🦑 Certified Ethical Hacker (CEHv12)

With 1,000+ unique questions across 8 practice exams, this set will challenge you and ensure you’re ready for the CEHv12.
• CEHv12 Practice Exam 1: https://lnkd.in/dVeQUwiw
• CEHv12 Practice Exam 2: https://lnkd.in/d5ShM5AZ
• CEHv12 Practice Exam 3: https://lnkd.in/da8nkDn5
• CEHv12 Practice Exam 4: https://lnkd.in/dbPbn4x8
• CEHv12 Practice Exam 5: https://lnkd.in/ddsQ6DnM
• CEHv12 Practice Exam 6: https://lnkd.in/dVHf_TjH
• CEHv12 Practice Exam 7: https://lnkd.in/dST4u_MX
• CEHv12 Practice Exam 8: https://lnkd.in/d9Nue9QP

☁️ Certified Cloud Security Professional (CCSP)

Challenge yourself with 1,000+ exam-level questions. Complete these, and you’ll be fully prepared for the CCSP exam!
• ISC2 CCSP Practice Exam 1: https://lnkd.in/dekjyfPa
• ISC2 CCSP Practice Exam 2: https://lnkd.in/dy5bp8FP
• ISC2 CCSP Practice Exam 3: https://lnkd.in/d_3txHnb
• ISC2 CCSP Practice Exam 4: https://lnkd.in/dRbCYydv
• ISC2 CCSP Practice Exam 5: https://lnkd.in/ddXJZMfZ
• ISC2 CCSP Practice Exam 6: https://lnkd.in/ddv4aJ6M
• ISC2 CCSP Practice Exam 7: https://lnkd.in/dJ_4KcuJ
• ISC2 CCSP Practice Exam 8: https://lnkd.in/dAv2x-Ef

🔐 Systems Security Certified Practitioner (SSCP)

Test your knowledge and strengthen your understanding of all SSCP domains with these practice exams.
• SSCP Practice Exam 1: https://lnkd.in/dUKdvsxD
• SSCP Practice Exam 2: https://lnkd.in/dvXAzPtH
• SSCP Practice Exam 3: https://lnkd.in/deJQCyzA
• SSCP Practice Exam 4: https://lnkd.in/dGcumayJ
• SSCP Practice Exam 5: https://lnkd.in/ddfSty77
• SSCP Practice Exam 6: https://lnkd.in/dqeDi6jJ
• SSCP Practice Exam 7: https://lnkd.in/drWV3DHg
• SSCP Practice Exam 8: https://lnkd.in/diCvQMUS

Additional Practice Exams You Might Be Interested In:

• Security+ SY0-701: https://lnkd.in/dc7NTdvd
• CISSP: https://lnkd.in/dK4YNCM2
• ISC2 CC: https://certpreps.com/CC
• CISM: https://lnkd.in/d9x3_Djr
• CISA: https://lnkd.in/d-8BccxW
• AWS CLF-C02: https://lnkd.in/dHd_Nxgi
• Azure Fundamentals (AZ-900): https://lnkd.in/d4Zm9r-N
• CYSA+: https://lnkd.in/dfcGKsPt
• CCNA: https://certpreps.com/ccna
• A+: https://lnkd.in/dWDV5prF


Ref: Shahzad MS
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Smtp server and mail list system for sending unlimited emails and text messages:

Mail Demon is a robust and efficient tool for sending bulk emails and text messages. Its design focuses on high performance, simplicity, and secure delivery, leveraging .NET 6.0+ and integration with frameworks like MimeKit and MailKit. It includes built-in security features such as SPF validation and integrates seamlessly with IPBan for added protection against brute force attacks.

>> Features
- High Performance: Optimized for low memory and CPU usage, capable of sending thousands of messages per second.
- Security: Supports SPF, DKIM, and DMARC records for secure email delivery.
- SMTP Features: Includes support for extensions like STARTTLS, AUTH PLAIN, and SMTPUTF8.
- Mail List Management: Integrated website for managing mailing lists, templates, and subscriber interactions.
- Database Support: SQLite by default, with SQL Server support as an option.
- Cross-platform Compatibility: Runs on Linux and Windows servers.

>> Setup Instructions

>> General Prerequisites
1. Install .NET 6.0+ runtime or publish as a self-contained executable.
2. Update `appsettings.json` with your configurations:
- SMTP settings.
- User credentials (avoid default settings).
- SSL certificates (recommended: Let’s Encrypt).

>># Building Mail Demon
1. Download and open the project in Visual Studio/VS Code.
2. Set the release configuration.
3. Publish the project.
4. Transfer the binaries to your server.

>> Linux Service Configuration
1. Place binaries in /opt/MailDemon.
2. Create a service file (/lib/systemd/system/MailDemon.service):

   [Unit]
   Description=Mail Demon Service
   After=network.target

   [Service]
   WorkingDirectory=/opt/MailDemon
   ExecStart=/usr/bin/dotnet /opt/MailDemon/MailDemon.dll
   Restart=on-failure

   [Install]
   WantedBy=multi-user.target
   

3. Enable and start the service:

   sudo systemctl daemon-reload
   sudo systemctl enable MailDemon
   sudo systemctl start MailDemon
   systemctl status MailDemon
   

>># DNS Configuration
1. SPF Record: v=spf1 mx -all
2. MX Record: Point to your domain's email server.
3. A/AAAA Record: Map to your server's IP address.
4. DMARC Record: Refer to [DMARC wiki](https://en.wikipedia.org/wiki/DMARC).
5. DKIM: Set up DKIM keys for email authentication.
6. Reverse DNS: Ensure your IP address resolves to your mail server domain.

>> Mail List Management
1. Enable Web Interface:
- Set enableWeb to true in appsettings.json.
- Configure authority, admin credentials, and reCAPTCHA keys.
2. Create and Manage Lists:
- Log in at /MailDemonLogin.
- Define lists and templates.
- Customize templates using Razor syntax.

3. Sending Emails:
- Assign a subject using <!-- Subject: ... --> in templates.
- Send bulk emails using the integrated mail list interface.

4. Magic Templates for Default Behaviors:
- SubscribeInitial: Sign-up form.
- SubscribeConfirm: Confirmation email.
- SubscribeWelcome: Welcome email.

>> Database Management
- Default: SQLite (MailDemon.db).
- Optional: SQL Server (configure in appsettings.json).

>> Known Issues
- Hotmail and Outlook Certificates: Add problematic domains to appsettings.json if invalid SSL certificates are encountered.

This streamlined tool is ideal for managing notifications, announcements, and bulk messaging tasks with ease.

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑is your windows slow ?
Free Optimizer apps:

https://github.com/hellzerg/optimizer

https://github.com/Threelon/Windows-Optimizer

https://github.com/azurejoga/Aurora-Windows-Optimizer

https://www.iolo.com

https://www.glarysoft.com

https://www.ccleaner.com

https://www.tweaking.com/content/page/windows_repair_all_in_one.html

https://www.defencebyte.com

https://macpaw.com/cleanmypc

🦑Exploit: index : ghostpdl.git
CVE-2024-46951

See bug report for details.

Diffstat
-rw-r--r--  psi/zcolor.c  3  
1 files changed, 3 insertions, 0 deletions
diff --git a/psi/zcolor.c b/psi/zcolor.c
index d4e7a4438..d3384d75d 100644
--- a/psi/zcolor.c
+++ b/psi/zcolor.c
@@ -5276,6 +5276,9 @@ static int patterncomponent(i_ctx_t * i_ctx_p, ref *space, int *n)
             code = array_get(imemory, pImpl, 0, &pPatInst);
             if (code < 0)
                 return code;
+
+            if (!r_is_struct(&pPatInst) || (!r_has_stype(&pPatInst, imemory, st_pattern1_instance) && !r_has_stype(&pPatInst, imemory, st_pattern2_instance)))
+                return_error(gs_error_typecheck);
             cc.pattern = r_ptr(&pPatInst, gs_pattern_instance_t);
             if (pattern_instance_uses_base_space(cc.pattern))
                 *n = n_comps;

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Simulate Attack with Atomic Red Team:

What is Atomic Red Teams?
According to their Github pages, Atomic Red Team is a library of tests mapped to the MITRE ATT&CK framework. Security teams can use Atomic Red Team to quickly, portably, and reproducibly test their environments.

Prerequisites

>Virtual Machine with NAT Connection (Dont Use your Real Own PC).

>Windows Operating System (in this tutorial we are using Win10 Pro).

>Disabled Antivirus and Exclusion The

>EDR Script Onboarding
(If you want to deploy with local script deployment)

🦑Powershell to execute the command
Step-By-Step:

Login to your VM. Prepare the Environment first with disabling the Antivirus. Right Click Windows PowerShell > Run As Admin PowerShell

1️⃣

Set-ExecutionPolicy Bypass -Scope CurrentUser

ExecutionPolicy Bypass

3️⃣ Disable Microsoft Defender Antivirus

Open Windows Defender > Disable Real-Time Protection, Tamper Protection, Auto Sample Submission, and Cloud Delivered Protection

4️⃣Create an Empty Folder at “C:\AtomicRedTeam\”.

You can Choose 2 Method for Exclude folder.

5️⃣ Exclusion Folder with Command :

Add-MpPreference -ExclusionPath C:\AtomicRedTeam\

Or Use GUI : Windows Security > Exclusions > C:\AtomicRedTeam\

6️⃣To disable Microsoft Defender Antivirus permanently on Windows 10, use these steps:

a. Open Start > search gpedit.msc or Edit Group Policy.

b. Browse the following path: Computer Configuration > Administrative Templates > Windows Components > Microsoft Defender Antivirus

c. Double-click the “Turn off Microsoft Defender Antivirus” policy.

d. Choose Enable Radio Button > Apply.

7️⃣Start Install The Atomics Simulation Tool

IEX (IWR ‘https://raw.githubusercontent.com/redcanaryco/invoke-atomicredteam/master/install-atomicredteam.ps1' -UseBasicParsing); Install-AtomicRedTeam -getAtomics -Force

9️⃣Check Detail Technique

From a given technique number, you can check the detail with the command below. You can customize “T1003” with another code.

Invoke-AtomicTest T1003 -ShowDetailsBrief

ShowDetailsBrief

🔟 View All Simulation Test

Invoke-AtomicTest All -ShowDetailsBrief

ShowDetailsBrief

1️⃣1️⃣ Check Pre-Requisites

Invoke-AtomicTest T1485 -TestNumbers 1 -CheckPrereqs

> Get Pre-Requisites

Invoke-AtomicTest T1485 -TestNumbers 1 -GetPrereqs

1️⃣2️⃣ Execute The simulation

Invoke-AtomicTest T1027 -TestNumbers 7

🦑Bug bounty tips ✨

Xss 💰 Methodology 💯

1- Pick a target

2- Do Full depth Subdomain enumeration using Subfinder( along API'S ) and use webcopilot or SubDomz and various subdomains finder tools in one liner and also ones perform subdomain bruteforicng and save it in a file.!!

3- subfinder -d example.com -all >> subs.txt

4- cat subs.txt | httpx -o alive-subs.txt



hashtag#Method-1 ( Using Dalfox )

1- katana -u alive-subs.txt -o endpoints-1.txt

2- waybackurls http://example.com | grep = | tee endpoints-2.txt

3- ./gau example.com >> endpoints-3.txt

4- paramspider -d example.com

5 - cat alive-subs.txt | hakrawler | tee -a endpoints-5.txt

6- cat endpoints.txt | uro | tee -a endpoints-uro.txt ( Combine all URLS )

7- cat endpoints-uro.txt | Gxss | dalfox pipe --multicast --skip-mining-all (Accurate also ) ( Here Gxss helps us when payload is injected is reflecting back ?? and I used skip mining because already we got urls nah ! if want remove it )

[ OR ]
8- dalfox url http://example.com --custom-payload payloads.txt ( Simple Scan )

Method-2 ( Using XSS_vibes )
1- katana -u alive-subs.txt -o endpoints-1.txt

2- waybackurls http://example.com | grep = | tee endpoints-2.txt

3- ./gau example.com >> endpoints-3.txt

4- paramspider -d example.com

5 - cat alive-subs.txt | hakrawler | tee -a endpoints-5.txt

6- cat endpoints.txt | uro | tee -a endpoints-uro.txt

7- cat endpoints-uro.txt | ./gf xss | sed 's/=.*/=/' -o output.txt

8- python3 main.py -f input.txt -o <output>

Note :- if u can use Alternative of xss automation Tool For better Result U can Use
Xssorv2 Ibrahim Husić Tool it's effective and 100 Acuracy 💯

Ref: Linkedin_stuffs
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁