Skip to content

Instantly share code, notes, and snippets.

Claud Xiao secmobi

Block or report user

Report or block secmobi

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@AKosterin
AKosterin / DexGuardDecoder.java
Last active Jul 3, 2019
New Dexguard String decoder for JEB 1.5. Tested on GFE 3.1.3. This release auto parse decoder function.
View DexGuardDecoder.java
import jeb.api.IScript;
import jeb.api.JebInstance;
import jeb.api.ast.*;
import jeb.api.ast.Class;
import jeb.api.dex.*;
import jeb.api.ui.JavaView;
import jeb.api.ui.View;
import java.util.Arrays;
import java.util.HashMap;
@andyg5000
andyg5000 / usr.sbin.sshd
Created Jan 5, 2016
SSHD AppArmor profile
View usr.sbin.sshd
# ------------------------------------------------------------------
#
# Copyright (C) 2002-2005 Novell/SUSE
# Copyright (C) 2012 Canonical Ltd.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of version 2 of the GNU General Public
# License published by the Free Software Foundation.
#
# ------------------------------------------------------------------
View top100AppProjects.csv
Project # of Top 100 Free Apps (US)
facebook-ios-sdk 67
Bolts-iOS 48
AFNetworking 39
Google-Mobile-Ads-SDK 38
Reachability (Apple) 38
Crashlytics 37
Flurry-iOS-SDK 31
CocoaPods 30
GoogleConversionTracking 29
@AKosterin
AKosterin / DexGuardStringDecoder.java
Created Aug 16, 2015
JEB Plugin for decrypt DexGuard encrypted Strings.
View DexGuardStringDecoder.java
import jeb.api.IScript;
import jeb.api.JebInstance;
import jeb.api.ast.*;
import jeb.api.ast.Class;
import jeb.api.dex.Dex;
import jeb.api.dex.DexCodeItem;
import jeb.api.dex.DexFieldData;
import jeb.api.dex.DexMethod;
import jeb.api.ui.JavaView;
import jeb.api.ui.View;
@CHEF-KOCH
CHEF-KOCH / Overview2014.txt
Last active Sep 17, 2019
Inside Android cracking/bypass techniques 2015 Edition
View Overview2014.txt
Hacking Android Apps Using Backup Techniques
http://resources.infosecinstitute.com/android-hacking-security-part-15-hacking-android-apps-using-backup-techniques/
Cracking Android App Binaries
http://resources.infosecinstitute.com/android-hacking-security-part-17-cracking-android-app-binaries/
Android Application hacking with Insecure Bank Part 4
http://resources.infosecinstitute.com/android-application-hacking-with-insecure-bank-part-4/
Android Application hacking with Insecure Bank – Part 3
View README
These two files should help you to import passwords from mac OS X keychains to 1password.
Assumptions:
1) You have some experience with scripting/are a power-user. These scripts worked for me
but they haven't been extensively tested and if they don't work, you're on your own!
Please read this whole document before starting this process. If any of it seems
incomprehensible/frightening/over your head please do not use these scripts. You will
probably do something Very Bad and I wouldn't want that.
2) You have ruby 1.9.2 installed on your machine. This comes as standard with Lion, previous
versions of OS X may have earlier versions of ruby, which *may* work, but then again, they
@sheagcraig
sheagcraig / AdwareCheckExtensionAttribute.py
Last active Dec 6, 2018
Check for Adware per Apple Kbase article
View AdwareCheckExtensionAttribute.py
#!/usr/bin/python
"""Identify or remove files known to be involved in Adware/Malware
infection.
Most of the code applies to building a list of malware files. Thus,
both extension attribute and removal handling are included.
Cleans files as a Casper script policy; thus, it expects four total
arguments, the first three of which it doesn't use, followed by
--remove
@steakknife
steakknife / ios-jailbroken-malware-scan.sh
Last active Aug 29, 2015
After reading the AppBuyer article...
View ios-jailbroken-malware-scan.sh
#!/usr/bin/env bash
set -e
YOUR_IPHONE=${1-root@172.20.10.1}
MALWARES='Unflod AdThief AppBuyer'
# folks say http://insanelyi.com/topic/17406-newly-discovered-ios-malware/
Unflod() { # aka SSLCreds
cat << PWND
/Library/MobileSubstrate/DynamicLibraries/Unflod.dylib
@Fuzion24
Fuzion24 / MainActivity.java
Last active Aug 29, 2015
Nexus 5 Local DOS - Reboots Phone with zero permissions
View MainActivity.java
package com.nexus5.dos;
import android.content.Intent;
import android.support.v7.app.ActionBarActivity;
import android.os.Bundle;
import android.view.Menu;
import android.view.MenuItem;
import android.view.View;
import android.widget.Button;
public class MainActivity extends ActionBarActivity {
@k3170makan
k3170makan / AndroidManifestFuzzer
Last active Oct 5, 2016
Nifty Little Bash Script for Fuzzing Application AndroidManifest.xml's
View AndroidManifestFuzzer
#!/bin/bash
#Basic set up for an Application AndroidManifest Fuzzer
#this requires a preexisting ant buildable application project to be set up! so get the SDK and ant1.8
#this file reproduces the bug mentioned here http://ibrahimbalic.com/2014/android-os-memory-corruption-bug/
#NOTE: values from 260000 and up cause SIGSEGvs to be sent to the system_server (test on KitKat 4.4.2)
#NOTE: you should probably monitor $(adb logcat)||(/system/bin/gdbserver) for responsiveness to the issue
APP_PROJ_DIR="..." #<-- PATH TO PROJ DIR
APP_PACKAGE_NAME="..." #<-- PACKAGE NAME
APP_LAUNCH_COMP="..." # <--- MAIN ACTIVITY NAME
You can’t perform that action at this time.