dualfade
/ BurpSuiteSSLPassTrough.json
Last active
December 13, 2022 04:19
— forked from vsec7/BurpSuiteSSLPassTrough.json
Filter out the noise
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| { | |
| "proxy": { | |
| "ssl_pass_through": { | |
| "automatically_add_entries_on_client_ssl_negotiation_failure": false, | |
| "rules": [ | |
| { | |
| "enabled": true, | |
| "host": ".*\\.google\\.com", | |
| "protocol": "any" | |
| }, |
dualfade
/ fingerprint.js
Last active
March 25, 2023 18:08
— forked from nikitastupin/fingerprint.js
fingerprint.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // find javascript gadgets -- | |
| // forked => https://gist.github.com/nikitastupin/b3b64a9f8c0eb74ce37626860193eaec | |
| // ref => https://github.com/BlackFan/client-side-prototype-pollution | |
| // ref => https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#prototype-pollution | |
| // updated; @dualfade -- | |
| // start -- | |
| // check for known gadgets -- | |
| (() => { | |
| // gadgets -- |
dualfade
/ debug-events.js
Created
December 23, 2021 01:10
— forked from alessioalex/debug-events.js
intercept *.addEventListener for debugging
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // http://stackoverflow.com/questions/4787698/failure-to-override-elements-addeventlistener-in-firefox | |
| (function() { | |
| Error.stackTraceLimit = Infinity; | |
| var _interfaces = Object.getOwnPropertyNames(window).filter(function(i) { | |
| return /^HTML/.test(i); | |
| }).map(function(i) { | |
| return window[i]; | |
| }); |
dualfade
/ intercept-network-requests.js
Created
December 8, 2021 14:34
— forked from benjamingr/intercept-network-requests.js
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function interceptNetworkRequests(ee) { | |
| const open = XMLHttpRequest.prototype.open; | |
| const send = XMLHttpRequest.prototype.send; | |
| const isRegularXHR = open.toString().indexOf('native code') !== -1; | |
| // don't hijack if already hijacked - this will mess up with frameworks like Angular with zones | |
| // we work if we load first there which we can. | |
| if (isRegularXHR) { |