Skip to content

Instantly share code, notes, and snippets.

View ajinabraham's full-sized avatar

Ajin Abraham ajinabraham

1.7k followers · 8 following
View GitHub Profile
@ajinabraham
ajinabraham / mac-spoofer.sh
Last active December 9, 2023 06:53
macOS WiFi MAC Address Spoofer
interface=en0
echo "Disconnecting from WiFi SSID"
sudo /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -z
echo "Turning down ${interface}"
sudo ifconfig -d $interface
mac=$(printf '02:00:00:%02X:%02X:%02X\n' $((RANDOM%256)) $((RANDOM%256)) $((RANDOM%256)))
echo "Generated Random MAC Address: ${mac}"
sudo ifconfig $interface ether $mac
echo "MAC address spoofed"
ifconfig $interface lladdr | grep ether
@ajinabraham
ajinabraham / simplemde sanitize safe example
Created July 14, 2021 00:45
<!-- This example shows how to use simpleMDE safely with DOMPurify when dealing with intrusted user input.
Strip out javascript before rendering Markdown to HTML -->
<link rel="stylesheet" href="https://cdn.jsdelivr.net/simplemde/latest/simplemde.min.css">
<script src="https://cdn.jsdelivr.net/simplemde/latest/simplemde.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/marked/2.1.3/marked.min.js" integrity="sha512-AD+GG1nJKO4Je/Q8QsY1gM9/7o1QjpGe9W2Lrg1oGtEID/RX8bMKKZGgw/KOODkPXL6j74c6eJWAhE/3F2kKjA==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/dompurify/2.3.0/purify.min.js" integrity="sha512-FJzrdtFBVzaaehq9mzbhljqwJ7+jE0GyTa8UBxZdMsMUjflR25f5lJSGD0lmQPHnhQfnctG0B1TNQsObwyJUzA==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<textarea id="mde"></textarea>
@ajinabraham
ajinabraham / linkedin_mass_accept.js
Last active June 27, 2021 18:46
//Head on to https://www.linkedin.com/mynetwork/invitation-manager/
//In browser console
var buttons = document.getElementsByTagName('button')
for (let i = 0; i < buttons.length; i++) {
var aria = buttons[i].getAttribute("aria-label")
if (aria && aria.startsWith("Accept")) {
buttons[i].click()
console.log(aria)
}
}
@ajinabraham
ajinabraham / linkedin_mass_unfollow.js
Last active June 8, 2023 19:57
General Security Reminder: Do not run code shared by anyone on browser console, unless you know what the code is doing!
// 1. Go to https://www.linkedin.com/feed/following/?filterType=member
// 2. Select the ALL filter to see people you follow
// 3. Open console, paste the following and press enter
function massUnfollow(){
var buttons = document.getElementsByClassName('is-following')
for (let i = 0; i < buttons.length; i++) {
buttons[i].click()
}
@ajinabraham
ajinabraham / semgrep_static_analysis.yml
Last active January 31, 2021 15:07
rules:
- id: env-set
patterns:
- pattern-either:
- pattern: |
subprocess.check_output([..., "=~/env|set/", ...])
- pattern: |
subprocess.run([..., "=~/env|set/", ...])
- pattern: |
subprocess.Popen([..., "=~/env|set/", ...])
@ajinabraham
ajinabraham / fridanotes.md
Last active June 3, 2020 01:48 — forked from elevenchars/fridanotes.md
My notes on injecting a frida gadget into an apk
@ajinabraham
ajinabraham / Github Search API (quick hack)
Last active May 15, 2020 00:02
import time
import requests
user = ''
password = ''
session = requests.Session()
session.auth = (user, password)
url= 'https://api.github.com/search/repositories?language:javascript&sort=stars&q=topic:nodejs+topic:express'
@ajinabraham
ajinabraham / MobSF REST API JavaScript
Created August 31, 2018 11:21
<input id="file" type="file" name="file" />
<input class="btn btn-success" type="submit" value="Upload" onclick="uploadFile()"></br>
<input type="button" value="Scan File" onclick="scanFile()"></br>
<input type="button" value="Get JSON" onclick="getJSONReport()"></br>
<input type="button" value="Get PDF" onclick="getPDFReport()"></br>
<input type="button" value="Delete Scan" onclick="deleteSCAN()"></br>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<script>
// Set API Key
const api_key = "{{ api }}";
@ajinabraham
ajinabraham / MobSF REST API Python.py
Last active February 2, 2024 15:15
MOBSF REST API Python Requests Example
"""
MOBSF REST API Python Requests
"""
import json
import requests
from requests_toolbelt.multipart.encoder import MultipartEncoder
SERVER = "http://127.0.0.1:8000"
FILE = 'diva-beta.apk'
@ajinabraham
ajinabraham / reflect.py
Created June 5, 2018 17:13 — forked from huyng/reflect.py
A simple echo server to inspect http web requests
#!/usr/bin/env python
# Reflects the requests from HTTP methods GET, POST, PUT, and DELETE
# Written by Nathan Hamiel (2010)
from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler
from optparse import OptionParser
class RequestHandler(BaseHTTPRequestHandler):
def do_GET(self):