🦑1)15 vulnerabilities in one public bbp
https://lnkd.in/ggi4T39C

2)How I got access to Credentials easily
https://lnkd.in/gcnNE8hs

3)Bug Bounty Tips Series: 10 Ways To Find HTTP Host Header Injection Vulnerability
https://lnkd.in/gnji_rts

4)🚨 Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerability 🚨
https://lnkd.in/gNHZMnXY

5)Exploiting and Remediating Access Control Vulnerabilities
https://lnkd.in/gasczeCV

6)20 Bug Bounty CrowdSourced Platforms
https://lnkd.in/g24uCdbQ

7)The Ninja Hacker Academy - A full guide to your graduation
https://lnkd.in/g86dxzSQ

8)Lookup — TryHackMe CTF Writeup {FOR BEGINNERS}
https://lnkd.in/gK9Vd6_i

9)TRYHACKME : Dav
https://lnkd.in/ggpStJn2

10)CTFs Network Section Walkthrough
https://lnkd.in/gC79pVfS

Ref: Saumadip MandalSaumadip Mandal
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑ANDROID PIN CRACKING - Live Video Demonstration

This document presents a functional Proof-of-Concept (PoC) for a novel attack vector targeting #Android #smartphones running the latest Android version and #security patches. This attack has been successfully validated on over 20 popular brands, including Google Pixel and OnePlus devices. The PoC demonstrates the ability to compromise both standard 4-digit and 6-digit PINs, as well as pattern locks and PINs required for device boot-up.

1️⃣The attack leverages a physical Rubber Ducky device, which exploits the Human Interface Device (HID) protocol to emulate keyboard input. By employing a brute-force approach, the device systematically attempts PIN combinations from 0000 to 9999, saving the correct PIN upon successful authentication. To mitigate detection mechanisms, the attack is designed to halt after five unsuccessful attempts and a 30-minute timeout. Furthermore, the device's configuration and scripting capabilities can be tailored to specific target devices.

> Beyond PIN cracking, the #RubberDucky can be programmed to enable USB debugging, opening the door to a wider range of potential attacks. This includes reverse shell connections, binding shell sessions, and camera exploitation, ultimately exposing the device to data leakage and other security risks.

⚛Here is a working Proof of concept of the latest attack discovered by me that exploits Android Smartphones working on the latest version of Android and the latest security patches that can break Android PIN (4-digit PIN and 6-digit PIN) tested on 20 brands including the Google Pixel series and OnePlus devices. The demonstration can crack PIN patterns and also the PIN that is required before the device is turned on. The device is a rubber ducky that uses an HID exploit that can work like a keyboard and use brute force attack i.e. trying PIN from 0000 to 9999 and also saving the PIN once unlocked. The device is configured to work with a timeout of 30 minutes after 5 attempts and the scripts can be configured based on the device we are working on. It can store 5MB of Python Script which is executed after the Arduino firmware is complete. It works on ATMega chipset and allows the user to also enable USB debugging which can further enable other attacks like reverse shell and binding connections exposing users to Camera exploits and even data leaks.

Ref: Priyank Gada
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Free Certificated Courses:
Cisco is Offering FREE Cyber Security Courses + official Badges!
Start Your Cybersecurity Career with these in demand courses!

⭕1. Introduction to Cybersecurity

- Course Duration: 6 HOURS
- Level: BEGINNER
- Lab: 7 LABS
- Delivery Type: SELF-PACED

Course Link: https://lnkd.in/eh5MTBwT

⭕2. Cyber Threat Management

- Course Duration: 16 HOURS
- Level: INTERMEDIATE
- Lab: 16 LABS
- Delivery Type: SELF-PACED

Course Link: https://lnkd.in/ehwb_Hsh

⭕3. Endpoint Security

- Course Duration: 27 HOURS
- Level: Intermediate
- Labs: 31 LABS
- Delivery Type: SELF-PACED

Course Link: https://lnkd.in/eV2UB7xy

⭕4. Network Defense

- Course Duration: 27 HOURS
- Level: INTERMEDIATE
- Lab: 29 LABS
- Delivery Type: SELF-PACED

Course Link: https://lnkd.in/ekTpuvyn

Ref: Mohamed Ali Mohamed
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Free 𝗩𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗠𝗮𝗻𝗮𝗴𝗲𝗺𝗲𝗻𝘁, 𝗦𝗰𝗮𝗻𝗻𝗶𝗻𝗴 𝗧𝗼𝗼𝗹𝘀 𝗮𝗻𝗱 𝗧𝗿𝗮𝗶𝗻𝗶𝗻𝗴𝘀 𝟮𝟬𝟮𝟰 🕵️ Vulnerability management is important in cybersecurity as it helps reduce risk, maintain compliance, protect assets, enable proactive defense, manage reputation, and achieve cost savings. Here's a curated list of resources I prepared to help you delve deeper into this topic.

✅ 𝟭. Vulnerability management: https://lnkd.in/e_GaRhWZ
Checklist:

》 https:://DailyCVE.com (AI powered Checker & Analysis)✅

https://lnkd.in/eyM7VJEs ⭐ VM 101 by CrowdStrike: https://lnkd.in/e_HY3Z_J
Vulnerability Assessment 101: https://lnkd.in/eRkz-hMe
Vulnerability Scanning Tools: https://lnkd.in/gbKnkgdt
OWASP Vulnerability Management Guide: https: //lnkd.in/ebEB4HHa
SANS VM Resources: https://lnkd.in/ePGveFcd

✅ 𝟮. 𝗚𝗿𝗲𝗲𝗻𝗯𝗼𝗻𝗲 𝗢𝗽𝗲𝗻𝗩𝗔𝗦 Download Link: https://www.openvas.org/
Installation Guide: https://lnkd.in/eFB78JTQ

✅ 𝟯. 𝗧𝗲𝗻𝗮𝗯𝗹𝗲 𝗡𝗲𝘀𝘀𝘂𝘀 𝗘𝘀𝘀𝗲𝗻𝘁𝗶𝗮𝗹𝘀 Download Link: https://lnkd.in/gzNsE_kW
Tenable University: https://lnkd.in/dt9t4iVs
Training: https://lnkd.in/gQEUxFeu

✅ 𝟰. 𝗤𝘂𝗮𝗹𝘆𝘀 Link: https://lnkd.in/ezytw_UB
Training: https://lnkd.in/gvNKJnni
VM for Dummies eBook : https://lnkd.in/e2ed9XxS

✅ 𝟱. 𝗥𝗮𝗽𝗶𝗱 𝟳 𝗜𝗻𝘀𝗶𝗴𝗵𝘁𝗩𝗠 Vulnerability Management Process : https://lnkd.in/eCe5RHtR ⭐ Nexpose Link: https://lnkd.in/gdARCttE
InsightVM Link: https://lnkd.in/gCtiQgyA
Training: https://lnkd.in/g3Q5i6fT

✅ 𝟲. 𝗔𝗴𝗲𝗻𝘁𝗹𝗲𝘀𝘀 𝗩𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗦𝗰𝗮𝗻𝗻𝗲𝗿 𝗳𝗼𝗿 𝗟𝗶𝗻𝘂𝘅/𝗙𝗿𝗲𝗲𝗕𝗦𝗗: https://vuls.io/

✅ 𝟳. 𝗩𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶𝗹𝗶𝘁𝘆 𝗗𝗮𝘁𝗮𝗯𝗮𝘀𝗲 / 𝗗𝗮𝘁𝗮 𝘀𝗼𝘂𝗿𝗰𝗲 National Vulnerability Database: https://nvd.nist.gov/
Full Listing: https://lnkd.in/gSNNgY9W
Top-50-vendors: https://lnkd.in/eTqY7bxG
CVE Details: https://lnkd.in/gXm_2Z5h
CVE Report: https://cve.report/
Miter CVE: https://cve.mitre.org/
Miter CWE: https://cwe.mitre.org/
Exploit Prediction Scoring System (EPSS): https://lnkd.in/e3EndP-3
Vulnerability search: https://vulners.com/
Vulnerability database: https://vuldb.com/
Known Exploited Vulnerabilities:https://lnkd.in/gHAFJEtS
Cyberscan : https://lnkd.in/eRS6W_w3

✅ 𝟴. 𝗖𝗩𝗦𝗦 𝗖𝗮𝗹𝗰𝘂𝗹𝗮𝘁𝗼𝗿 V3 Link: https://lnkd.in/gNqYyqKx
V4 Link: https://lnkd.in/eRd_ggVT

✅ 𝟵. 𝗕𝘂𝗴 𝗕𝗼𝘂𝗻𝘁𝘆 𝗣𝗿𝗼𝗴𝗿𝗮𝗺𝘀: find vulnerability and get paid - https://lnkd.in/esUdfjD9
Mozilla Observatory: https://lnkd.in/e7AbJDEh
The Mozilla Observatory has helped over 240,000 websites by teaching developers, system administrators, and security professionals how to configure their sites safely and securely. Source: https://lnkd.in/emMQ- Zhm


Ref: Mohamad Hamadi
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Windows Defender Bypass 2024 with AES-Encrypted Malicious DLL.

Hello everyone,
Since a lot of you guys enjoyed the last video, I decided to create another bypass technique—this time using AES encryption for the shellcode. To make it more interesting, I incorporated the shellcode into a malicious DLL and executed it using another process.

Here’s how it works:

I created a simple file, test.exe (the process I mentioned), which loads the malicious DLL containing the encrypted shellcode. This is achieved using the LoadLibraryA() function and the GetProcAddress() function which is essential for loading any DLL and their exported functions into a process's memory. Once loaded, the DLL decrypts and executes the shellcode.

This time malicious DLL contained raw encrypted shellcode stored on disk. The encryption prevents detection by Windows Defender. In my previous approach, the shellcode was hosted on a server, making it a staged payload. While experimenting, I also tried XOR to obfuscate the shellcode like last time. However, it was consistently detected for some reason I still don’t understand.XORing the shellcode and AES encrypting it share a similar concept though.I might be wrong on this one, forgive me if I am.

This method can be implemented in various ways. One approach is to inject the DLL into another process using its PID or using this AES method to just execute the malicious exe to run the shellcode in memory without loading the dll. This technique has been used by APTs as a means of achieving persistence on compromised systems they target.

I used multiple resources from the internet. All the code used do not belong to me. I added custom logic(like calling the exported function) and tweaked it a little bit to make it work like the way I wanted it to. I give credit to the internet.Hope you guys find this useful!

Ref: Dhanush Arvind
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑𝐗𝐒𝐒 𝐓𝐡𝐫𝐨𝐮𝐠𝐡 𝐇𝐑𝐄𝐅 𝐔𝐑𝐋𝐬 👇

I often see applications that let their users control URLs which are reflected back in the DOM as part of the HREF tag

Most of the time these features let you:

• set the integration URL with a 3rd party service
• customize your profile page with a link to your own blog/website
• link your account to you social media profile

While sometimes developers use HTML encoding on quotes to block attackers from escaping the tag, there are several ways to trigger XSS inside href tags <without> escaping them.

One of them is to provide a valid URL format (to bypass server-side validation) but use the javascript protocol (instead of http which is what most developers would expect)

Note however that this won't work if the target="_blank" is specified

Ref: Andrei Agape
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑

DSA is so easy when you follow these 6 steps:

𝟭. 𝗙𝗼𝗰𝘂𝘀 𝗼𝗻 𝗗𝗲𝗽𝘁𝗵 𝗼𝘃𝗲𝗿 𝗕𝗿𝗲𝗮𝗱𝘁𝗵:
- Don't solve 500 coding problems aimlessly. Master around 100 core problems deeply instead.
- 40 Problems on Array, Strings, LinkedList, Stack & Queue, Binary search, Trees, Graph, Sorting and Searching: https://lnkd.in/djnaPkeD
- 40 Problems on Dynamic Programming (DP), Backtracking, Hashing, Heap, Tries, and Greedy Algorithms: https://lnkd.in/dF3h-Khk

𝟮. 𝗖𝗿𝗲𝗮𝘁𝗲 𝗮 𝗹𝗶𝘀𝘁 𝗼𝗳 𝗸𝗲𝘆 𝗾𝘂𝗲𝘀𝘁𝗶𝗼𝗻𝘀:
- Use resources like "Strivers A2Z DSA Sheet" by Raj Vikramaditya to curate around 100 core problems.
- https://lnkd.in/dQMGy9zF (Strivers)

𝟯. 𝗠𝗮𝘀𝘁𝗲𝗿 𝗲𝗮𝗰𝗵 𝗱𝗮𝘁𝗮 𝘀𝘁𝗿𝘂𝗰𝘁𝘂𝗿𝗲:
- Understand and implement them by hand. Know how they work internally to ace interview questions.
- Fundamentals, Intermediate, Advance DSA topics: https://lnkd.in/d4ws9xfr

𝟰. 𝗣𝗿𝗮𝗰𝘁𝗶𝗰𝗲 𝘄𝗶𝘁𝗵 𝗦𝗽𝗮𝗰𝗲𝗱 𝗥𝗲𝗽𝗲𝘁𝗶𝘁𝗶𝗼𝗻:
- Revisit problems after 3 days, a week, and 15 days. Break down solutions instead of rote memorization.
- 3:7:15 Rule for DSA: https://lnkd.in/dW6a8wcg

𝟱. 𝗜𝗱𝗲𝗻𝘁𝗶𝗳𝘆 𝗿𝗲𝘂𝘀𝗮𝗯𝗹𝗲 𝘁𝗲𝗰𝗵𝗻𝗶𝗾𝘂𝗲𝘀 𝗮𝗻𝗱 𝗰𝗼𝗱𝗲 𝗯𝗹𝗼𝗰𝗸𝘀:
- Isolate common patterns like Binary Search or Depth First Search for focused practice.
- 20 DSA patterns: https://lnkd.in/d9GCezMm
- 14 problem solving patterns: https://lnkd.in/daysVFSz
- DSA questions patterns: https://lnkd.in/d3rRHTfE

𝟲. 𝗘𝘅𝗽𝗮𝗻𝗱 𝗶𝗻𝘁𝗼 𝗕𝗿𝗲𝗮𝗱𝘁𝗵:
- Once you've mastered core problems and techniques, tackle a wider range of questions. Keep it realistic and relevant to interview scenarios.
- 16 Important algorithms problems: https://lnkd.in/dfjm8ked
- Tips to solve any DSA question by understanding patterns: https://lnkd.in/d9GVyfBY

Additional tips
Practice on paper: Practice whiteboard interviews to improve your planning and coding skills without relying on an IDE. It’s a practical way to get ready for real interviews.

Ref: Rajat Gajbhiye
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑🔍 Mastering DNS & DHCP Penetration Testing: Protect Your Network’s Core!

DNS (Domain Name System) and DHCP (Dynamic Host Configuration Protocol) are foundational to network operations. However, their vulnerabilities can make them prime targets for cyberattacks. Understanding how to test and secure these protocols is a critical skill for any cybersecurity professional.

Common DNS Vulnerabilities & Attacks:

1️⃣ DNS Spoofing/Poisoning: Alters DNS responses to redirect users to malicious websites.
2️⃣ DNS Tunneling: Exfiltrates data or establishes backdoors via DNS queries.
3️⃣ Cache Poisoning: Manipulates DNS cache entries to disrupt or redirect traffic.
4️⃣ Zone Transfer Exploitation: Misuses misconfigured servers to access sensitive DNS records.

Common DHCP Vulnerabilities & Attacks:

1️⃣ DHCP Starvation Attack: Exhausts IP leases, causing network disruptions.
2️⃣ Rogue DHCP Server Attack: Deploys unauthorized DHCP servers to provide malicious configurations.
3️⃣ Man-in-the-Middle (MITM) Attacks: Exploits DHCP to intercept sensitive data.
4️⃣ IP Address Spoofing: Mimics authorized devices to gain network access.

Steps to Perform DNS & DHCP Penetration Testing:

1️⃣ Reconnaissance:
• Use tools like Dig, DNSRecon, and Fierce to identify DNS configurations.
• Scan for active DHCP servers using DHCPig or Yersinia.

2️⃣ Vulnerability Analysis:
• Check for weak configurations in DNS records (e.g., open zone transfers).
• Identify rogue DHCP servers or insufficient IP allocations.

3️⃣ Exploitation:
• Simulate DNS Spoofing or Cache Poisoning to test resilience.
• Perform DHCP Starvation or Rogue Server attacks in a controlled environment.

4️⃣ Remediation:
• Harden DNS configurations (disable unused services, restrict zone transfers).
• Enable DHCP snooping and IP source guard to prevent rogue DHCP servers.

Pro Tip for Defenders:
• Implement DNSSEC (Domain Name System Security Extensions) to validate DNS responses.
• Regularly monitor and test DHCP and DNS servers for vulnerabilities.

📌 Remember: Always test ethically with proper authorization!

🔐 DNS and DHCP are the backbone of every network. Securing them not only prevents breaches but ensures smooth operations for businesses.

🦑Cookie stealer which can then be used for session hijacking and Bypassing 2 Factor Authentication:

>> How Does it work?
Big-Papa utilizes malicious javascript code injection...and then makes a GET Request(with cookies) to the Python Web server running on the attacker machine

Note That you need to be man in the middle in order to inject the malicious javascript Code and then steal cookies of the website that the victim is currently visting

For testing purposes copy the Javascript code from the bgp.js file without the script tags and execute in the console of the browser

You can use Bettercap in-order to become man-in-the-middle using bettercap or use arp spoof and then run Big-Papa to inject Javascript

>> For HTTPS?
Big-Papa will work Perfectly against HTTP websites but For HTTPS you can use sslstrip to Downgrade it to HTTP and then utilize Big-Papa

*SSLstrip --> https://github.com/moxie0/sslstrip.git

Still some websites use HTTP and thus their data including Passwords can be read in Clear text but we need to steal cookies in some cases in order to Bypass 2-Factor-Authentication

🄸🄽🅂🅃🄰🄻🄻🄸🅂🄰🅃🄸🄾🄽 & 🅁🅄🄽 :

1️⃣ git clone https://github.com/vrikodar/Big-Papa.git

2️⃣cd Big-Papa

3️⃣chmod +x install.sh

4️⃣ ./install.sh

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

Useful ?

🦑𝗦𝗢𝗣𝘀 (𝗦𝘁𝗮𝗻𝗱𝗮𝗿𝗱 𝗢𝗽𝗲𝗿𝗮𝘁𝗶𝗼𝗻 𝗣𝗿𝗼𝗰𝗲𝗱𝘂𝗿𝗲𝘀) / 𝗣𝗹𝗮𝘆𝗯𝗼𝗼𝗸𝘀 / 𝗥𝘂𝗻𝗯𝗼𝗼𝗸𝘀✨

A playbook, also known as a standard operating procedure (SOP), consists of a set of guidelines to handle security incidents and alerts in the SOC.

Incident response methodologies typically involve creating standard operating procedures (SOPs), playbooks, and runbooks to guide teams through the incident response process.

These gudelines provide easy to use operational incident best practices. These cheat sheets are dedicated to incident handling and cover multiple fields in which a CERT team can be involved.

Source: https://lnkd.in/eudq_jJi
Thanks to Societe Generale

✅Worm Infection: https://lnkd.in/ez-kq98Y
✅Social Engineering: https://lnkd.in/e_FJbxDP
✅Information Leakage: https://lnkd.in/eeN8KX8g
✅Insider Abuse: https://lnkd.in/ep4p_THk
✅Customer Phishing: https://lnkd.in/ekTfY7vz
✅Scam: https://lnkd.in/eUHwG3fF
✅Trademark infringement: https://lnkd.in/e3P3xfeb
✅Phishing: https://lnkd.in/eYTi3RQ8
✅Ransomware: https://lnkd.in/eRkctdQn
✅Large_scale_compromise: https://lnkd.in/eYFF43b4
✅3rd-party_compromise: https://lnkd.in/e8SAu5MT
✅Windows Intrusion: https://lnkd.in/eXCpcx9V
✅Unix Linux lntrusionDetection: https://lnkd.in/eHkm6MMe
✅DDOS: https://lnkd.in/eQ7zZzVt
✅MaliciousNetworkBehaviour: https://lnkd.in/ewVZy2cs
✅Website-Defacement: https://lnkd.in/eraNiHcH
✅WindowsMalwareDetection: https://lnkd.in/ewEx_C6Y
✅Blackmail: https://lnkd.in/eW3zGcPs
✅SmartphoneMalware.pdf: https://lnkd.in/ezjyY4G9

Ref:
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁