▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#FASTTIP :log formats and values are supported for the --log-format option :

COMBINED - combined journal format,

VCOMBINED - combined log format with a virtual host,

COMMON is a regular log format,

VCOMMON - a regular log format with a virtual host,

W3C is an extended W3C log format,

SQUID - Squid's native log format,

CLOUDFRONT - Amazon CloudFront Web Distribution,

CLOUDSTORAGE - Google Cloud Storage,

AWSELB - Amazon Elastic Load Balancing,

AWSS3 - Amazon Simple Storage Service (S3)

written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Feature Engineering for Machine Learning —-3.76 GB—

https://www.udemy.com/course/feature-engineering-for-machine-learning/

https://mega.nz/#F!y5kUlICK!XOQA-9hzFSrvRv1_w7yYHw

Secure Coding- Identifying and Mitigating XML External Entity (XXE) Vulnerabilities —-136 MB—

#Requested

https://www.pluralsight.com/courses/secure-coding-identifying-mitigating-xxe-vulnerabilities

https://mega.nz/#F!MEJyWCBS!dbu--O0N-SO1rK4JCDQJjA

🦑Hacking framework This framework is designed to perform penetration testing. Its functions:

> Scan sql vulnerability

> Scan xxs vulnerability

>Dos sites

>Brutforce Ftp

> Brutforse SSh

> Brutforse mail Accounts

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣git clone https://github.com/b3-v3r/Hunner.git

2️⃣cd Hunner

3️⃣python2 hunner.py

(choose options via numbers)

4️⃣for launching only hacking modules
launch as python

>cd modules

banner.py


dos.py

ftp.py

hun_listener.py

Update mail.py

ssh.py

5️⃣include passwordlist

Share us❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What does that mean?

It simply means that you can throw any suspicious file at it and in a matter of seconds Cuckoo will provide you back some detailed results outlining what such file did when executed inside an isolated environment.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

🦑FOR PARROT-KALI :

You can either run Cuckoo from your own user or create a new one dedicated just for your sandbox setup. Make sure that the user that runs Cuckoo is the same user that you will use to create and run the virtual machines (at least in the case of VirtualBox), otherwise Cuckoo won’t be able to identify and launch these Virtual Machines.

1️⃣clone https://github.com/cuckoosandbox/cuckoo
or open terminal and type


$ sudo pip install -U pip setuptools

2️⃣$ sudo pip install -U cuckoo

3️⃣$ virtualenv venv

4️⃣$ . venv/bin/activate

5️⃣(venv)$ pip install -U pip setuptools

6️⃣(venv)$ pip install -U cuckoo

🦑Install Cuckoo from file methode 2 -
You will end up with a file Cuckoo-2.0.0.tar.gz (or a higher number, depending on the latest released stable version) as well as all of its dependencies (e.g., alembic-0.8.8.tar.gz).


1️⃣DOWNLOAD https://cuckoosandbox.org/

2️⃣$ pip download cuckoo

3️⃣$ pip install Cuckoo-2.0.0.tar.gz

4️⃣$ pip install *.tar.gz

5️⃣choose option simply

Share us❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑ANONYMOUS VPN/PROXIES 2020

- 7Proxies https://www.7proxies.com/

- AirVPN https://airvpn.org/

- Cryptostorm https://cryptostorm.is/

- Cyberghost https://www.cyberghostvpn.com/en_US/

- ExpressVPN https://www.expressvpn.com

- FreeVPN https://freevpn.me/

- HideMyAss https://www.hidemyass.com/

- IpPVanish https://www.ipvanish.com/

- NordVPN https://nordvpn.com

- PIA https://www.privateinternetaccess.com/

- ProntonVPN https://protonvpn.com/

- Proxy.sh https://proxy.sh/

- SlickVPN https://www.slickvpn.com

- StrongVPN https://strongvpn.com/

- TorGuard https://torguard.net/

- TunnelBear https://www.tunnelbear.com/

- VPNBook (por defecto) http://www.vpnbook.com/

- VPNGate http://www.vpngate.net/en/

- VPNKeys https://www.vpnkeys.com/

- VPNMe https://www.vpnme.me/

- Vyprvpn https://www.goldenfrog.com/es/vyprvpn


Share us❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑A REAL extremely buggy web app 2020 RECOMMENDED BY Undercode :

FEATURES :

SQL, HTML, iFrame, SSI, OS Command, PHP, XML, XPath, LDAP and SMTP injections

Blind SQL injection and Blind OS Command injection

Boolean-based and time-based Blind SQL injections

Drupageddon and Drupalgeddon2 (CVE-2018-7600)

AJAX and Web Services issues (JSON/XML/SOAP)

Heartbleed vulnerability (OpenSSL) + detection script included

Shellshock vulnerability (CGI)

Cross-Site Scripting (XSS) and Cross-Site Tracing (XST)

phpMyAdmin BBCode Tag XSS

Cross-Site Request Forgery (CSRF)

Information disclosures: favicons, version info, custom headers,...

Unrestricted file uploads and backdoor files

Old, backup & unreferenced files

Authentication, authorization and session management issues

Password and CAPTCHA attacks

Insecure DistCC, FTP, NTP, Samba, SNMP, VNC, WebDAV configurations

Arbitrary file access with Samba

Directory traversals and unrestricted file access

Local and remote file inclusions (LFI/RFI)

Server Side Request Forgery (SSRF)

XML External Entity attacks (XXE)

Man-in-the-Middle attacks (HTTP/SMTP)

HTTP parameter pollution and HTTP verb tampering

Denial-of-Service (DoS) attacks: Slow Post, SSL-Exhaustion, XML Bomb,...

POODLE vulnerability

BREACH/CRIME/BEAST SSL attacks

HTML5 ClickJacking and web storage issues

Insecure iFrame (HTML5 sandboxing)

Insecure cryptographic storage

Cross-Origin Resource Sharing (CORS) issues

Cross-domain policy file attacks (Flash/Silverlight)

Local privilege escalations: udev, sendpage

Cookie and password reset poisoning

Host header attacks: password reset poisoning en cache pollutions

PHP CGI remote code execution

Dangerous PHP Eval function

Local and remote buffer overflows (BOF)

phpMyAdmin and SQLiteManager vulnerabilities

Nginx web server vulnerabilities

HTTP response splitting, unvalidated redirects and forwards

WSDL SOAP vulnerabilities

Form-based authentication and No-authentication modes

Active Directory LDAP integration

Fuzzing possibilities
and much more...

HINT: download our bee-box VM > it has ALL necessary extensions

bee-box is compatible with VMware and VirtualBox!

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 :

DOWNLOAD APP :
https://sourceforge.net/projects/bwapp/

ENJOY 🦑👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Get rid of the spy in your own pocket. make sure the story doesn't repeat itself:
#FastTips

1) Strengthening protection. Create a complex password consisting of numbers and letters of different registers and change it regularly. Do not use known data (pet name, date of birth, etc.). Turn off storage and use different passwords for different devices;

2) Reliable sources. Download and install applications only from official sites and markets;

3) Advance action. Install anti-virus programs that can protect your data.

4) Regular cleaning. Create an additional storage space for important files and delete unnecessary ones, including messages.

5) Inlet filter. Do not follow suspicious links or open messages from strangers using your mobile email client .

Share us❤️👍🏻
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is Crowbar?
-Hack OpenVpn
*Crowbar (formally known as Levye) is a brute forcing tool that can be used during penetration tests. It was developed to brute force some protocols in a different manner according to other popular brute forcing tools. As an example, while most brute forcing tools use username and password for SSH brute force, Crowbar uses SSH key(s). This allows for any private keys that have been obtained during penetration tests, to be used to attack other SSH servers.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣Kali Linux users can do

# sudo apt install -y crowbar
Else if you wish to install from source, install all the dependencies:

2️⃣Debain 9/10+ & Kali Rolling

# sudo apt install -y nmap openvpn freerdp2-x11 tigervnc-viewer python3 python3-pip

3️⃣Debain 7/8 & Kali 1/2

# sudo apt-get install -y nmap openvpn freerdp-x11 vncviewer

🦑Then get latest version from GitHub:

1️⃣ git clone https://github.com/galkan/crowbar

2️⃣cd crowbar/

3️⃣ pip3 install -r requirements.txt

🦑If you want to use username including DOMAIN, please specify username like below. Backslash (\) is the escape character for python. So you have to use either of the following two formats:

1️⃣ ./crowbar.py -b rdp -u DOMAIN\\gokhan alkan -c Aa123456 -s 10.68.35.150/32
2015-03-28 11:03:39 RDP-SUCCESS : 10.68.35.150:3389 - "DOMAIN\gokhan alkan":Aa123456,


2️⃣ ./crowbar.py -b rdp -u gokhan alkan@ornek -c Aa123456 -s 10.68.35.150/32
2015-03-28 11:04:00 RDP-SUCCESS : 10.68.35.150:3389 - "gokhan alkan@DOMAIN":Aa123456,

🦑HOW USE ?

1️⃣RDP brute forcing a single IP address using username list file and a single password:

# ./crowbar.py -b rdp -s 192.168.2.211/32 -U ~/Desktop/userlist -c passw0rd

2️⃣RDP brute forcing a single IP address using a single username and a password list:

# ./crowbar.py -b rdp -s 192.168.2.250/32 -u localuser -C ~/Desktop/passlist

3️⃣RDP brute forcing a subnet using a username list and a password list in discovery mode:

# ./crowbar.py -b rdp -s 192.168.2.0/24 -U ~/Desktop/userlist -C ~/Desktop/passlist -d

4️⃣Brute Forcing - SSH Private Keys
Below are a few examples which you have using Crowbar.

SSH key brute force attempt to a single IP address using a single username and a single private SSH key:

# ./crowbar.py -b sshkey -s 192.168.2.105/32 -u root -k ~/.ssh/id_rsa

5️⃣SSH key brute force attempt to a single IP address using a single username and all the SSH keys in a folder:

# ./crowbar.py -b sshkey -s 192.168.2.105/32 -u root -k ~/.ssh/

6️⃣SSH key brute force attempt to a subnet using a single username and all the SSH keys in a folder in discovery mode:

# ./crowbar.py -b sshkey -s 192.168.2.0/24 -u root -k ~/.ssh/ -d
PN
Below is an example of attacking OpenVPN using Crowbar.
7️⃣Brute Forcing - OpenV

OpenVPN brute force attempt to a single IP address using a configuration file, a single username and a single password with specified port number and optional certificate file. Doesn't matter if its TCP or UDP:

# grep remote ~/Desktop/vpnbook.ovpn
remote vpn.example.com 1194 udp
# host vpn.example.com | awk '{print $1}'
198.7.62.204
# grep '^auth-user-pass' ~/Desktop/vpnbook.ovpn
# ./crowbar.py -b openvpn -s 198.7.62.204/32 -p 1194 -m ~/Desktop/vpnbook.ovpn -k ~/Desktop/vpnbook_ca.crt -u v


🦑Video tutorial :
https://www.youtube.com/watch?v=4QZAWGsveSM

Share us❤️👍🏻
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Downloading the d3dx9 43 file from unauthorized sources is undesirable because:

1) Such sites distribute malicious software or dummy files that simply have the same name as the desired file. Dummy files often lead to the fact that the user makes the only seemingly correct decision - to completely reinstall the operating system.

2) If you downloaded a file and even know in which directory you need to copy it, this does not mean a 100% solution to the problem. DirectX contains many files, so when you restart it, you may encounter a new error with the name of another missing file.

3) If the d3dx9 43 file is incorrectly overwritten in the System32 folder, the system may fail. It can take anywhere from a few hours to a whole day to fix the error and fix the download.

Share us❤️👍🏻
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

To get rid of constant brute force attacks, you can only select key-based SSH input.

With this approach, you add the public key of the remote client systems to the list of known keys on the SSH server. In this way, these client machines can access SSH without entering a user account password.

When you have this setting, you can disable the password based on your SSH login. Now only clients that have the specified SSH keys can access the server through SSH.

Before moving on to this approach, make sure you add your public key to the server and it works. Otherwise, you block yourself and may lose access to the remote server, especially if you use a cloud server where you do not have physical access to the server.



🔟 Two-factor authentication via SSH
To take SSH security to the next level, you can also enable two-factor authentication. With this approach, you receive a one-time password on your mobile phone, email, or through a third-party authentication application.

You can read about setting up two-factor authentication using SSH here .



Output
You can see all the parameters of your SSH server with this command:

sshd -T

Share us❤️👍🏻
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Microsoft Edge silently imports Firefox data without permission
#UndercodeNews

> Some users found that the new version of Edge updated to the device through Windows Update will import data from Firefox, even if the user does not authorize Edge to do this.

> According to krankie 's description, Microsoft designed some elements in the UI to "deceive and mislead" users. After updating the system, after the Edge installation is complete, Microsoft will display a maximized Edge window to the user, but it will first pop up a modal dialog box containing only the "Get Started" button.

> Therefore, the user cannot close Edge directly or close the modal dialog box. The only option is to use the task manager to kill this process. But even if you close it, Edge will be automatically fixed to the taskbar.

> Finally, he also mentioned that the new version of Edge imports data from other browsers without user permission.

"Unless you close it through the task manager instead of performing a forced setting, it will copy the data anyway, the worst thing is that most people will never know what Edge is doing, because they will never open it again."

> In addition, Microsoft will cancel the system's default browser settings, so when the user clicks on a URL, they need to re-select the default browser.

> Microsoft has been silent on this. Therefore, although the original wizard was actually manually killed by the user, so far, the reason for importing Edge data into Firefox data is still unknown.

@UndercodeNews
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Terms & #FastTips about Windows servers


> HTTP
This is a web server.

> SMB

The SMB protocol provides the file server on the local network .

> MSSQL

Database management system.

> FTP

A protocol that provides the operation of a file server.

> LDAP

LDAP (Lightweight Directory Access Protocol) is an application layer protocol for accessing the X.500 directory service developed by the IETF as a lightweight version of the ITU-T DAP protocol. LDAP is a relatively simple protocol that uses TCP / IP and allows authentication (bind), search (search) and comparison (compare), as well as the operation of adding, changing or deleting records. Typically, an LDAP server accepts incoming connections to port 389 over TCP or UDP. SSL encapsulated LDAP sessions typically use port 636.

Share us❤️👍🏻
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑In the authentication scheme implemented using SMB or SMB2 messages, regardless of what kind of authentication dialect will be used (LM, LMv2, NTLM, NTLM2, NTLMv2), the authentication process proceeds as follows:
#WindowsServer

1️⃣The client tries to establish a connection with the server and sends a request in which it informs the server in which dialects it is able to authenticate, for example: LM, NTLM, NTLM2, NTLMv2. Therefore, the dialect of LMv2 authentication between the client and server is excluded.

2️⃣The server from the dialect list received from the client (by default) selects the most secure dialect (for example, NTLMv2), then sends a response to the client.

3️⃣The client, having decided on the dialect of authentication, tries to access the server and sends a request to NEGOTIATE-MESSAGE.

4️⃣The server receives a request from the client and sends it a response CHALLENGEMESSAGE, which contains a random sequence of 8 bytes. It is called Server Challenge.

5️⃣The client, having received the Server Challenge sequence from the server, encrypts this sequence with its password, and then sends the server an AUTHENTICATEMESSAGE response that contains 24 bytes.

6️⃣When the server receives the response, it performs the same encryption operation of the Server Challenge sequence as the client performed. Then, comparing your results with the response from the client, on the basis of a match, allows or denies access.

Share us❤️👍🏻
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑What is NBT-NS ?
#WindowsServer

> NBT-NS is NetBIOS-NS , i.e. NetBIOS Name Service.
The NetBIOS Name Service is one of three NetBIOS services: a name service (NetBIOS-NS) for registering and resolving names.

> To start sessions or distribute datagrams, the application must register its NetBIOS name using the name service. NetBIOS names are 16 octets in length and vary by implementation.

> Often the 16th octet, called the NetBIOS suffix, indicates the type of resource and can be used to tell other applications which type of service the system offers. In NBT, the name service runs on UDP port 137 (TCP port 137 can also be used, but is rarely used).

🦑NetBIOS name service primitives:

1️⃣Add name - Register a NetBIOS name.

2️⃣Add group name - Register the NetBIOS name of the group.

3️⃣Delete name - Unregisters the NetBIOS name or group name.

4️⃣Find name - Search for a NetBIOS name on the network.


NetBIOS name resolution is not supported by Microsoft for Internet Protocol Version 6 (IPv6).

Share us❤️👍🏻
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑There are two ways to redirect traffic for this attack on the local network:

#FastTips

➕ARP spoofing . During this attack, the computer of the attacker sends out false messages to the ARP packet that the MAC address of the router is the MAC address of the computer of the attacker. As a result, computers on the local network start sending network packets through the attacker's computer. This is a universal option that is suitable in all cases.

➕DNS spoofing . The point is in replacing answers to DNS queries, as a result, the victim's computer will receive the wrong IP addresses for the requested hosts. This option is suitable only if the connection to the remote SSH server is performed by the host name, for example:

<font style="vertical-align: inherit;"><font style="vertical-align: inherit;">ssh root@web.site</font></font>

 command)

> DNS spoofing can be performed during a man-in-the-middle attack, or using a fraudulent DNS server (in this case, the IP address of the fraudulent DNS server will need to be set in the router or on the victim’s computer .

Share us❤️👍🏻
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to intercept SSH password ??

#FastTips

The SSH protocol allows you to connect to another computer to execute commands on it and transfer files. SSH uses strong encryption, so the transmitted network traffic cannot be decrypted or modified.

🦑In SSH, you can use two methods to enter the remote computer:

1️⃣enter user password on the remote system

2️⃣public key authentication

🦑If you are logged in with a password, you can imagine the following attack scenario:

1️⃣user traffic is redirected to the attacking machine

2️⃣the attacker monitors attempts to connect to the SSH server and redirects them to its SSH server

3️⃣The attacker's SSH server is configured, firstly, to keep a log of all entered data, including the user's password, and, secondly, send commands to the legitimate SSH server to which the user wants to connect, to execute them, and then return the results to the legitimate user

🦑The SSH MITM tool consists of several components:

1️⃣modified ssh server

2️⃣auxiliary scripts to perform related actions: detect SSH connections, ARP spoofing and traffic sniffing, port forwarding.

In The following operation, SSH MITM uses the following tools (make sure that they are installed on your system):

> tshark ( Wireshark command-line version )

> ettercap (used only for ARP spoofing, so you can use arpspoof instead )

> nmap

> iptables

(avaible pre installed on major of Linux os-)

Share us❤️👍🏻
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁