▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Privilege Escalation new tutorials :

http://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/

https://blog.netspi.com/windows-privilege-escalation-part-1-local-administrator-privileges/

https://blog.netspi.com/windows-privilege-escalation-part-2-domain-admin-privileges/

http://www.fuzzysecurity.com/tutorials/16.html

https://www.youtube.com/watch?v=kMG8IsCohHA

http://www.greyhathacker.net/?p=738

http://harmj0y.net

http://www.tarasco.org/

✅git 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑ROP: ASLR and DEP/NX:

https://www.trustwave.com/Resources/SpiderLabs-Blog/Baby-s-first-NX-ASLR-bypass/

http://security.stackexchange.com/questions/20497/stack-overflows-defeating-canaries-aslr-dep-nx

http://en.wikipedia.org/wiki/Return-oriented_programming

http://www.mastropaolo.com/2005/06/04/buffer-overflow-
attacks-bypassing-dep-nxxd-bits-part-1/

https://samsclass.info/127/proj/rop.htm

http://nicholas.carlini.com/papers/2014_usenix_ropattacks.pdf

https://ctf-team.vulnhub.com/picoctf-2014-hardcore-rop/

✅git 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Shell codes:

http://www.secdev.org/projects/shellforge/

https://www.corelan.be/index.php/2010/02/25/exploit-writing-tutorial-part-9-introduction-to-win32-shellcoding/

http://www.leidecker.info/downloads/index.shtml#shells

https://github.com/dotcppfile/Serbot

http://shell-storm.org/shellcode/

http://bernardodamele.blogspot.sg/2011/09/reverse-shells-one-liners.html


✅git 2020
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Exploit Development topic tools :


https://github.com/SaltwaterC/sploit-tools

https://github.com/r41p41/snippets

https://zdresearch.com/internet-explorer-version-detect-rop-genration/

https://github.com/byt3bl33d3r/MITMf

https://www.qualys.com/research/top10/2014/07/

✅git 2020
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

for you :)

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑LIST OF HACKING BLOG/TUTORIALS :

https://scriptkidd1e.wordpress.com/oscp-journey/
http://www.securitysift.com/offsec-pwb-oscp/
http://ch3rn0byl.com/down-with-oscp-yea-you-know-me/
http://www.techexams.net/forums/security-certifications/110760-oscp-jollyfrogs-tale.html
http://hackingandsecurity.blogspot.com
Http://carnal0wnage.blogspot.com/
Http://www.mcgrewsecurity.com/
Http://www.gnucitizen.org/blog/
Http://www.darknet.org.uk/
Http://spylogic.net/
Http://taosecurity.blogspot.com/
Http://www.room362.com/
Http://blog.sipvicious.org/
Http://blog.portswigger.net/
Http://pentestmonkey.net/blog/
Http://jeremiahgrossman.blogspot.com/
Http://i8jesus.com/
Http://blog.c22.cc/
Http://www.skullsecurity.org/blog/
Http://blog.metasploit.com/
Http://www.darkoperator.com/
Http://blog.skeptikal.org/
Http://preachsecurity.blogspot.com/
Http://www.tssci-security.com/
Http://www.gdssecurity.com/l/b/
Http://websec.wordpress.com/
Http://bernardodamele.blogspot.com/
Http://laramies.blogspot.com/
Http://www.spylogic.net/
Http://blog.andlabs.org/
Http://xs-sniper.com/blog/
Http://www.commonexploits.com/
Http://www.sensepost.com/blog/
Http://wepma.blogspot.com/
Http://exploit.co.il/
Http://securityreliks.wordpress.com/
Http://www.madirish.net/index.html
Http://sirdarckcat.blogspot.com/
Http://reusablesec.blogspot.com/
Http://myne-us.blogspot.com/
Http://www.notsosecure.com/
Http://blog.spiderlabs.com/
Http://www.corelan.be/
Http://www.digininja.org/
Http://www.pauldotcom.com/
Http://www.attackvector.org/
Http://deviating.net/
Http://www.alphaonelabs.com/
Http://www.smashingpasswords.com/
Http://wirewatcher.wordpress.com/
Http://gynvael.coldwind.pl/
Http://www.nullthreat.net/
Http://www.question-defense.com/
Http://archangelamael.blogspot.com/
Http://memset.wordpress.com/
Http://sickness.tor.hu/
Http://punter-infosec.com/
Http://www.securityninja.co.uk/
Http://securityandrisk.blogspot.com/
Http://esploit.blogspot.com/
Http://www.pentestit.com/
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Full How to bypass AMSI and execute ANY malicious Powershell code

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Some hacking forums :

Http://sla.ckers.org/forum/index.php

Http://www.ethicalhacker.net/

Http://www.backtrack-linux.org/forums/

Http://www.elitehackers.info/forums/

Http://www.hackthissite.org/forums/index.php

Http://securityoverride.com/forum/index.php

Http://www.iexploit.org/

Http://bright-shadows.net/

Http://www.governmentsecurity.org/forum/

Http://forum.intern0t.net/

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑DORKS/CVE & MORE :

Http://uptime.netcraft.com/
Http://www.serversniff.net/
Http://www.domaintools.com/
Http://centralops.net/co/
Http://hackerfantastic.com/
Http://whois.webhosting.info/
Https://www.ssllabs.com/ssldb/analyze.html
Http://www.clez.net/
Http://www.my-ip-neighbors.com/
Http://www.shodanhq.com/
Http://www.exploit-db.com/google-dorks/
Http://www.hackersforcharity.org/ghdb/
EXPLOITS AND ADVISORIES
Http://www.exploit-db.com/
Http://www.cvedetails.com/
Http://www.packetstormsecurity.org/
http://www.securityforest.com/wiki/index.php/Main_Page
Http://www.securityfocus.com/bid
Http://nvd.nist.gov/
Http://osvdb.org/
http://www.nullbyte.org.il/Index.html
Http://secdocs.lonerunners.net/
http://www.phenoelit-us.org/whatSAP/index.html
Http://secunia.com/
Http://cve.mitre.org/
CHEATSHEETS AND SYNTAX
Http://www.cheat-sheets.org/
Http://blog.securitymonks.com/2009/08/15/whats-in-your-folder-security-cheat-sheets/

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑why do hackers threaten router DNS?

1) The DNS location of the router can be tampered with after the router is hijacked, so that the user's upper homepage can be controlled, so that it can actively jump and pull out the pop-up window to advertise and other fees and traffic charges;

2) After the router is hijacked, it can monitor the application status of users connected to the wireless network, so as to steal user account information, especially bank account information;

3) When the user reads the webpage, he should actively jump and close the link that has the Trojan horse virus implanted. The user should be recruited to stop ordering or hacking;

WRITTEN BY UNDERCODE
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to invent in real time whether a router can be held hostage?

1) Introspect the DNS location of the router and the location pointed to by the DNS. If the DNS setting in the router DHCP is 66.102.. or 207.254.., it means that it has been coerced;

2) Reflect on the number of connected equipment, log in to the router management interface, and reflect on the number of equipment connected to the wireless network. If there are unfamiliar equipment, it means that it may have been hijacked;

3) When you read a webpage, you start to show active jumps and more pop-up advertisements;

4) Check whether the manual setting of DNS server option in the high-end settings of the router can be checked. If it is checked, it means that it has been hijacked;

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑JavaScript email attachments may carry malicious code

JavaScript email attachments may carry malicious code. Let’s take a look at what’s going on.

1) Recently there has been a ransomware program called RAA, written entirely in JavaScript, which can lock users' files by using a strong encryption program.

2) Most malicious software in Windows is written in a compiled language such as C or C++ and spread in the form of executable files such as .exe or .dll. Other malware is written using command-line scripts, such as Windows batch or PowerShell.

3) The malware on the client side is rarely written in web-related languages, such as JavaScript, which is mainly interpreted by the browser. But the built-in Script Host of Windows can also directly execute .js files.

4) Attackers have only recently started using this technique. Last month, Microsoft warned that js attachments in malicious emails might carry viruses, and ESET’s Security Research Institute also warned that some js attachments might run Locky virus. But in both cases, JavaScript files are used as a downloader of malware. They download from other addresses and install traditional malware written in other languages ​​by default. But RAA is different, this is malware written entirely in JavaScript.

5) Experts from the BleepingComputer.com technical support forum said that RAA relies on CryptoJS, a secure JavaScript library, to implement its encryption process. The implementation of encryption is very solid, using the AES-256 encryption algorithm.

6) Once the file is encrypted, RAA will add .locked to the suffix of the original file name. Its encryption targets include: .doc, .xls, .rtf, .pdf, .dbf, .jpg, .dwg, .cdr, .psd, .cd, .mdb, .png, .lcd, .zip, .rar And .csv.


7) According to the user's response, after being infected with RAA, messages in Russian will be randomly displayed, but even if it targets Russian computers, its proliferation is only a matter of time.

It is very unusual to include JavaScript attachments in emails, so users should avoid opening such files even if they are contained in .zip archives. .js files are rarely used in other places except in websites and browsers.

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Ultimate hacking, tutorials..