▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑GPU-based Onion hash generator :

At a high level, Scallion works like this:

Generates RSA key using OpenSSL on the CPU

Sends a key to the GPU

Increases the public exponent of the key

Hashes the key

E fusion hashed key is not a partial collision, proceeds to step 3

If the key does not pass the health checks recommended by PKCS


DOWNLOAD:

https://github.com/lachesis/scallion/archive/gpg.zip

USAGE:

> $ mono scallion / bin / Debug / scallion.exe -d 0 prefix

Cooking up some delicious scallions ...
Using kernel optimized from file kernel.cl (Optimized4)
Using work group size 128
Compiling kernel ... done.
Testing SHA1 hash ...

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑NMAP BASIC COMMANDS :

function options can be used in combination. Some function options can only be used in a certain scan mode. Nmap will automatically identify invalid or unsupported function option combinations and issue a warning message to the user.
　　
> If you are an experienced user, you can skip the example section at the end. You can use nmap -h to quickly list the list of function options.

Scan type-
　　
1) sT
　　TCP connect() scan: This is the most basic TCP scan method. connect() is a system call provided by the operating system to open a connection. If the target port is monitored by a program, connect() will return successfully, otherwise the port is unreachable. The biggest advantage of this technology is that you don't need root privileges. Any UNIX user can freely use this system call. This type of scanning is easy to detect, and a large number of connection requests and error messages are recorded in the log of the target host.
　
2) 　-sS
　　TCP Synchronous Scanning (TCP SYN): Because it is not necessary to open all TCP connections, this technique is usually called half-open. You can send out a TCP synchronization packet (SYN) and wait for a response. If the other party returns a SYN|ACK (response) packet, it means that the target port is listening; if it returns a RST packet, it means that the target port has no listener; if it receives a SYN|ACK packet, the source host will immediately send a RST (reset) ) The data packet disconnects from the target host, which is actually done automatically by our operating system kernel. The biggest advantage of this technology is that few systems can record this in the system log. However, you need root privileges to customize SYN packets.
　
3) 　-sF -sF -sN
　　Secret FIN packet scan, Xmas Tree, Null scan mode: use it even if SYN scan cannot be determined. Some firewalls and packet filtering software can monitor SYN packets sent to restricted ports, and some programs such as synlogger and courtney can detect those scans.
>These advanced scanning methods can escape these interferences. The theoretical basis of these scanning methods is: closed ports need to respond to your probe packets with RST packets, and open ports m
> FIN scanning uses exposed FIN packets to detect, while Christmas tree scanning turns on the FIN, URG, and PUSH flags of the packets. Unfortunately, Microsoft decided to ignore this standard altogether and start anew. So this scanning method is invalid for Windows95/NT. However, from another perspective, you can use this method to distinguish two different platforms. If you can find open ports using this scanning method, you can be sure that the target is not running a Windows system. If scanning with -sF, -sX or -sN shows that all ports are closed, and scanning with SYN shows that there are open ports, you can be sure that the target host may be running a Windwos system. Now this method is not very useful, because nmap has a built-in operating system detection function. There are several other systems that use the same processing methods as windows, including Cisco, BSDI, HP/UX, MYS, and IRIX. When a data packet should be discarded, these systems all send out reset packets from the open ports.
　4) 　-sP
　　Ping scan: Sometimes you just want to know which hosts are running on the network at this time. By sending ICMP echo request packets to each IP address in the network you specify, nmap can accomplish this task. If the host is running, it will respond. Unfortunately, some sites such as: microsoft.com block ICMP echo request packets. However, by default, nmap can also send TCP ack packets to port 80. If you receive a RST packet, it means that the host is running. The third technique used by nmap is to send a SYN packet and then wait for a RST or SYN/ACK packet. For non-root users, nmap uses the connect() method.
　　By default (root user), nmap uses ICMP and ACK technologies in parallel.

Note that nmap will perform a ping scan under any circumstances, and only the target host is running before subsequent scans will be performed. This option is only used if you just want to know whether the target host is running, and do not want to perform other scans.
　　
5) -sU
　　UDP scanning: If you want to know which UDP (User Datagram Protocol, RFC768) services are provided on a certain host, you can use this scanning method. Nmap first sends a 0-byte UDP packet to each port of the target host. If we receive an ICMP message that the port is unreachable, the port is closed, otherwise we assume it is open.
　　Some people may think that UDP scanning is meaningless. However, I often think of the recent solaris rpcbind defect. rpcbind is hidden on an undisclosed UDP port, the port number is greater than 32770. So even if port 111 (the well-known port number of portmap) is blocked by the firewall, it matters. But can you find out which port greater than 30000 has a program listening? Use UDP scanning! The backdoor of cDc Back Orifice is hidden in a configurable UDP port on the Windows host

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

"10.SIGNAL SYSTEM_GATEACADEMY-2020"

https://drive.google.com/file/d/1D80h1FLcjV-4Co08kfuJFgKDV63hriZi/view?usp=sharing

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑TOP HACKING » WireSpy allows attackers to set up quick honeypots to carry out MITMAs. Monitoring and logging functionality is implemented in order to keep records of the victims' traffic/activities. Other tools can be used together with Wirespy to conduct more advanced attacks.

F E A T U R E S :

Capture victims' traffic.

MAC address spoofing.

Set-up honeypot and evil twin attacks.

Show the list of in range access points.

Wireless adapter|card|dongle power amplification.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) git clone https://github.com/aress31/wirespy.git

2) cd wirespy

3) $ chmod +x wirespy.sh

4) $ sudo ./wirespy.sh
Attacks:
eviltwin > launch an evil twin attack
honeypot > launch a rogue access point attack

Commands:
clear > clear the terminal
help > list available commands
quit|exit > exit the program
apscan > show all wireless access points nearby
leases > display DHCP leases
powerup > power wireless interface up (may cause issues)
start capture > start packet capture (tcpdump)
stop capture > stop packet capture (tcpdump)
status > show modules status


@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

ANALOG SYSTEM


https://drive.google.com/file/d/1M51jo4jz4ayat90UuspwOaOUTZbncCEU/view?usp=sharing

For Facbeook users, you can share link or anything related to hacking on facebook.com/groups/UndercodeTesting

Support & Share :

T.me/UndercodeSecurity

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FREE APPLICATIONS FOR DNS CHANGERS AND EDITORS :

https://f-droid.org/en/packages/io.github.otakuchiyan.dnsman/

https://play.google.com/store/apps/details?id=com.frostnerd.dnschanger

https://play.google.com/store/apps/details?id=net.mx17.overridedns

https://play.google.com/store/apps/details?id=com.okirat.dnsmanager.pro

https://play.google.com/store/apps/details?id=ua.com.streamsoft.pingtools&rdid=ua.com.streamsoft.pingtools

https://play.google.com/store/apps/details?id=com.cloudflare.onedotonedotonedotone

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

COMMUNICATION SYSTEM"

https://drive.google.com/file/d/1NW4HZ7NT0iAYPA6IG3fAerA6YdrLzXXJ/view?usp=sharing

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Netflix Downloader & Some good projects:

A) Authorization URL
n = NetflixAPI(api_key='*your app key*',
api_secret='*your app secret*',
callback_url='http://www.example.com/callback/')

auth_props = n.get_authentication_tokens()
auth_url = auth_props['auth_url']

#Store this token in a session or something for later use in the next step.
oauth_token_secret = auth_props['oauth_token_secret']

print 'Connect with Netflix via %s' % auth_url
Once you click “Allow” be sure that there is a URL set up to handle getting finalized tokens and possibly adding them to your database to use their information at a later date.

B) Handling the callback
# In Django, you'd do something like
# oauth_token = request.GET.get('oauth_verifier')
# oauth_verifier = request.GET.get('oauth_verifier')

oauth_token = *Grab oauth token from URL*
oauth_verifier = *Grab oauth verifier from URL*

#Initiate the NetflixAPI class in your callback.
n = NetflixAPI(api_key='*your app key*',
api_secret='*your app secret*',
oauth_token=oauth_token,
oauth_token_secret=session['netflix_session_keys'][ 'oauth_token_secret'])

authorized_tokens = n.get_auth_tokens(oauth_verifier)

final_oauth_token = authorized_tokens['oauth_token']
final_oauth_token_secret = authorized_tokens['oauth_token_secret']
final_user_id = authorized_tokens['user_id']
Save those tokens and user_id to the database for a later use?

Return a list of the users Instant Queue
n = NetflixAPI(api_key = '*your app key*',
api_secret = '*your app secret*',
oauth_token=final_tokens['oauth_token'],
oauth_token_secret=final_tokens['oauth_token_secret'])

instant_queue = n.get('users/*final_user_id*/queues/instant')
print instant_queue
Add Gabriel Iglesias: Hot and Fluffy to Instant Queue
# Assume you are using the same NetflixAPI instance as above
try:
add_to_queue = n.post('users/*final_user_id*/queues/instant', params={'title_ref': 'http://api.netflix.com/catalog/titles/movies/70072945'})

print add_to_queue

C) # You can also added "position" to the params to set where this media will be positioned on the users queue.
except NetflixAPIError:
# This returns the added item if successful.
# If it's already in the queue, it will return a NetflixAPIError, code 412
Remove Gabriel Iglesias: Hot and Fluffy to Instant Queue
# Assume you are using the same NetflixAPI instance as above
# When querying for the users Queue, when iterating over the Queue items
# you can use the 'id' for the next call. Where it says *final_user_id*
# that is automatically returned from the Netflix Instant Queue response.

del_from_queue = n.delete('http://api-public.netflix.com/users/*final_user_id*/queues/instant/available/2/70072945')

print del_from_queue

https://pypi.org/project/python-netflix/
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Free and Great:

https://github.com/wtsxDev/reverse-engineering

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FOR LINUX/TERMUX- NEW UPDATES subdomain enumerator;
F E A T U R E S :

Subdomains monitoring: put data to Discord, Slack or Telegram webhooks. See Subdomains Monitoring for more information.

Multi-thread support for API querying, it makes that the maximun time that Findomain will take to search subdomains for any target is 15 seconds (in case of API's timeout).

Parallel support for subdomains resolution, in good network conditions can resolv about 3.5k of subdomains per minute.
DNS over TLS support.

Specific IPv4 or IPv6 query support.

Discover subdomains without brute-force, it tool uses Certificate Transparency Logs and APIs.

Discover only resolved subdomains.

Discover subdomains IP for data analysis.

Read target from user argument (-t) or file (-f).

Write to one unique output file specified by the user all or only
resolved subdomains.

Write results to automatically named TXT output file(s).

Hability to query directly the Findomain database created with Subdomains Monitoring for previous discovered subdomains.

Hability to import and work data discovered by other tools.

Quiet mode to run it silently.

Cross platform support: Any platform, it's written in Rust and Rust is multiplatform. See the documentation for instructions.
Multiple API support.

Possibility to use as subdomain resolver.

Subdomain wildcard detection for accurate results.

Support for subdomain discover using bruteforce method.

Support for configuration file in TOML, JSON, HJSON, INI or YAML
format.

Custom DNS IP addresses for fast subdomains resolving (more than 60 per second by default, adjustable using the --threads option.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) $ git clone https://github.com/Edu4rdSHL/findomain.git -b develop # Only the develop branch is needed

2) $ cd findomain

3) $ cargo build --release

4) $ ./target/release/findomain
To update the repository when new commits are added, just go to the folder where Findomain's develop branch was cloned and excute:

5) $ git pull

6) $ cargo build --release

7) $ ./target/release/findomain

@UndercodeTesting
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

CONTROL SYSTEM_GATEACADEMY-2020"

https://drive.google.com/file/d/1Trr0s-0OKxaxjvWxGQDBJ7WFpfvzJSoA/view?usp=sharing

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑The use of identity-based password technology for email encryption :

> In order to simplify the key management problem of the traditional public key cryptosystem, in 1984, A. Shamir, an Israeli scientist and one of the inventors of the well-known RSA system, proposed the idea of ​​identity-based cryptography: the user’s public identity information (such as e-mail addresses) , IP address, name..., etc.) as the user's public key, and the user's private key is generated by a trusted center called the private key generator.

> In the following two decades, the design of identity-based cryptosystems has become a hot research field in cryptography.

> At present, this method is the most promising way to realize large-scale email encryption applications. The more representative domestic system is Saiman Mail Angel System.

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

TONS OF HACKERS BOOKS:

http://index-of.es/

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑how do you intercept traffic?
How to position and set up listening equipment?

I propose to consider options for the location (connection) of equipment for sniffing in a switched environment (we will consider intercepting a wi-fi channel in the next article).
The most convenient way is to install a sniffer directly on the listening host of interest to us.

However, some of the traffic that is very useful for research, but not intended for the end device, will be discarded by the network interface and not sent for processing to the system, and therefore we will not be able to capture this traffic for further research. This traffic includes broadcast traffic within the operation of the switch.

For example, an ARP request that hosts use to determine the MAC address that corresponds to a specific IP address.

1) Knowing the IP, we send an ARP request in order to match the IP-MAC to all devices within the broadcast domain.

2) However, only the target host is “interested” in receiving such a request; other hosts, as mentioned above, will discard the specified packet.

For clarity, using the Cisco Packet racer, consider how a host with IP address 192.168.1.2 sends an ARP request to host 192.168.1.4.

3) Having previously checked that there are no ARP entries on 192.168.1.2 from the word at all with the command arp -a (you can delete them using arp -d), we execute the ping command on 192.168.1.4.

4) Since we do not know the MAC address, we first send an ARP request. The request comes to the switch (cisco 2960), then it is sent to all hosts connected to the switch. After that, host 192.168.1.3 discards the specified one, and 192.168.1.4 responds accordingly.

5) In order to capture all incoming traffic on 192.168.1.3, you need to enable mixed mode of operation on the network interface . The software components Aircrack-ng, Wireshark, tcp dump, etc. allow you to do this.

6) When it is not possible to place a traffic analyzer on the target host , a hub can help .

In this case, the host under investigation and the traffic analyzer in the same switched network segment are connected to the same hub.

As a result, all incoming and outgoing packets will pass through all ports of the hub.

7) For example, by sending packets from Host1 to Host2, Hub0 will send them to both the Host2 under investigation and the Sniffer packet sniffer.

Dropping packets by the Sniffer in the picture is due to the disabled mixed mode of the network adapter

8) Port mirroring remains the most popular way to intercept traffic .

To implement this method, the switch must be manageable, and also have physical or via a remote ssh / Web interface access to it.

The point is that the incoming and outgoing traffic of the device connected to the switch port is mirrored to another switch port where the traffic analyzer is connected.

9) So, having connected, we configure the Cisco 2960 switch to mirror traffic on the fastEthernet 0/1 and fastEthernet 0/2 ports where host1 and host2 are connected, respectively:

Switch> enable
Switch # conf terminal
Switch (config) #monitor session 1 source interface fastEthernet 0/1
Switch (config) #monitor session 1 source interface fastEthernet 0/2
And the port to which the traffic will be mirrored, where the packet analyzer is connected:

Switch (config) #monitor session 1 destination interface f0 / 24
Let's check:

Switch # show monitor

don't clone our tutorials :)
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁