Skip to content

Instantly share code, notes, and snippets.

Keybase proof

I hereby claim:

  • I am xdavidhu on github.
  • I am xdavidhu ( on keybase.
  • I have a public key ASDkMZTUsxCqD0WnxOK6QA5nLKL0cxFLnRhOkAGBuakWfwo

To claim this, I am signing this object:

xdavidhu /
Last active March 1, 2022 12:49 - python cli
#!/usr/bin/env python3
# author: @xdavidhu
import requests, json, sys, socket
if len(sys.argv) > 1:
ip = sys.argv[1]
ip = False
xdavidhu /
Last active June 4, 2024 08:51, a bash script to convert domain lists to resolved IP lists without duplicates
# by @xdavidhu
# This is a script inspired by the Bug Hunter's Methodology 3 by @Jhaddix
# With this script, you can convert domain lists to resolved IP lists without duplicates.
# Usage: ./ [domain-list-file] [output-file]
echo -e "[+] by @xdavidhu\n"
if [ -z "$1" ] || [ -z "$2" ]; then
echo "[!] Usage: ./ [domain-list-file] [output-file]"
exit 1
xdavidhu /
Last active November 4, 2023 15:10
#! /usr/bin/python3
import http.server, ssl, sys, random, string, argparse, socket
hostname = "[domain]"
redirect_enabled = False
redirect_target = ""
redirect_token = ""
manual_redirect_token = False
redirect_code = 303
xdavidhu /
Created January 6, 2021 13:42
A script to mass-extract method names from the GCP Console's Metric page (More info:
import requests
headers = {
"Authorization": "SAPISIDHASH [sapisidhash]",
"Origin": "",
cookies = {
"SID": "",
"HSID": "",
xdavidhu /
Last active April 25, 2024 16:32
Bypassing SSL Pinning in Facebook/Meta Workplace (Android)

Tested on Workplace for Android version 362. This approach might work in other Facebook/Meta applications. Thank you Imre Rad for helping me analyze the binary.

How does it work?

The Workplace Android app uses the Fizz open source TLS-1.3 library to communicate with the backend APIs. This library is written in C++, and is compiled to native code. It is running as a native library attached to the Android app.

The certificate verification is implemented in fizz/client/ClientProtocol.cpp, on line 1944. The easiest way to bypass this check is to patch the if (state.verifier()) { check on line 1942.