▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BEST SITES FOR PREMIUM PROXIES 2020 :

https://us.norton.com/internetsecurity-emerging-threats-what-to-do-about-krack-vulnerability.html

https://www.namogoo.com/customer-hijacking-prevention/wifi-router-hacked-impact-ecommerce/

http://adios-hola.org/

http://buyproxies.org/

https://instantproxies.com/

https://www.proxyfish.com/

https://proxyvoxy.com/?fbclid=IwAR0SYwfy1eVnAEQU8sIxi5yaS4iiVlPRGJ7TdAGLPa71RzTYPlCyvB0UZoY?fbclid=IwAR0SYwfy1eVnAEQU8sIxi5yaS4iiVlPRGJ7TdAGLPa71RzTYPlCyvB0UZoY

https://www.hidemyass.com/en-gb/index

https://www.tunnelbear.com/

https://www.openproxy.co/

https://www.xroxy.com/

https://tuxler.com/

https://generatepress.com

enjoy❤️👍🏻
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

#full with pictures

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑updated 2020 HACKING TOOL (TERMUX/LINUX)

DNSRecon is a Python port of a Ruby script that I wrote to learn the language and about DNS in early . This time I wanted to learn about Python and extend the functionality of the original tool and in the process re-learn how DNS works and how could it be used in the process of a security assessment and network troubleshooting.

🦑F E A T U R E S :

-Check all NS Records for Zone Transfers.

-Enumerate General DNS Records for a given

-Domain (MX, SOA, NS, A, AAAA, SPF and TXT).

-Perform common SRV Record Enumeration.

-Top Level Domain (TLD) Expansion.

-Check for Wildcard Resolution.

-Brute Force subdomain and host A and AAAA

-records given a domain and a wordlist.

-Perform a PTR Record lookup for a given IP Range or CIDR.

-Check a DNS Server Cached records for A, AAAA and

-CNAME Records provided a list of host records in a text file to check.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣ Ubuntu / Debian / Backtrack
Installation instructions for Ubuntu 10.10 they should work with little to no modification on previous versions. Install needed packages, for Backtrack you only need to install git-core:

1) $ sudo apt-get install libavahi-compat-libdnssd1 git-core

2) $ sudo apt-get install python-setuptools
Once those packages are installed we will install the supporting libraries for python to be able to run the script:

3) $ sudo easyinstall netaddr

4) $ sudo easyinstall dnspython

5) Navigate to the folder you want to install the DNSRecon script and run the following command to download the script and files:

$ git clone git://github.com/darkoperator/dnsrecon.git

6) To keep the script and associated files updated just navigate into the dnsrecon folder and run:

$ git pull

FOR CENTOS : https://github.com/darkoperator/dnsrecon/wiki/Installation-Instructions


✅git topic 2020
enjoy❤️👍🏻
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Updated list Twitter Followers apps
& tools 2020

https://mytoptweet.com
http://www.socialbro.com/
http://crowdriff.com/riffle/
http://www.twitonomy.com/
https://klout.com/#/overview
http://sumall.com
https://www.socialrank.com/
http://klear.com/
http://bluenod.com/
http://analytics.twitter.com/
http://www.socialbearing.com/
https://itunes.apple.com/us/app/stats-for-twitter/id984958311?ref=producthunt
https://buffer.com/library/best-twitter-tips/
http://www.beatstrap.me/
http://www.tweetchat.com/
http://chatsalad.com/
http://twubs.com/twitter-chats
http://nurph.com/
http://twchat.com/
http://nuzzel.com/
http://buzzsumo.com/
http://www.swayy.co/#content
https://buffer.com/library/shareable-content-newsletters-and-tools/
http://twipho.net/
http://blog.digg.com/post/91454524841/digg-deeper
http://www.news.me/
http://latest.is/
http://twurly.org/
https://filta.io/
http://thehash.today/?ref=producthunt
http://www.brookdaily.com/
https://www.crowdfireapp.com/
http://manageflitter.com/
http://www.tweepi.com/
https://unfollowers.com/
http://doesfollow.com/
https://buffer.com/library/the-skrillex-way-of-content-ebbs-and-flows-build-and-drop/
https://commun.it/quick_actions
http://tuns.it/?ref=producthunt
http://twindr.me/?ref=producthunt
https://toolset.co
http://www.linkreaser.com/
http://followfly.co/
https://ritetag.com/
https://buffer.com/library/a-scientific-guide-to-hashtags-which-ones-work-when-and-how-many/
http://hashtagify.me/
http://seen.co/
https://tagboard.com/
https://buffer.com/pablo
http://www.tryspruce.com/?ref=producthunt
http://www.twitshot.com/?ref=producthunt
https://shareasimage.com/
http://getfinch.es/
https://warble.co/
http://keyhole.co/
http://onemilliontweetmap.com/
https://www.twilert.com/
https://en.mention.com/
http://mentionmapp.com/
http://twazzup.com/
http://bufferapp.com
http://hootsuite.com
http://sproutsocial.com
http://tweet4.me/
https://t.co/wIhlmwNgGG
http://www.tweriod.com/
http://trends24.in/
http://trendsmap.com/
http://itrended.com
https://tweetdeck.twitter.com/
https://sites.google.com/site/yorufukurou/home-en
http://kottke.org/14/07/the-last-of-the-great-twitter-apps

✅2020
enjoy❤️👍🏻
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑another methode #forbeginers how can we protect the security of shared folders in the local area network? This requires the following means:

When setting access permissions for shared folders, set important shared files as read-only.

1) Most of the time, users only need to view or copy the shared file, and often do not directly modify the shared folder. However, for convenience, some employees directly share a folder and file in a readable and writable manner. This is very dangerous.

2) On the one hand, these unrestricted shared file homes and shared files have become carriers of virus transmission. During my work, I discovered that some users do not have permission restrictions when sharing files. After some time, I went to look at the shared file again, and found that there were traces of viruses or Trojan horses in some shared files or shared folders.

3) It turns out that because this shared folder has write permissions, how other users open this file, if there is a virus or Trojan horse in this computer, it will be infected to this shared folder. In this way, other computers that access this shared folder are also caught. It can be seen that the shared folders without protection measures and the shared files inside have become a good carrier for virus transmission.

4) On the other hand, when the data is changed illegally, it is difficult to find out who is playing the prank. Although the relevant log information can be used to query who has accessed the shared file and whether any changes have been made. However, based on this information alone, it is impossible to know what changes the user made to this shared folder.

5) Sometimes, when we open a shared file, we accidentally press a space bar or a character key, accidentally overwrite a word, etc. These situations are often encountered in actual work. Sometimes, even if he finds the responsible person, he doesn't know what has been changed. Therefore, when the shared file is set to be writable, it is difficult to prevent employees from changing it intentionally or unintentionally.

6) Third, if files are shared in a writable way, the unity of data may not be guaranteed. For example, the personnel department has shared an attendance file in a readable and writable manner. At this time, if the financial department modifies this document, the personnel department does not know. Because the financial staff may forget to tell the personnel department, at this time, the data between the two departments will be inconsistent, which may cause some unnecessary troubles.

>Moreover, since there is no relevant evidence, no one can tell who is right and who is wrong.

7) In order to solve these problems, I suggest that corporate users, when sharing folders, it is best to set the permissions of the folder to read-only. If this shared folder sometimes needs to save files in this folder by other users, it cannot be set as read-only. Then we can also set the files in the shared folder as read-only.

> In this case, because the folders are read-only, viruses and Trojan horses cannot infect these folders, thereby avoiding being a source of contamination for spreading viruses; moreover, it can also prevent unauthorized changes by users, which may lead to inconsistent data. and many more.

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 powerfull multi tools :

F E A T U R E S :


WHOIS

DNSWALK

FIERCE

DNSRecon

DNSenum

NMAP

DMitry

theHarvester

LBD

SSLScan

SSLYze

WhatWeb

Automater

Grabber

Parsero

Uniscan

Metagoofil

A2SV

WPScan

Droopescan

WPSeku

XssPy

Spaghetti

sublist3r

WAFW00F

nslookup

nslookup

dirsearch

OWASP Joomscan

Spaghetti

Globuster

Grabber

OTHER TOOLS
Pureblood

Wapiti

Lscript

Trity

RED_HAWK

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/penetrate2hack/ITWSV.git

2) cd ITWSV

3) chmod +x start.sh

4) chmod +x update.sh (only if required)

5) ./start.sh

Verified ✅
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

mad-metasploit is my project related to metasploit framework To sum up…
"Metasploit custom modules, plugins, resource script and.. awesome metasploit collection"
and db_autopwn is automation exploit plugin on metasploit-framework. but it is deprecated.. :(
I keeping db_autopwn source code on my github repo, and added to mad-metasploit project! Now, let’s use Mad-Metasploit to launch an automated attac

New detailed fast proxies

https://pastebin.com/86HQ08dK

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How iPhone and Mac will also be hacked. An iMessage password may be stolen ?

Get infected

as long as you receive a message

1) The so-called identity credential information specifically includes WiFi passwords, login credentials, and email login information. The scope of the vulnerability is relatively wide, including most of Apple's operating systems, including macOS (that is, OS X), watchOS, tvOS, watchOS, and iOS. So iPhone, iPod touch, Apple Watch, Apple TV, Mac device users need to pay attention.

2) The vulnerability was reported by Tyler Bohan, a senior researcher at Cisco Talos, but Bohan did not disclose the details of the vulnerability, and our knowledge is relatively limited.

3) The high-risk vulnerability exists in ImageIO-ImageIO is actually an API of these operating systems. The attacker can construct a TIFF file (an image file format)-which contains malicious code exploiting the vulnerability, and then send this image to Apple users in the form of MMS or iMessage.

4) After receiving the message, the Apple user was recruited. This process does not require any interaction by the user , because the system will automatically process the received pictures. Specifically, what can be done to exploit this vulnerability, as described above, is to obtain stored identity credential information from the device memory. From the perspective of not requiring user interaction, the vulnerability is indeed a high-risk level. Bohan called it a "very dangerous bug".

5) In addition to sending messages, the vulnerability can also be used to build web pages containing malicious code. Apple users can use Safari to browse the web pages to leak identity credentials. This process does not require users to perform any operations on the web pages.

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Comprehensive analysis of SQL optimization - explain in detail

Index common operations
A) Query Index
show index from tablename;

increase index
1) ： alter table - add index；

2) alter table - add UNIQUE [indexName] ON (username(length))；

3) ： alter TABLE mytable add index index1_index2_index3 (index1,index2,index3);


4) PRIMARY KEY(indexName)

5) Delete the index
alter table drop index index_name;
drop index index_name on

6) Index optimization-explain
Before optimization, use the explain keyword before the query , check the execution plan of the SQL language , and judge whether the query uses index.

7) EXPLAIN: Simulate how the Mysql optimizer executes the SQL query, so as to know how Mysql processes your SQL statement. Analyze the performance bottleneck of your query or table structure.

E.g

mysql> explain select * from tb_user;
image.png

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑firefox 2020 plugins another collection :

#adblock_plus
https://addons.mozilla.org/firefox/downloads/file/808841/adblock_plus-3.0.2-an+fx.xpi?src=dp-btn-primary

#gnome_shell_integration
https://addons.mozilla.org/firefox/downloads/file/854306/gnome_shell_integration-10-an+fx-linux.xpi?src=dp-btn-primary

#IP Address and Domain Information
https://addons.mozilla.org/firefox/downloads/file/689443/ip_address_and_domain_information-4.0.0-fx.xpi?src=dp-btn-primary

#New Hackbar
https://addons.mozilla.org/firefox/downloads/file/831304/new_hackbar-1.0.4-an+fx.xpi?src=dp-btn-primary

#HackBar (F12)
https://addons.mozilla.org/firefox/downloads/file/851494/hackbar-1.1.7-an+fx.xpi?src=dp-btn-primary

#Proxy SwitchyOmega
https://addons.mozilla.org/firefox/downloads/file/848109/proxy_switchyomega-2.5.10-an+fx.xpi?src=dp-btn-primary

#Show External IP
https://addons.mozilla.org/firefox/downloads/file/776591/show_external_ip-1.0.6-an+fx.xpi?src=dp-btn-primary

#Show Server IP
https://addons.mozilla.org/firefox/downloads/file/739407/show_server_ip-2.3-an+fx-linux.xpi?src=dp-btn-primary

#Tampermonkey
https://addons.mozilla.org/firefox/downloads/file/813574/tampermonkey-4.5.5660-an+fx.xpi?src=dp-btn-primary


#Site Stacks extension
https://addons.mozilla.org/firefox/downloads/file/745343/sitestacks_for_firefox_instant_tech_lookup-1.0.1-fx-linux.xpi?src=dp-btn-primary

#Wappalyzer
https://addons.mozilla.org/firefox/downloads/file/852547/wappalyzer-5.4.6-an+fx.xpi?src=dp-btn-primary

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

24/24 posts T.me/UndercodeTesting

Table of Contents:

Overview Dedication A Word of Warning! Section 1: Getting Comfortable with Kali Linux Section 2: Essential Tools in Kali Section 3: Passive Reconnaissance Section 4: Active Reconnaissance Section 5: Vulnerability Scanning Section 6: Buer Overflows
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
Section 7: Handling Public Exploits Section 8: Transferring Files to your target Section 9: Privilege Escalation Section 10: Client-Side Attacks Section 11: Web Application Attacks Section 12: Password Cracking Section 13: Port Redirection and Pivoting Section 14: Metasploit Framework Section 15: Antivirus Bypassing Extra Resources Setting up your Pentesting Environment Wargames/Hands-on Challenges Capture the Flag Competitions (CTFs)/Cyber Competitions Bug Bounty Programs Vulnerable Machines Tips to participate in the Proctored OSCP exam Other Resources

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Powerful Disassembler Library For x86/AMD64
Welcome to the diStorm3 binary stream disassembler library project.

1) diStorm3 is really a decomposer, which means it takes an instruction and returns a binary structure which describes it rather than static text, which is great for advanced binary code analysis.

> diStorm3 is super lightweight (~45KB), ultra fast and easy to use (a single API)!

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) Installing diStorm3 - Clone repo locally and then 'python
https://github.com/gdabah/distorm

2) setup.py install' or alternatively: 'python -m pip install distorm3'.

For Windows, use these pre-built installers in https://pypi.org/project/distorm3/#files.

that's all
Verified ✅
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑WEB- HACKING METHODE

What's Parsero?
Parsero is a free script written in Python which reads the Robots.txt file of a web server and looks at the Disallow entries. The Disallow entries tell the search engines what directories or files hosted on a web server mustn't be indexed. For example, "Disallow: /portal/login" means that the content on www.example.com/portal/login it's not allowed to be indexed by crawlers like Google, Bing, Yahoo... This is the way the administrator have to not share sensitive or private information with the search engines.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/behindthefirewalls/Parsero.git

2) cd Parsero

3) sudo setup.py install

#EASYINSTALL

In Kali Linux

1) sudo apt-get update

2) sudo apt-get install parsero

example root@keiv:~# parsero -u www.example.com -sb

🦑more commands :

$ parsero -h

usage: parsero.py [-h] [-u URL] [-o] [-sb]

optional arguments:
-h, --help show this help message and exit
-u URL Type the URL which will be analyzed
-o Show only the "HTTP 200" status code
-sb Search in Bing indexed Disallows
-f FILE Scan a list of domains from a list


Verified git✅
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁