Skip to content

Instantly share code, notes, and snippets.

View waghcwb's full-sized avatar
🎧
‌‌

Wagner Souza waghcwb

🎧
‌‌
View GitHub Profile
@githubfoam
githubfoam / tshark cheat sheet
Last active June 16, 2024 09:11
tshark cheat sheet
============================================================================
#Wireshark installation directory: windows
C:\Program Files (x86)\Wireshark>tshark.exe
============================================================================
tshark -D #list of available interfaces
============================================================================
capture
============================================================================
tshark -i 2 #start capturing traffic on interface n°2
tshark -i 2 -a duration:10 #capture for 10 seconds, then stop
1. Download latest apktool version.
2. Download the batch file and aapt.exe.
3. Create a folder anywhere in the PC and put all the apktool.jar, aapt.exe and the batch script in that folder.
4. Open command prompt.
5. Navigate to the folder where you placed apktool.jar, batch script and the aapt.exe.
6. Now, you need to install the file using the " IF " command.
7. Type the following command.
apktool if name-of-the-app.apk
@coaxial
coaxial / README.md
Last active December 18, 2024 09:18
unpinning SSL certs on Android apps with Frida to inspect network traffic with mitmproxy

Most of the time, applications won't pin the certificate. Running mitmproxy and passing all Android traffic through it is as simple as adb connect <IP> && adb shell settings put global http_proxy <mitmproxy host>:<mitmproxy port> (or use Android's UI)

Some applications, however, pin the certificate and will refuse to do any network calls if using mitmproxy.

Luckily, Frida is here!

This assumes Android x86 is running in a VM, that you are a developer in Android (tap the build version enough times), adb debugging is enabled, and that android tools are installed on the host.

  • start mitmproxy on host
  • visit mitm.it on the target (after setting the proxy) and install the spoofed cert
@muff-in
muff-in / resources.md
Last active December 6, 2024 05:59
A curated list of Assembly Language / Reversing / Malware Analysis / Game Hacking-resources
@smartdev10
smartdev10 / CreateBrowser.js
Created July 28, 2020 23:30
puppeteer-extra exemple
const puppeteer = require('puppeteer-extra');
const StealthPlugin = require('puppeteer-extra-plugin-stealth');
const AdblockerPlugin = require('puppeteer-extra-plugin-adblocker');
(async() => {
puppeteer.use(AdblockerPlugin({ blockTrackers: true }));
puppeteer.use(StealthPlugin());
puppeteer.use(require('puppeteer-extra-plugin-anonymize-ua')())
puppeteer.use(require('puppeteer-extra-plugin-user-preferences')({userPrefs: {
@dfrankland
dfrankland / how_to_use_wireshark_with_nodejs.md
Created May 28, 2020 05:06
How to use Wireshark with Node.js (especially with HTTPS / TLS / SSL)

How to use Wireshark with Node.js (especially with HTTPS / TLS / SSL)

It can be difficult to trace network traffic from a Node.js application. Typically, folks will just instrument some logging to check that everything is working as it is supposed to. Unfortunately, sometimes there are too many abstractions or possible race conditions to accurately get a good trace. To get the most objective possible trace of network traffic Wireshark can be used.

Wireshark is a network protocol analyzer that makes it extremely simple to capture and trace network activity from any source on your computer. It also has

@egermano
egermano / README.md
Last active November 5, 2024 16:58
Gerador de CPF para Postman

Gerador de CPF

Criei esse script para gerar CPF randômicos para test de API no Postman.

Adicione esse script na aba Pre-request Script e adicione a variável {{cpf}}na sua request.

Sempre que você chamar o Postman vai chamar o seu script antes de enviar a request gerando um novo CPF em toda request.

@ozgurg
ozgurg / PlayPauseView.java
Last active June 4, 2024 04:12
Android Animated Play Pause Button by using AnimatedVectorDrawable
public class PlayPauseView extends AppCompatImageView {
public static final int STATE_PLAY = 1;
public static final int STATE_PAUSE = 2;
private AnimatedVectorDrawableCompat mPlayToPauseAnim, mPauseToPlay;
private Animation mFadeOutAnim, mFadeInAnim;
public PlayPauseView(Context context) {
super(context);
Init(context);
@HarshithaKP
HarshithaKP / SessionPersistence.js
Last active February 12, 2022 09:19
Demonstration of how user session can be persisted across redirects, with an express server and request client.
var express = require('express')
var session = require('express-session')
var app = express()
var r = require('request')
// By default cookies are disabled, switch it on
var request = r.defaults( { jar:true } )
app.use(session({ secret: 'keyboard cat',saveUninitialized : false, resave : false, cookie: { maxAge: 60000 }}))
@simlevesque
simlevesque / gist:58ecb8477188f903fef72a5601f0a069
Created September 25, 2019 21:52
aws v4 signature in modern js (sigv4.js)
'use strict';
const crypto = require('crypto');
module.exports = function (accessKey, secretKey, requestHeaders, httpMethod, path, payload, region, service, timestamp) {
const signedHeaders = createSignedHeaders(requestHeaders);
const canonicalRequest = createCanonicalRequest(httpMethod, path, requestHeaders, payload);
const stringToSign = createStringToSign(timestamp, region, service, canonicalRequest);
const signature = createSignature(secretKey, timestamp, region, service, stringToSign);
const authorizationHeader = createAuthorizationHeaders(timestamp, accessKey, region, service, signedHeaders, signature);