▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑firefox 2020 plugins another collection :

#adblock_plus
https://addons.mozilla.org/firefox/downloads/file/808841/adblock_plus-3.0.2-an+fx.xpi?src=dp-btn-primary

#gnome_shell_integration
https://addons.mozilla.org/firefox/downloads/file/854306/gnome_shell_integration-10-an+fx-linux.xpi?src=dp-btn-primary

#IP Address and Domain Information
https://addons.mozilla.org/firefox/downloads/file/689443/ip_address_and_domain_information-4.0.0-fx.xpi?src=dp-btn-primary

#New Hackbar
https://addons.mozilla.org/firefox/downloads/file/831304/new_hackbar-1.0.4-an+fx.xpi?src=dp-btn-primary

#HackBar (F12)
https://addons.mozilla.org/firefox/downloads/file/851494/hackbar-1.1.7-an+fx.xpi?src=dp-btn-primary

#Proxy SwitchyOmega
https://addons.mozilla.org/firefox/downloads/file/848109/proxy_switchyomega-2.5.10-an+fx.xpi?src=dp-btn-primary

#Show External IP
https://addons.mozilla.org/firefox/downloads/file/776591/show_external_ip-1.0.6-an+fx.xpi?src=dp-btn-primary

#Show Server IP
https://addons.mozilla.org/firefox/downloads/file/739407/show_server_ip-2.3-an+fx-linux.xpi?src=dp-btn-primary

#Tampermonkey
https://addons.mozilla.org/firefox/downloads/file/813574/tampermonkey-4.5.5660-an+fx.xpi?src=dp-btn-primary


#Site Stacks extension
https://addons.mozilla.org/firefox/downloads/file/745343/sitestacks_for_firefox_instant_tech_lookup-1.0.1-fx-linux.xpi?src=dp-btn-primary

#Wappalyzer
https://addons.mozilla.org/firefox/downloads/file/852547/wappalyzer-5.4.6-an+fx.xpi?src=dp-btn-primary

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

24/24 posts T.me/UndercodeTesting

Table of Contents:

Overview Dedication A Word of Warning! Section 1: Getting Comfortable with Kali Linux Section 2: Essential Tools in Kali Section 3: Passive Reconnaissance Section 4: Active Reconnaissance Section 5: Vulnerability Scanning Section 6: Buer Overflows
Create PDF in your applications with the Pdfcrowd HTML to PDF API PDFCROWD
Section 7: Handling Public Exploits Section 8: Transferring Files to your target Section 9: Privilege Escalation Section 10: Client-Side Attacks Section 11: Web Application Attacks Section 12: Password Cracking Section 13: Port Redirection and Pivoting Section 14: Metasploit Framework Section 15: Antivirus Bypassing Extra Resources Setting up your Pentesting Environment Wargames/Hands-on Challenges Capture the Flag Competitions (CTFs)/Cyber Competitions Bug Bounty Programs Vulnerable Machines Tips to participate in the Proctored OSCP exam Other Resources

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Powerful Disassembler Library For x86/AMD64
Welcome to the diStorm3 binary stream disassembler library project.

1) diStorm3 is really a decomposer, which means it takes an instruction and returns a binary structure which describes it rather than static text, which is great for advanced binary code analysis.

> diStorm3 is super lightweight (~45KB), ultra fast and easy to use (a single API)!

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) Installing diStorm3 - Clone repo locally and then 'python
https://github.com/gdabah/distorm

2) setup.py install' or alternatively: 'python -m pip install distorm3'.

For Windows, use these pre-built installers in https://pypi.org/project/distorm3/#files.

that's all
Verified ✅
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑WEB- HACKING METHODE

What's Parsero?
Parsero is a free script written in Python which reads the Robots.txt file of a web server and looks at the Disallow entries. The Disallow entries tell the search engines what directories or files hosted on a web server mustn't be indexed. For example, "Disallow: /portal/login" means that the content on www.example.com/portal/login it's not allowed to be indexed by crawlers like Google, Bing, Yahoo... This is the way the administrator have to not share sensitive or private information with the search engines.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/behindthefirewalls/Parsero.git

2) cd Parsero

3) sudo setup.py install

#EASYINSTALL

In Kali Linux

1) sudo apt-get update

2) sudo apt-get install parsero

example root@keiv:~# parsero -u www.example.com -sb

🦑more commands :

$ parsero -h

usage: parsero.py [-h] [-u URL] [-o] [-sb]

optional arguments:
-h, --help show this help message and exit
-u URL Type the URL which will be analyzed
-o Show only the "HTTP 200" status code
-sb Search in Bing indexed Disallows
-f FILE Scan a list of domains from a list


Verified git✅
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

DeathStalker APT threatens legal and financial bodies
#cyberattack

🦑#fastTips
How Check if a long list of URLS :
> URL-Tester

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) You can use linux or termux for this:

2) pkg install curl

3) git clone https://github.com/rebl0x3r/urltester.git

4) cd pr0xyscr4p3r && chmod +x urltester.sh

Run:

5) bash urltester.sh

Verified git✅
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑OSCP_Helpful_Links :

OSCP Course Review
Offensive Security’s PWB and OSCP — My Experience
http://www.securitysift.com/offsec-pwb-oscp/

OSCP Journey
https://scriptkidd1e.wordpress.com/oscp-journey/

Down with OSCP
http://ch3rn0byl.com/down-with-oscp-yea-you-know-me/

Jolly Frogs - Tech Exams (Very thorough)

http://www.techexams.net/forums/security-certifications/110760-oscp-jollyfrogs-tale.html

OSCP Inspired VMs and Walkthroughs
https://www.hackthebox.eu/

https://www.root-me.org/

https://www.vulnhub.com/

Verified ✅
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Share several IDS open source systems :

Prelude IDS

From the perspective of design, it is positioned to meet the needs of large-scale networks, and realizes network detectors, log analyzers, and alarm information centralized viewing and analysis tools. The network detector part is basically a copy of Snort's functions and is fully compatible with Snort's rule set. ( http://www.prelude-ids.org/ )

Firestorm

It is a very high-performance network intrusion detection system (NIDS). Currently it only implements the detector part and is fully compatible with Snort's rule set, but plans include real support for analysis, reporting, remote console and real-time sensor configuration. It is fully pluggable, so it is very flexible. It can record alarm information to the Prelude IDS manager. It claims to be much better than Snort in performance. http://www.scaramanga.co.uk/firestorm/

NetSTAT

Based on the research results of STAT (State Transition Analysis Technique) describing the attack, using the unique STATL language to describe the attack, the attack description text is converted into C++ code by the STATL interpretation tool and compiled into the detection engine to realize the detection function. It has been released. STATL language interpretation conversion tool and a basic example network detector part (a few examples of detection functions). To be proficient in using this IDS tool requires relatively strong programming skills, but with this IDS, very complex detection functions can be achieved.

http://www.cs.ucsb.edu/~rsg/STAT/

Bro

It is a real-time network intrusion detection software implemented by Vern Paxson. It was released in 1998 under the BSD license. Its original design goal was to achieve a real-time alarm, separation of mechanism and strategy, and highly scalable intrusion detection and network under a 100M network. Monitor the audit system.

https://www.bro.org/

Suricata

It is a system that supports IDS, IPS and NSM. The system has a Snort-like architecture and relies on signatures like Snort. It can even use the same Emerging Threat rule set used by VRT Snort rules and Snort itself. Suricata is newer than Snort and it will have a chance to overtake Snort. https://suricata-ids.org/

OSSEC

OSSEC open source security information management system (OPEN SOURCE SECURITY INFORMATION MANAGEMENT) is an open source host-based intrusion detection system, which can be referred to as HIDS for short. It has log analysis, file integrity check, policy monitoring, rootkit detection, real-time alarm and linkage response functions. https://ossec.github.io/

enjoy❤️👍🏻
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑small linux helpful tools :

1)
sudo apt-get install screenfetch
sudo apt-get install neofetch

2) sudo apt-get install sl

3)
sudo apt-get install yes

4)
sudo apt-get install rev

5)
sudo apt-get install fortune

6)
sudo apt-get install figlet

7)
sudo apt-get install toilet

8)
sudo apt-get install cowsay

9)
sudo apt-get install xcowsay

10)
sudo apt-get install cmatrix

11)
sudo apt-get install oneko

12)
sudo apt-get install lolcat


@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

The way that Windows loads DLLs then, is to search the following directories in this order:
– The directory from which the application loaded – C:\Windows\System32 – C:\Windows\System – C:\Windows – The current working directory – Directories in the system PATH environment variable – Directories in the user PATH environment variable

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Google chrome another 2020 plugins collection :

#Adblock Plus
https://chrome.google.com/webstore/detail/adblock-plus/cfhdojbkjhnklbpkdaibdccddilifddb?utm_source=chrome-app-launcher-info-dialog

#Proxy SwitchyOmega
https://chrome.google.com/webstore/detail/proxy-switchyomega/padekgcemlokbadohgkifijomclgjgif?utm_source=chrome-app-launcher-info-dialog

#Tampermonkey
https://chrome.google.com/webstore/detail/tampermonkey/dhdgffkkebhmkfjojejmpbldmpobfkfo?utm_source=chrome-app-launcher-info-dialog

#
https://greasyfork.org/zh-CN/scripts/24508-userscript-show-site-all-userjs

#
https://chrome.google.com/webstore/detail/%E5%B7%A5%E5%85%B7%E5%96%B5/coppgeobilocdhiclhgmadabblhfjgpm?utm_source=chrome-app-launcher-info-dialog

#XSS
https://chrome.google.com/webstore/detail/xss%E8%BE%85%E5%8A%A9%E5%B7%A5%E5%85%B7/focmpdmaogbbmkdcdnofaifpkmcbmfdp?utm_source=chrome-app-launcher-info-dialog

#XssSniper
https://chrome.google.com/webstore/detail/xsssniper/pnhekakhikkhloodcedfcmfpjddcagpi?utm_source=chrome-app-launcher-info-dialog

#OneTab
https://chrome.google.com/webstorehttps://chrome.google.com/webstore/detail/cookie-hacker/pbobjedjkopcjolicmbnmmhjmnlcdjfh?utm_source=chrome-app-launcher-info-dialog/detail/onetab/chphlpgkkbolifaimnlloiipkdnihall?utm_source=chrome-app-launcher-info-dialog

#Hack Tab Web Security Tests
https://chrome.google.com/webstore/detail/hack-tab-web-security-tes/nipgnhajbnocidffkedmkbclbihbalag?utm_source=chrome-app-launcher-info-dialog

#Dark Mode
https://chrome.google.com/webstore/detail/dark-mode/dmghijelimhndkbmpgbldicpogfkceaj?utm_source=chrome-app-launcher-info-dialog

#Cookie Hacker
https://chrome.google.com/webstore/detail/cookie-hacker/pbobjedjkopcjolicmbnmmhjmnlcdjfh?utm_source=chrome-app-launcher-info-dialog

#Chameleon
https://chrome.google.com/webstore/detail/chameleon/dmpojjilddefgnhiicjcmhbkjgbbclob?utm_source=chrome-app-launcher-info-dialog

#GNOME Shell integration
https://chrome.google.com/webstore/detail/gnome-shell-integration/gphhapmejobijbbhgpjhcjognlahblep?utm_source=chrome-app-launcher-info-dialog

#TeamViewer
https://chrome.google.com/webstore/detail/teamviewer/oooiobdokpcfdlahlmcddobejikcmkfo?utm_source=chrome-app-launcher-info-dialog

@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑The scanner attempts to overcome the tuner's frequency response by averaging scans from both the positive and negative frequency offsets of the baseband data.

Tested on:

-Windows 7 (x86 and x64)

-Ubuntu 12.04 (x86), 12.10 (x64), 13.04 (x64) and 14.04 (x64)

-OS X Snow Leopard (10.6) and Mountain Lion (10.8)

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

A) Press CTRLALTT to open a command window and run the following command to install the libraries:

sudo apt-get install python python-wxgtk3.0 rtl-sdr

Install the software using:

sudo pip install -U rtlsdrscanner

Now you should be able to run the program:

python -m rtlsdrscanner

B) MORE INSTALL & WINDOWS USERS

> https://eartoearoak.com/software/rtlsdr-driver-installation/

✅VERIFIED
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁


🦑SOME HACKING RESOURCES :

Security Hardening CentO 7
https://highon.coffee/blog/security-harden-centos-7/

MetaSploit Cheatsheet
https://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf

Google Hacking Database:
https://www.exploit-db.com/google-hacking-database/

Windows Assembly Language Mega Primer
http://www.securitytube.net/groups?operation=view&groupId=6

Linux Assembly Language Mega Primer
http://www.securitytube.net/groups?operation=view&groupId=5

Metasploit Cheat Sheet
https://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf

A bit dated but most is still relevant

http://hackingandsecurity.blogspot.com/2016/04/oscp-related-notes.html

NetCat

http://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf

http://www.secguru.com/files/cheatsheet/nessusNMAPcheatSheet.pdf

http://sbdtools.googlecode.com/files/hping3_cheatsheet_v1.0-ENG.pdf

http://sbdtools.googlecode.com/files/Nmap5%20cheatsheet%20eng%20v1.pdf

http://www.sans.org/security-resources/sec560/misc_tools_sheet_v1.pdf

http://rmccurdy.com/scripts/Metasploit%20meterpreter%20cheat%20sheet%20reference.html

http://h.ackack.net/cheat-sheets/netcat

Verified ✅
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑MinGW and MSYS
While Cygwin's goal is to make it possible to build unmodified applications on Windows at the cost of external dependencies, MinGW + MSYS's goal is to produce applications without external dependencies.

MinGW and MSYS are independent packages, but they are often confused and confused with each other (and often confused with Cygwin as well). We can say that MinGW is the equivalent of GCC and binutils, and MSYS is the extended equivalent of coreutils.

Let's start with MSYS. MSYS is a more “native” and lightweight alternative to Cygwin. This package includes a library with POSIX function implementations, but it is intended for internal use and the authors strongly discourage linking their applications with it.

The MSYS library does not implement UNIX on top of Windows, but follows Windows conventions — for example, it deliberately ignores the case of letters in file paths. The main purpose of MSYS is to provide the necessary programs for build scripts like the Bourne shell, make, and so on, which is usually required for autotools.

MinGW contains versions of GCC and binutils (as assembler, ld linker, and so on) that produce Windows executables in PE / COFF format. This is where we come to a key point: MinGW, like all other parts of the GNU toolchain, is also a platform independent project.

Cross-compiling in the GNU toolchain has long been common, and in GCC the target platform and host are independent of each other. You can run GCC on Linux for x86 and build Linux programs on ARM, or vice versa. It's not just the working and target architectures of a processor that don't have to match. In the same way, even the OS and the format of the executable file do not have to match.


We put MinGW
The authors of many GNU / Linux distributions have already done their best for us, so many cross-versions of GCC, including MinGW, can be downloaded from the repositories.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) For example, on Fedora:

$ sudo dnf install mingw32-gcc
$ sudo dnf install mingw64-gcc

2) Or on Debian:

$ sudo apt-get install gcc-mingw-w64-i686
$ sudo apt-get install gcc-mingw-w64-x86-64
If you are using MacOS, the MinGW can be supplied from the Homebrew : brew install mingw-w64.


@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

detailed fresh proxies list

https://pastebin.com/gvF9zjd3