Skip to content

Instantly share code, notes, and snippets.


Wagner Souza waghcwb

View GitHub Profile
coaxial /
Last active Mar 5, 2022
unpinning SSL certs on Android apps with Frida to inspect network traffic with mitmproxy

Most of the time, applications won't pin the certificate. Running mitmproxy and passing all Android traffic through it is as simple as adb connect <IP> && adb shell settings put global http_proxy <mitmproxy host>:<mitmproxy port> (or use Android's UI)

Some applications, however, pin the certificate and will refuse to do any network calls if using mitmproxy.

Luckily, Frida is here!

This assumes Android x86 is running in a VM, that you are a developer in Android (tap the build version enough times), adb debugging is enabled, and that android tools are installed on the host.

  • start mitmproxy on host
  • visit on the target (after setting the proxy) and install the spoofed cert
muff-in /
Last active Oct 7, 2022
A curated list of Assembly Language / Reversing / Malware Analysis / Game Hacking-resources
smartdev10 / CreateBrowser.js
Created Jul 28, 2020
puppeteer-extra exemple
View CreateBrowser.js
const puppeteer = require('puppeteer-extra');
const StealthPlugin = require('puppeteer-extra-plugin-stealth');
const AdblockerPlugin = require('puppeteer-extra-plugin-adblocker');
(async() => {
puppeteer.use(AdblockerPlugin({ blockTrackers: true }));
puppeteer.use(require('puppeteer-extra-plugin-user-preferences')({userPrefs: {
egermano /
Last active Sep 15, 2022
Gerador de CPF para Postman

Gerador de CPF

Criei esse script para gerar CPF randômicos para test de API no Postman.

Adicione esse script na aba Pre-request Script e adicione a variável {{cpf}}na sua request.

Sempre que você chamar o Postman vai chamar o seu script antes de enviar a request gerando um novo CPF em toda request.

HarshithaKP / SessionPersistence.js
Last active Feb 12, 2022
Demonstration of how user session can be persisted across redirects, with an express server and request client.
View SessionPersistence.js
var express = require('express')
var session = require('express-session')
var app = express()
var r = require('request')
// By default cookies are disabled, switch it on
var request = r.defaults( { jar:true } )
app.use(session({ secret: 'keyboard cat',saveUninitialized : false, resave : false, cookie: { maxAge: 60000 }}))
simlevesque / gist:58ecb8477188f903fef72a5601f0a069
Created Sep 25, 2019
aws v4 signature in modern js (sigv4.js)
View gist:58ecb8477188f903fef72a5601f0a069
'use strict';
const crypto = require('crypto');
module.exports = function (accessKey, secretKey, requestHeaders, httpMethod, path, payload, region, service, timestamp) {
const signedHeaders = createSignedHeaders(requestHeaders);
const canonicalRequest = createCanonicalRequest(httpMethod, path, requestHeaders, payload);
const stringToSign = createStringToSign(timestamp, region, service, canonicalRequest);
const signature = createSignature(secretKey, timestamp, region, service, stringToSign);
const authorizationHeader = createAuthorizationHeaders(timestamp, accessKey, region, service, signedHeaders, signature);
RoccoHoward / tailwind-loading-screen.html
Created Aug 2, 2019
TailwindCSS full screen loading page
View tailwind-loading-screen.html
<div id="loading-screen" class="hidden w-full h-full fixed block top-0 left-0 bg-white opacity-75 z-50">
<span class="text-green-500 opacity-75 top-1/2 my-0 mx-auto block relative w-0 h-0">
<i class="fas fa-circle-notch fa-spin fa-5x"></i>
ik5 / custom_json_unmarshal.go
Last active Sep 21, 2022
Example of custom unmarshal of JSON in golang
View custom_json_unmarshal.go
package main
import (
type To []string
yougg / detectrun.go
Created Jun 20, 2019
Detect if windows golang executable file is running via double click or from cmd/shell terminator
View detectrun.go
// +build windows
//go:generate go build -ldflags "-s -w -extldflags '-static'" $GOFILE
package main
import (
rikonor / main.go
Created Jan 19, 2019
Server Sent Events (SSE) Example in Go
View main.go
package main
import (