| // $ frida -l antiroot.js -U -f com.example.app --no-pause | |
| // CHANGELOG by Pichaya Morimoto (p.morimoto@sth.sh): | |
| // - I added extra whitelisted items to deal with the latest versions | |
| // of RootBeer/Cordova iRoot as of August 6, 2019 | |
| // - The original one just fucked up (kill itself) if Magisk is installed lol | |
| // Credit & Originally written by: https://codeshare.frida.re/@dzonerzy/fridantiroot/ | |
| // If this isn't working in the future, check console logs, rootbeer src, or libtool-checker.so | |
| Java.perform(function() { | |
| var RootPackages = ["com.noshufou.android.su", "com.noshufou.android.su.elite", "eu.chainfire.supersu", |
| #!/usr/bin/env python3 | |
| from scapy.all import * | |
| from py2neo import Graph, Node, Relationship | |
| packets = rdpcap("<your_pcap_file>") | |
| g = Graph(password="<your_neo4j_password>") | |
| for packet in packets.sessions(): | |
| pkt = packet.split() |
| """ | |
| A Bitbucket Builds template for deploying | |
| an application to AWS Elastic Beanstalk | |
| joshcb@amazon.com | |
| v1.0.0 | |
| """ | |
| from __future__ import print_function | |
| import os | |
| import sys | |
| from time import strftime, sleep |
This document was created back in 2020 and might not be actual nowadays. It is not supported anymore, so use thise information at your own risk.
wsl --set-default-version 2 in windows command line, so that all future WSL machine will use WSL2.
This is inspired by A half-hour to learn Rust and Zig in 30 minutes.
Your first Go program as a classical "Hello World" is pretty simple:
First we create a workspace for our project:
| #!/usr/bin/env ruby | |
| # gem install active_support | |
| require 'active_support/inflector' | |
| require 'active_support/core_ext/string' | |
| # gem install webrick (only ruby3) | |
| require 'webrick' | |
| # gem install mechanize |
| # This is a proof-of-concept for a security bug in GitHub Actions which has since been fixed. | |
| # See https://blog.teddykatz.com/2021/03/17/github-actions-write-access.html for more information. | |
| # The proof-of-concept was only ever used in a test environment to validate the existence of the | |
| # vulnerability, and is shown here for educational purposes. | |
| # | |
| # The proof-of-concept would have the effect of creating a `vandalism.md` file, containing vandalism, | |
| # on the default branch of a victim repository. | |
| # | |
| # To use the proof-of-concept, the steps would have been: | |
| # 1. Fork the victim repository |
Quick write up on extracting a GraphQL schema when introspection is disabled. Bits and pieces sourced from various sources. Successfully tested on an Apollo instance.
TLDR: Some GraphQL instances provide name autocomplete suggestions. Some peeps have written tools to automate the extraction process. (ref https://youtu.be/nPB8o0cSnvM).
First step is using a tool called clairvoyance by @nikitastupin (https://github.com/nikitastupin/clairvoyance). I found the main repo to lack error handling and support for additional features such as proxy.
Yesterday I posted a little quiz on Twitter about HTML parsing.
The question was: what element is going to be the parent of the final <s> in the following snippet of HTML:
<div><table><svg><foreignObject><select><table><s>The final answers are:
