▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 A decade of lurking "hacker mercenaries" appeared, eyeing European law firms
#News

> This year, following the exposure of the Dark Basin hacker hire organization, Kaspersky discovered Deceptikons, the second hacker hire organization.

> The Russian cybersecurity company Kaspersky stated in a webinar that it discovered a new hacker hire organization that has been active for nearly a decade.
According to Kaspersky Malware Analyst Vicente Diaz, Kaspersky named this organization "Deceptikons". It launched attacks against the four major law firms and financial technology companies in the industry to steal confidential corporate data, mainly in Europe. Occasionally appear in Middle Eastern countries such as Israel, Jordan and Egypt.

The organization's most recent attack was a spear phishing campaign in 2019. A series of European law firms were recruited. In this campaign, the organization deployed malicious PowerShell scripts on target enterprise hosts.

🦑0day vulnerability has not been exploited

> The Russian security company mentioned in a written report in the webinar, “The development of the attack technology is still immature. As far as we know, 0day has not been used to carry out attacks.”

> As far as the hacker organization’s infrastructure and malware are concerned, “smart but not advanced”, the biggest advantage to infected hosts is persistence.

>Observing most of its attacks, we can find that they have similar patterns, starting with spear-phishing emails, which carry modified malicious LINK (shortcut) files.

>If the victim downloads or interacts with the email (such as clicking on it), this shortcut file will automatically download and run the PowerShell backdoor Trojan.

>Kaspersky will release some more comprehensive technical reports on the organization's activities in the next few weeks.

#News
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑ALL POPULAR WAYS- PASSWORD #CRACKING


1. Record the screen
In order to prevent keyloggers from using the mouse and pictures to enter the password, hackers can take a screenshot of the user’s screen through a Trojan horse program and record the position of the mouse click. By recording the mouse position and comparing the screenshot, the method can be cracked. User password.

2. Multiple monitoring of the keyboard
If the user’s password is more complex, it is difficult to use brute force to crack it. At this time, hackers often install Trojan horse viruses for the user, design a "keylogger" program, record and monitor the user’s keyboard operations, and then record them in various ways The user’s keyboard content is sent to the hacker, so that the hacker can crack the user’s password by analyzing the user’s keyboard information.


3. Phishing and fraudulent website fraud
"Phishing" attacks use deceptive emails and fake website login sites to carry out fraudulent activities. The victim often reveals his sensitive information (such as username, password, account number, PIN code or credit card details), phishing Mainly by sending e-mails to lure users to log on to fake online banking and online securities websites, defrauding user account passwords to commit theft.

4. Brute force cracking
The most basic of password cracking technology is brute force cracking, also called password cracking. Xiaofeng calls it the most mindless operation. If the hacker knows the account number in advance, such as mail account, QQ user account, online banking account, birthday, etc., and the user’s password is set very simple, for example, with a simple combination of numbers, the hacker can quickly crack it using brute force cracking tools Come out the password. Therefore, the user should try to make the password setting more complicated.


5. Use a sniffer to obtain
On the local area network, if a hacker wants to quickly obtain a large number of accounts (including user names and passwords), the most effective method is to use the Sniffer program. Sniffer, Chinese translated as sniffer, is a very threatening passive attack tool. Using this tool, you can monitor the status of the network, the data flow, and the information transmitted on the network. When the information is transmitted on the network in the form of plain text, the data packets transmitted on the network can be stolen by means of network monitoring. Set the network interface to monitor mode, and then you can intercept the continuous information transmitted on the Internet. Any data packets directly transmitted via HTTP, FTP, POP, SMTP, TELNET protocols will be monitored by the Sniffer program.


6. Implant a Trojan horse for remote control
Use the remote control Trojan to monitor all operations of the user's local computer, and any keyboard and mouse operations of the user will be intercepted by remote hackers.


7. Bad habits of using passwords
Although some employees set a long password, they write the password on paper. Some use their own name or birthday as the password, and some use commonly used words as the password. These bad habits will lead to The password can be easily cracked.


8. Analyze and reason through social engineering
If a user uses multiple systems, hackers can first crack the user password of the simpler system, and then use the cracked password to calculate the user password of other systems. For example, many users use the same password for all systems.


9. Use tools to crack
For some locally saved passwords with asterisks, you can use a tool like Password Reminder to crack. Drag and drop the magnifying glass in Password Reminder onto the asterisks to crack the password.

10. Study human psychology and conduct cryptographic psychology
Many well-known hackers do not use cutting-edge technology to crack passwords, but only use password psychology. They start from the user's psychology, analyze the user's information and analyze the user's psychology, so as to crack the password faster. In fact, there are many ways to obtain information. If you have a good grasp of password psychology, you can quickly crack and obtain user information.

enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑ALL POPULAR WAYS- PASSWORD #CRACKING

🦑 2020 full top python course (5 rating) :

https://mega.nz/folder/MuoDXKKa#3t0a2vx5SeTU3ksvdFBTMQ

🦑Termux tutorials - commands :
check recently termux 2 pdfs +

1) How To Install Package in Termux
pkg install <package name>

2)How To search Package
pkg search <query>

3)How To Upgrade Package
pkg upgrade

4) Uninstall
pkg uninstall <pkg name>

5) Install Mosquitto MQTT Broker
After Installation, Run Termux app. Then at the prompt type

pkg install mosquitto mosquitto

6) Install Node-Red
Prompt type :

apt update
apt upgrade
apt install coreutils nano nodejs
npm i -g --unsafe-perm node-red
node-red Then you can point a browser to localhost:1880

7) Install C language
pkg install clang

8) Install Python
pkg install python

9) Install NodeJS
pkg install nodejs

10) Install Go programming language
apt install golang

11) Install PHP language
apt install php

12) How To use SSH
pkg install dropbear
pkg install openssh

13)Find IP address
ifconfig

14) Install nano Editor
pkg install nano

15) Install Git GitHub tool
apt install git

16) Control Raspberry Pi
If you have a headless Pi, then you can Control and use Raspberry Pi via SSH using Termux. How to setup truly headless RPi – How To Use Raspberry pi in a truely headless mode

17) Install Apache2
apt update
apt upgrade
apt install apache2
Remember Apache directory is this /data/data/com.termux/files/usr/share/apache2/default-site/htdocs/

For example I have read.txt if you want to move this read.txt to Apache directory then I use this command

mv read.txt /data/data/com.termux/files/usr/share/apache2/default-site/htdocs/
To start apache2 server in Termux type this command :

apachectl
Now open browser and type localhost:8080/read.txt

enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Packt - TypeScript for JavaScript Developers
#expert - course (4 rating stars )

https://mega.nz/folder/EuB13STS#EZnpuPmLdqpZzLvgBHuCqg

Scripting Metasploit to exploit a group of hosts / servers ...

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to install secure, robust Mosquitto MQTT broker on AWS Ubuntu ?

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :


1) Install Mosquitto
Log into the AWS Ubuntu Instance.

1️⃣$ sudo apt-get update

> Install iboth the mosquitto broker and the publish / subscribe clients.

2️⃣$ sudo apt-get install mosquitto mosquitto-clients
Example for subscribe:

3️⃣$ mosquittosub -h localhost -t mychanel
Example for publish:

4️⃣$ mosquittopub -h localhost -t mychanel "Hello World"


2) Enable Remote Access

5️⃣To publish or subscribe using this broker from a remote machine, we need first open port 1883 in the security group setting. Using the AWS console, go to the security group and open port 1883 to everyone.

The default config file may permit connections from localhost only. The default conf file is can be opened

6️⃣$ sudo vim /etc/mosquitto/conf.d/default.conf
The file should contain line following enable remote usage

listener 1883
Note that this port is currently unsecured, so if you don’t want to permit remote access:

listener 1883 localhost
Everytime you edit the conf file, you will have to restart the service for the settings to take effect.

$ sudo systemctl restart mosquitto

3) Robust MQTT
If MQTT broker crashed sometimes, disabling the real time communication. So we added a script that checked the state of the process and restarted Mosquitto in case it was down.

7️⃣if "ps -aux | grep /usr/sbin/mosquitto | wc -l" == "1"

then

echo "mosquitto wasnt running so attempting restart" >> /home/ubuntu/cron.log

systemctl restart mosquitto

exit 0

fi

echo "$SERVICE is currently running" >> /home/ubuntu/cron.log

exit 0

8️⃣This can script can be saved in a file say ‘mosquittorestart.sh’.

This file needs to be made an executable and then put in a cron job that runs every 5 minutes. The cron should be set as root.


9️⃣$ chmod +x mosquittorestart.sh

🔟$ sudo -i

1️⃣1️⃣$ crontab -e
Add the following statement

 * * * * /home/ubuntu/mosquitto_restart.sh

enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Complete Conf file for reference It uses password protection, runs a MQTT on port 1883, for ubuntu-kali-

> MQTTS on port 1884, websockets on port 3033, and WSS on port 8083. Do not forget the open these ports in the security group.

allowanonymous false

passwordfile /etc/mosquitto/passwd

listener 1883

listener 1884

certfile /etc/letsencrypt/live/mqtt.example.io/cert.pem

cafile /etc/letsencrypt/live/mqtt.example.io/chain.pem

keyfile /etc/letsencrypt/live/mqtt.example.io/privkey.pem

listener 3033

protocol websockets

listener 8083

protocol websockets

certfile /etc/letsencrypt/live/mqtt.example.io/cert.pem

cafile /etc/letsencrypt/live/mqtt.example.io/chain.pem

keyfile /etc/letsencrypt/live/mqtt.example.io/privkey.pem


enjoy❤️👍🏻
wiki source
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What are all termux addons ?
#ForBeginers

<> Addons
Some extra features available. You can add them by installing addons:

1) Termux:API – Access Android and Chrome hardware features.

2) Termux:Boot – Run script(s) when your device boots.

3) Termux:Float – Run in a floating window.

4) Termux:Styling – Have color schemes and powerline-ready fonts customize the appearance of the terminal.

5) Termux:Task – An easy way to call Termux executables from Tasker and compatible apps.

6) Termux:Widget – Start small scriptlets from the home screen.

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Extracting the payload from a pcap file using Python so helpful
- enjoy :)

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Many Hackers asking what is difference between termux & Cmd or terminal apk on android & termux so popular
#ForBeginers

> forget about python and scripting let's take a look to termux features not avaible for Terminal apk app :))

1) Secure. Access remote servers using the ssh client from OpenSSH. Termux combines standard packages with accurate terminal emulation in a beautiful open source solution.

2) Feature packed. Take your pick between Bash, fish or Zsh and nano, Emacs or Vim. Grep through your SMS inbox.

3) Access API endpoints with curl and use rsync to store backups of your contact list on a remote server.

4) Customizable. Install what you want through the APT package management system known from Debian and Ubuntu GNU/Linux. Why not start with installing Git and syncing your dotfiles?

5) Explorable. Have you ever sat on a bus and wondered exactly which arguments tar accepts? Packages available in Termux are the same as those on Mac and Linux – install man pages on your phone and read them in one session while experimenting with them in another.

6) With batteries included. Can you imagine a more powerful yet elegant pocket calculator than a readline-powered Python console? Up-to-date versions of Perl, Python, Ruby and Node.js are all available.

7) Ready to scale up. Connect a Bluetooth keyboard and hook up your device to an external display if you need to – It supports keyboard shortcuts and has full mouse support.

8) Tinkerable. Develop by compiling C files with Clang and build your own projects with CMake and pkg-config. Both GDB and strace are available if you get stuck and need to debug.


enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
—termux features
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Protocols names & functions :)

1) Transmission Control Protocol (TCP): TCP is a popular communication protocol which is used for communicating over a network. It divides any message into series of packets that are sent from source to destination and there it gets reassembled at the destination.

2) Internet Protocol (IP): IP is designed explicitly as addressing protocol. It is mostly used with TCP. The IP addresses in packets help in routing them through different nodes in a network until it reaches the destination system. TCP/IP is the most popular protocol connecting the networks.

3) User Datagram Protocol (UDP): UDP is a substitute communication protocol to Transmission Control Protocol implemented primarily for creating loss-tolerating and low-latency linking between different applications.

4) Post office Protocol (POP): POP3 is designed for receiving incoming E-mails.

5) Simple mail transport Protocol (SMTP): SMTP is designed to send and distribute outgoing E-Mail.

6) File Transfer Protocol (FTP): FTP allows users to transfer files from one machine to another. Types of files may include program files, multimedia files, text files, and documents, etc.

7) Hyper Text Transfer Protocol (HTTP): HTTP is designed for transferring a hypertext among two or more systems. HTML tags are used for creating links. These links may be in any form like text or images. HTTP is designed on Client-server principles which allow a client system for establishing a connection with the server machine for making a request. The server acknowledges the request initiated by the client and responds accordingly.

8) Hyper Text Transfer Protocol Secure (HTTPS): HTTPS is abbreviated as Hyper Text Transfer Protocol Secure is a standard protocol to secure the communication among two computers one using the browser and other fetching data from web server. HTTP is used for transferring data between the client browser (request) and the web server (response) in the hypertext format, same in case of HTTPS except that the transferring of data is done in an encrypted format. So it can be said that https thwart hackers from interpretation or modification of data throughout the transfer of packets.

9) Telnet: Telnet is a set of rules designed for connecting one system with another. The connecting process here is termed as remote login. The system which requests for connection is the local computer, and the system which accepts the connection is the remote computer.

10) Gopher: Gopher is a collection of rules implemented for searching, retrieving as well as displaying documents from isolated sites. Gopher also works on the client/server principle.

enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
(powered by wiki)\
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 2020 Web Development Bootcamp full course —18 Gb—
- 4,7rating stars
-price $139.99


https://mega.nz/folder/Zq5miKQI#rdXFJRvgAAHvBLbe0EBPeQ

enjoy

🦑Follow Undercode Testing on :

> Twitter
> Twitter

> instagram

> Facebook

> Pinterest

> Linkedln

> Youtube

> Telegram

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑EU sanctions China, North Korea and Russia for the first time on the grounds of cyber attacks :
#News

> On Thursday, the European Union announced that it would impose sanctions on six individuals and three entities from Russia and China who carried out or participated in various so-called "cyber attacks." In addition, the European Union also stated that it has locked a special technical department of Russian military intelligence, namely The General Staff of the Armed Forces of the Russian Federation GRU.

> The three organizations subject to sanctions are Russia’s GRU, North Korea’s Chosun Expo, and China’s Haitai Technology Development Co., Ltd.

This is the first EU sanctions related to cyber attacks. Sanctions include imposing travel bans, freezing assets, and prohibiting EU personnel and entities from providing funds to sanctioned targets.

In fact, the EU has imposed sanctions on China because of "China's treatment of Hong Kong" before, in order to move closer to the Trump administration's relatively tough stance on China.

> And Borelli, the EU’s high representative for foreign and security policy, once voiced that the US increasingly uses sanctions against European companies or threats with sanctions will harm European interests. "The EU opposes sanctions imposed by third countries on the legal operations of European companies. This kind of'extraterritorial sanctions' violates international law." But obviously, after only half a month, the EU has also chosen cyber sanctions.


#News
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁