Skip to content

Instantly share code, notes, and snippets.

View jjsdub556's full-sized avatar

Trinidad jjsdub556

5 followers · 8 following
View GitHub Profile
@jjsdub556
jjsdub556 / WKWebviewAnalysis.js
Last active July 23, 2022 10:06
WKWebview Analysis
ObjC.choose(ObjC.classes['WKWebView'], {
onMatch: function (wk) {
console.log('onMatch: ', wk);
console.log('URL: ', wk.URL().toString());
console.log('javaScriptEnabled: ', wk.configuration().preferences().javaScriptEnabled());
console.log('allowFileAccessFromFileURLs: ',
wk.configuration().preferences().valueForKey_('allowFileAccessFromFileURLs').toString());
console.log('hasOnlySecureContent: ', wk.hasOnlySecureContent().toString());
console.log('allowUniversalAccessFromFileURLs: ',
wk.configuration().valueForKey_('allowUniversalAccessFromFileURLs').toString());
@jjsdub556
jjsdub556 / webviewanalysis.js
Created July 23, 2022 10:00
iOS WebView analysis JS
ObjC.choose(ObjC.classes['UIWebView'], {
onMatch: function (ui) {
console.log('onMatch: ', ui);
console.log('URL: ', ui.request().toString());
},
onComplete: function () {
console.log('UIWebView search finished!');
}
});
@jjsdub556
jjsdub556 / .bash_prompt
Created May 12, 2022 11:07
# Define some basic colors using tput (8-bit color: 256 colors)
red="\[$(tput setaf 160)\]"
bright_red="\[$(tput setaf 196)\]"
light_purple="\[$(tput setaf 60)\]"
orange="\[$(tput setaf 172)\]"
blue="\[$(tput setaf 21)\]"
light_blue="\[$(tput setaf 80)\]"
bold="\[$(tput bold)\]"
reset="\[$(tput sgr0)\]"
@jjsdub556
jjsdub556 / frida-server-ios-all-interfaces.sh
Created August 18, 2021 05:29 — forked from interference-security/frida-server-ios-all-interfaces.sh
Run iOS frida-server on all interfaces
# Install curl using Cydia before using the next command
# /bin/bash -c "$(curl -fsSL https://gist.github.com/interference-security/68faea1f4a445a7814cc2518a7d1c416/raw/c715dbc30397762239b3bf2d76c60859a5c83625/frida-server-ios-all-interfaces.sh)"
launchctl unload -w /Library/LaunchDaemons/re.frida.server.plist
cat >/Library/LaunchDaemons/re.frida.server.plist <<EOL
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Label</key>
<string>re.frida.server</string>
@jjsdub556
jjsdub556 / GadgetToJScript Command Reference
Created October 22, 2020 08:54 — forked from 3xpl01tc0d3r/GadgetToJScript Command Reference
GadgetToJScript Code
# Command to generate HTA code using GadgetsToJScript
GadgetToJScript.exe -w hta
# Command to generate JS code using GadgetsToJScript
GadgetToJScript.exe -w js
# Command to generate VBS code using GadgetsToJScript
GadgetToJScript.exe -w vbs
# Command to generate VBA code using GadgetsToJScript
@jjsdub556
jjsdub556 / ReverseShell.cs
Created October 21, 2020 18:16 — forked from mrjamiebowman/ReverseShell.cs
C# Simple Reverse Shell Code
namespace RevShell
{
using System;
using System.Diagnostics;
using System.IO;
using System.Net.Sockets;
using System.Runtime.InteropServices;
using System.Text;
namespace ConnectBack
@jjsdub556
jjsdub556 / 1) Active Directory One Liners
Created October 20, 2020 10:43 — forked from w00tc/1) Active Directory One Liners
Some Pentesting Notes
Retrieves all of the trust relationships for this domain - Does not Grab Forest Trusts
([System.DirectoryServices.ActiveDirectory.Domain]::GetCurrentDomain()).GetAllTrustRelationships()
Grab Forest Trusts.
([System.DirectoryServices.ActiveDirectory.Forest]::GetCurrentForest()).GetAllTrustRelationships()
@jjsdub556
jjsdub556 / nginx-tuning.md
Created September 25, 2020 13:47 — forked from denji/nginx-tuning.md
NGINX tuning for best performance

Moved to git repository: https://github.com/denji/nginx-tuning

NGINX Tuning For Best Performance

For this configuration you can use web server you like, i decided, because i work mostly with it to use nginx.

Generally, properly configured nginx can handle up to 400K to 500K requests per second (clustered), most what i saw is 50K to 80K (non-clustered) requests per second and 30% CPU load, course, this was 2 x Intel Xeon with HyperThreading enabled, but it can work without problem on slower machines.

You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers.

@jjsdub556
jjsdub556 / sqlmitm.py
Created August 26, 2020 08:25 — forked from anonymous/sqlmitm.py
from scapy.all import *
import unicodedata
import sys, getopt
import time, datetime
import argparse
import socket
import fcntl
import struct
import threading
@jjsdub556
jjsdub556 / dump_socket.sh
Created August 21, 2020 06:58 — forked from jhass/dump_socket.sh
Capture unix socket to pcap file with socat and tshark
#!/bin/bash
# Parameters
socket="/run/foo.sock"
dump="/tmp/capture.pcap"
# Extract repetition
port=9876
source_socket="$(dirname "${socket}")/$(basename "${socket}").orig"