▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BEST ROOT APPLICATIONS FOR WINDOWS :

http://www.kingoapp.com/android-root.html

http://www.iroot.com/

https://drfone.wondershare.com/

https://forum.xda-developers.com/android/apps-games/one-click-root-tool-android-2-x-5-0-t3107461

https://www.oneclickroot.com/?tap_a=12473-7742d5&tap_s=443817-24b632

https://www.oneclickroot.com/?tap_a=12473-7742d5&tap_s=443817-24b632

https://rootmaster.co/

ENJOY ❤️👍🏻
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑free penetration testing toolkit :

Information Gathering
Exploitation
Post Exploitation
Bruteforcing
Phishing
Cryptography/Stenography
Information Gathering:
Nmap
IP Info
Tcpdump (In The Works)
Datasploit (In The Works)
Censys Lookup
DNS Lookup
Raccoon
Cloudflare Bypasser
Exploitation:
Searchsploit
ReverseShell Wizard
FTP Buffer Overflow Scan
WPSeku WordPress Vuln Scanner
Post Exploitation:
In The Works
Bruteforcing:
FTP Bruteforcer
WPSeku WordPress Login Bruteforce
Phishing:
BlackEye Python
Crypto/Stegano:
MetaKiller
PDFMeta

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

Using Pip

1) sudo apt-get update

2) sudo apt-get upgrade

3) sudo apt-get install exploitdb netcat nmap perl php7.0

# on macOS

1) brew install exploitdb netcat nmap perl

2) pip3 install babysploit

3) babysploit

4) In order to use search command you must follow steps here to install the searchsploit binary!

Building From Source

1) sudo apt-get update

2) sudo apt-get upgrade

3) sudo apt-get install exploitdb netcat nmap perl php7.0

# on macOS

1) brew install exploitdb netcat nmap perl

2) git clone https://github.com/M4cs/BabySploit.git

3) cd BabySploit/

4) python3 setup.py install

5) babysploit

6) Docker Run Command

7) docker run --rm -idt --name babysploit xshuden/babysploit # container is deleted when you're done
OR
docker run -idt --name babysploit xshuden/babysploit

🦑7) BabySploit uses ConfigParser in order to write and read configuration. Your config file is automatically generated and located at ./babysploit/config/config.cfg. You can manually change configuration settings by opening up the file and editing with a text editor or you can use the set command to set a new value for a key. Use the set command like so:

set rhost
>> Enter Value For rhost: 10
>> Config Key Saved!
If before running this command the rhost key had a value of 80, the rhost key after running this command has a value of

8) You can also add configuration variables to the config by using the set command with a new key after it like so:

set newkey
>> Enter Value For newkey: hello
>> Config Key Saved!

9) Before running this there was no key named "newkey". After running this you will have a key named "newkey" in your config until you use the reset command which resets the saved configuration.

U S E F O R L E A R N
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Instant Email Profits




https://mega.nz/#F!ooREyICT!lp-bgMT6IBjl0DvQDIBrFg

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Hidden "Notification History" widget on Android
#Fasttips

1) It so happens that you delete an important notification without thinking or having time to read it. Or you click on the "Delete everything" button. Fortunately, there are ways to read these notifications at least partially.

2) Since Android 4.1 Jelly Bean there is a hidden feature that allows you to watch recently received notifications. To access it, long press on an empty spot on the home screen and select "Widgets". Long press on the Settings widget and drag it to your home screen. A page with several options will appear. Select "Notifications".

3) now you can see the history of all notifications. In this case, we managed to see notifications for the last two days, but depending on their number, the period may be longer or shorter. Shows the title of the notification that sent its apps and the time or date it was sent.

4) In Android 11, this list has been redesigned to show the content of the notification along with other information.

For users of Samsung Galaxy devices, this method does not work. They need to download the Good Lock app from the
> Galaxy Store, install the NotiStar extension https://galaxystore.samsung.com/detail/com.samsung.systemui.notilus

and launch Good Lock from the main menu. The function is also not supported on LG smartphones running Android 10.

> https://galaxystore.samsung.com/detail/com.samsung.android.goodlock


@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HELPFUL HACKING SPYWARES & TOOLS FOR ANY HACKER :

3proxy 0.7.1.1 Tiny free proxy server. http://3proxy.ru/

3proxy-win32 0.7.1.1 Tiny free proxy server. http://3proxy.ru/
42zip 42 Recursive Zip archive bomb. http://blog.fefe.de/?ts=b6cea88d

acccheck 0.2.1 A password dictionary attack tool that targets windows authentication via the SMB protocol. http://labs.portcullis.co.uk/tools/acccheck/

Spyse OSINT gathering tool that scans the entire web, enrich and collect all the data in its own DB for instant access.

Provided data: IPv4 hosts, sub/domains/whois, ports/banners/protocols, technologies, OS, AS, wide SSL/TLS DB and more. https://spyse.com/

findsubdomains Complete subdomains sacnning service.(works using OSINT). https://findsubdomains.com

sublist3r subdomains enumeration tool for penetration testers https://github.com/aboul3la/Sublist3r

ASlookup Made for identifying the owner of an IP range(CIDR), ASN, related ASN, registry, etc... http://aslookup.com

ace 1.10 Automated Corporate Enumerator. A simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behavior of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interface http://ucsniff.sourceforge.net/ace.html

admid-pack 0.1 ADM DNS spoofing tools - Uses a variety of active and passive methods to spoof DNS packets. Very powerful. http://packetstormsecurity.com/files/10080/ADMid-pkg.tgz.html

adminpagefinder 0.1 This python script looks for a large amount of possible administrative interfaces on a given site.
http://packetstormsecurity.com/files/112855/Admin-Page-Finder-Script.html

admsnmp 0.1 ADM SNMP audit scanner.
aesfix 1.0.1 A tool to find AES key in RAM http://
citp.princeton.edu/memory/code/
aeskeyfind 1.0 A tool to find AES key in RAM http://citp.princeton.edu/memory/code/
aespipe 2.4c Reads data from stdin and outputs encrypted or decrypted results to stdout. http://loop-aes.sourceforge.net/aespipe/

afflib 3.7.3 An extensible open format for the storage of disk images and related forensic information. http://www.afflib.org

afpfs-ng 0.8.1 A client for the Apple Filing Protocol (AFP) http://alexthepuffin.googlepages.com/

against 0.2 A very fast ssh attacking script which includes a multithreaded port scanning module (tcp connect) for discovering possible targets and a multithreaded brute-forcing module which attacks parallel all discovered hosts or given ip addresses from a list. http://nullsecurity.net/tools/cracker.html

aiengine 339.58dfb85 A packet inspection engine with capabilities of learning without any human intervention. https://bitbucket.org/camp0/aiengine/
aimage 3.2.5 A program to create aff-images. http://www.afflib.org

air 2.0.0 A GUI front-end to dd/dc3dd designed for easily creating forensic images. http://air-imager.sourceforge.net/
airflood 0.1 A modification of aireplay that allows for a DOS in in the AP. This program fills the table of clients of the AP with random MACs doing impossible new connections. http://packetstormsecurity.com/files/51127/airflood.1.tar.gz.html

airgraph-ng 2371 Graphing tool for the aircrack suite http://www.aircrack-ng.org

airoscript 45.0a122ee A script to simplify the use of aircrack-ng tools. http://midnightresearch.com/projects/wicrawl/
airpwn 1.4 A tool for generic packet injection on an 802.11 network. http://airpwn.sourceforge.net

allthevhosts 1.0 A vhost discovery tool that scrapes various web applications http://labs.portcullis.co.uk/tools/finding-all-the-vhosts/


U S E F O R L E A R N !!
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

ND10X – 10X Your Money In 10 Days Trading System

https://mega.nz/folder/XrpyGSzA#C_UVLTepeKRSs6f6qNu31g

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BEST 2020 FREE & ANONYMOUS VPN WITH 4- 5 RATING :

https://play.google.com/store/apps/details?id=com.tunnelbear.android

https://play.google.com/store/apps/details?id=com.kaspersky.secure.connection

https://play.google.com/store/apps/details?id=hotspotshield.android.vpn

https://play.google.com/store/apps/details?id=com.avira.vpn

https://play.google.com/store/apps/details?id=com.speedify.speedifyandroid&hl=en

https://play.google.com/store/apps/details?id=com.windscribe.vpn

https://play.google.com/store/apps/details?id=ch.protonvpn.android

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FREE SS7 HACKING 2020 UPDATE :

SigPloit a signaling security testing framework dedicated to Telecom Security professionals and reasearchers to pentest and exploit vulnerabilites in the signaling protocols used in mobile operators regardless of the geneartion being in use. SigPloit aims to cover all used protocols used in the operators interconnects SS7, GTP (3G), Diameter (4G) or even SIP for IMS and VoLTE infrastructures used in the access layer and SS7 message encapsulation into SIP-T. Recommendations for each vulnerability will be provided to guide the tester and the operator the steps that should be done to enhance their security posture

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

Version 1: SS7
SigPloit will initially start with SS7 vulnerabilities providing the messages used to test the below attacking scenarios

A- Location Tracking

B- Call and SMS Interception

C- Fraud
Version 2: GTP
This Version will focus on the data roaming attacks that occur on the IPX/GRX interconnects.

Version 3: Diameter
This Version will focus on the attacks occurring on the LTE roaming interconnects using Diameter as the signaling protocol.

Version 4: SIP
This is Version will be concerned with SIP as the signaling protocol used in the access layer for voice over LTE(VoLTE) and IMS infrastructure. Also, SIP will be used to encapsulate SS7 messages (ISUP) to be relayed over VoIP providers to SS7 networks taking advantage of SIP-T protocol, a protocol extension for SIP to provide intercompatability between VoIP and SS7 networks

Version 5: Reporting
This last Version will introduce the reporting feature. A comprehensive report with the tests done along with the recommendations provided for each vulnerability that has been exploited.

BETA Version of SigPloit will have the Location Tracking attacks of the SS7 phase 1
Installation and requirements
The requirements for this project are:

1) Python 2.7

2) Java version 1.7 +

3) sudo apt-get install lksctp-tools

4) Linux machine

To run use

5) cd SigPloit

6) sudo pip2 install -r requirements.txt

7) python sigploit.py

✅GIT 2020
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

General Trafc Manipulation Intro Previously we used Wireshark to capture network trafc. Passive snifng is usually easy but only useful to a degree. If the application was using TLS, we would have seen garbage after the TLS handshake . In these cases, Man-in-the-Middling (MitM-ing) the trafc with a proxy tool (e.g. Burp) is usually the way to go. But that introduces new challenges.
1. Redirecting the trafc to the proxy.

2. Masquerading as the server (e.g. make client accept our proxy's certicate instead of server).

3. Modifying packets.
I will need a lot of pages to talk about these and document what I have learned through the years. This is not the place for it.

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FREE CC & GIFT CARDS APPS 2020 :
-LIST 4

https://play.google.com/store/apps/details?id=com.shopkick.app

https://play.google.com/store/apps/details?id=com.receiptpalapp.android&hl=en_US

https://apps.apple.com/us/app/receipt-pal-earn-rewards/id732079889

https://play.google.com/store/apps/details?id=com.google.android.apps.paidtasks

https://play.google.com/store/apps/details?id=com.google.android.apps.paidtasks

https://www.microsoft.com/en-us/rewards

https://play.google.com/store/apps/details?id=com.google.android.apps.paidtasks

https://apps.apple.com/us/app/apptrailers/id469489347

https://play.google.com/store/apps/details?id=com.appredeem.apptrailers&hl=en_US

https://play.google.com/store/apps/details?id=com.appkarma.app

https://play.google.com/store/apps/details?id=com.appnana.android.giftcardrewards

https://play.google.com/store/apps/details?id=gift.wojingdaile

https://play.google.com/store/apps/details?id=com.appnana.android.giftcardrewards

https://play.google.com/store/apps/details?id=app.fortunebox

https://play.google.com/store/apps/details?id=gift.wallet.orion

U S E F O R L E A R N !!
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

LEARNING CRACKING WI-FI PASSWORD KEYS [ WEP/WPAWPA2)

https://mega.nz/folder/gRk1jQhR#spPFYVsQkWn2SjLKVxMlVw

SOME GOOD PENTESTING COURSE >

https://mygavilan-my.sharepoint.com/:f:/g/personal/kali_masi_my_gavilan_edu/EpnjkaMNMRdJvQQNQOOEt60BMX2XzvhotZ1Uy3ZXPRsteQ?e=PdnUeY

Detailed fresh Proxies List


https://pastebin.com/D7tvx0YB

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑VIRUS/MALWARES /PAYLOADS FREE CREATING TOOLS :

- [Methodology and Resources](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/)

- [Active Directory Attack.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Active%20Directory%20Attack.md)

- [Cloud - AWS Pentest.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Cloud%20-%20AWS%20Pentest.md)

- [Cloud - Azure Pentest.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Cloud%20-%20Azure%20Pentest.md)

- [Cobalt Strike - Cheatsheet.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Cobalt%20Strike%20-%20Cheatsheet.md)

- [Linux - Persistence.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Linux%20-%20Persistence.md)

- [Linux - Privilege Escalation.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Linux%20-%20Privilege%20Escalation.md)

- [Metasploit - Cheatsheet.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Metasploit%20-%20Cheatsheet.md)

- [Methodology and enumeration.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Methodology%20and%20enumeration.md)

- [Network Pivoting Techniques.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Network%20Pivoting%20Techniques.md)

- [Network Discovery.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Network%20Discovery.md)

- [Reverse Shell Cheatsheet.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md)

- [Subdomains Enumeration.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Subdomains%20Enumeration.md)

- [Windows - Download and Execute.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Download%20and%20Execute.md)

- [Windows - Mimikatz.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Mimikatz.md)

- [Windows - Persistence.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Persistence.md)

- [Windows - Post Exploitation Koadic.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Post%20Exploitation%20Koadic.md)

- [Windows - Privilege Escalation.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md)

- [Windows - Using credentials.md](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Using%20credentials.md)

- [CVE Exploits](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/CVE%20Exploits)


U S E F O R L E A R N !!
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁