Skip to content

Instantly share code, notes, and snippets.

View as3ng's full-sized avatar
🐹
<scriptkiddies></scriptkiddies>

aseng as3ng

🐹
<scriptkiddies></scriptkiddies>
View GitHub Profile
@as3ng
as3ng / windows_hardening.cmd
Created August 9, 2021 03:49 — forked from mackwage/windows_hardening.cmd
Script to perform some hardening of Windows OS
:: Windows 10 Hardening Script
:: This is based mostly on my own personal research and testing. My objective is to secure/harden Windows 10 as much as possible while not impacting usability at all. (Think being able to run on this computer's of family members so secure them but not increase the chances of them having to call you to troubleshoot something related to it later on). References for virtually all settings can be found at the bottom. Just before the references section, you will always find several security settings commented out as they could lead to compatibility issues in common consumer setups but they're worth considering.
:: Obligatory 'views are my own'. :)
:: Thank you @jaredhaight for the Win Firewall config recommendations!
:: Thank you @ricardojba for the DLL Safe Order Search reg key!
:: Thank you @jessicaknotts for the help on testing Exploit Guard configs and checking privacy settings!
:: Best script I've found for Debloating Windows 10: https://github.com/Sycnex/Windows10Debloater
:
@as3ng
as3ng / frida-tips.md
Created October 23, 2021 11:06 — forked from daniellimws/frida-tips.md
Frida tips

Frida Tips

The documentation is so limited. A compilation of things I found on StackOverflow and don't want to have to search it up again.

Bypass root check

setTimeout(function() { // avoid java.lang.ClassNotFoundException

  Java.perform(function() {

    // Root detection bypass example
@as3ng
as3ng / frida_multiple_unpinning.js
Created June 13, 2022 13:15 — forked from akabe1/frida_multiple_unpinning.js
Another Android ssl certificate pinning bypass for various methods
/* Android ssl certificate pinning bypass script for various methods
by Maurizio Siddu
Run with:
frida -U -f [APP_ID] -l frida_multiple_unpinning.js --no-pause
*/
setTimeout(function() {
Java.perform(function() {
console.log('');
@as3ng
as3ng / MifareClassic.md
Created June 5, 2024 16:58 — forked from noproto/MifareClassic.md

MIFARE Classic

Here are the steps to follow in order to read your cards. Your goal is to find as many keys as possible. The keys unlock sections of your card for the Flipper to read them - you must have a card. Once you read enough sections, you can use an emulated or cloned card at the original card reader to unlock it (sometimes even without finding all of the keys!).

Reading the card

Steps:

  1. Dictionary attack: Try to scan your MIFARE Classic card with NFC -> Read. It will try a dictionary attack of default keys to unlock your card, as well as any keys you may have found through other methods. Do not interrupt the dictionary attack, it may take a while! If it finds 32/32 keys (or 80/80) with 16/16 sectors (or 40/40), congratulations and proceed to "Emulation". If not, continue to step 2.
  2. Mfkey32 attack (): If you have only a few keys found or no keys found, you can get mor