Skip to content

Instantly share code, notes, and snippets.

View luca-regne's full-sized avatar
🤯

regne luca-regne

🤯
104 followers · 181 following
View GitHub Profile
@luca-regne
luca-regne / bypass-freeRasp.js
Last active September 1, 2025 14:33
Frida Script to Bypass freeRasp
/*
frida -U -f package.name --codeshare luca-regne/android-freerasp-bypass --no-pause
Android freeRASP Bypass by regne
https://fireshellsecurity.team/bhackctf2024-bypass-freerasp-callbacks/
*/
Java.perform(function() {
var Intent = Java.use("android.content.Intent");
@luca-regne
luca-regne / get-shodan-favicon-hash.py
Created June 2, 2022 23:40 — forked from yehgdotnet/get-shodan-favicon-hash.py
Get Shodan FAVICON Hash
# https://twitter.com/brsn76945860/status/1171233054951501824
pip install mmh3
-----------------------------
# python 2
import mmh3
import requests
response = requests.get('https://cybersecurity.wtf/favicon.ico')
favicon = response.content.encode('base64')
@luca-regne
luca-regne / scanio.sh
Created May 27, 2022 12:10 — forked from haccer/scanio.sh
PoC script to mass-locate vulnerable subdomains using results from Rapid7's Project Sonar
#!/bin/bash
# Usage : ./scanio.sh <save file>
# Example: ./scanio.sh cname_list.txt
# Premium
function ech() {
spinner=( "|" "/" "-" "\\" )
while true; do
for i in ${spinner[@]}; do
echo -ne "\r[$i] $1"
@luca-regne
luca-regne / cert-sub-enum.sh
Last active May 18, 2022 14:22
Subdomain enumeration using certificate APIs
## crt.sh
curl "https://crt.sh/?q=.${domain}&output=json" | jq -r ".[].name_value" | sed -s "s/\*\.//" | sort -u
## bufferover.run
curl "https://dns.bufferover.run/dns?q=.${domain}" | jq -r ".FDNS_A[]",".RDNS[]" | cut -d ',' -f2 | grep -F ".${domain}"