Forwarded from WEB UNDERCODE - PRIVATE
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Garmin Connect service goes offline after being attacked by ransomware
> The company where the Garmin map and navigation service is located was attacked by ransomware. The attacker encrypted the smart watch manufacturerβs internal server and forced it to shut down the call center, website and Garmin Connect service. Almost all Garmin map users Rely on the service to synchronize their activities via mobile apps.
π¦Garmin Connect service goes offline after being attacked by ransomware
> The company where the Garmin map and navigation service is located was attacked by ransomware. The attacker encrypted the smart watch manufacturerβs internal server and forced it to shut down the call center, website and Garmin Connect service. Almost all Garmin map users Rely on the service to synchronize their activities via mobile apps.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 multimon-ng is the successor of multimon. It decodes the following digital transmission modes:
Linux-Termux
-POCSAG512 POCSAG1200 POCSAG2400
-FLEX
-EAS
-UFSK1200 CLIPFSK AFSK1200 AFSK2400 AFSK2400_2 AFSK2400_3
HAPN4800
-FSK9600
-DTMF
-ZVEI1 ZVEI2 ZVEI3 DZVEI PZVEI
-EEA EIA CCIR
-MORSE CW
-X10
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/EliasOenal/multimon-ng.git
2οΈβ£mkdir build
3οΈβ£cd build
4οΈβ£qmake ../multimon-ng.pro
5οΈβ£make
6οΈβ£sudo make install
7οΈβ£the installation prefix can be set by passing a 'PREFIX' parameter to qmake. e.g: qmake multimon-ng.pro PREFIX=/usr/local
8οΈβ£So far multimon-ng has been successfully built on Arch Linux, Debian, Gentoo, Kali Linux, Ubuntu, OS X, Windows and FreeBSD. (On Windows using the Qt-MinGW build environment, as well as Cygwin and VisualStudio/MSVC)
> Files can be easily converted into multimon-ng's native raw format using sox. e.g: sox -t wav pocsag_short.wav -esigned-integer -b16 -r 22050 -t raw pocsag_short.raw GNURadio can also generate the format using the file sink in input mode short.
>You can also "pipe" raw samples into multimon-ng using something like sox -t wav pocsag_short.wav -esigned-integer -b16 -r 22050 -t raw - | ./multimon-ng - (note the trailing dash)
9οΈβ£As a last example, here is how you can use it in combination with RTL-SDR: rtl_fm -f 403600000 -s 22050 | multimon-ng -t raw -a FMSFSK -a AFSK1200 /dev/stdin
> Packaging
πqmake multimon-ng.pro PREFIX=/usr/local
> make
> make install INSTALL_ROOT=/
β git 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦2020 multimon-ng is the successor of multimon. It decodes the following digital transmission modes:
Linux-Termux
-POCSAG512 POCSAG1200 POCSAG2400
-FLEX
-EAS
-UFSK1200 CLIPFSK AFSK1200 AFSK2400 AFSK2400_2 AFSK2400_3
HAPN4800
-FSK9600
-DTMF
-ZVEI1 ZVEI2 ZVEI3 DZVEI PZVEI
-EEA EIA CCIR
-MORSE CW
-X10
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/EliasOenal/multimon-ng.git
2οΈβ£mkdir build
3οΈβ£cd build
4οΈβ£qmake ../multimon-ng.pro
5οΈβ£make
6οΈβ£sudo make install
7οΈβ£the installation prefix can be set by passing a 'PREFIX' parameter to qmake. e.g: qmake multimon-ng.pro PREFIX=/usr/local
8οΈβ£So far multimon-ng has been successfully built on Arch Linux, Debian, Gentoo, Kali Linux, Ubuntu, OS X, Windows and FreeBSD. (On Windows using the Qt-MinGW build environment, as well as Cygwin and VisualStudio/MSVC)
> Files can be easily converted into multimon-ng's native raw format using sox. e.g: sox -t wav pocsag_short.wav -esigned-integer -b16 -r 22050 -t raw pocsag_short.raw GNURadio can also generate the format using the file sink in input mode short.
>You can also "pipe" raw samples into multimon-ng using something like sox -t wav pocsag_short.wav -esigned-integer -b16 -r 22050 -t raw - | ./multimon-ng - (note the trailing dash)
9οΈβ£As a last example, here is how you can use it in combination with RTL-SDR: rtl_fm -f 403600000 -s 22050 | multimon-ng -t raw -a FMSFSK -a AFSK1200 /dev/stdin
> Packaging
πqmake multimon-ng.pro PREFIX=/usr/local
> make
> make install INSTALL_ROOT=/
β git 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - EliasOenal/multimon-ng
Contribute to EliasOenal/multimon-ng development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦bs2.dll manual deletion method
Bs3.dll is related to the BookedSpace adware, used to display
pop-up advertisement.
These instructions is related for bs2.dll, bs3.dll and rem00001.dll
#####
# Instructions:
#####
1. Click start, choose'run'
2. Type'cmd'-You should now have a DOS-commando window open.
3. Type cd "%WinDir%\System"
4. regsvr32 /u "..\rem00001.dll "
5. regsvr32 /u "..\bs2.dll"
6. regsvr32 /u "..\bs3.dll"
7. Click start, choose'run '
8. Type'regedit '
9. Find the key
HKEY_LOCAL_MACHINE\Software \Microsoft\Windows\CurrentVersion\Run
and delete the entry'BookedSpace' (BS2 variant) or'Bsx3' (BS3 variant).
10. Reboot your computer
11. Delete the'rem00001.dll','bs2.dll' or ' bs3.dll' file in the Windows folder.
12. Click start, choose'run' 13. Type'regedit
'
14. delete the key
HKEY_LOCAL_MACHINE\Software\Remanent or HKEY_LOCAL_MACHINE_Software\BookedSpace
WRITTEN BY UNDERCODE
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦bs2.dll manual deletion method
Bs3.dll is related to the BookedSpace adware, used to display
pop-up advertisement.
These instructions is related for bs2.dll, bs3.dll and rem00001.dll
#####
# Instructions:
#####
1. Click start, choose'run'
2. Type'cmd'-You should now have a DOS-commando window open.
3. Type cd "%WinDir%\System"
4. regsvr32 /u "..\rem00001.dll "
5. regsvr32 /u "..\bs2.dll"
6. regsvr32 /u "..\bs3.dll"
7. Click start, choose'run '
8. Type'regedit '
9. Find the key
HKEY_LOCAL_MACHINE\Software \Microsoft\Windows\CurrentVersion\Run
and delete the entry'BookedSpace' (BS2 variant) or'Bsx3' (BS3 variant).
10. Reboot your computer
11. Delete the'rem00001.dll','bs2.dll' or ' bs3.dll' file in the Windows folder.
12. Click start, choose'run' 13. Type'regedit
'
14. delete the key
HKEY_LOCAL_MACHINE\Software\Remanent or HKEY_LOCAL_MACHINE_Software\BookedSpace
WRITTEN BY UNDERCODE
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Comparison of Petya and WannaCry virus
1) Encrypted target file type
Petya encrypts fewer file types than WannaCry.
There are 65 file types encrypted by Petya and 178 file types with WannaCry, but common file types are already included.
2) Pay the ransom
Petya needs to pay 300 US dollars and WannaCry needs to pay 600 US dollars.
> Are cloud users affected?
As of press time, no affected users have been found on the cloud.
In the early morning of June 28, Alibaba Cloud issued an announcement warning.
3) Three, analysis of the spread of ransomware
The Petya ransomware worm spreads through Windows vulnerabilities and infects other computers in the local area network. After the computer is infected with the Petya ransomware virus, certain types of files will be encrypted, causing the computer to fail to operate normally.
> Alibaba Cloud security experts have discovered that Petya ransomware mainly moves laterally through the Windows protocol in the intranet system.
> Mainly through the Windows management system structure (Microsoft Windows Management Instrumentation), and PSEXEC (SMB protocol) for diffusion.
> As of now, there are only 3.39 bitcoins (1 bitcoin = 2459 U.S. dollars) in the hacker's bitcoin account (1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX) and 33 transactions, indicating that users have paid the ransom.
WRITTEN BY UNDERCODE
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Comparison of Petya and WannaCry virus
1) Encrypted target file type
Petya encrypts fewer file types than WannaCry.
There are 65 file types encrypted by Petya and 178 file types with WannaCry, but common file types are already included.
2) Pay the ransom
Petya needs to pay 300 US dollars and WannaCry needs to pay 600 US dollars.
> Are cloud users affected?
As of press time, no affected users have been found on the cloud.
In the early morning of June 28, Alibaba Cloud issued an announcement warning.
3) Three, analysis of the spread of ransomware
The Petya ransomware worm spreads through Windows vulnerabilities and infects other computers in the local area network. After the computer is infected with the Petya ransomware virus, certain types of files will be encrypted, causing the computer to fail to operate normally.
> Alibaba Cloud security experts have discovered that Petya ransomware mainly moves laterally through the Windows protocol in the intranet system.
> Mainly through the Windows management system structure (Microsoft Windows Management Instrumentation), and PSEXEC (SMB protocol) for diffusion.
> As of now, there are only 3.39 bitcoins (1 bitcoin = 2459 U.S. dollars) in the hacker's bitcoin account (1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX) and 33 transactions, indicating that users have paid the ransom.
WRITTEN BY UNDERCODE
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Interesting Hacking tutorials & tools :
https://code.google.com/p/pentest-bookmarks/wiki/BookmarksList
http://resources.infosecinstitute.com/creating-undetectable-custom-ssh-backdoor-python-z/
https://blog.netspi.com/netspis-top-cracked-passwords-for-2014/
https://github.com/SpiderLabs/Responder
http://windowssecrets.com/top-story/
http://resources.infosecinstitute.com/in-depth-seh-exploit-
writing-tutorial-using-ollydbg/
https://www.corelan.be/index.php/2009/09/05/exploit-writing-tutorial-part-5-how-debugger-modules-plugins-can-speed-up-
basic-exploit-development/
http://jbremer.org/mona-101-a-global-samsung-dll/
http://sgros-students.blogspot.sg/2014/09/immunity-debugger-basics-part-1.html
http://sgros-students.blogspot.sg/2014/09/immunity-debugger-basics-part-2.html
http://blog.cobaltstrike.com/2014/03/20/user-account-control-what-penetration-testers-should-know/
http://www.pretentiousname.com/misc/win7_uac_whitelist2.html
http://www.pretentiousname.com/misc/W7E_Source/win7_uac_poc_details.html
http://withinwindows.com/2009/02/05/list-of-windows-7-beta-build-7000-auto-elevated-binaries/
https://www.exploit-db.com/bypassing-uac-with-user-privilege-under-windows-vista7-mirror/
http://security.stackexchange.com/questions/54324/should-i-worry-about-this-uac-bypass-exploit-for-windows-7
http://www.primalsecurity.net/0x8-exploit-tutorial-the-elusive-egghunter/
http://hackerforhire.com.au/
http://n01g3l.tumblr.com/
http://veneetbhardwaj.blogspot.sg/
http://nethekk.blogspot.sg/2014/01/slmail-exploit.html
https://github.com/samratashok/nishang
http://j3rge.blogspot.sg/
https://twitter.com/ithurricanept
https://github.com/hfiref0x
http://www.pretentiousname.com/misc/
win7_uac_whitelist2.html
https://zdresearch.com/internet-explorer-version-detect-rop-genration/
http://www.justanotherhacker.com/2011/12/writing-a-stealth-web-shell.html
http://woshub.com/how-to-extract-windows-user-passwords-from-hiberfil-sys/
http://rycon.hu/papers/goldenticket.html
http://www.beneaththewaves.net/Projects/Mimikatz_20_-
_Golden_Ticket_Walkthrough.html
β git 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Interesting Hacking tutorials & tools :
https://code.google.com/p/pentest-bookmarks/wiki/BookmarksList
http://resources.infosecinstitute.com/creating-undetectable-custom-ssh-backdoor-python-z/
https://blog.netspi.com/netspis-top-cracked-passwords-for-2014/
https://github.com/SpiderLabs/Responder
http://windowssecrets.com/top-story/
http://resources.infosecinstitute.com/in-depth-seh-exploit-
writing-tutorial-using-ollydbg/
https://www.corelan.be/index.php/2009/09/05/exploit-writing-tutorial-part-5-how-debugger-modules-plugins-can-speed-up-
basic-exploit-development/
http://jbremer.org/mona-101-a-global-samsung-dll/
http://sgros-students.blogspot.sg/2014/09/immunity-debugger-basics-part-1.html
http://sgros-students.blogspot.sg/2014/09/immunity-debugger-basics-part-2.html
http://blog.cobaltstrike.com/2014/03/20/user-account-control-what-penetration-testers-should-know/
http://www.pretentiousname.com/misc/win7_uac_whitelist2.html
http://www.pretentiousname.com/misc/W7E_Source/win7_uac_poc_details.html
http://withinwindows.com/2009/02/05/list-of-windows-7-beta-build-7000-auto-elevated-binaries/
https://www.exploit-db.com/bypassing-uac-with-user-privilege-under-windows-vista7-mirror/
http://security.stackexchange.com/questions/54324/should-i-worry-about-this-uac-bypass-exploit-for-windows-7
http://www.primalsecurity.net/0x8-exploit-tutorial-the-elusive-egghunter/
http://hackerforhire.com.au/
http://n01g3l.tumblr.com/
http://veneetbhardwaj.blogspot.sg/
http://nethekk.blogspot.sg/2014/01/slmail-exploit.html
https://github.com/samratashok/nishang
http://j3rge.blogspot.sg/
https://twitter.com/ithurricanept
https://github.com/hfiref0x
http://www.pretentiousname.com/misc/
win7_uac_whitelist2.html
https://zdresearch.com/internet-explorer-version-detect-rop-genration/
http://www.justanotherhacker.com/2011/12/writing-a-stealth-web-shell.html
http://woshub.com/how-to-extract-windows-user-passwords-from-hiberfil-sys/
http://rycon.hu/papers/goldenticket.html
http://www.beneaththewaves.net/Projects/Mimikatz_20_-
_Golden_Ticket_Walkthrough.html
β git 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
Infosec Resources
Creating an Undetectable Custom SSH Backdoor in Python [A β Z]
Introduction During penetration testing, sometimes you get stuck with a secure environment where all the servers and end-clients are fully patched,
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Privilege Escalation new tutorials :
http://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
https://blog.netspi.com/windows-privilege-escalation-part-1-local-administrator-privileges/
https://blog.netspi.com/windows-privilege-escalation-part-2-domain-admin-privileges/
http://www.fuzzysecurity.com/tutorials/16.html
https://www.youtube.com/watch?v=kMG8IsCohHA
http://www.greyhathacker.net/?p=738
http://harmj0y.net
http://www.tarasco.org/
β git 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Privilege Escalation new tutorials :
http://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/
https://blog.netspi.com/windows-privilege-escalation-part-1-local-administrator-privileges/
https://blog.netspi.com/windows-privilege-escalation-part-2-domain-admin-privileges/
http://www.fuzzysecurity.com/tutorials/16.html
https://www.youtube.com/watch?v=kMG8IsCohHA
http://www.greyhathacker.net/?p=738
http://harmj0y.net
http://www.tarasco.org/
β git 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
G0Tmi1K
Basic Linux Privilege Escalation - g0tmi1k
Before starting, I would like to point out - I'm no expert. As far as I know, there isn't a
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ROP: ASLR and DEP/NX:
https://www.trustwave.com/Resources/SpiderLabs-Blog/Baby-s-first-NX-ASLR-bypass/
http://security.stackexchange.com/questions/20497/stack-overflows-defeating-canaries-aslr-dep-nx
http://en.wikipedia.org/wiki/Return-oriented_programming
http://www.mastropaolo.com/2005/06/04/buffer-overflow-
attacks-bypassing-dep-nxxd-bits-part-1/
https://samsclass.info/127/proj/rop.htm
http://nicholas.carlini.com/papers/2014_usenix_ropattacks.pdf
https://ctf-team.vulnhub.com/picoctf-2014-hardcore-rop/
β git 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦ROP: ASLR and DEP/NX:
https://www.trustwave.com/Resources/SpiderLabs-Blog/Baby-s-first-NX-ASLR-bypass/
http://security.stackexchange.com/questions/20497/stack-overflows-defeating-canaries-aslr-dep-nx
http://en.wikipedia.org/wiki/Return-oriented_programming
http://www.mastropaolo.com/2005/06/04/buffer-overflow-
attacks-bypassing-dep-nxxd-bits-part-1/
https://samsclass.info/127/proj/rop.htm
http://nicholas.carlini.com/papers/2014_usenix_ropattacks.pdf
https://ctf-team.vulnhub.com/picoctf-2014-hardcore-rop/
β git 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
Trustwave
Baby's first NX+ASLR bypass
Recently, I've been trying to improve my skills with regards to exploiting memory corruption flaws. While I've done some work in the past with exploiting basic buffer overflows, format string issues, etc., I'd only done the most basic work in...
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Shell codes:
http://www.secdev.org/projects/shellforge/
https://www.corelan.be/index.php/2010/02/25/exploit-writing-tutorial-part-9-introduction-to-win32-shellcoding/
http://www.leidecker.info/downloads/index.shtml#shells
https://github.com/dotcppfile/Serbot
http://shell-storm.org/shellcode/
http://bernardodamele.blogspot.sg/2011/09/reverse-shells-one-liners.html
β git 2020
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Shell codes:
http://www.secdev.org/projects/shellforge/
https://www.corelan.be/index.php/2010/02/25/exploit-writing-tutorial-part-9-introduction-to-win32-shellcoding/
http://www.leidecker.info/downloads/index.shtml#shells
https://github.com/dotcppfile/Serbot
http://shell-storm.org/shellcode/
http://bernardodamele.blogspot.sg/2011/09/reverse-shells-one-liners.html
β git 2020
β β β Uππ»βΊπ«Δπ¬πβ β β β
Corelan Team
Exploit writing tutorial part 9 : Introduction to Win32 shellcoding | Corelan Cybersecurity Research
Over the last couple of months, I have written a set of tutorials about building exploits that target the Windows stack. One of the primary goals of anyone writing an exploit is to modify the normal execution flow of the application and trigger the applicationβ¦
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Exploit Development topic tools :
https://github.com/SaltwaterC/sploit-tools
https://github.com/r41p41/snippets
https://zdresearch.com/internet-explorer-version-detect-rop-genration/
https://github.com/byt3bl33d3r/MITMf
https://www.qualys.com/research/top10/2014/07/
β git 2020
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Exploit Development topic tools :
https://github.com/SaltwaterC/sploit-tools
https://github.com/r41p41/snippets
https://zdresearch.com/internet-explorer-version-detect-rop-genration/
https://github.com/byt3bl33d3r/MITMf
https://www.qualys.com/research/top10/2014/07/
β git 2020
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - SaltwaterC/sploit-tools: My own tools for easing the task of pentesting / exploit writing
My own tools for easing the task of pentesting / exploit writing - GitHub - SaltwaterC/sploit-tools: My own tools for easing the task of pentesting / exploit writing
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦LIST OF HACKING BLOG/TUTORIALS :
https://scriptkidd1e.wordpress.com/oscp-journey/
http://www.securitysift.com/offsec-pwb-oscp/
http://ch3rn0byl.com/down-with-oscp-yea-you-know-me/
http://www.techexams.net/forums/security-certifications/110760-oscp-jollyfrogs-tale.html
http://hackingandsecurity.blogspot.com
Http://carnal0wnage.blogspot.com/
Http://www.mcgrewsecurity.com/
Http://www.gnucitizen.org/blog/
Http://www.darknet.org.uk/
Http://spylogic.net/
Http://taosecurity.blogspot.com/
Http://www.room362.com/
Http://blog.sipvicious.org/
Http://blog.portswigger.net/
Http://pentestmonkey.net/blog/
Http://jeremiahgrossman.blogspot.com/
Http://i8jesus.com/
Http://blog.c22.cc/
Http://www.skullsecurity.org/blog/
Http://blog.metasploit.com/
Http://www.darkoperator.com/
Http://blog.skeptikal.org/
Http://preachsecurity.blogspot.com/
Http://www.tssci-security.com/
Http://www.gdssecurity.com/l/b/
Http://websec.wordpress.com/
Http://bernardodamele.blogspot.com/
Http://laramies.blogspot.com/
Http://www.spylogic.net/
Http://blog.andlabs.org/
Http://xs-sniper.com/blog/
Http://www.commonexploits.com/
Http://www.sensepost.com/blog/
Http://wepma.blogspot.com/
Http://exploit.co.il/
Http://securityreliks.wordpress.com/
Http://www.madirish.net/index.html
Http://sirdarckcat.blogspot.com/
Http://reusablesec.blogspot.com/
Http://myne-us.blogspot.com/
Http://www.notsosecure.com/
Http://blog.spiderlabs.com/
Http://www.corelan.be/
Http://www.digininja.org/
Http://www.pauldotcom.com/
Http://www.attackvector.org/
Http://deviating.net/
Http://www.alphaonelabs.com/
Http://www.smashingpasswords.com/
Http://wirewatcher.wordpress.com/
Http://gynvael.coldwind.pl/
Http://www.nullthreat.net/
Http://www.question-defense.com/
Http://archangelamael.blogspot.com/
Http://memset.wordpress.com/
Http://sickness.tor.hu/
Http://punter-infosec.com/
Http://www.securityninja.co.uk/
Http://securityandrisk.blogspot.com/
Http://esploit.blogspot.com/
Http://www.pentestit.com/
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦LIST OF HACKING BLOG/TUTORIALS :
https://scriptkidd1e.wordpress.com/oscp-journey/
http://www.securitysift.com/offsec-pwb-oscp/
http://ch3rn0byl.com/down-with-oscp-yea-you-know-me/
http://www.techexams.net/forums/security-certifications/110760-oscp-jollyfrogs-tale.html
http://hackingandsecurity.blogspot.com
Http://carnal0wnage.blogspot.com/
Http://www.mcgrewsecurity.com/
Http://www.gnucitizen.org/blog/
Http://www.darknet.org.uk/
Http://spylogic.net/
Http://taosecurity.blogspot.com/
Http://www.room362.com/
Http://blog.sipvicious.org/
Http://blog.portswigger.net/
Http://pentestmonkey.net/blog/
Http://jeremiahgrossman.blogspot.com/
Http://i8jesus.com/
Http://blog.c22.cc/
Http://www.skullsecurity.org/blog/
Http://blog.metasploit.com/
Http://www.darkoperator.com/
Http://blog.skeptikal.org/
Http://preachsecurity.blogspot.com/
Http://www.tssci-security.com/
Http://www.gdssecurity.com/l/b/
Http://websec.wordpress.com/
Http://bernardodamele.blogspot.com/
Http://laramies.blogspot.com/
Http://www.spylogic.net/
Http://blog.andlabs.org/
Http://xs-sniper.com/blog/
Http://www.commonexploits.com/
Http://www.sensepost.com/blog/
Http://wepma.blogspot.com/
Http://exploit.co.il/
Http://securityreliks.wordpress.com/
Http://www.madirish.net/index.html
Http://sirdarckcat.blogspot.com/
Http://reusablesec.blogspot.com/
Http://myne-us.blogspot.com/
Http://www.notsosecure.com/
Http://blog.spiderlabs.com/
Http://www.corelan.be/
Http://www.digininja.org/
Http://www.pauldotcom.com/
Http://www.attackvector.org/
Http://deviating.net/
Http://www.alphaonelabs.com/
Http://www.smashingpasswords.com/
Http://wirewatcher.wordpress.com/
Http://gynvael.coldwind.pl/
Http://www.nullthreat.net/
Http://www.question-defense.com/
Http://archangelamael.blogspot.com/
Http://memset.wordpress.com/
Http://sickness.tor.hu/
Http://punter-infosec.com/
Http://www.securityninja.co.uk/
Http://securityandrisk.blogspot.com/
Http://esploit.blogspot.com/
Http://www.pentestit.com/
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β Uππ»βΊπ«Δπ¬πβ β β β
scriptkidd1e
OSCP Journey
Update: I am currently slowly migrating my site content to a YouTube channel and will be posting new video content to the YouTube channel regularly instead! Thank you! β Introduction β β¦
How to bypass AMSI and execute ANY malicious Powershell code.pdf
398 KB
Full How to bypass AMSI and execute ANY malicious Powershell code
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Some hacking forums :
Http://sla.ckers.org/forum/index.php
Http://www.ethicalhacker.net/
Http://www.backtrack-linux.org/forums/
Http://www.elitehackers.info/forums/
Http://www.hackthissite.org/forums/index.php
Http://securityoverride.com/forum/index.php
Http://www.iexploit.org/
Http://bright-shadows.net/
Http://www.governmentsecurity.org/forum/
Http://forum.intern0t.net/
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Some hacking forums :
Http://sla.ckers.org/forum/index.php
Http://www.ethicalhacker.net/
Http://www.backtrack-linux.org/forums/
Http://www.elitehackers.info/forums/
Http://www.hackthissite.org/forums/index.php
Http://securityoverride.com/forum/index.php
Http://www.iexploit.org/
Http://bright-shadows.net/
Http://www.governmentsecurity.org/forum/
Http://forum.intern0t.net/
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦DORKS/CVE & MORE :
Http://uptime.netcraft.com/
Http://www.serversniff.net/
Http://www.domaintools.com/
Http://centralops.net/co/
Http://hackerfantastic.com/
Http://whois.webhosting.info/
Https://www.ssllabs.com/ssldb/analyze.html
Http://www.clez.net/
Http://www.my-ip-neighbors.com/
Http://www.shodanhq.com/
Http://www.exploit-db.com/google-dorks/
Http://www.hackersforcharity.org/ghdb/
EXPLOITS AND ADVISORIES
Http://www.exploit-db.com/
Http://www.cvedetails.com/
Http://www.packetstormsecurity.org/
http://www.securityforest.com/wiki/index.php/Main_Page
Http://www.securityfocus.com/bid
Http://nvd.nist.gov/
Http://osvdb.org/
http://www.nullbyte.org.il/Index.html
Http://secdocs.lonerunners.net/
http://www.phenoelit-us.org/whatSAP/index.html
Http://secunia.com/
Http://cve.mitre.org/
CHEATSHEETS AND SYNTAX
Http://www.cheat-sheets.org/
Http://blog.securitymonks.com/2009/08/15/whats-in-your-folder-security-cheat-sheets/
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦DORKS/CVE & MORE :
Http://uptime.netcraft.com/
Http://www.serversniff.net/
Http://www.domaintools.com/
Http://centralops.net/co/
Http://hackerfantastic.com/
Http://whois.webhosting.info/
Https://www.ssllabs.com/ssldb/analyze.html
Http://www.clez.net/
Http://www.my-ip-neighbors.com/
Http://www.shodanhq.com/
Http://www.exploit-db.com/google-dorks/
Http://www.hackersforcharity.org/ghdb/
EXPLOITS AND ADVISORIES
Http://www.exploit-db.com/
Http://www.cvedetails.com/
Http://www.packetstormsecurity.org/
http://www.securityforest.com/wiki/index.php/Main_Page
Http://www.securityfocus.com/bid
Http://nvd.nist.gov/
Http://osvdb.org/
http://www.nullbyte.org.il/Index.html
Http://secdocs.lonerunners.net/
http://www.phenoelit-us.org/whatSAP/index.html
Http://secunia.com/
Http://cve.mitre.org/
CHEATSHEETS AND SYNTAX
Http://www.cheat-sheets.org/
Http://blog.securitymonks.com/2009/08/15/whats-in-your-folder-security-cheat-sheets/
β β β Uππ»βΊπ«Δπ¬πβ β β β
DomainTools | Start Here. Know Now.
DomainTools - The first place to go when you need to know.
DomainTools is the global leader in Internet intelligence. Learn how our products and data are fundamental to best-in-class security programs.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦why do hackers threaten router DNS?
1) The DNS location of the router can be tampered with after the router is hijacked, so that the user's upper homepage can be controlled, so that it can actively jump and pull out the pop-up window to advertise and other fees and traffic charges;
2) After the router is hijacked, it can monitor the application status of users connected to the wireless network, so as to steal user account information, especially bank account information;
3) When the user reads the webpage, he should actively jump and close the link that has the Trojan horse virus implanted. The user should be recruited to stop ordering or hacking;
WRITTEN BY UNDERCODE
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦why do hackers threaten router DNS?
1) The DNS location of the router can be tampered with after the router is hijacked, so that the user's upper homepage can be controlled, so that it can actively jump and pull out the pop-up window to advertise and other fees and traffic charges;
2) After the router is hijacked, it can monitor the application status of users connected to the wireless network, so as to steal user account information, especially bank account information;
3) When the user reads the webpage, he should actively jump and close the link that has the Trojan horse virus implanted. The user should be recruited to stop ordering or hacking;
WRITTEN BY UNDERCODE
β β β Uππ»βΊπ«Δπ¬πβ β β β