▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑HOW TO GET 1K MOBILE HACKING TUTORIALS :

1) Read it on Gitbook(https://github.com/OWASP/owasp-mstg) . The book is automatically synchronized with the main repo.

2) Check the releases. Here you can find a PDF, an archive containing the sources, and a DocX document for any given tagged version. Please note that the documents are generated automatically per tag.

3) Get the book as a printed version. A hardcopy of the book can be ordered via lulu.com. This version of the book is not completely aligned with book printing standards, but we are improving each version. If you recognize any issues or mistakes, even small ones, please raise an issue so we can fix it in the next version.

4) Get the e-book. The book is available for free, but you can choose to purchase it at a price of your choice if you wish to support our project. All funds raised through sales of the e-book go directly into the project budget and will be used to fund the production of future releases.

5) Clone the repository and run the document generator (requires Docker). This produces the PDF, Epub, Mobi, and DOCX in the root of the MSTG folder.


$ git clone https://github.com/OWASP/owasp-mstg/

$ cd owasp-mstg/

$ ./tools/docker/run_docker_mstg_generation_on_local.sh

6) Just check the latest build of the repository at Github actions. This offers you the latest SNAPSHOT version of the document to download.

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Detailed fresh Proxies List


https://pastebin.com/B4VVS0K9

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑A GOOD PROXIES LIST :

http://travelvpn.info
http://www.proxy-2014.com
http://anonymouse.org
http://surf-for-free.com
http://greatestfreeproxy.com
https://www.crazyproxy.org
http://websurfproxy.me
http://viewyoutube.net
http://www.unblockmyweb.com
http://youserver.nu
https://www.mehide.asia
http://fastusaproxy.com
http://canadaproxy.info
http://justunblockit.com
http://proxyinternet.info
http://webproxyfree.net
https://www.extremeproxy.us
http://krproxy.info
http://hostapp.eu
https://funproxy.net
http://zendproxy.com
https://www.networkbypass.com
http://dzhot.us
https://www.proxypirate.co.uk
http://www.zalmos.com
https://www.proxytube.info
http://interncloud.info
http://proxy4freedom.com
https://www.sslproxy.org.uk
http://vpnbrowse.com
http://proxys.pw
http://www.phproxysite.com

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Practical PLC Programming (PLC II) —1.66 GB—

https://mega.nz/#F!igcEkCAI!Ml8NqStrX3jFiep_kFT1qg


🦑Process Visualization with HMI / SCADA (PLC III) 4.03 GB

https://mega.nz/#F!Ot8mwKJS!S3gGUemgM7cgF59zru7K2Q

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Website provides Paid vcc :

https://myvcc.biz/

https://dreamweavervcc.com/

https://entropay.com/

https://ezzocard.com/

https://supervcc.com/

https://egiftcards24.com/

https://instavcc.com/

http://vccguru.com/

https://wirexapp.com/


▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑NEW TERMUX PACKAGES :

aircrack-ng yes pkg install root-repo
pkg


bettercap yes pkg install root-repo
pkg install bettercap


metasploit no pkg install unstable-repo
pkg install metasploit


nmap recommended pkg install nmap


tshark yes pkg install root-repo
pkg install tshark


sqlmap no pkg install unstable-repo
pkg install sqlmap


wireshark-gtk yes pkg install x11-repo
pkg install wireshark-gtk

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Analysis of the OpenSSL program concept and the "heart bleeding" vulnerability that shocked the industry

Public key/private key/signature/verify signature/encryption/decryption/asymmetric encryption

1) Our general encryption is to use a password to encrypt a file, and then decrypt it with the same password. This is easy to understand, this is a symmetric encryption.

2) In some encryption, one password is used for encryption, and another set of passwords is used for decryption. This is called Asymmetric encryption means that the encryption and decryption passwords are not the same.

3) People who are in contact for the first time may not understand it anyway. In fact, this is an application of the principle of mathematics for the product of prime numbers. If you must understand, Baidu has a big You can see a lot of data, and the result is to use one of this set of keys to encrypt data, and you can use the other to unlock it.

4) Yes, yes, both public and private keys can be used to encrypt data. The other is to unlock, the public key encrypts the data, and then the private key decrypts it is called encryption and decryption, the private key encrypts the data, and the public key decryption is generally called signature and verification signature.

5) Because the data encrypted by the public key can only be unlocked by its corresponding private key, you can give the public key to the person and the person, and let him encrypt the data he wants to send to you. This data can only reach you with the private key. , It can be unlocked into useful data. Others get it and understand the content. Similarly, if you sign the data with your private key, then this data can only be unlocked by the paired public key. There is this private key. The key is only you, so if the paired public key unlocks the data, it means that the data was sent by you, on the contrary, it is not. This is called a signature.


@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 2020 Cyber Security Awareness - Malware Explained

https://mega.nz/folder/ap0RTbIS#R3flkOZ7o-N9JIxwP5Yjfw

1. Introduction
https://mega.nz/folder/u1lFFLTT#wfhjchscdbcKKEedRN65kg

2. Malware Background
https://mega.nz/folder/jh9nHJhL#900EX1GSgkLc58Yha0mLlw

3. Malware Risks and Implications
https://mega.nz/folder/XgsFFZqa#cryB6zIx9sQBzGUQe2K8cA

4. Protection from Malware
https://mega.nz/folder/CltDRTDR#PJgoE3zSv8H9kDGgu9fLdQ

5. Wrapping Up
https://mega.nz/folder/LtkDWJYB#Yv59y2fHHpcSNr6bePfsZQ

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑FOR ANY REAL WIFI HACKING -TERMUX
HOW TTO Acquiring monitor mode on device?

Running command "airodump-ng mon0" (SSIDs/MACs are censored).
You will need an utility "iw" to be installed which lately will be used to modify Wi-Fi module configuration:

1) pkg upgrade

2) pkg install root-repo

3) pkg install iw

4) Plug in the Wi-Fi USB stick and execute next command:

5) iw phy phy1 interface add mon0 type monitor

6) There shouldn't be any error if kernel is properly configured and drivers support monitor mode.

7) To check whether monitor mode is active, use iw dev.

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to use DSRM password synchronization to persist domain management authority ?

1) Modify the registry to allow remote access to DSRM accounts

2) Modify the value of DSRMAdminLogonBehavior under the registry HKLM\System\CurrentControlSet\Control\Lsa path to 2.

PS: DSRMAdminLogonBehavior does not exist by default, please add it manually.

3) Use HASH to remotely log in to the domain controller

In any host in the domain, start the Frenchman artifact and execute

Privilege::debug

sekurlsa::pth /domain:WIN2K8-DC /user:Administrator /ntlm:bb559cd28c0148b7396426a80e820e20

4) A CMD will pop up, as shown in the lower right corner of the figure below. This CMD has the authority to access the domain control. The CMD in the lower left corner is a local CMD started directly by Ctrl+R, and you can see that you do not have permission to access the domain control.

A note
5) The DSRM account is the local administrator account of the domain controller, not the domain administrator account. Therefore, the DSRM password synchronization will not affect the domain administrator account. In addition, the value of NTLM remains valid until the next DSRM password synchronization. Therefore, in order to ensure the persistence of permissions, especially in multinational domains or large intranets with hundreds or thousands of domains, it is best to filter the event log with the event ID 4794 in the security events of the event viewer to determine whether the domain management is frequent Perform DSRM password synchronization operations.

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑BEST HOME SECURITY APPS :

https://play.google.com/store/apps/details?id=com.androidauthority.app

https://play.google.com/store/apps/details?id=com.androidauthority.app

https://play.google.com/store/apps/details?id=com.androidauthority.app

https://play.google.com/store/apps/details?id=com.androidauthority.app

https://play.google.com/store/apps/details?id=com.ivideon.client&hl=en

https://play.google.com/store/apps/details?id=com.mcu.reolink

https://play.google.com/store/apps/details?id=com.ivuu&hl=en

https://play.google.com/store/apps/details?id=com.surveillancesystem.isecurity&hl=en

https://itunes.apple.com/us/app/reolink/id995927563?mt=8

https://itunes.apple.com/us/app/presence-free-smart-home-motion/id618598211?mt=8

https://itunes.apple.com/us/app/isentry/id396777365?mt=8

https://itunes.apple.com/us/app/athome-camera-mobile-home/id305567000?mt=8

https://itunes.apple.com/us/app/alarm.com/id315010649?mt=8

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Network sniffing :

sniffglue is a network sniffer written in rust. Network packets are parsed concurrently using a thread pool to utilize all cpu cores. Project goals are that you can run sniffglue securely on untrusted networks and that it must not crash when processing packets. The output should be as useful as possible by default.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1) apt install debian-keyring

2) gpg -a --export --keyring /usr/share/keyrings/debian-maintainers.gpg git@rxv.cc | apt-key add -
apt-key adv --keyserver keyserver.ubuntu.com --refresh-keys git@rxv.cc

3) echo deb http://apt.vulns.sexy stable main > /etc/apt/sources.list.d/apt-vulns-sexy.list

4) apt update

5) apt install sniffglue

6) sniff with default filters (dhcp, dns, tls, http)
sniffglue enp0s25

7) increase the filter sensitivity (arp)
sniffglue -v enp0s25

8) increase the filter sensitivity (cjdns, ssdp, dropbox, packets with valid utf8)
sniffglue -vv enp0s25

9) almost everything
sniffglue -vvv enp0s25

10) everything
sniffglue -vvvv enp0s25

@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁