▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#ForBeginers What is Cross Site Scripting (XSS)? & How it Work's ?


1) Cross-site scripting (XSS) is a type of cyberattack in which malicious scripts are injected into trusted and trusted sites.

2) Cross-site scripting attacks are possible in HTML, Flash, ActiveX and CSS. However, JavaScript is the most frequent target of cybercriminals as it plays an important role in most web browsing.

3) JavaScript is a programming language that allows you to implement complex functionality on your website. Most of the large and interactive websites on the Internet have been built with JavaScript. “You can develop interactive features, games or add additional features to better promote your products,” says Domantas Gudelyauskas, marketing manager for the Zyro project.

4) JavaScript is so popular in the web community because it allows you to do almost anything on a web page. And that's when it becomes problematic. Cybercriminals can use JavaScript to log into your web pages and insert malicious scripts.

🦑How does cross-site scripting work?

Cybercriminals can perform XSS attacks on WordPress websites in two ways. They can either use user input or bypass policies of the same origin. Let's take a look at both methods to better understand cross-site scripting.

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Top 5 PHP Frameworks :

Now that we have all understood the PHP framework, which PHP framework is the best to use in web development?

— Developing any software application from scratch requires a lot of work, so it is very tedious and time-consuming. Using a better PHP environment saves you the hassle of re-creating the same functions over and over. We've looked at the countless PHP frameworks available on the market to find the best for you.

1) Laravel

2) CakePHP

3) CodeIgniter

4) Symfony

5) Zend framework

#FastTips
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible..->
#tool


🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/FortyNorthSecurity/EyeWitness.git

2) cd Navigate into the CS directory

3) Load EyeWitness.sln into Visual Studio

4) Go to Build at the top and then Build Solution if no modifications are wanted

5) EyeWitness.exe --help

6) EyeWitness.exe -f C:\Path\to\urls.txt

7) EyeWitness.exe -f C:\Path\to\urls.txt -d [timeout in seconds] -c

8) ./EyeWitness.py -f filename --timeout optionaltimeout

E X A M P L E :

./EyeWitness -f urls.txt --web

./EyeWitness -x urls.xml --timeout 8

./EyeWitness.py -f urls.txt --web --proxy-ip 127.0.0.1 --proxy-port 8080 --proxy-type socks5 --timeout 120

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑New Computer Hacking Forensic Investigator labs and tools:

https://mega.nz/folder/fBJzUYQY#yhs2nAV7DwCTL6xiil9OgQ

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑SOME POPULAR DEEPWEBSITES
1)e4unrusy7se5evw5.onion - eXeLaB, a program research portal.

2)msydqstlz2kzerdg.onion - Ahima, a darknet search engine.

3)searchl57jlgob74.onion - Fess, another search engine.

4)burgerfroz4jrjwt.onion - Burger, the recommended bitcoin mixer with
onion ring flavor.

5) http://hss3uro2hsxfogfq.onion/

6) http://gjobqjj7wyczbqie.onion/

7) http://torlinksge6enmcyyuxjpjkoouw4oorgdgeo7ftnq3zodj7g2zxi3kyd.onion/

8) http://s6cco2jylmxqcdeh.onion/w/

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Rails is a software library that extends the Ruby programming language. It’s often promoted as an MVC web framework, which stands for Model, View, and Controller respectively.
De facto, Web developers are attracted by its simplicity and the priciple of Convention over Configuration, and it has become more popular in recent days.
Despite Rails is a mature framework being used today, Web Security issues are still there. Therefore, this paper will briefly address and give introduction to those discovered vulnerabilities of Rails.

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁


🦑HACKING ANDROID APPS 2020 LIST :


https://apkpure.com/sshdroid/berserker.android.apps.sshdroid

https://wifikillapk.com/download/

https://www.offensive-security.com/kali-linux-nethunter-download/


https://play.google.com/store/apps/details?id=com.overlook.android.fing&hl=en

https://github.com/wszf/androrat

https://github.com/pjlantz/droidbox

https://secwiki.org/w/Nmap/Android

https://play.google.com/store/apps/details?id=com.overlook.android.fing&hl=en

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑PRACTICE YOUR KNOWLEDGE :

HACKING EXERCICES :

0 - Last Layer Attack
1 - Backdooring
2 - Extracting Information
3 - Brute Forcing
4 - Neural Overflow
5 - Malware Injection
6 - Neural Obfuscation
7 - Bug Hunting
8 - GPU Attack

🦑Packages :

-Keras: Installing Keras can be tricky. We refer to the official installation guide at https://keras.io/

-#installation and suggest TensorFlow as a backend (using the GPU-enabled version, if one is available on the machine).

-NumPy, SciPy and scikit-image: NumPy and SciPy are excellent helper packages, which are used throughout all exercises. Following the official SciPy

-instructions should also install NumPy https://
www.scipy.org/install.html. We will also need to

-install scikit-image for image loading and saving:
https://scikit-image.org/docs/stable/install.html.
PyCuda: PyCuda is required for the GPU-based attack exercise. If no nVidia GPU is available on the machine, this can be skipped. https://wiki.tiker.net/PyCuda/Installation

-NLTK: NLTK provides functionalities for natural language processing and is very helpful for some of the exercises. https://www.nltk.org/install.html

D O W N L O A D :

https://github.com/Kayzaks/HackingNeuralNetworks

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑CREATE ANDROID APK - WITHOUT CODING :

https://www.appypie.com/

https://www.goodbarber.com/

https://mobileroadie.com/

https://www.theappbuilder.com/

https://www.appmakr.com/

http://www.makemedroid.com/en/

https://www.swiftic.com/

http://www.appmachine.com/

https://www.biznessapps.com/

https://www.appsgeyser.com/

https://appinstitute.com/

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑VIRUS & MALWARE TOOLS & TUTORIALS :

[JSDetox](http://www.relentless-coding.com/projects/jsdetox/) - JavaScript
malware analysis tool.

jsunpack-n - A javascript
unpacker that emulates browser functionality.

[Krakatau](https://github.com/Storyyeller/Krakatau) - Java decompiler,
assembler, and disassembler.

Malzilla - Analyze malicious web pages.

[RABCDAsm](https://github.com/CyberShadow/RABCDAsm) - A "Robust
ActionScript Bytecode Disassembler."

SWF Investigator -
Static and dynamic analysis of SWF applications.

[swftools](http://www.swftools.org/) - Tools for working with Adobe Flash
files.

xxxswf - A
Python script for analyzing Flash files.

ENJOY ❤️👍🏻
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑for kali 2020 users #requested
» Enable Monitor Mode Using iw:

First, we will take a look at the use of the iw Wi-Fi configuration tool. It is used for configuring Wi-Fi in particular and can be more powerful than other tools. You might have already used iw for several other purposes, for example, to obtain information about your Wi-Fi network. In fact, this tool can even give you more information about different commands. The iw list gives you much more information about wireless wlan0, interface modes, HT, bit rates, scanning, etc.

🄻🄴🅃'🅂 🅂🅃🄰🅁🅃 :

The first step is to check the interface information. You can do so by entering the following:

1) $ sudo iw dev
The output will look like the following window:
To access the traffic of other people, you will have to switch this over to Monitor Mode. You can switch iw to Monitor Mode by entering the commands given below:

2) $ sudo ip link set IFACE down

3) $ sudo iw IFACE set monitor control

4) $ sudo ip link set IFACE up
IFACE replaced the actual name, as shown:

5) $ sudo ip link set wlan0 down

6) $ sudo iw wlan0 set monitor control

7) $ sudo ip link set wlan0 up

The next step is to check the wireless interface one more time by entering the following command:

8) $ sudo iw dev

9) The output of the aforementioned commands can be seen in the window above.

Wondering how to get back to the Managed Mode? To do so, enter the following commands:

10) $ sudo ip link set IFACE down

11) $ sudo iw IFACE set type managed

12) $ sudo ip link set IFACE up
IFACE replaced the actual name, as shown:

13) $ sudo ip link set wlan0 down

14) $ sudo iw wlan0 set type managed

15) $ sudo ip link set wlan0 up

Enable Monitor Mode Using iwconfig
As in previous sections, check your interface name via the following command:

$ sudo iwconfig
The next step is to enable Monitor Mode. Do so by entering the following commands:

$ sudo ifconfig IFACE down
$ sudo iwconfig IFACE mode monitor
$ sudo ifconfig IFACE up
Furthermore,

$ sudo ifconfig wlan0 down
$ sudo iwconfig wlan0 mode monitor
$ sudo ifconfig wlan0 up
Disable Monitor Mode

$ sudo ifconfig wlan0 down
$ sudo iwconfig wlan0 mode managed
$ sudo ifconfig wlan0 up
Turn off the Network Manager that Prevents Monitor Mode

$ sudo systemctl stop NetworkManager

🄻🄴🅃'🅂 🅂🅃🄰🅁🅃 :

🦑Another two methode for wifi monitor mode :

You can also via airmon-ng but this methode is recommended

Enable Monitor Mode Using iwconfig
As in previous sections, check your interface name via the following command:

$ sudo iwconfig
The next step is to enable Monitor Mode. Do so by entering the following commands:

$ sudo ifconfig IFACE down
$ sudo iwconfig IFACE mode monitor
$ sudo ifconfig IFACE up
Furthermore,

$ sudo ifconfig wlan0 down
$ sudo iwconfig wlan0 mode monitor
$ sudo ifconfig wlan0 up
Disable Monitor Mode

$ sudo ifconfig wlan0 down
$ sudo iwconfig wlan0 mode managed
$ sudo ifconfig wlan0 up
Turn off the Network Manager that Prevents Monitor Mode

$ sudo systemctl stop NetworkManager

source linux forum
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to Change the MAC Address
#forBeginers
In a Kali Linux, it is very easy to spoof the MAC address. This can be done by opening the terminal window in the Kali Linux system. Initially, we will check all of the adapters that are using the ifconfig command, as shown:

1) $ sudo ifconfig

2) $ sudo ifconfig eth0 down


3) Next, we will change the MAC address. This can be done by entering the following command:

$ sudo macchanger -r eth0

4) In this command, the -r flag is used to change the current MAC address to the random MAC address in the network interface of eth0.

In the screenshot above, note that the MAC address has been successfully spoofed. Now, we will turn on the network interface again.
5) This can be done by entering the following command:

$ sudo ifconfig eth0 up

6) Next, it is necessary to check the MAC address again with the help of the ifconfig command:

$ sudo ifconfig


@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 Code with Mosh - The Ultimate Data Structures & Algorithms

https://mega.nz/folder/tJAD2QYJ#iGTd0Hi4k3a4kbEcKddTtg

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HACKING WITH Unicornscan:

F E A T U R E S :

-Asynchronous stateless TCP scanning with each of the TCP flags or flag combinations

-Asynchronous protocol-specific UDP scanning
superior interface for measuring a response from a TCP/IP enabled stimulus

-Active and Passive remote OS and application detection

-PCAP file logging and filtering

-capable of sending packets with different OS

-fingerprints than the OS of the host.

-Relational database output for storing the results of your scans

-Customizable module support to fit according to the system being pentested

-Customized data set views.

-Has its TCP/IP stack, a distinguishing feature that sets it apart from other port scanners

-Comes built into Kali Linux, no need to download

🄻🄴🅃'🅂 🅂🅃🄰🅁🅃 :

1) Performing a simple scan with Unicornscan
The most basic scan withUnicornscan allows us to scan a single host IP.

$ sudo unicornscan 192.168.100.35

2) as example :
the key is that it doesn’t use ICMP by default. Out of the ports mentioned, only ports 135,139,445 and 554 are open.

3) Scanning multiple IPs wit Unicornscan
We will make a slight modification in the basic scan syntax to scan multiple hosts, and you’ll notice the subtle difference from scan commands we use in nmap and hping. The targets are placed in sequence to initiate scanning:

$ sudo unicornscan 192.168.100.35 192.168.100.45

4) Scanning Class C networks with Unicornscan

$ sudo unicornscan 192.168.100.35/24:31


5) Unicornscan has successfully returned us to all the hosts that have port 31 open. The cool thing about unicornscan is that it doesn’t stop at our network, where speed is a limiting factor.
UDP scanning:
We can also scan for UDP ports with unicornscan. Type:

$ sudo unicornscan -r300 -mU linuxhint.com

6) Saving results to a PCAP file

$ sudo unicornscan 216.1.0.0/8:5505 -r500 -w huntfor5505.pcap
-W1 -s 192.168.100.35

✅unix forum
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Paid = 80000$ FOR YOU🤩

EVERY ADOBE PROGRAM | ADOBE SUITE 2020 FULL CRACKS

WHATS INCLUDED HERE:


Adobe Photoshop CC 2020
Adobe Animate CC 2020
Adobe Illustrator CC 2020
Adobe Premiere Pro CC 2020
[extra/new] Primere Rush 2020
Adobe Media Encoder: 2020
Adobe Photoshop Lightroom Classic CC 2020
Adobe After Effects CC 2020
Adobe InDesign CC 2020
Adobe InCopy CC 2020
Adobe Dimension CC 2020
Adobe Audition CC 2020
Adobe Dreamweaver CC 2020
Adobe Character Animator CC 2020


Adobe Photoshop CC 2020 | https://drive.google.com/uc?id=1b1VAYz8mq8gn6uhOUfnSCb7ydsdoIVj5&export=download

Adobe Animate CC 2020 | https://drive.google.com/uc?id=1ARH0MgFijoB6RC2f29vJzZFnoFuVhTxB&export=download

Adobe Illustrator CC 2020 | https://drive.google.com/uc?id=1wFOR8f4nHGUG0nihv9Id4rlwzKYBTX3z&export=download

Adobe Premiere Pro CC 2020 | https://drive.google.com/uc?id=1qyaRufD4gXMl6zMwtD0Tofc6xEuIbNHj&export=download
[extra] [b]Premiere Rush 2020 | [/b]https://drive.google.com/uc?id=1eVet0xZjD85ruG-0oAQm6e_IygwBGCCh&export=download

Adobe Media Encoder: 2020 | https://drive.google.com/uc?id=10SEL8TaxzfTQkQK6a9gslASF20PVnLmz&export=download

Adobe Photoshop Lightroom Classic CC 2020 | https://drive.google.com/uc?id=1W5PwNfCfSqCIEDnrWx6KjPJL_ubWQ8l2&export=download

Adobe After Effects CC 2020 | https://drive.google.com/uc?id=1-yVPlnA4L2Cz70CL32V9V7ST20zRxWch&export=download

Adobe InDesign CC 2020 | https://drive.google.com/uc?id=1XKvDUG8HexPp_p2c7gQAovx6kIc9rf3b&export=download

Adobe InCopy CC 2020 | https://drive.google.com/uc?id=1WVFbkmQq3ZFrNHaqE20uRollFROJZvtz&export=download

Adobe Dimension CC 2020 | [b]https://drive.google.com/uc?id=1r2YJB7z2teF820i3x_gkokhnzrVvYEDi&export=download[/b]

Adobe Audition CC 2020 | https://drive.google.com/uc?id=1bw6F6gYKjXdnqpwj-jV5D2IsXG3fyJmq&export=download

Adobe Dreamweaver CC 2020 | https://drive.google.com/uc?id=1XVQ6lRmQYdBItaVE1SGYMGmexBIqynx7&export=download

Adobe Character Animator CC 2020 | https://drive.google.com/uc?id=1kZLLRQyXsBZZZN66gKjc7aFfDlDC9FzZ&export=download

ENJOY❤️👍🏻
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

#full with pictures

🦑Detailed Proxies List


https://pastebin.com/EjrWXBaP

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to prevent systemd-resolved from using port 53 in Ubuntu :

It's worth noting that you can free port 53 by simply uncommenting the DNSStubListener and setting it to no in /etc/systemd/resolved.conf. The rest of the steps are for enabling a DNS server - without it, your system won't be able to resolve any domain names, so you won't be able to visit websites in a web browser, etc.

1) Edit /etc/systemd/resolved.conf with a text editor (as root), for example open it with the Nano console text editor:

> sudo nano /etc/systemd/resolved.conf

2) And uncomment (remove the # from the beginning of the line) the DNS = line and the DNSStubListener = line. Then change the DNS = value in this file to the DNS server you want to use (e.g. 127.0.0.1 to use a local proxy, 1.1.1.1 to use Cloudflare DNS, etc.), and also change the DNSStubListener = value from yes to no.

3) This is how the file should look after you have made these changes (we are using 1.1.1.1 as the DNS server here, i.e. Cloudflare DNS):

[Resolve]
DNS = 1.1.1.1
# FallbackDNS =
# Domains =
# LLMNR = no
# MulticastDNS = no
# DNSSEC = no
# DNSOverTLS = no
# Cache = no
DNSStubListener = no
# ReadEtcHosts = yes


4) To save the file using the Nano text editor , press Ctrl + x, then type y and press Enter.

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁