Data Acquisition with LabVIEW β763 MBβsmall test !
https://mega.nz/folder/LSY3RIQZ#o7AJqxxrKzUdNSrMeXJEqQ
https://mega.nz/folder/LSY3RIQZ#o7AJqxxrKzUdNSrMeXJEqQ
mega.nz
File folder on MEGA
MEGA provides free cloud storage with convenient and powerful always-on privacy. Claim your free 50GB now!
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Rules For Applying Zone-Based Policy Firewall !!
- Router network interfacesΓ’β¬β’ membership in zones is subject to several rules that govern interface behavior, as is the traffic moving between zone member interfaces:
- A zone must be configured before interfaces can be assigned to the zone.
- An interface can be assigned to only one security zone.
- All traffic to and from a given interface is implicitly blocked when the interface is assigned to a zone, except traffic to and from other interfaces in the same zone, and traffic to any interface on the router.
- Traffic is implicitly allowed to flow by default among interfaces that are members of the same zone.
- In order to permit traffic to and from a zone member interface, a policy allowing or inspecting traffic must be configured between that zone and any other zone.
- The self zone is the only exception to the default deny all policy. All traffic to any router interface is allowed until traffic is explicitly denied.
- Traffic cannot flow between a zone member interface and any interface that is not a zone member. Pass, inspect, and drop actions can only be applied between two zones.
- Interfaces that have not been assigned to a zone function as classical router ports and might still use classical stateful inspection/CBAC configuration.
- If it is required that an interface on the box not be part of the zoning/firewall policy. It might still be necessary to put that interface in a zone and configure a pass all policy (sort of a dummy policy) between that zone and any other zone to which traffic flow is desired.
- From the preceding it follows that, if traffic is to flow among all the interfaces in a router, all the interfaces must be part of the zoning model (each interface must be a member of one zone or another).
- The only exception to the preceding deny by default approach is the traffic to and from the router, which will be permitted by default. An explicit policy can be configured to restrict such traffic.
> git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦#Rules For Applying Zone-Based Policy Firewall !!
- Router network interfacesΓ’β¬β’ membership in zones is subject to several rules that govern interface behavior, as is the traffic moving between zone member interfaces:
- A zone must be configured before interfaces can be assigned to the zone.
- An interface can be assigned to only one security zone.
- All traffic to and from a given interface is implicitly blocked when the interface is assigned to a zone, except traffic to and from other interfaces in the same zone, and traffic to any interface on the router.
- Traffic is implicitly allowed to flow by default among interfaces that are members of the same zone.
- In order to permit traffic to and from a zone member interface, a policy allowing or inspecting traffic must be configured between that zone and any other zone.
- The self zone is the only exception to the default deny all policy. All traffic to any router interface is allowed until traffic is explicitly denied.
- Traffic cannot flow between a zone member interface and any interface that is not a zone member. Pass, inspect, and drop actions can only be applied between two zones.
- Interfaces that have not been assigned to a zone function as classical router ports and might still use classical stateful inspection/CBAC configuration.
- If it is required that an interface on the box not be part of the zoning/firewall policy. It might still be necessary to put that interface in a zone and configure a pass all policy (sort of a dummy policy) between that zone and any other zone to which traffic flow is desired.
- From the preceding it follows that, if traffic is to flow among all the interfaces in a router, all the interfaces must be part of the zoning model (each interface must be a member of one zone or another).
- The only exception to the preceding deny by default approach is the traffic to and from the router, which will be permitted by default. An explicit policy can be configured to restrict such traffic.
> git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Virus Total API Maltego Transform Set For Canari-
- New tool
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£ Requires Canari https://github.com/allfro/canari/tree/c90ed9f0f0fb5075358d7a1a4c1080aac3d4e6bc
, specifically this branch/version
2οΈβ£ Install Malformity https://github.com/digital4rensics/Malformity
3οΈβ£sudo python setup.py install
4οΈβ£canari create-profile ripVT
5οΈβ£Import generated ripVT.mtz
6οΈβ£Import entities stored at:
src/ripVT/resources/external/entities.mtz
7οΈβ£Copy src/ripVT/resources/etc/ripVT.conf to ~/.canari/
Pivot
7οΈβ£Pivots
π¦FEATURES :
Multiple unique entities enable forward & reverse searches. Unique graphically-distinguished icons.
Search (Phrase Entity) ->
Generic Search
Behavioral
Engines
ITW
Generic
Hash -> Download to Repository
Hash -> VT File Report ->
Behavioral (Copied Files, Deleted, Downloaded, Moved, Mutex, Network, Opened, Read, Replaced, Written)
Imphash
Cert / Certs
Compile Time
Detections
Exports / Imports
File Names
In-The-Wild (ITW) Locations
Parents (Dropped / Created By)
PE Resources
PE Sections
SSDEEP
Similar-To
Domain -> VT Domain Report ->
Undetected/Detected Communicating Samples
Undetected/Detected Domain-Embedding Samples
Undetected/Detected Domain-Downloaded Samples
PCAP
Domain Resolutions
Siblings
Subdomains
Detected URLs
IP Address -> VT IP Report
Undetected/Detected Communicating Samples
Undetected/Detected Domain-Embedding Samples
Undetected/Detected Domain-Downloaded Samples
PCAP
Domain Resolutions
Siblings
Subdomains
Detected URLs
Detections ->
Search Detection Name (Engine Included)
Search Detection Name (No Engine
Cuckoo -> (Report ID)
Report -> Network
β git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Virus Total API Maltego Transform Set For Canari-
- New tool
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£ Requires Canari https://github.com/allfro/canari/tree/c90ed9f0f0fb5075358d7a1a4c1080aac3d4e6bc
, specifically this branch/version
2οΈβ£ Install Malformity https://github.com/digital4rensics/Malformity
3οΈβ£sudo python setup.py install
4οΈβ£canari create-profile ripVT
5οΈβ£Import generated ripVT.mtz
6οΈβ£Import entities stored at:
src/ripVT/resources/external/entities.mtz
7οΈβ£Copy src/ripVT/resources/etc/ripVT.conf to ~/.canari/
Pivot
7οΈβ£Pivots
π¦FEATURES :
Multiple unique entities enable forward & reverse searches. Unique graphically-distinguished icons.
Search (Phrase Entity) ->
Generic Search
Behavioral
Engines
ITW
Generic
Hash -> Download to Repository
Hash -> VT File Report ->
Behavioral (Copied Files, Deleted, Downloaded, Moved, Mutex, Network, Opened, Read, Replaced, Written)
Imphash
Cert / Certs
Compile Time
Detections
Exports / Imports
File Names
In-The-Wild (ITW) Locations
Parents (Dropped / Created By)
PE Resources
PE Sections
SSDEEP
Similar-To
Domain -> VT Domain Report ->
Undetected/Detected Communicating Samples
Undetected/Detected Domain-Embedding Samples
Undetected/Detected Domain-Downloaded Samples
PCAP
Domain Resolutions
Siblings
Subdomains
Detected URLs
IP Address -> VT IP Report
Undetected/Detected Communicating Samples
Undetected/Detected Domain-Embedding Samples
Undetected/Detected Domain-Downloaded Samples
PCAP
Domain Resolutions
Siblings
Subdomains
Detected URLs
Detections ->
Search Detection Name (Engine Included)
Search Detection Name (No Engine
Cuckoo -> (Report ID)
Report -> Network
β git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - allfro/canari at c90ed9f0f0fb5075358d7a1a4c1080aac3d4e6bc
Local and Remote Maltego Rapid Transform Development Framework - GitHub - allfro/canari at c90ed9f0f0fb5075358d7a1a4c1080aac3d4e6bc
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Node.js & Hapi.js: Building Enterprise Web Apps β1.9 GB-
https://mega.nz/#F!1hZ3TShR!Jeb32K_d8MX4_T75BpY5qA
π¦Node.js & Hapi.js: Building Enterprise Web Apps β1.9 GB-
https://mega.nz/#F!1hZ3TShR!Jeb32K_d8MX4_T75BpY5qA
mega.nz
MEGA provides free cloud storage with convenient and powerful always-on privacy. Claim your free 20GB now
π¦BIN SPOTIFY
π³: 5524903601xxxxxx
FECHA: 11/22
IP: Canada
Codigo Postal: V5K0A8
VPN: VYPR VPN
π³: 5524903601xxxxxx
FECHA: 11/22
IP: Canada
Codigo Postal: V5K0A8
VPN: VYPR VPN
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Intel processor reveals two new SGX vulnerabilities attackers can easily extract sensitive data :
1) While Intel is working to eliminate the negative effects of multiple processor vulnerabilities, security researchers at the three universities once again relentlessly exposed two other flaws in the SGX software protection extension instructions.
2) For attackers, this allows them to extract sensitive data fairly easily. Fortunately, new issues can be fixed through active remedies, and there is currently no evidence that new vulnerabilities have been exploited in the wild.
3) Researchers from three universities in Michigan, Amsterdam, Netherlands, and Adelaide, Australia disclosed that attackers can use the multi-core architecture to work to gain access to sensitive data on infected systems.
4) It has developed corresponding attack methods for the two vulnerabilities, and gave proofs of concept for SGAxe and CrossTalk.
5) The former appears to be an advanced version of the CacheOut attack exposed earlier this year, and hackers can extract content from the CPU's L1 cache.
6) The researchers explained that SGAxe is a failed attempt by Intel to mitigate the bypass attack against the software protection extension (SGX). As a dedicated area on the CPU, SGX originally intended to ensure the integrity and confidentiality of the code and data being processed.
7) With the help of a transient execution attack, a hacker can essentially recover the encryption key stored in the SGX area and use it to decrypt the long storage area to obtain the machine's EPID key. The latter is used to ensure the security of transactions, such as financial transactions and DRM-protected content.
8) As for the second CrossTalk vulnerability, which is a derivative of Microarchitecture Data Sampling (MDS), it can attack data processed by the Line Fill Buffer (LBF) of the CPU.
9) t originally wanted to provide a "staging buffer" for CPU core access, but hackers were able to use specially-made software running on a separate core to destroy the software code and data private key that protected it.
10) It is reported that the new vulnerability affects many Intel processors released from 2015 to 2019, including some Xeon E3 SKUs (E5 and E7 series have been proven to be resistant to this new type of attack).
11) Intel said in a June security bulletin that only a very small number of people can launch these attacks in a laboratory environment, and there are currently no reports of exploits in the wild.
12) Even so, the company will still release microcode updates as soon as possible, while invalidating previously issued certification keys.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Intel processor reveals two new SGX vulnerabilities attackers can easily extract sensitive data :
1) While Intel is working to eliminate the negative effects of multiple processor vulnerabilities, security researchers at the three universities once again relentlessly exposed two other flaws in the SGX software protection extension instructions.
2) For attackers, this allows them to extract sensitive data fairly easily. Fortunately, new issues can be fixed through active remedies, and there is currently no evidence that new vulnerabilities have been exploited in the wild.
3) Researchers from three universities in Michigan, Amsterdam, Netherlands, and Adelaide, Australia disclosed that attackers can use the multi-core architecture to work to gain access to sensitive data on infected systems.
4) It has developed corresponding attack methods for the two vulnerabilities, and gave proofs of concept for SGAxe and CrossTalk.
5) The former appears to be an advanced version of the CacheOut attack exposed earlier this year, and hackers can extract content from the CPU's L1 cache.
6) The researchers explained that SGAxe is a failed attempt by Intel to mitigate the bypass attack against the software protection extension (SGX). As a dedicated area on the CPU, SGX originally intended to ensure the integrity and confidentiality of the code and data being processed.
7) With the help of a transient execution attack, a hacker can essentially recover the encryption key stored in the SGX area and use it to decrypt the long storage area to obtain the machine's EPID key. The latter is used to ensure the security of transactions, such as financial transactions and DRM-protected content.
8) As for the second CrossTalk vulnerability, which is a derivative of Microarchitecture Data Sampling (MDS), it can attack data processed by the Line Fill Buffer (LBF) of the CPU.
9) t originally wanted to provide a "staging buffer" for CPU core access, but hackers were able to use specially-made software running on a separate core to destroy the software code and data private key that protected it.
10) It is reported that the new vulnerability affects many Intel processors released from 2015 to 2019, including some Xeon E3 SKUs (E5 and E7 series have been proven to be resistant to this new type of attack).
11) Intel said in a June security bulletin that only a very small number of people can launch these attacks in a laboratory environment, and there are currently no reports of exploits in the wild.
12) Even so, the company will still release microcode updates as soon as possible, while invalidating previously issued certification keys.
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Bin For Google Ads, Instagram Facebookβ
β
BIN: 53651740xxxxxxxx
Date: RND
CVV: RND
IP: Brazil
CPF: Cualquiera
BIN: 53651740xxxxxxxx
Date: RND
CVV: RND
IP: Brazil
CPF: Cualquiera
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Practice Your Skills :
> WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons.
> This program is a demonstration of common server-side application flaws. The exercises are intended to be used by people to learn about application security and penetration testing techniques.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£ git clone https://github.com/WebGoat/WebGoat.git
2οΈβ£-run-using-docker
> docker run -p 8080:8080 -p 9090:9090 -e TZ=Europe/Amsterdam webgoat/goatandwolf
3οΈβ£WebGoat will be located at: http://127.0.0.1:8080/WebGoat WebWolf will be located at: http://127.0.0.1:9090/WebWolf
Important:
> Choose the correct timezone, so that the docker container and your host are in the same timezone. As it important for the validity of JWT tokens used in certain exercises.
4οΈβ£Using docker stack deploy
> Another way to deply WebGoat and WebWolf in a more advanced way is to use a compose-file in a docker stack deploy. You can define which containers should run in which combinations and define all of this in a yaml file. An example of such a file is: goat-with-reverseproxy.yaml
5οΈβ£This sets up an nginx webserver as reverse proxy to WebGoat and WebWolf. You can change the timezone by adjusting the value in the yaml file.
6οΈβ£docker stack init
> docker stack deploy --compose-file goat-with-reverseproxy.yaml webgoatdemo
7οΈβ£Add the following entries in your local hosts file:
127.0.0.1 www.webgoat.local www.webwolf.localhost
You can use the overall start page: http://www.webgoat.local or:
8οΈβ£WebGoat will be located at: http://www.webgoat.local/WebGoat
WebWolf will be located at: http://www.webwolf.local/WebWolf
Important:
> the current directory on your host will be mapped into the container for keeping state.
π¦Another way :
Standalone
1οΈβ£Download the latest WebGoat and WebWolf release from https://github.com/WebGoat/WebGoat/releases
java -jar webgoat-server-8.1.0.jar [--server.port=8080] [--server.address=localhost]
java -jar webwolf-8.1.0.jar [--server.port=9090] [--server.address=localhost]
The latest version of WebGoat needs Java 11 or above. By default WebGoat and WebWolf start on port 8080 and 9090 with --server.port you can specify a different port. With server.address you can bind it to a different address (default localhost)
π¦Or
> Run from the sources
1οΈβ£Prerequisites:
-Java 11
-Maven > 3.2.1
-Your favorite IDE
-Git, or Git support in your IDE
2οΈβ£Open a command shell/window:
git clone git@github.com:WebGoat/WebGoat.git
Now let's start by compiling the project.
3οΈβ£cd WebGoat
4οΈβ£git checkout <<branch_name>>
mvn clean install
5οΈβ£Now we are ready to run the project. WebGoat 8.x is using Spring-Boot.
mvn -pl webgoat-server spring-boot:run
... you should be running webgoat on localhost:8080/WebGoat momentarily
6οΈβ£To change IP address add the following variable to WebGoat/webgoat-container/src/main/resources/application.properties file
>server.address=x.x.x.x
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Practice Your Skills :
> WebGoat is a deliberately insecure web application maintained by OWASP designed to teach web application security lessons.
> This program is a demonstration of common server-side application flaws. The exercises are intended to be used by people to learn about application security and penetration testing techniques.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£ git clone https://github.com/WebGoat/WebGoat.git
2οΈβ£-run-using-docker
> docker run -p 8080:8080 -p 9090:9090 -e TZ=Europe/Amsterdam webgoat/goatandwolf
3οΈβ£WebGoat will be located at: http://127.0.0.1:8080/WebGoat WebWolf will be located at: http://127.0.0.1:9090/WebWolf
Important:
> Choose the correct timezone, so that the docker container and your host are in the same timezone. As it important for the validity of JWT tokens used in certain exercises.
4οΈβ£Using docker stack deploy
> Another way to deply WebGoat and WebWolf in a more advanced way is to use a compose-file in a docker stack deploy. You can define which containers should run in which combinations and define all of this in a yaml file. An example of such a file is: goat-with-reverseproxy.yaml
5οΈβ£This sets up an nginx webserver as reverse proxy to WebGoat and WebWolf. You can change the timezone by adjusting the value in the yaml file.
6οΈβ£docker stack init
> docker stack deploy --compose-file goat-with-reverseproxy.yaml webgoatdemo
7οΈβ£Add the following entries in your local hosts file:
127.0.0.1 www.webgoat.local www.webwolf.localhost
You can use the overall start page: http://www.webgoat.local or:
8οΈβ£WebGoat will be located at: http://www.webgoat.local/WebGoat
WebWolf will be located at: http://www.webwolf.local/WebWolf
Important:
> the current directory on your host will be mapped into the container for keeping state.
π¦Another way :
Standalone
1οΈβ£Download the latest WebGoat and WebWolf release from https://github.com/WebGoat/WebGoat/releases
java -jar webgoat-server-8.1.0.jar [--server.port=8080] [--server.address=localhost]
java -jar webwolf-8.1.0.jar [--server.port=9090] [--server.address=localhost]
The latest version of WebGoat needs Java 11 or above. By default WebGoat and WebWolf start on port 8080 and 9090 with --server.port you can specify a different port. With server.address you can bind it to a different address (default localhost)
π¦Or
> Run from the sources
1οΈβ£Prerequisites:
-Java 11
-Maven > 3.2.1
-Your favorite IDE
-Git, or Git support in your IDE
2οΈβ£Open a command shell/window:
git clone git@github.com:WebGoat/WebGoat.git
Now let's start by compiling the project.
3οΈβ£cd WebGoat
4οΈβ£git checkout <<branch_name>>
mvn clean install
5οΈβ£Now we are ready to run the project. WebGoat 8.x is using Spring-Boot.
mvn -pl webgoat-server spring-boot:run
... you should be running webgoat on localhost:8080/WebGoat momentarily
6οΈβ£To change IP address add the following variable to WebGoat/webgoat-container/src/main/resources/application.properties file
>server.address=x.x.x.x
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - WebGoat/WebGoat: WebGoat is a deliberately insecure application
WebGoat is a deliberately insecure application. Contribute to WebGoat/WebGoat development by creating an account on GitHub.
Forwarded from Backup Legal Mega
π¦Candlestick Trading Ninja: 10 Hour Candlestick Certification β1.67 GBβ
https://www.udemy.com/course/candlestick/
https://mega.nz/folder/vGgRzZiY#FYufcGUmO6rIl7Rh6uhiUw
https://www.udemy.com/course/candlestick/
https://mega.nz/folder/vGgRzZiY#FYufcGUmO6rIl7Rh6uhiUw
Udemy
Candlestick Trading Ninja: 10 Hour Glossary & DIY Strategy
Expert Technical Analysis & Candlestick Trading Hacks For Forex, Stock Trading, Day Trading & Swing Trading in 1 course.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦FREE SPYWARES POPULAR 2020 :
- Spyeye - Script To Generate Win32 .Exe File To Take Screenshots
- Words Scraper - Selenium Based Web Scraper To Generate Passwords List
- JSshell - A JavaScript Reverse Shell For Exploiting XSS Remotely Or Finding Blind XSS, Working With Both Unix And Windows OS
- Astsu - A Network Scanner Tool
- Git-Scanner - A Tool For Bug Hunting Or Pentesting For Targeting Websites That Have Open .git Repositories Available In Public
- Recox - Master Script For Web Reconnaissance
- Jshole - A JavaScript Components Vulnrability Scanner, Based On RetireJS
- GitMonitor - A Github Scanning System To Look For Leaked Sensitive Information Based On Rules
- Eviloffice - Inject Macro And DDE Code Into Excel And Word Documents (Reverse Shell)
- Ligolo - Reverse Tunneling Made Easy For Pentesters, By Pentesters
- Inshackle - Instagram Hacks: Track Unfollowers, Increase Your Followers, Download Stories, Etc
- GhostShell - Malware Indetectable, With AV Bypass Techniques, Anti-Disassembly, And More
- Forerunner - Fast And Extensible Network Scanning Library Featuring Multithreading, Ping Probing, And Scan Fetchers
- Enumy - Linux Post Exploitation Privilege Escalation Enumeration
- Bing-Ip2Hosts - Bingip2Hosts Is A Bing.com Web Scraper That Discovers Websites By IP Address
- Vault - A Tool For Secrets Management, Encryption As A Service, And Privileged Access Management
- ADCollector - A Lightweight Tool To Quickly Extract Valuable Information From The Active Directory Environment For Both Attacking And Defending
- ANDRAX v5R NH-Killer - Penetration Testing on Android
- DroidFiles - Get Files From Android Directories
- Purify - All-in-one Tool For Managing Vulnerability Reports From AppSec
Pipelines
β git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦FREE SPYWARES POPULAR 2020 :
- Spyeye - Script To Generate Win32 .Exe File To Take Screenshots
- Words Scraper - Selenium Based Web Scraper To Generate Passwords List
- JSshell - A JavaScript Reverse Shell For Exploiting XSS Remotely Or Finding Blind XSS, Working With Both Unix And Windows OS
- Astsu - A Network Scanner Tool
- Git-Scanner - A Tool For Bug Hunting Or Pentesting For Targeting Websites That Have Open .git Repositories Available In Public
- Recox - Master Script For Web Reconnaissance
- Jshole - A JavaScript Components Vulnrability Scanner, Based On RetireJS
- GitMonitor - A Github Scanning System To Look For Leaked Sensitive Information Based On Rules
- Eviloffice - Inject Macro And DDE Code Into Excel And Word Documents (Reverse Shell)
- Ligolo - Reverse Tunneling Made Easy For Pentesters, By Pentesters
- Inshackle - Instagram Hacks: Track Unfollowers, Increase Your Followers, Download Stories, Etc
- GhostShell - Malware Indetectable, With AV Bypass Techniques, Anti-Disassembly, And More
- Forerunner - Fast And Extensible Network Scanning Library Featuring Multithreading, Ping Probing, And Scan Fetchers
- Enumy - Linux Post Exploitation Privilege Escalation Enumeration
- Bing-Ip2Hosts - Bingip2Hosts Is A Bing.com Web Scraper That Discovers Websites By IP Address
- Vault - A Tool For Secrets Management, Encryption As A Service, And Privileged Access Management
- ADCollector - A Lightweight Tool To Quickly Extract Valuable Information From The Active Directory Environment For Both Attacking And Defending
- ANDRAX v5R NH-Killer - Penetration Testing on Android
- DroidFiles - Get Files From Android Directories
- Purify - All-in-one Tool For Managing Vulnerability Reports From AppSec
Pipelines
β git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
KitPloit - PenTest & Hacking Tools
Spyeye - Script To Generate Win32 .Exe File To Take Screenshots
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Collects information from an email and shows results in a nice visual interface.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://gitlab.com/kennbroorg/iKy.git
2οΈβ£cd $IKY_CLONE/install/iKyEasyInstall
3οΈβ£./iKyEasyInstall.sh # At some point the script will request credentials for sudo
β Verified on :
-kali
-ubuntu
π¦Kali - ubuntu video tutorial
> https://gitlab.com/kennbroorg/iKy/-/wikis/Videos/Installations
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦Collects information from an email and shows results in a nice visual interface.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://gitlab.com/kennbroorg/iKy.git
2οΈβ£cd $IKY_CLONE/install/iKyEasyInstall
3οΈβ£./iKyEasyInstall.sh # At some point the script will request credentials for sudo
β Verified on :
-kali
-ubuntu
π¦Kali - ubuntu video tutorial
> https://gitlab.com/kennbroorg/iKy/-/wikis/Videos/Installations
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
GitLab
Kenn Brothers Org / iKy Β· GitLab
OSINT Project. Collect information from a mail. Gather. Profile. Timeline.
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 Hijack services that relies on QR Code Authentication :
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/thelinuxchoice/ohmyqr
2οΈβ£cd ohmyqr
3οΈβ£bash ohmyqr.sh
π¦How it Works ?
QRLJacking or Quick Response Code Login Jacking is a simple social engineering attack vector capable of session hijacking affecting all applications that rely on the βLogin with QR codeβ feature as a secure way to login into accounts. In a nutshell, the victim scans the attackerβs QR code which results in session hijacking.
β git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β
π¦2020 Hijack services that relies on QR Code Authentication :
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1οΈβ£git clone https://github.com/thelinuxchoice/ohmyqr
2οΈβ£cd ohmyqr
3οΈβ£bash ohmyqr.sh
π¦How it Works ?
QRLJacking or Quick Response Code Login Jacking is a simple social engineering attack vector capable of session hijacking affecting all applications that rely on the βLogin with QR codeβ feature as a secure way to login into accounts. In a nutshell, the victim scans the attackerβs QR code which results in session hijacking.
β git sources
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
β β β ο½ππ»βΊπ«Δπ¬πβ β β β