Skip to content

Instantly share code, notes, and snippets.

View vinhjaxt's full-sized avatar
🏠
Working from home

vinhjaxt

🏠
Working from home
146 followers · 47 following
View GitHub Profile
@incogbyte
incogbyte / mixunpin.js
Last active May 2, 2024 07:03
Frida script to bypass common methods of sslpining Android
console.log("[*] SSL Pinning Bypasses");
console.log(`[*] Your frida version: ${Frida.version}`);
console.log(`[*] Your script runtime: ${Script.runtime}`);
/**
* by incogbyte
* Common functions
* thx apkunpacker, NVISOsecurity, TheDauntless
* Remember that sslpinning can be custom, and sometimes u need to reversing using ghidra,IDA or something like that.
* !!! THIS SCRIPT IS NOT A SILVER BULLET !!
@alexander-hanel
alexander-hanel / GORE.md
Last active April 12, 2024 02:33
Go Lang Reverse Engineering Resources/Links
@JerryLokjianming
JerryLokjianming / Crack Sublime Text Windows and Linux.md
Last active April 25, 2024 04:03
Crack Sublime Text 3.2.2 Build 3211 and Sublime Text 4 Alpha 4098 with Hex

How to Crack Sublime Text 3.2.2 Build 3211 with Hex Editor (Windows | Without License) ↓

  1. Download & Install Sublime Text 3.2.2 Build 3211
  2. Visit https://hexed.it/
  3. Open file select sublime_text.exe
  4. Offset 0x8545: Original 84 -> 85
  5. Offset 0x08FF19: Original 75 -> EB
  6. Offset 0x1932C7: Original 75 -> 74 (remove UNREGISTERED in title bar, so no need to use a license)
@akabe1
akabe1 / frida_multiple_unpinning.js
Last active May 6, 2024 10:44
Another Android ssl certificate pinning bypass for various methods
/* Android ssl certificate pinning bypass script for various methods
by Maurizio Siddu
Run with:
frida -U -f <APP_ID> -l frida_multiple_unpinning.js [--no-pause]
*/
setTimeout(function() {
Java.perform(function() {
console.log('');
@cs8425
cs8425 / setDefaultNS.go
Last active March 5, 2023 05:17
DNS resolve workaround for android in pure go
package main
import (
"fmt"
"net"
"sync"
"time"
_ "unsafe"
)
@probonopd
probonopd / x96.md
Last active March 8, 2023 09:15

Linux on x96 2GB/16GB TV box

Power

CAUTION: When powering it via the VCC line on the internal serial connector, it probably needs 3.3V rather than 5V!

x96 2GB/16GB
@rustymagnet3000
rustymagnet3000 / a_openssl_command_playground.md
Last active December 8, 2023 09:19
openSSL Playground

OpenSSL Playground

Certificates

# human readable crt file
openssl x509 -in stackexchangecom.crt -text -noout

# human readable pem file
openssl x509 -in cert.pem -text -noout
@chronon
chronon / ext.txt
Created February 18, 2017 15:38
List of docker-php-ext-install extension names
Possible values for ext-name:
bcmath
bz2
calendar
ctype
curl
dba
dom
enchant
@Zenexer
Zenexer / escapeshellrce.md
Last active November 2, 2023 06:09
Security Advisory: PHP's escapeshellcmd and escapeshellarg are insecure

Paul Buonopane paul@namepros.com at NamePros
PGP: https://keybase.io/zenexer

I'm working on cleaning up this advisory so that it's more informative at a glance. Suggestions are welcome.

This advisory addresses the underlying PHP vulnerabilities behind Dawid Golunski's [CVE-2016-10033][CVE-2016-10033], [CVE-2016-10045][CVE-2016-10045], and [CVE-2016-10074][CVE-2016-10074]. It assumes prior understanding of these vulnerabilities.

This advisory does not yet have associated CVE identifiers.

Summary

@LeCoupa
LeCoupa / redis_cheatsheet.bash
Last active March 18, 2024 09:08
Redis Cheatsheet - Basic Commands You Must Know --> UPDATED VERSION --> https://github.com/LeCoupa/awesome-cheatsheets
# Redis Cheatsheet
# All the commands you need to know
redis-server /path/redis.conf # start redis with the related configuration file
redis-cli # opens a redis prompt
# Strings.