PCF .
7) De-registration Accept
[Conditional] AMF to UE, AMF will send the NAS message "Logout Accept" to the UE according to the logout type, that is, if the logout type is "Off", AMF will not send the "Logout Accept" message.
8) Signaling Connection Release
[Conditional] AMF to ANοΌ N2 UE Context Release Request (Cause)
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦[5G Core Network] Deregistration procedures
we should write & send this one in 2021 :)
1) Deregistratio Request
The UE sends a NAS message deregistration request (5G-GUTI, Deregistration type (eg Switch off), Access Type) to the AMF. The UE has a logical connection to the AMF and needs to go through the RAN
> Access type indicates whether the logout process is applicable to 3GPP access, non-3GPP access, or applicable to both types of access served by the same AMF (see TS 23.501 [2]). AMF will call the logout procedure for the target access indicated by the UE.
2) Nsmf_PDUSession_ReleaseSMContext Request
[Conditional] AMF to SMF, Comprehensive, SUPI, PDU Session ID
If the UE has no established PDU session on the target access indicated in step 1, steps 2 to 5 are not executed. For each PDU session, AMF sends a Nsmf_PDUSession_ReleaseSMContext request (SUPI, PDU Session ID) message to SMF to release all PDU sessions belonging to UE's target access to SMF.
3) SMF releases all resources
[Conditional] AMF to SMF, the IP address/prefix assigned to the PDU session and releasing the corresponding user plane resources:
a) N4 Session Release Request
[Conditional] SMF to UPF, SMF sends the N4 Session Release Request (N4 Session ID) message to the UPF of the PDU session. UPF will discard all remaining data packets of the PDU session and release all tunnel resources and contexts related to the N4 session.
b) N4 Session Release Response
[Conditional] UPF to SMF, UPF confirms the N4 session release request by sending the N4 Session Release Response (N4 Session ID) message to the SMF.
4) Nsmf_PDUSession_ReleaseSMContext Response
[Conditional] SMF to AMF, SMF responds with Nsmf_PDUSession_ReleaseSMContext
a) SM Policy Association Termnation
[Conditional] If the dynamic PCC applies the session, the SMF will execute the SM policy association termination process defined in Section 4.16.6.
b-c) Nudm_SDM_Unsubscribe Nudm_UECM Deregistration
[Conditional] If it is the last PDU session that the SMF is processing for the UE associated (DNN, S-NSSAI), the SMF unsubscribes the session management subscription data change notification from the UDM through the Nudm_SDM_Unsubscribe service operation. SMF calls the Nudm_UECM_Deregistration service operation so that UDM deletes the association between the SMF ID stored in the SMF and the associated DNN and PDU session ID.
6) AMF-initiated AM Policy Association Termination
[Conditional] If there is any association with this UE and PCF, and the UE is no longer registered through any access, AMF executes the AM policy association termination process initiated by AMF defined in section 4.16.3.2, and deletes the association with PCF .
a) AMF-initiated UE Policy Association Termination
[Conditional] If there is any association with this UE and PCF, and the UE is no longer registered through any access, AMF executes the AM policy association termination process initiated by AMF defined in section 4.16.3.2, and deletes the association with PCF .
7) De-registration Accept
[Conditional] AMF to UE, AMF will send the NAS message "Logout Accept" to the UE according to the logout type, that is, if the logout type is "Off", AMF will not send the "Logout Accept" message.
8) Signaling Connection Release
[Conditional] AMF to ANοΌ N2 UE Context Release Request (Cause)
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
Using Pastebin Sites for Pen Testing Reconnaissance.pdf
115.7 KB
the text-sharing sites mentioned above in your search, mining them for records related to the target, such as:
1) Stolen data, such as credit card numbers or PII Source code snippets that might reveal website inner-workings
2) Conguration details of network devices
3)Employee names, contact details and job functions
1) Stolen data, such as credit card numbers or PII Source code snippets that might reveal website inner-workings
2) Conguration details of network devices
3)Employee names, contact details and job functions
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Tribler is a torrent that cannot be blocked
> The Netherlands has developed a torrent network that cannot be blocked. The founder and project manager, Professor Johan Puvelse, said that in order to disable Tribler, all you need to do is turn off the entire Internet, and the network itself will exist as long as at least one computer is connected to it.
> The impossibility of blocking it is due to the lack of central servers, and the search for information occurs without referring to indexing sites. Tribler is completely built on the idea of ββdirect communication between clients and does not depend on central servers. The built-in network of anonymizers is responsible for the safety of users, similar in principle to Tor, which allows you to bypass the restrictions of cellular operators on unlimited tariffs.
> The application establishes contact with several pre-configured clients (peers) and asks them for information about available torrents, as well as a list of associated clients. The procedure is repeated again for new clients, and over time a database of active clients and their torrents is accumulated.
> To catalog torrents, Tribler uses channels, which are lists of torrents grouped by other users according to some criteria. Each channel has a rating that is determined by the users themselves. The application filters out channels with the lowest ratings, which helps to fight spam and low-quality content. All channels and torrents participate in the search, which allows you to quickly find the data you need in the Tribler network.
> Tribler is an open source software that can be found on github under the open developer profile. The client itself is fully available on the official website of the developer tribler.org .
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Tribler is a torrent that cannot be blocked
> The Netherlands has developed a torrent network that cannot be blocked. The founder and project manager, Professor Johan Puvelse, said that in order to disable Tribler, all you need to do is turn off the entire Internet, and the network itself will exist as long as at least one computer is connected to it.
> The impossibility of blocking it is due to the lack of central servers, and the search for information occurs without referring to indexing sites. Tribler is completely built on the idea of ββdirect communication between clients and does not depend on central servers. The built-in network of anonymizers is responsible for the safety of users, similar in principle to Tor, which allows you to bypass the restrictions of cellular operators on unlimited tariffs.
> The application establishes contact with several pre-configured clients (peers) and asks them for information about available torrents, as well as a list of associated clients. The procedure is repeated again for new clients, and over time a database of active clients and their torrents is accumulated.
> To catalog torrents, Tribler uses channels, which are lists of torrents grouped by other users according to some criteria. Each channel has a rating that is determined by the users themselves. The application filters out channels with the lowest ratings, which helps to fight spam and low-quality content. All channels and torrents participate in the search, which allows you to quickly find the data you need in the Tribler network.
> Tribler is an open source software that can be found on github under the open developer profile. The client itself is fully available on the official website of the developer tribler.org .
@undercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β