Serve up a single file for all requests to the server.
./httpServe <path to file>
David Weinstein dweinstein
dweinstein
/ searchApple.sh
Last active
August 29, 2015 14:12
search for apple application bundleId and meta data
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl -s https://itunes.apple.com/search\?term\=$1\&media\=software \ | |
| | jq '.results | .[] | {artistName: .artistName, sellerName: .sellerName, bundleId: .bundleId, description:.description}' |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| return client.shell(device.id, "pm list packages") | |
| .then(adb.util.readAll) | |
| .then(function (output) { | |
| tabulate( | |
| "#features", | |
| _.chain(output.toString('utf8').split("\n")) | |
| .without('', "\n", ' ') | |
| .transform(function (accum, val, key) { | |
| accum.push({count: key, val: val.split('package:')[1]}); | |
| }, []) |
dweinstein
/ README.md
Last active
August 29, 2015 14:13
minimal node js script to serve static file via http
dweinstein
/ npm-qos-heuristic.md
Last active
August 29, 2015 14:14
— forked from heapwolf/npm-qos-heuristic.md
general heuristics for ranking package quality node npm
dweinstein
/ loadDirAndBind.js
Last active
August 29, 2015 14:15
javascript / node: load / require a directory of modules and bind arguments to each returning a single object with all the methods. This is useful for example if you'd like to bind a series of utility methods to the same database object.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var fmt = require('util').format; | |
| var join = require('path').join; | |
| module.exports = function loadAndBind(path) { | |
| var methods = {}; | |
| var normalizedPath = join(__dirname, path); | |
| var args = [].slice.call(arguments, 1); | |
| require("fs").readdirSync(normalizedPath).forEach(function(file) { | |
| var mod = require(join(normalizedPath, file)); |
dweinstein
/ 0filter.sh
Last active
August 29, 2015 14:17
extract emails from apple app store descriptions itunes search emails
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| jq -s '[.] | .[0]' results | jq -c 'unique_by(.trackId) | sort_by(.artistName) | .[]' |
dweinstein
/ lastLine.js
Last active
August 29, 2015 14:17
node iojs get last line of file using slice-file
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| var fs = require('fs'); | |
| var slice = require('slice-file'); | |
| function lastLine(path, cb) { | |
| cb = cb || function(err, res) { | |
| if(err) { throw err; } | |
| process.stdout.write(res); | |
| }; | |
| var ret; |
dweinstein
/ gist:50084fca74964cb314a2
Last active
August 29, 2015 14:17
DW - Q&A - AMA 3/17/2015 - https://www.youtube.com/watch?v=rR69b9u-Xlw&feature=youtu.be -- dweinstein@nowsecure.com
Based on your view as a security researcher, do you feel the mobile industry is improving in security?
Yes, security is always moving forward and forcing attackers to take different approaches to be successful. Over the last couple of years Android exploitation has been getting increasingly annoying for attackers with technologies like ASLR, SE for Android and the beginning of dm-verity, etc but unfortunately these technologies don’t stop poorly written apps from wrecking havoc, leaking data, and therefore leaving low hanging fruit on the table. Mobile devices have such rich APIs that most of the valuable data an attacker would like is exposed not just at the OS layer but at the app layer as well. Containerization isn’t the silver bullet here either. The mobile space has changed an attacker’s focus from being primarily web browsers to a broader set of apps that each have potential for unique implementation flaws. While you might think iOS would be less affected by this because the system provides so much f
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| module.exports = { | |
| stat: { | |
| S_IFMT : 0170000, //bit mask for the file type bit fields | |
| S_IFSOCK : 0140000, //socket | |
| S_IFLNK : 0120000, //symbolic link | |
| S_IFREG : 0100000, //regular file | |
| S_IFBLK : 0060000, //block device | |
| S_IFDIR : 0040000, //directory | |
| S_IFCHR : 0020000, //character device |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 310110 | Wireless 2000 PCS | |
|---|---|---|
| 310020 | Union Telephone | |
| 310260 | T-Mobile | |
| 310030 | Centennial | |
| 310310 | T-Mobile | |
| 310040 | Concho Wireless | |
| 310460 | Simmetry | |
| 310070 | Highland Cellular | |
| 310080 | Corr Wireless | |
| 310090 | Edge Wireless |