Abhay Bhargav abhaybhargav
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| token ='eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJpc3MiOiJodHRwczovL2p3dC1pZHAuZXhhbXBsZS5jb20iLCJzdWIiOiJtYWlsdG86bWlrZUBleGFtcGxlLmNvbSIsIm5iZiI6MTQ3ODcwOTYyOSwiZXhwIjoxNDc4NzEzMjI5LCJpYXQiOjE0Nzg3MDk2MjksImp0aSI6ImlkMTIzNDU2IiwidHlwIjoiaHR0cHM6Ly9leGFtcGxlLmNvbS9yZWdpc3RlciJ9.' | |
| jwt_manage = jwt.decode(token, verify=False) | |
| #Remember, certain libs might not be patched or require explicit verification params to be set |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def verify_jwt(token): | |
| try: | |
| decoded = jwt.decode(token, app.config['SECRET_KEY_HMAC'], verify=True, issuer = 'we45', leeway=10, algorithms=['HS256']) | |
| print("JWT Token from API: {0}".format(decoded)) | |
| return True | |
| except DecodeError: | |
| print("Error in decoding token") | |
| return False | |
| except MissingRequiredClaimError as e: | |
| print('Claim required is missing: {0}'.format(e)) |
abhaybhargav
/ HMAC1
Created
February 10, 2018 09:17
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 70974227ea4b52d45163666abd171662f03f29131baa68e90bbd0f681963c8ab |
abhaybhargav
/ HMAC2
Created
February 10, 2018 09:19
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| a47dee64d793e51dabac8125591264bf827ab84d211bd85ce8fb4856c663e779 |
abhaybhargav
/ hmac3.py
Created
February 10, 2018 09:20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import hashlib | |
| import hmac | |
| message_mac = hmac.new(“s3cr3tk3y”, msg=”Hello World”, digestmod=hashlib.sha256) | |
| print message_mac.hexdigest() | |
| 2d9615ee921dab63c7c4c839842703fe338db46fdf17593a681bcee2c52721de |
abhaybhargav
/ JWT HMAC.py
Created
February 10, 2018 09:23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| token = jwt.encode({"Hello": "World"}, key="s3cr3tk3y", algorithm="HS256") | |
| 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJIZWxsbyI6IldvcmxkIn0.GO5pUIFVmcNqX2DUANc8pwjW646rUlI-OCVakzp5kKo' | |
| jwt.decode(token, key = "s3cr3tk3y", algoritm = "HS256") | |
| {u'Hello': u'World'} |
abhaybhargav
/ passlib_example.py
Created
February 10, 2018 09:25
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from passlib.hash import pbkdf2_sha256 | |
| hash = pbkdf2_sha256.using(rounds = 10000, salt_size=32).hash(‘secretpass’) | |
| print hash | |
| $pbkdf2-sha256$10000$3vv/H8NYa20txdj7H4PQeo.xdi7l3DunVKr1vncuZUw$Vn9TkpwF7CB13GSpd1wz25LR.9HpOaz2kh1bPqcqvco |
abhaybhargav
/ nightwatch.conf.js
Created
April 14, 2018 14:00
ZAP Specific Settings in the main nightwatch.conf.js file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //These are ZAP Specific Settings | |
| const OTHER_SETTINGS = { | |
| zap_jrpc_server: "http://localhost:4000/jsonrpc", | |
| zap_report_path: "/Users/abhaybhargav/Documents/Code/node/nightwatch_zap/report.json", | |
| zap_report_format: "json", | |
| test_report_title: "ZAP Test for weCare Application", | |
| test_report_author: "Abhay Bhargav", | |
| zap_policy_name: "Light" | |
| }; |
abhaybhargav
/ nightwatch.conf.js
Created
April 14, 2018 14:01
Chrome Settings, with proxy being set to ZAP host and port
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const CHROME_CONFIGURATION = { | |
| browserName: 'chrome', | |
| javascriptEnabled: true, | |
| acceptSslCerts: true, | |
| chromeOptions: { | |
| args: [ | |
| '--proxy-server=http://127.0.0.1:8090' | |
| ] | |
| } | |
| }; |
abhaybhargav
/ login.js
Created
April 14, 2018 14:02
Command to the JSON-RPC service to start ZAP and wait for 10 seconds.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| before: function(client, done) { | |
| ZapManager.startZap(done); | |
| setTimeout(() => { | |
| done(); | |
| }, 10000); | |
| }, |
OlderNewer