Skip to content

Instantly share code, notes, and snippets.

WindVane Bridge API (v1.2.2)

提供与客户端通讯的机制。支持WindVane SDK v2.2 以上版本。

WindVane 独有UA

windvane 在客户端中,会将原始UA后面跟上 WindVane/WindVaneSDK的版本号,你可以通过判断UA的方式来检查环境 其中,淘宝主客户端1212版本(IOS 3.4.5 ANDROID 3.9.5)后格式为

yehgdotnet /
Created October 28, 2021 16:02 — forked from mdonkers/
Simple Python 3 HTTP server for logging all GET and POST requests
#!/usr/bin/env python3
Very simple HTTP server in python for logging requests
./ [<port>]
from http.server import BaseHTTPRequestHandler, HTTPServer
import logging
class S(BaseHTTPRequestHandler):
yehgdotnet /
Created October 23, 2019 11:50 — forked from joepie91/
Don't use VPN services.

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

A Russian translation of this article can be found here, contributed by Timur Demin. There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.

Why not?

yehgdotnet / tlds
Created June 12, 2018 07:39 — forked from di/tlds
Valid Two-Letter Top Level Domains
yehgdotnet /
Created March 20, 2018 13:41 — forked from xassiz/
Reverse MSSQL shell
import sys
import requests
import threading
import HTMLParser
from BaseHTTPServer import HTTPServer, BaseHTTPRequestHandler
Description: Reverse MSSQL shell through xp_cmdshell + certutil for exfiltration
Author: @xassiz
yehgdotnet /
Created March 13, 2018 14:25 — forked from facelordgists/
Recursively remove .git folders
( find . -type d -name ".git" && find . -name ".gitignore" && find . -name ".gitmodules" ) | xargs rm -rf
#!/usr/bin/env python
# rduck-pinbrute: Generate Duckyscript file that brute forces all 4-digit
# PIN values for use in attacking Android devices. Prioritizes common
# PIN values before resorting to exhaustive 0000-9999 search.
# Joshua Wright, Public Domain.
# Inspired by Darren Kitchen script:
# Data Genetics high probability list
yehgdotnet /
Last active March 11, 2018 08:51 — forked from schnell18/
[Android-SDK | Java9 incompatibility fix - MacOS X] remove Java 9 and install Java 8
$ avdmanager
Exception in thread "main" java.lang.NoClassDefFoundError: javax/xml/bind/annotation/XmlSchema
Caused by: java.lang.ClassNotFoundException: javax.xml.bind.annotation.XmlSchema
at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(
at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(
yehgdotnet /
Created March 7, 2018 03:34 — forked from frohoff/
Java 7u21 Security Advisory

Security Advisory – Java SE

Chris Frohoff – Qualcomm Information Security and Risk Management


  • Affected Product(s): Java SE 6, Java SE 7
  • Fixed in: Java SE 7u25 (2013-06-18), Java SE 8 (2014-03-18)
  • Vendor Contact:
  • Vulnerability Type: Unsafe Object Deserialization