Skip to content

Instantly share code, notes, and snippets.

WindVane Bridge API (v1.2.2)

提供与客户端通讯的机制。支持WindVane SDK v2.2 以上版本。

WindVane 独有UA

windvane 在客户端中,会将原始UA后面跟上 WindVane/WindVaneSDK的版本号,你可以通过判断UA的方式来检查环境 其中,淘宝主客户端1212版本(IOS 3.4.5 ANDROID 3.9.5)后格式为

yehgdotnet /
Created October 28, 2021 16:02 — forked from mdonkers/
Simple Python 3 HTTP server for logging all GET and POST requests
#!/usr/bin/env python3
Very simple HTTP server in python for logging requests
./ [<port>]
from http.server import BaseHTTPRequestHandler, HTTPServer
import logging
class S(BaseHTTPRequestHandler):
yehgdotnet /
Created August 21, 2021 15:11
#!/usr/bin/perl -w
# $Id: //websites/unixwiz/ $
# written by : Stephen J. Friedl
# Software Consultant
# Tustin, California USA
# This very simple program is a kind of inverse to wget for ftp: it
# *puts* files to a remote FTP server and returns an exit code that
yehgdotnet / readlocal.js
Created May 25, 2021 04:14
Read local file using JavaScript
<!-- -->
<!DOCTYPE html>
<title>Read Text File</title>
<input type="file" name="inputfile"
yehgdotnet /
Created May 23, 2021 07:32
Is VPN active?
while true
sudo ifconfig tun0 &> /dev/null && echo -e "\033[1;32m" "-- VPN is active --" "\033[0m"
sudo ifconfig tun0 &> /dev/null || echo -e "\033[1;31m" "-- VPN is NOT active --" "\033[0m"
sleep 5
Purpose: To prevent deobfuscation
Symbols are usually stripped during the build process, so you need the compiled byte-code and libraries to verify whether any unnecessary metadata has been discarded.
First find the nm binary in your Android NDK and export it (or create an alias).
yehgdotnet / review object serialisation class
Created April 27, 2021 12:58
object serialisation class
Object Serialization
Search the source code for the following keywords:
implements Serializable
Static analysis depends on the library being used. In case of the need to counter memory-dumping, make sure that highly sensitive information is not stored in JSON as you cannot guarantee any anti-memory dumping techniques with the standard libraries. You can check for the following keywords per library:
yehgdotnet / gist:ec6ae948a6735d66f6eaff2ef60649a3
Last active August 24, 2023 17:30
Bypass IP-based restriction through spoofed localhost header
X-Forwarded-Host: localhost
yehgdotnet / shodan.go
Created October 13, 2020 00:04
golang shodan
package main
import (
yehgdotnet / goreadurlfromfile.go
Created September 28, 2020 04:49
Go read url from file (change target to your desired domain)
package main
import (
func main() {
argsWithoutProg := os.Args[1]