DinisCruz’s gists

DinisCruz / SimpleVersion.xml

Last active December 26, 2016 08:59

Sample example of CustomDescriptionRule to be used on Fortify SCA

	<?xml version="1.0" encoding="UTF-8"?>
	<RulePack xmlns="xmlns://www.fortifysoftware.com/schema/rules">
	<RulePackID>950F4B5A-85D0-4954-97D5-35C3F0285057</RulePackID>
	<SKU>SKU-C:\Users\dinis\AppData\Local\Fortify\CRE-3.90\rules\custom-rule</SKU>
	<Name>SimpleVersion-CustomDescriptionRule</Name>
	<Version>1.0</Version>
	<Description>
	Description of RulePack
	</Description>
	<Rules version = "3.16">

DinisCruz / Fuzz hacmeBank.cs

Created August 14, 2013 07:57

O2 Script - Using captured account details on login form

	//var ie = "ie_Ujmdj".o2Cache<WatiN_IE>(()=> panel.clear().add_IE()).silent(true); // ie ramdon value for o2cache makes this object to unique amongst multiple instances of this control
	var topPanel = panel.clear().add_Panel();
	var ie = topPanel.add_IE();

	Func<string,string,bool> login =
	(username, password)=>
	{
	ie.open("http://localhost:15582/HacmeBank_v2_Website/aspx/login.aspx");
	ie.field("txtUserName").value(username);
	ie.field("txtPassword").value(password);

DinisCruz / PoC - Fuzzing Images - Ico.cs

Created August 15, 2013 22:14

	//O2Include:PoC - Fuzzing Images.h2

	var baseFolder = @"C:\Users\o2\AppData\Roaming\OWASP_O2_Platform_5.3\8_15_2013";
	var sourceFolder = baseFolder.pathCombine("badImages_Ico");
	//maxItems = 10;
	fuzzFromFolder(sourceFolder);

	return "done";

DinisCruz / Util - Quick Hex File Viewer v1.0.cs

Created August 16, 2013 00:57

O2 Script - Util - Quick Hex File Viewer

	//var topPanel = panel.clear().add_Panel();

	var topPanel = "Tool - Quick Hex File Viewer".popupWindow(650,400);
	var tableList = topPanel.add_TableList();

	tableList.field("resizeColumnsWidth",false);
	tableList.links().forEach<Control>(link=>link.visible(false));

	tableList.add_Columns("0","1","2","3","4","5","6","7","8","9","A","B","C","D","E","F","","As String");
	tableList.set_ColumnsWidth(25,25,25,25,25,25,25,25,25,25,25,25,25,25,25,25,50);

DinisCruz / in O2 start and inject ZAP.cs

Created August 20, 2013 13:06

Helper scripts when getting Jni4net

	var apiZap = new API_Zap();
	apiZap.Launch();
	var process = apiZap.ZapProcess;
	process.waitFor_MainWindowHandle();
	var o2Injector = new API_O2_Injector();
	o2Injector.injectIntoProcess(process, false,true);

	//using OWASP
	//O2File:API_Zap.cs
	//O2File:API_O2_Injector.cs

DinisCruz / gist:6523494

Last active December 22, 2015 19:59

O2 Script: PoC - View TeamMentor Article (using GUID

	Web.Https.ignoreServerSslErrors(); // in case we have fiddler on

	//var topPanel = panel.clear().add_Panel(); // use when in developent
	var topPanel = "PoC - View TeamMentor Article (using GUID)".popupWindow(1200,500); // use when done

	Func<string,string,string,string> getArticle =
	(contentType, articleId, sessionId)
	=> {
	var tmArticleUrl = "https://teammentor.net/{0}/{1}"; // REST GET call for content
	return tmArticleUrl.format(contentType,articleId) // set contentType and session

DinisCruz / gist:6741159

Created September 28, 2013 11:31

Script to clone all TM repos locally

	var baseFolder = @"E:\TeamMentor\Libraries\SI Library";
	var contentRepo = "[email protected]:TMContent/{0}.git";
	var libraries = new [] { "Lib_PHP", "Lib_CWE", "Lib_iOS","Lib_Android", "Lib_PCI_DSS_Compliance",
	"Lib_.NET_4.0", "Lib_.NET_3.5", "Lib_.NET_2.0","Lib_Java", "Lib_CPP",
	"Lib_Vulnerabilities", "Lib_Scala", "Lib_HTML5" };

	var stopWatch = utils.new_Stopwatch();
	foreach(var library in libraries)
	{
	var gitRepo = contentRepo.format(library);

DinisCruz / 1 - Misc scripts that I had saved in XCode text gile

Last active December 26, 2015 06:49

23rd Oct 2013: Misc Java STWBot and Groovy scripts

	#!/bin/sh

	echo "test"

	java -Xms256M -Xmx768M -XX:MaxPermSize=512M \
	-jar "/Users/zen/Fortify-Plugin/Eclipses/eclipse_x32-3.7_Indigo/plugins/org.eclipse.equinox.launcher_1.2.0.v20110502.jar" \
	-application "org.eclipse.swtbot.eclipse.junit4.headless.swtbottestapplication" \
	-testApplication "com.yourcompany.application" \
	-data "/Users/zen/Fortify-Plugin/Eclipses/workspaces/eclipse_x32-3.7_Indigo" \
	-testPluginName "test.maven.swt.bot-1.0.0-SNAPSHOT.jar" \

DinisCruz / 1 - import projects into workspace.groovy

Created October 23, 2013 10:06

23rd Oct 2013 - more SWTBot Groovy scripts

	import org.eclipse.swtbot.eclipse.finder.*;
	import org.eclipse.swtbot.swt.finder.utils.*

	Thread.start
	{

	SWTBotPreferences.TIMEOUT = 100;
	try
	{
	def bot = new SWTWorkbenchBot();

DinisCruz / Calculate TM article totals.h2 .cs

Last active December 29, 2015 08:18

	//using TeamMentor.CoreLib
	//O2Ref:E:\TeamMentor\TM_Releases\Master_3_4\Web Applications\TM_Website\bin\TeamMentor.CoreLib.dll
	var tmLibraryDir = @"E:\TeamMentor\TM_Releases\Master_3_4\Library_Data\XmlDatabase\TM_Libraries";

	//var topPanel = O2Gui.open<Panel>("{name}",700,400);
	var topPanel = panel.clear().add_Panel();
	var mappings = new Dictionary<string,List<string>>();
	var itemsToProcess = 100000;
	var xmlFiles = tmLibraryDir.files("*.xml",true).Take(itemsToProcess);
	var xmlFile = xmlFiles.last();

Dinis Cruz DinisCruz