▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑FREE VPS & Trials New List :

> https://upcloud.com/vpssim/?utm_term=vps%20server&utm_campaign=Global%20-%20VPS&utm_source=adwords&utm_medium=ppc&hsa_acc=9391663435&hsa_cam=1652417669&hsa_grp=71919981308&hsa_ad=416234863334&hsa_src=g&hsa_tgt=kwd-16407600&hsa_kw=vps%20server&hsa_mt=b&hsa_net=adwords&hsa_ver=3&gclid=EAIaIQobChMIms7YyPyr6gIVCJzVCh3mdgPiEAAYASAAEgLp3_D_BwE (Choose plan before trial- cancel)

> https://gratisvps.net/ (6months trial)

> https://developer.rackspace.com/ [600$ for 12 Months]

> https://www.runabove.com/ [1 Week Trial]

>https://www.vultr.com/ [50$ for 2 Months]

>http://cloudsigma.com/ [7 days no CC]

>https://www.ctl.io/free-trial/ [2500$ or 1 Month]

> https://www.ihor.ru/ [3 days No CC]

>http://www.neuprime.com/l_vds3.php [10 days (Otp Required)

> https://alexwebhosting.com/free-vps/ (free 30 days)

Enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Important Carding Resources !

> NON VBV Carding Sites For Carding All Websites That Are Non VBV
Here are The CARDABLE SITES NON VBV Sites

➕ www.amazon.com
➕ www.itchee.com
➕ www.bn.com
➕ www.cdnow.com
➕ www.cduniverse.com
➕ www.cdworld.com
➕ www.virginmega.com
➕ www.tunes.com
➕ www.artistdirect.com
➕ www.jeruk.com
➕ www.dvdexpress.com
➕ www.dvdworld.com
➕ www.ea.com
➕ www.tickles.com
➕ www.cduniverse.com

🦑 Zip Code Search

➕http://www.findlinks.com/
➕http://zipinfo.com/search/zipcode.htm
➕http://www.addresses.com/
➕http://www.mongabay.com/igapo/

🦑Send Fax Online

➕efax.com
➕j2.com
➕send2fax.com
➕rapidfax.comfax1.com
➕k7.net

🦑 Credit Reports
➕https://www.mycreditkeeper.com
➕https://secure.creditreport.com
➕https://qspace.iplace.com

🦑 Phone Redirect

➕http://www.tollfreeforwarding.com
➕http://www.Spoofcall.com

➕ USA phone number search
➕http://www.reversephonedetective.com

🦑 MMN search
➕ancestry.com

🦑 DOB search
➕privateeye.com

🦑 Sock5&Proxy
➕http://www.socks24.org/
➕http://www.sockslist.net




Source DeepWeb
(Not by Undercode)
Enjoy❤️👍🏻
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑WorldLiSTS


1️⃣ 5-6 ✮ indonesians ✮ WorldLists :

> https://github.com/geovedi/indonesian-wordlist

2️⃣English for wpa2 WorldList :

> https://www.mediafire.com/file/6botgtnsy0rjfj9/BIG-WPA-LIST-2.rar/file

3️⃣12 Gb WordlLists :

https://download.weakpass.com/wordlists/1851/hashesorg2019.gz
(good for everything..)

Enjoy ❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Microsoft releases emergency security update to fix security vulnerabilities in Windows 10/Server
#UndercodeNews

> There are about two weeks away from this month's patch Tuesday event day, but due to security vulnerabilities found in Windows 10 and Windows Server, today Microsoft released two emergency security updates. Microsoft said that although the two vulnerabilities have not been publicly disclosed and are less likely to be exploited by hackers, the company can't wait for the July 14 patch to release the update on Tuesday's event day.

> Microsoft wrote in a security bulletin: "There is a remote code execution vulnerability in the way Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited this vulnerability could obtain information and further harm the user's system."

> It is reported that the affected versions of Windows include

Windows 10 version 1709

Windows 10 version 1803

Windows 10 version 1809

Windows 10 version 1903

Windows 10 version 1909

Windows 10 version 2004

Windows Server 2019

Windows Server version 1803

Windows Server version 1903

Windows Server version 1909

Windows Server version 2004

@UndercodeNews
▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ ｕ𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Topic Pentesting tools
➕Termux-Linux
SIPVicious OSS security tools

>svmap - this is a sip scanner. Lists SIP devices found on an IP range
>svwar - identifies active extensions on a PBX
>svcrack - an online password cracker for SIP PBX
>svreport - manages sessions and exports reports to various formats
>svcrash - attempts to stop unauthorized svwar and svcrack scans

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣git clone https://github.com/EnableSecurity/sipvicious.git

2️⃣cd sipvicious

3️⃣python setup.py install

4️⃣Fire-up the scripts one by one:

sipvicious_svmap --help
sipvicious_svcrack --help
sipvicious_svcrash --help
sipvicious_svwar --help
sipvicious_svreport --help

🦑Tested by Undercode On :

> ubuntu

✅git sources 2020
Enjoy ❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

2020 Learn How to Create Colorful Web Graphics with Canva —990 MB—

https://www.skillshare.com/classes/Learn-How-to-Create-Colorful-Web-Graphics-with-Canva/478743012?via=browse-rating-canva-layout-grid

https://mega.nz/#F!yOBFlSKC!lGcg10ktYVYeDnBNl9nMsw

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑Why wifi hacking not recommended for Windows :
Hacking Wi-Fi in Windows


> To be able to crack Wi-Fi in Windows, you need a wireless card that supports monitor mode, and its driver must have support for this mode. For Windows Wi-Fi adapter drivers, this support is not available. Therefore, in Windows it is impossible to capture a handshake.

>There are a few exceptions - high-cost commercial products that include wireless card drivers that support monitor mode. Like Linux, only some hardware is supported.

>Although almost all programs for auditing Wi-Fi networks are made under Linux and only there work great, some of them are cross-platform. For example, to search using graphics cards on Windows, you can use Hashcat, which works great on this operating system.

>In general, of course, it is recommended to use Linux for testing wireless networks, especially such specialized distributions as Kali Linux and BlackArch.


@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑Helpful Hacking Programs :

- [Bookfresh](https://hackerone.com/bookfresh)
- [Brussels Airlines](https://go.intigriti.com/brusselsairlines)
- [BTC_sx](https://cobalt.io/btc-sx)
- [Buffer](mailto:security@bufferapp.com)
- [BX.in.th](https://cobalt.io/bx-in-th)
- [C2FO](https://hackerone.com/c2fo)
- [Campaign Monitor](https://help.campaignmonitor.com/contact)
- [CARD.com](https://bugcrowd.com/card)
- [Catchafire](https://cobalt.io/catchafire)
- [Caviar](https://hackerone.com/caviar)
- [CCBill](mailto:bugrewards@ccbill.com)
- [CERT/CC](https://hackerone.com/cert)
- [Certly](https://hackerone.com/certly)
- [ChainPay](https://cobalt.io/chainpay)
- [ChangeTip](https://cobalt.io/changetip)
- [Chargify](https://bugcrowd.com/chargify)
- [Chromium Project](https://code.google.com/p/chromium/issues/entry?template=Security%20Bug)
- [Circle](https://cobalt.io/circle)
- [CircleCI](mailto:security@circleci.com)
- [Cisco](http://www.cisco.com/web/about/security/psirt/security_vulnerability_policy.html#roosfassv)
- [ClickUp](https://clickup.com/bug-bounty)
- [Clojars](mailto:contact@clojars.org)
- [CloudFlare](https://hackerone.com/cloudflare)
- [Cobalt](https://cobalt.io/cobalt)
- [Code Climate](mailto:security@codeclimate.com)
- [CodeIgniter](https://hackerone.com/codeigniter)
- [CodePen](https://bugcrowd.com/codepen)
- [Coin Republic](https://cobalt.io/coin-republic)
- [Coin.Space](https://hackerone.com/coinspace)

Enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑How to set up a connection to RDP from the Internet ?

> RDP allows any connection, whether from a local network or from the Internet. Connecting from the Internet requires your computer to have a white IP .

> If your ISP uses NAT , then you need to rent an external (white) IP address.

> If you are connected to a router (they also always use NAT), then you need to configure port forwarding (forwarding, forwarding) as follows:

1) You need to start with " Permanent IP Settings in Windows ."

2) Subsequent settings must be made in the router. Since everyone has different models of routers, the specific actions and names of the tabs in the administration panel of routers may vary. The main thing is to understand the essence and find the appropriate tab in the router. Remember that you need to forward TCP and UDP ports with the number 3389.

3) Go to the control panel of the router . In the settings of the router, go to "section of the Internet " (may be referred to the WAN ), then the tab " Port Forwarding " (may be called " Port Forwarding ", " Port Forwarding "):

4) Add a new rule:

>Service Name - enter any
>Source IP leave blank
>Port Range - Specify Port 3389
>Local IP address - specify the IP address of the Windows computer to >which RDP connection will be made
>Local port - specify port 3389
>Protocol - specify Both (both)
And click the " Add " button .

5) Save your changes.

Written by Undercode
#FastTips
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑Digital Character Illustration: Create A Memorable, Whimsical Character —802 MB—

https://www.skillshare.com/classes/Digital-Character-Illustration-Create-A-Memorable-Whimsical-Character/1160577675

https://mega.nz/folder/giIAhIqR#4EWS8Qh-xu1l4FTLYVtAfA

🦑100k material about - 2 TB -

https://mega.nz/?#F!rrJyDQIa!-QJeJqVThi_uC9DTLX4ElA!zrAzlIBL

:)

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑#ProUsers The Yardstick One and RFcat Notes

The Yardstick One is a very useful piece of hardware to perform testing of RF devices that communicate in frequencies under 1GHz. It can be combined with many tools, including RFcat. The following are a few links and resources that we discussed in the video course related to these tools:

🕳Yardstick One
Yardstick One website: https://greatscottgadgets.com/2015/09-30-introducing-yard-stick-one/

🕳RFcat
RFcat website: https://bitbucket.org/atlas0fd00m/rfcat

The following are several useful RFcat commands:
`d._debug = 1` – dumps debug messages to the screen
d.debug() - prints state information every second
`d.discover()` - listens for specific SYNCWORDS
d.lowball() - disables most “filters†to see more packets
`d.lowballRestore()` - restores the configuration before calling lowball()
d.RFlisten() - listens for signals and dumps data to the screen
`d.RFcapture()` - dumps data to screen, returns list of packets
d.scan() - scans a configurable frequency range
`d.setChannel()` - sets the channel to be used
d.setFHSSstate() - sets the FHSS state to be used
`d.setFreq()` - sets the frequency to be used
d.specan() - a spectrum analyzer

Source: ✅2020 git sources
enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑New Tips: #ZigBee Resources

Good explanation and introduction to Zigbee: http://resources.infosecinstitute.com/hacking-zigbee-networks/

KillerBee Presentation: http://www.willhackforsushi.com/presentations/toorcon11-wright.pdf

KillerBee Framework: https://github.com/riverloopsec/killerbee

The KillerBee framework is being expanded to support multiple devices. Currently there is support for the River Loop ApiMote, Atmel RZ RAVEN USB Stick, MoteIV Tmote Sky, TelosB mote, and Sewino Sniffer.

Open source hardware: https://github.com/riverloopsec/apimote

Attify ZigBee Framework GitHub Repo: https://github.com/attify/Attify-Zigbee-Framework

✅2020 git sources
enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑2020 Only usefull Hacking tools #list 3 :

- BaseQuery - A Way To Organize Public Combo-Lists And Leaks In A Way That You Can Easily Search Through Everything

- Attack Monitor - Endpoint Detection And Malware Analysis Software

- Crashcast-Exploit - This Tool Allows You Mass Play Any YouTube Video With Chromecasts Obtained From Shodan.io

- SQLMap v1.3 - Automatic SQL Injection And Database Takeover Tool

- Stretcher - Tool Designed To Help Identify Open Elasticsearch Servers That Are Exposing Sensitive Information
- Aztarna - A Footprinting Tool For Robots

- Hediye - Hash Generator & Cracker Online Offline

- Killcast - Manipulate Chromecast Devices In Your Network

- bypass-firewalls-by-DNS-history - Firewall Bypass Script Based On DNS History Records

- WiFi-Pumpkin v0.8.7 - Framework for Rogue Wi-Fi Access Point Attack

- H8Mail - Email OSINT And Password Breach Hunting

- Kube-Hunter - Hunt For Security Weaknesses In Kubernetes Clusters

- Metasploit 5.0 - The World’s Most Used Penetration Testing Framework

- Interlace - Easily Turn Single Threaded Command Line Applications Into Fast, Multi Threaded Ones With CIDR And Glob Support

- Twifo-Cli - Get User Information Of A Twitter User

- Sitadel - Web Application Security Scanner

- Pe-Sieve - Recognizes And Dumps A Variety Of Potentially Malicious Implants (Replaced/Injected PEs, Shellcodes, Hooks, In-Memory Patches)

- Malboxes - Builds Malware Analysis Windows VMs So That You Don'T Have To

- Snyk - CLI And Build-Time Tool To Find & Fix Known Vulnerabilities In Open-Source Dependencies

- Shed - .NET Runtime Inspector

- Stardox - Github Stargazers Information Gathering Tool


✅2020 git sources
enjoy❤️👍🏻
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁

🦑How medical equipment should resist hacker attacks ?
#News

For hospitals, the best way to prevent network attacks and protect IoMT devices from infection is to isolate the most vulnerable and critical devices from each other or maintain a virtual distance, which is called network segmentation.

Hospitals can take the following practical steps to segment clinical networks, reduce the attack surface, and protect patients from cyber attacks:

1️⃣First clear who is responsible

Traditionally, the safety of medical equipment has always been the responsibility of experts in biomedical engineering equipment.

> However, with the increasing popularity of IoMT devices and the increase of cyber attacks against healthcare, the IT team of the hospital information department had to invest more energy in medical device security. Therefore, there is a need for close cooperation between the information department and the biomedical engineering research team to design and implement safe and effective security policies for clinical networks.

>In order to ensure the safety of medical equipment and integrate IT and biomedical teams across departments, a separate, final IoMT cybersecurity policy decision maker is needed. Some large institutions have even added the role of medical equipment security officer (MDSO), which is directly responsible for the safety of medical equipment in the entire clinical network of the entire hospital.

2️⃣ Create a reliable equipment list

If you do not have a deep understanding of the medical equipment connected to the hospital, the configuration files on the equipment, and the communication mode, you cannot set a network segmentation strategy.

Automated inventory tools must also be able to perform continuous analysis of equipment while understanding the behavior, criticality, and vulnerability of IoMT equipment.

3️⃣ Assess the risk of each device

> The risk score should be calculated based on the criticality and medical impact of the equipment. The risk assessment should be carried out continuously, and the abnormal behavior of the network should be continuously monitored. In order to assess risk, the following factors must be considered:

> Communicate with external servers required for normal device function (i.e. vendor communication)

>The device needs to store and send ePHI, and for what purpose?

🕳Device usage mode

Is the device running an unsupported operating system or are there any known vulnerabilities? If yes, do you use patches or network segmentation to protect the device?

4️⃣ Follow regulatory guidelines and rules in real time

If the hospital does not comply with federal and state regulatory standards, it will face millions of dollars in fines. Aside from the loss of money, failure to comply with cybersecurity guidelines puts medical equipment at risk and may endanger the safety of patients, business integrity, and the reputation of the hospital.

Guidelines and regulations concerning health care and medical equipment are regularly updated. To maintain compliance, hospitals must pay close attention to regulatory standards and updates issued by state federal agencies, including:

U.S. Food and Drug Administration (FDA)
Medical Device Information Sharing and Analysis (MDISS) Initiative
Health Insurance Portability and Accountability Act (HIPAA)

5️⃣Design, verify and execute segmentation strategies

Segmentation strategies are used to reduce the attack surface and prevent potential threats. Network segmentation can also help the network run more smoothly by restricting traffic to designated areas and reducing network load.

share us❤️👍🏻
written by
@UndercodeTesting
@UndercodeSecurity
@UndercodeHacking
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫6𝔬𝓓ⓔ ▄ ▂ ▁