Skip to content

Instantly share code, notes, and snippets.

Dinis Cruz DinisCruz

Block or report user

Report or block DinisCruz

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View xss-dance.js
(function(){function c(){var e=document.createElement("link");e.setAttribute("type","text/css");e.setAttribute("rel","stylesheet");e.setAttribute("href",f);e.setAttribute("class",l);document.body.appendChild(e)}function h(){var e=document.getElementsByClassName(l);for(var t=0;t<e.length;t++){document.body.removeChild(e[t])}}function p(){var e=document.createElement("div");e.setAttribute("class",a);document.body.appendChild(e);setTimeout(function(){document.body.removeChild(e)},100)}function d(e){return{height:e.offsetHeight,width:e.offsetWidth}}function v(i){var s=d(i);return s.height>e&&s.height<n&&s.width>t&&s.width<r}function m(e){var t=e;var n=0;while(!!t){n+=t.offsetTop;t=t.offsetParent}return n}function g(){var e=document.documentElement;if(!!window.innerWidth){return window.innerHeight}else if(e&&!isNaN(e.clientHeight)){return e.clientHeight}return 0}function y(){if(window.pageYOffset){return window.pageYOffset}return Math.max(document.documentElement.scrollTop,document.body.scrollTop)}function E(e){va
@DinisCruz
DinisCruz / JavapHelper.java
Last active Sep 5, 2016
javap helper to quickly extract list of methods called from method
View JavapHelper.java
package ....appsec.utils;
import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
public class JavapHelper {
@DinisCruz
DinisCruz / javap-test.java
Created Sep 5, 2016
Here is an experiment with javap to extract the methods programatically. It looks like javassit will be a better way to do this (specially since it is native)
View javap-test.java
import java.io.PrintWriter;
import java.io.StringWriter;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
/**
* Created by diniscruz on 01/09/2016.
*/
public class JavapHelper {
@DinisCruz
DinisCruz / Vulnerability_Weak_Crypto.java
Created Sep 4, 2016
Java test that confirms how Random().nextInt() values can be predicted
View Vulnerability_Weak_Crypto.java
import org.junit.Test;
import java.util.ArrayList;
import java.util.Random;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertTrue;
public class Vulnerability_Weak_Crypto {
@DinisCruz
DinisCruz / XSS_Tests.cs
Created Jun 3, 2016
Testing ASP.NET Controls for default xss
View XSS_Tests.cs
namespace Tests.XSS_Tests
{
public static class HtmlControls_ExtensionMethods
{
public static string render_Control(this Control control)
{
var stringBuilder = new StringBuilder();
using (var stringWriter = new StringWriter(stringBuilder))
using (var htmlTextWriter = new HtmlTextWriter(stringWriter))
@DinisCruz
DinisCruz / cash-p29.java
Created May 30, 2016
Elegant Objects code snippets
View cash-p29.java
//executed in https://www.compilejava.net/
public class CashTest
{
public static void main(String[] args)
{
System.out.println(new Cash(12).Value());
System.out.println(new Cash("12").Value());
// System.out.println(new Cash("12.12f").Value()); // doesn't work and throws exception
System.out.println(new Cash(12.12f).Value());
View dockerode.tests.coffee
# Number of test I wrote while learning dockerode
require 'fluentnode'
Docker = require('dockerode')
MemoryStream = require 'memorystream'
fs = require 'fs'
create_Docker = ()=>
docker_Files = process.env.HOME.path_Combine('.docker/machine/machines/default')
View electron-tests.coffee
chai = require 'chai'
expect = chai.expect
$ = require 'jquery'
#require 'electron-prebuilt'
describe 'testing in coffee', ->
@DinisCruz
DinisCruz / electron-tests.coffee
Created May 19, 2016
Testing wallbyjs electron integration
View electron-tests.coffee
chai = require 'chai'
expect = chai.expect
$ = require 'jquery'
#require 'electron-prebuilt'
describe 'testing in coffee', ->
@DinisCruz
DinisCruz / install-steps.txt
Last active May 26, 2016
GCloud Windows Setup scripts
View install-steps.txt
New windows VM (note: this needs to be converted into a script)
1) installed chocolatey
@powershell -NoProfile -ExecutionPolicy Bypass -Command "iex ((new-object net.webclient).DownloadString('https://chocolatey.org/install.ps1'))" && SET PATH=%PATH%;%ALLUSERSPROFILE%\chocolatey\bin
2) installed chrome, fiddler, git, VS Code
choco install googlechrome git fiddler4 -y
You can’t perform that action at this time.