β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Hidden gesture in iOS 14 speeds up navigation through system settings :
1) Apple always finds a way to offer seemingly subtle features that make the iPhone more convenient. IOS 14 has a hidden gesture that allows you to move around faster in system settings.
2) If you go deep into the settings, you can forget exactly where you are. Search is only available on the main settings page, so you have to return to it.
3) Let's say you're looking for the history of a specific place in the Highlights menu and want to go back and check for software updates or enable some accessibility features. You will need to go back to Important Locations> System Services> Location Services> Privacy> Settings. To do this, you need to click on the "Back" button in the upper left corner or make a gesture from left to right. That means five gestures or taps to get to the main settings screen.
4) Apple has made it easy to navigate to a specific Settings page in iOS 14. This applies to any Apple app. When you're in Settings, press and hold the Back button in the upper left corner. A small menu will appear, displaying in reverse order all the pages you have visited to get to your current location.
5) Thus, you move your finger to the page you want in the list and release. After that, this page opens.
6) This can be done not only in the system settings. This feature is supported in the App Store, Books, Calendar, Clock, Contacts, Files, FaceTime, Notes, Mail, Music, News, Keynote, Numbers, Pages, Phone, Photos, Podcasts, and Safari. Third-party apps can also get this option if their developers want it.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Hidden gesture in iOS 14 speeds up navigation through system settings :
1) Apple always finds a way to offer seemingly subtle features that make the iPhone more convenient. IOS 14 has a hidden gesture that allows you to move around faster in system settings.
2) If you go deep into the settings, you can forget exactly where you are. Search is only available on the main settings page, so you have to return to it.
3) Let's say you're looking for the history of a specific place in the Highlights menu and want to go back and check for software updates or enable some accessibility features. You will need to go back to Important Locations> System Services> Location Services> Privacy> Settings. To do this, you need to click on the "Back" button in the upper left corner or make a gesture from left to right. That means five gestures or taps to get to the main settings screen.
4) Apple has made it easy to navigate to a specific Settings page in iOS 14. This applies to any Apple app. When you're in Settings, press and hold the Back button in the upper left corner. A small menu will appear, displaying in reverse order all the pages you have visited to get to your current location.
5) Thus, you move your finger to the page you want in the list and release. After that, this page opens.
6) This can be done not only in the system settings. This feature is supported in the App Store, Books, Calendar, Clock, Contacts, Files, FaceTime, Notes, Mail, Music, News, Keynote, Numbers, Pages, Phone, Photos, Podcasts, and Safari. Third-party apps can also get this option if their developers want it.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Add Titles to Photos and Videos on iOS 14 for Easier Search :
1) If you have been using iPhone for several days, then you probably have a lot of videos and photos in iCloud storage or on the device itself. If you don't know the date, location, or event, finding the photo or video you want can be tricky. Even smart search suggestions, AI-generated hints, and multi-keyword filters may not help. This should change in iOS 14.
2) The Photos app on iOS lacked a tagging system. With their help, you can record keywords for each photo and video without relying on their automatic creation. When you search for a specific keyword, it will appear immediately.
3) This feature will appear in iOS 14. You can write a caption for any photo and video in the Photos application and then search by it. If you use iCloud Photos, all signatures are synced across all your devices, allowing you to search from anywhere. Anyone who can access Exif data can also read your signatures.
4) The only problem is adding captions to thousands of existing photos and videos. At the very least, captions can be easily added to new pictures.
5) Add captions to photos and videos
When viewing photos and videos in the Photos app or the Camera app, swipe up the screen. then you can see the effects of Live Photos, people and places. Below the image or clip there is a command "Add caption". Click on it, write a signature, tag or label and click "Finish".
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Add Titles to Photos and Videos on iOS 14 for Easier Search :
1) If you have been using iPhone for several days, then you probably have a lot of videos and photos in iCloud storage or on the device itself. If you don't know the date, location, or event, finding the photo or video you want can be tricky. Even smart search suggestions, AI-generated hints, and multi-keyword filters may not help. This should change in iOS 14.
2) The Photos app on iOS lacked a tagging system. With their help, you can record keywords for each photo and video without relying on their automatic creation. When you search for a specific keyword, it will appear immediately.
3) This feature will appear in iOS 14. You can write a caption for any photo and video in the Photos application and then search by it. If you use iCloud Photos, all signatures are synced across all your devices, allowing you to search from anywhere. Anyone who can access Exif data can also read your signatures.
4) The only problem is adding captions to thousands of existing photos and videos. At the very least, captions can be easily added to new pictures.
5) Add captions to photos and videos
When viewing photos and videos in the Photos app or the Camera app, swipe up the screen. then you can see the effects of Live Photos, people and places. Below the image or clip there is a command "Add caption". Click on it, write a signature, tag or label and click "Finish".
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Why Linux does not see Wi-Fi adapters in WSL ?
Linux in WSL does not have direct access to the computer hardware. For this reason, it is not possible to use Wi-Fi adapters, even USB Wi-Fi adapters, in WSL.
1) Can Linux in WSL use graphics cards to perform computation
> At the moment Linux in WSL cannot use GPUs, but they promise to add this feature later.
2) Error in WSL (Kali Linux, Ubuntu) "sleep: cannot read realtime clock: Invalid argument"
An error can occur when trying to install the program:
> sudo apt install ΠΠΠΠΠ’
Or when updating packages and the system:
> sudo apt update && sudo apt full-upgrade -y
3) These commands will output something like the following:
E: Unmet dependencies. Try 'apt --fix-broken install' with no packages (or specify a solution).
Running
4) sudo apt --fix-broken install
will lead to other errors:
sleep: cannot read realtime clock: Invalid argument
dpkg: error processing package libc6:amd64 (--configure):
installed libc6:amd64 package post-installation script subprocess returned error exit status 1
Errors were encountered while processing:
libc6:amd64
E: Sub-process /usr/bin/dpkg returned an error code (1)
And so on ad infinitum.
5) To fix, run the following commands:
sudo -i
>sudo mv /bin/sleep /bin/sleep~;
touch /bin/sleep;
>chmod +x /bin/sleep
Then try again
>sudo apt --fix-broken install
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Why Linux does not see Wi-Fi adapters in WSL ?
Linux in WSL does not have direct access to the computer hardware. For this reason, it is not possible to use Wi-Fi adapters, even USB Wi-Fi adapters, in WSL.
1) Can Linux in WSL use graphics cards to perform computation
> At the moment Linux in WSL cannot use GPUs, but they promise to add this feature later.
2) Error in WSL (Kali Linux, Ubuntu) "sleep: cannot read realtime clock: Invalid argument"
An error can occur when trying to install the program:
> sudo apt install ΠΠΠΠΠ’
Or when updating packages and the system:
> sudo apt update && sudo apt full-upgrade -y
3) These commands will output something like the following:
E: Unmet dependencies. Try 'apt --fix-broken install' with no packages (or specify a solution).
Running
4) sudo apt --fix-broken install
will lead to other errors:
sleep: cannot read realtime clock: Invalid argument
dpkg: error processing package libc6:amd64 (--configure):
installed libc6:amd64 package post-installation script subprocess returned error exit status 1
Errors were encountered while processing:
libc6:amd64
E: Sub-process /usr/bin/dpkg returned an error code (1)
And so on ad infinitum.
5) To fix, run the following commands:
sudo -i
>sudo mv /bin/sleep /bin/sleep~;
touch /bin/sleep;
>chmod +x /bin/sleep
Then try again
>sudo apt --fix-broken install
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦why a beginer should Learn multiple programming languages ?
#forBeginers
As we all know, in order to break the rules, you need to know them first. The same principle works for programming: in order to crack someone's code, you must know how programming languages ββwork and be able to program yourself. Some of the more recommended languages ββfor learning:
A) Python: This is perhaps the best language for web development. Two large frameworks are written on it, on which a huge number of web applications have been created, these are Flask and Django. The language is well built and well documented. Most importantly, it is very easy to learn. By the way, many developers use Python to create simple and complete automation.
B) C ++: a language used in industrial programming. It is taught in schools and universities. Servers are written on it. I recommend that you start learning languages ββwith it, since it contains all the principles of OOP. Having learned to work with it, you can easily master other languages.
C) JavaScript, JQuery: Basically almost all sites use JS and JQuery. You need to be aware that these sites depend on JS, such as password forms. After all, some sites do not allow you to select and copy some information, do not allow you to download a file or view the content, however, to do this, it is enough to disable JS in the browser. Well, to disable JavaScript, you need to know: a) in what situations the work (protection) of the site depends on it; b) how JavaScript is connected and in what ways you can block scripts.
D) SQL: the fun part. All passwords, personal data are stored in databases written in SQL. The most common database management system is MySQL. To understand how to use MySQL injection, you need to know what MySQL injection is. To grasp the essence of MySQL injection, you need to know what MySQL queries are, what the syntax of these queries is, what the database structure is, how data is stored, what tables are, etc.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦why a beginer should Learn multiple programming languages ?
#forBeginers
As we all know, in order to break the rules, you need to know them first. The same principle works for programming: in order to crack someone's code, you must know how programming languages ββwork and be able to program yourself. Some of the more recommended languages ββfor learning:
A) Python: This is perhaps the best language for web development. Two large frameworks are written on it, on which a huge number of web applications have been created, these are Flask and Django. The language is well built and well documented. Most importantly, it is very easy to learn. By the way, many developers use Python to create simple and complete automation.
B) C ++: a language used in industrial programming. It is taught in schools and universities. Servers are written on it. I recommend that you start learning languages ββwith it, since it contains all the principles of OOP. Having learned to work with it, you can easily master other languages.
C) JavaScript, JQuery: Basically almost all sites use JS and JQuery. You need to be aware that these sites depend on JS, such as password forms. After all, some sites do not allow you to select and copy some information, do not allow you to download a file or view the content, however, to do this, it is enough to disable JS in the browser. Well, to disable JavaScript, you need to know: a) in what situations the work (protection) of the site depends on it; b) how JavaScript is connected and in what ways you can block scripts.
D) SQL: the fun part. All passwords, personal data are stored in databases written in SQL. The most common database management system is MySQL. To understand how to use MySQL injection, you need to know what MySQL injection is. To grasp the essence of MySQL injection, you need to know what MySQL queries are, what the syntax of these queries is, what the database structure is, how data is stored, what tables are, etc.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Quickbooks Basic to Advance Training Realtime Projects new
https://mega.nz/folder/0IwDkYRR#LMzVjwgQvQv3gEKbh6STZQ
https://mega.nz/folder/0IwDkYRR#LMzVjwgQvQv3gEKbh6STZQ
mega.nz
2.12 GB folder on MEGA
159 files
Full BURPSUITE COURSE
https://drive.google.com/uc?id=1wooMCvucNUPzbtZO5pLsQR0jIiV3lGA5&export=download
https://drive.google.com/uc?id=1wooMCvucNUPzbtZO5pLsQR0jIiV3lGA5&export=download
The Complete Web Developer in 2020: Zero to Mastery
https://drive.google.com/drive/folders/1KFyBfBQjvbjl9TfOStC4JQGmLBl1crcE
https://drive.google.com/drive/folders/1KFyBfBQjvbjl9TfOStC4JQGmLBl1crcE
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Control your phone using advantages of the termux-api over ssh from your linux pc.
F E A T U R E S :
arp-scan* - for scanning phone's IP adress from it's MAC
ssh* - core of whole script
sshfs - for mounting folder option
sqlite3 - for sms option, parsing the sms databases
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/KebabLord/teriyaki.git
2) cd teriyaki
3) After you updated script's first line with your phone's mac address, generate ssh keys using:
$ ssh-keygen -t rsa -f ./teriyaki_key -N " " -q
4) copy the public key (the one ending with .pub) to phone and keep the secret key on PC.
After that, on termux:
$ cat teriyaki_key.pub >> ~/.ssh/authorized_keys
5) edit script's 2nd line with the location of your key on PC.
$ mv ./teriyaki_key ~/.ssh/ PHONE_KEY="~/.ssh/teriyaki_key"
6) Detailed answer
First of all start by adding your phone's mac address to script's 2nd line. You can find your phone's mac address in phone settings>system>about phone>status>Wifi mac adress or from your wireless' admin panel, or using nmap like tools. The script needs your phone's MAC in order to find it's current IP address. MAC addresses are static unlike IP.
7) Now you need to exchange secret key in order to use teriyaki script without getting "enter ssh password" prompt every single time.
8) Generate an ssh secret key on your computer, the command below will generate a key with no password named teriyaki_key.
$ ssh-keygen -t rsa -f ./teriyaki_key -N " " -q
9) There will be 2 files generated after the command above. Copy the one ending with .pub to your phone. Keep the other on computer, you may move it to ~/.ssh folder also.
Now on termux, add the public key you generated on computer to ssh's authorized keys file using
$ cat teriyaki_key.pub >> ~/.ssh/authorized_keys
10) Now you can connect to termux ssh from pc using the secret key instead of entering password everytime, it's also more secure.
eg:$ ssh phoneip -p 8022 -i ~/.ssh/teriyaki_key
11) Now update the script (3rd line) with your secret key's location.
PHONE_KEY="~/.ssh/teriyaki_key"
Script is now ready to go. Don't forget to start ssh daemon (sshd) on termux before you use the script. You may want to acquire wake lock for faster response and to avoid timeouts.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Control your phone using advantages of the termux-api over ssh from your linux pc.
F E A T U R E S :
arp-scan* - for scanning phone's IP adress from it's MAC
ssh* - core of whole script
sshfs - for mounting folder option
sqlite3 - for sms option, parsing the sms databases
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) git clone https://github.com/KebabLord/teriyaki.git
2) cd teriyaki
3) After you updated script's first line with your phone's mac address, generate ssh keys using:
$ ssh-keygen -t rsa -f ./teriyaki_key -N " " -q
4) copy the public key (the one ending with .pub) to phone and keep the secret key on PC.
After that, on termux:
$ cat teriyaki_key.pub >> ~/.ssh/authorized_keys
5) edit script's 2nd line with the location of your key on PC.
$ mv ./teriyaki_key ~/.ssh/ PHONE_KEY="~/.ssh/teriyaki_key"
6) Detailed answer
First of all start by adding your phone's mac address to script's 2nd line. You can find your phone's mac address in phone settings>system>about phone>status>Wifi mac adress or from your wireless' admin panel, or using nmap like tools. The script needs your phone's MAC in order to find it's current IP address. MAC addresses are static unlike IP.
7) Now you need to exchange secret key in order to use teriyaki script without getting "enter ssh password" prompt every single time.
8) Generate an ssh secret key on your computer, the command below will generate a key with no password named teriyaki_key.
$ ssh-keygen -t rsa -f ./teriyaki_key -N " " -q
9) There will be 2 files generated after the command above. Copy the one ending with .pub to your phone. Keep the other on computer, you may move it to ~/.ssh folder also.
Now on termux, add the public key you generated on computer to ssh's authorized keys file using
$ cat teriyaki_key.pub >> ~/.ssh/authorized_keys
10) Now you can connect to termux ssh from pc using the secret key instead of entering password everytime, it's also more secure.
eg:$ ssh phoneip -p 8022 -i ~/.ssh/teriyaki_key
11) Now update the script (3rd line) with your secret key's location.
PHONE_KEY="~/.ssh/teriyaki_key"
Script is now ready to go. Don't forget to start ssh daemon (sshd) on termux before you use the script. You may want to acquire wake lock for faster response and to avoid timeouts.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
KebabLord/teriyaki
Control your phone using advantages of the termux-api over ssh from your linux pc. - KebabLord/teriyaki
π¦Bash2Mp4 is a tool to Download Videos.This tool can Download Videos from more than 20 sites.This Tool is created for Educational Purpose only.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) apt update
2) apt install git -y
3) git clone https://github.com/htr-tech/bash2mp4
4) cd bash2mp4
5) bash setup.sh
6) Type b2mp4 to run the Tool.
Or, Use Single Command
apt update && apt install git -y && git clone https://github.com/htr-tech/bash2mp4 && cd bash2mp4 && bash setup.
β
β β β Uππ»βΊπ«Δπ¬πβ β β β
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) apt update
2) apt install git -y
3) git clone https://github.com/htr-tech/bash2mp4
4) cd bash2mp4
5) bash setup.sh
6) Type b2mp4 to run the Tool.
Or, Use Single Command
apt update && apt install git -y && git clone https://github.com/htr-tech/bash2mp4 && cd bash2mp4 && bash setup.
β
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦how see gmail from youtube:
1) go to the channel page and click on the βAboutβ tab.
2)Many YouTubers leave an email address for inquiries. All you have to do is complete the human verification, and it will show the email address to contact the YouTube user.
3) note that not all YouTube users put their email address in.
4) this all:)
π¦Methode 2 :
1) YouTube will not directly tell users what email address is tied to their channel(s) in the event they forget.
2) The Account Recovery options they provide is all users have to try and recall your channel login. If the options do not successfully regain access to a channel, there is nothing further they can do to assist.
3) If you are able to log into a Google Account, but are unsure if that account has access to the channel, you can visit https://www.youtube.com/channel_switcher while logged in to see if the channel in question is listed.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦how see gmail from youtube:
1) go to the channel page and click on the βAboutβ tab.
2)Many YouTubers leave an email address for inquiries. All you have to do is complete the human verification, and it will show the email address to contact the YouTube user.
3) note that not all YouTube users put their email address in.
4) this all:)
π¦Methode 2 :
1) YouTube will not directly tell users what email address is tied to their channel(s) in the event they forget.
2) The Account Recovery options they provide is all users have to try and recall your channel login. If the options do not successfully regain access to a channel, there is nothing further they can do to assist.
3) If you are able to log into a Google Account, but are unsure if that account has access to the channel, you can visit https://www.youtube.com/channel_switcher while logged in to see if the channel in question is listed.
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Grow a Profitable Affiliate Website with Long Tail Keywords That Ranks in Google. Learn from people with experience, and build a successful online businessβ¦
https://mega.nz/folder/RYxmyIDS#dG6ASQ2bFuqbYMncFrtuZg
https://mega.nz/folder/RYxmyIDS#dG6ASQ2bFuqbYMncFrtuZg
mega.nz
6.67 GB folder on MEGA
146 files and 17 subfolders
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Exploitation of the blind command injection vulnerability
#FastTips
1) A command injection (also known as remote code execution) vulnerability allows commands to be executed at the operating system level. Such vulnerabilities can be found in web applications, routers.
2) A detailed description of this vulnerability and methods of exploitation are described in the article " OS Command Injection : Concept, Operation, Automated Vulnerability Search".
3) mentions the blind command injection vulnerability and shows examples of its exploitation. However, the blind vulnerability is harder to understand and slightly harder to exploit - instead of injecting a payload and watching the results right in a browser window or console, you need to use a third-party web server.
βββββββββββββββββββββββ-
π¦For training we need:
1) machine with web server and vulnerable web application
2) attacker's web server - it could be a second machine on the local network or your hosting
The following script will execute the role of the vulnerable application:
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>undercode </title>
</head>
<body>
<form>
<input name="message" type="text" />
<input type="submit">
</form>
<?php
if (isset($_GET["message"])) {
exec ('echo ' . $_GET["message"] . ' >> /tmp/messages');
}
?>
</body>
</html>
written
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Exploitation of the blind command injection vulnerability
#FastTips
1) A command injection (also known as remote code execution) vulnerability allows commands to be executed at the operating system level. Such vulnerabilities can be found in web applications, routers.
2) A detailed description of this vulnerability and methods of exploitation are described in the article " OS Command Injection : Concept, Operation, Automated Vulnerability Search".
3) mentions the blind command injection vulnerability and shows examples of its exploitation. However, the blind vulnerability is harder to understand and slightly harder to exploit - instead of injecting a payload and watching the results right in a browser window or console, you need to use a third-party web server.
βββββββββββββββββββββββ-
π¦For training we need:
1) machine with web server and vulnerable web application
2) attacker's web server - it could be a second machine on the local network or your hosting
The following script will execute the role of the vulnerable application:
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>undercode </title>
</head>
<body>
<form>
<input name="message" type="text" />
<input type="submit">
</form>
<?php
if (isset($_GET["message"])) {
exec ('echo ' . $_GET["message"] . ' >> /tmp/messages');
}
?>
</body>
</html>
written
@UndercodeTesting
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦start hacking for beginers :
1) Penetration Testing of an FTP Server:
https://medium.com/p/19afe538be4b
2) Reverse Engineering of the Anubis Malware Γ’β¬β Part 1:
https://medium.com/p/741e12f5a6bd
3) Privilege Escalation on Linux with Live examples:
https://resources.infosecinstitute.com/privilege-escalation-linux-live-examples/
4) Pentesting Cheatsheets:
https://ired.team/offensive-security-experiments/offensive-security-cheetsheets
5) Powershell Payload Delivery via DNS using Invoke-PowerCloud:
https://ired.team/offensive-security-experiments/payload-delivery-via-dns-using-invoke-powercloud
6) SMART GOOGLE SEARCH QUERIES TO FIND VULNERABLE SITES Γ’β¬β LIST OF 4500+ GOOGLE DORKS:
https://sguru.org/ghdb-download-list-4500-google-dorks-free/
7) SQL Injection Cheat Sheet:
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
8) SQLmapΓ’β¬β’s os-shell + Backdooring website with Weevely:
https://medium.com/p/8cb6dcf17fa4
9) SQLMap Tamper Scripts (SQL Injection and WAF bypass) Tips:
https://medium.com/p/c5a3f5764cb3
10 )BugBounty Γ’β¬β How I was able to download the Source Code of IndiaΓ’β¬β’s Largest Telecom Service Provider including dozens of more popular websites!:
https://medium.com/p/52cf5c5640a1
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦start hacking for beginers :
1) Penetration Testing of an FTP Server:
https://medium.com/p/19afe538be4b
2) Reverse Engineering of the Anubis Malware Γ’β¬β Part 1:
https://medium.com/p/741e12f5a6bd
3) Privilege Escalation on Linux with Live examples:
https://resources.infosecinstitute.com/privilege-escalation-linux-live-examples/
4) Pentesting Cheatsheets:
https://ired.team/offensive-security-experiments/offensive-security-cheetsheets
5) Powershell Payload Delivery via DNS using Invoke-PowerCloud:
https://ired.team/offensive-security-experiments/payload-delivery-via-dns-using-invoke-powercloud
6) SMART GOOGLE SEARCH QUERIES TO FIND VULNERABLE SITES Γ’β¬β LIST OF 4500+ GOOGLE DORKS:
https://sguru.org/ghdb-download-list-4500-google-dorks-free/
7) SQL Injection Cheat Sheet:
https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/
8) SQLmapΓ’β¬β’s os-shell + Backdooring website with Weevely:
https://medium.com/p/8cb6dcf17fa4
9) SQLMap Tamper Scripts (SQL Injection and WAF bypass) Tips:
https://medium.com/p/c5a3f5764cb3
10 )BugBounty Γ’β¬β How I was able to download the Source Code of IndiaΓ’β¬β’s Largest Telecom Service Provider including dozens of more popular websites!:
https://medium.com/p/52cf5c5640a1
@undercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Medium
Penetration Testing of an FTP Server
Welcome to Internal penetration testing on FTP server where you will learn FTP installation and configuration, enumeration and attackβ¦