Skip to content

Instantly share code, notes, and snippets.

View erev0s's full-sized avatar

erev0s

161 followers · 1 following
View GitHub Profile
@erev0s
erev0s / README.md
Last active November 3, 2023 07:49
@erev0s
erev0s / az-token-enumeration.ps1
Created March 18, 2025 19:30
Enumerates Azure resources and, if no subscription access is available, attempts to add a client secret to every application.
<#
.SYNOPSIS
Enumerates Azure resources and, if no subscription access is available, attempts to add a client secret to every application.
.DESCRIPTION
This script accepts an Azure Management API token and an optional Graph API token.
It first attempts to retrieve a subscription ID.
- If found, it enumerates Azure resources and their permissions.
- If not found, it uses the Graph token to enumerate all applications (via the /applications endpoint)
and then attempts to add a client secret to each one.
@erev0s
erev0s / hotspots.js
Created December 23, 2025 14:01
How to find which functions are being called in a native library in Android when the application has anti-instrumentation?
'use strict';
/*
App Native Lib Sorter + Hotspot Tracer
Goals:
- Track ALL app-origin native libs in the current process (split APK paths + extracted /data/app libs).
- Hook “boundary APIs” (libc) once, attribute each hit to the calling module + callsite (returnAddress).
- Produce “hotspots” per module (immediate libc considered boundary)
- Optionally install second-stage detailed hooks on top hotspots.