Skip to content

Instantly share code, notes, and snippets.

View ajinabraham's full-sized avatar

Ajin Abraham ajinabraham

1.9k followers · 10 following
View GitHub Profile
@ajinabraham
ajinabraham / malware domains.txt
Created November 10, 2025 19:39 — forked from 0100110000100011/malware domains.txt
Formatted list of over 100k Malware domains to copy paste into the an AutoModerator Malware exclusion rule
This file has been truncated, but you can view the full file.
['0-0-stagemn.net.daraz.com',
'0-00da0000008ya3ymag.net.zooplus.com',
'0-131.net.daraz.com',
'0-158.net.daraz.com',
'0-1maildemo.net.daraz.com',
'0-2comsivaslups.net.daraz.com',
'0-2customer.net.daraz.com',
'0-2nstagemnsteaven2.net.daraz.com',
'0-2nstagemnsteaven5.net.daraz.com',
'0-2nstagemnsteaven6.net.daraz.com',
@ajinabraham
ajinabraham / mac-spoofer.sh
Last active December 9, 2023 06:53
macOS WiFi MAC Address Spoofer
interface=en0
echo "Disconnecting from WiFi SSID"
sudo /System/Library/PrivateFrameworks/Apple80211.framework/Versions/Current/Resources/airport -z
echo "Turning down ${interface}"
sudo ifconfig -d $interface
mac=$(printf '02:00:00:%02X:%02X:%02X\n' $((RANDOM%256)) $((RANDOM%256)) $((RANDOM%256)))
echo "Generated Random MAC Address: ${mac}"
sudo ifconfig $interface ether $mac
echo "MAC address spoofed"
ifconfig $interface lladdr | grep ether
@ajinabraham
ajinabraham / simplemde sanitize safe example
Created July 14, 2021 00:45
<!-- This example shows how to use simpleMDE safely with DOMPurify when dealing with intrusted user input.
Strip out javascript before rendering Markdown to HTML -->
<link rel="stylesheet" href="https://cdn.jsdelivr.net/simplemde/latest/simplemde.min.css">
<script src="https://cdn.jsdelivr.net/simplemde/latest/simplemde.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/marked/2.1.3/marked.min.js" integrity="sha512-AD+GG1nJKO4Je/Q8QsY1gM9/7o1QjpGe9W2Lrg1oGtEID/RX8bMKKZGgw/KOODkPXL6j74c6eJWAhE/3F2kKjA==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/dompurify/2.3.0/purify.min.js" integrity="sha512-FJzrdtFBVzaaehq9mzbhljqwJ7+jE0GyTa8UBxZdMsMUjflR25f5lJSGD0lmQPHnhQfnctG0B1TNQsObwyJUzA==" crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<textarea id="mde"></textarea>
@ajinabraham
ajinabraham / linkedin_mass_accept.js
Last active June 27, 2021 18:46
//Head on to https://www.linkedin.com/mynetwork/invitation-manager/
//In browser console
var buttons = document.getElementsByTagName('button')
for (let i = 0; i < buttons.length; i++) {
var aria = buttons[i].getAttribute("aria-label")
if (aria && aria.startsWith("Accept")) {
buttons[i].click()
console.log(aria)
}
}
@ajinabraham
ajinabraham / linkedin_mass_unfollow.js
Last active June 8, 2023 19:57
General Security Reminder: Do not run code shared by anyone on browser console, unless you know what the code is doing!
// 1. Go to https://www.linkedin.com/feed/following/?filterType=member
// 2. Select the ALL filter to see people you follow
// 3. Open console, paste the following and press enter
function massUnfollow(){
var buttons = document.getElementsByClassName('is-following')
for (let i = 0; i < buttons.length; i++) {
buttons[i].click()
}
@ajinabraham
ajinabraham / semgrep_static_analysis.yml
Last active January 31, 2021 15:07
rules:
- id: env-set
patterns:
- pattern-either:
- pattern: |
subprocess.check_output([..., "=~/env|set/", ...])
- pattern: |
subprocess.run([..., "=~/env|set/", ...])
- pattern: |
subprocess.Popen([..., "=~/env|set/", ...])
@ajinabraham
ajinabraham / fridanotes.md
Last active June 3, 2020 01:48 — forked from elevenchars/fridanotes.md
My notes on injecting a frida gadget into an apk
@ajinabraham
ajinabraham / Github Search API (quick hack)
Last active May 15, 2020 00:02
import time
import requests
user = ''
password = ''
session = requests.Session()
session.auth = (user, password)
url= 'https://api.github.com/search/repositories?language:javascript&sort=stars&q=topic:nodejs+topic:express'
@ajinabraham
ajinabraham / MobSF REST API JavaScript
Created August 31, 2018 11:21
<input id="file" type="file" name="file" />
<input class="btn btn-success" type="submit" value="Upload" onclick="uploadFile()"></br>
<input type="button" value="Scan File" onclick="scanFile()"></br>
<input type="button" value="Get JSON" onclick="getJSONReport()"></br>
<input type="button" value="Get PDF" onclick="getPDFReport()"></br>
<input type="button" value="Delete Scan" onclick="deleteSCAN()"></br>
<script type="text/javascript" src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script>
<script>
// Set API Key
const api_key = "{{ api }}";
@ajinabraham
ajinabraham / MobSF REST API Python.py
Last active October 13, 2025 07:26
MOBSF REST API Python Requests Example
"""
MOBSF REST API Python Requests
"""
import json
import requests
from requests_toolbelt.multipart.encoder import MultipartEncoder
SERVER = "http://127.0.0.1:8000"
FILE = 'diva-beta.apk'