https://ipa.rocks/
unzip myApp.ipa
otool -l foobar | grep -i LC_ENCRYPTION -B1 -A4
Load command 12
cmd LC_ENCRYPTION_INFO
insi2304
insi2304
/ Domain Enumeration Commands
Created
July 11, 2020 21:10
— forked from its-a-feature/Domain Enumeration Commands
Common Domain Enumeration commands in Windows, Mac, and LDAP
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Domain: TEST.local | |
| User Enumeration: | |
| Windows: | |
| net user | |
| net user /domain | |
| net user [username] | |
| net user [username] /domain | |
| wmic useraccount | |
| Mac: | |
| dscl . ls /Users |
insi2304
/ static_dynamic_ios_inspection.md
Created
July 10, 2020 11:12
— forked from rustymagnet3000/ios_introspection.md
Static and Dynamic iOS inspection
insi2304
/ get-shodan-favicon-hash.py
Created
July 9, 2020 10:28
— forked from yehgdotnet/get-shodan-favicon-hash.py
Get Shodan FAVICON Hash
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # https://twitter.com/brsn76945860/status/1171233054951501824 | |
| pip install mmh3 | |
| ----------------------------- | |
| # python 2 | |
| import mmh3 | |
| import requests | |
| response = requests.get('https://cybersecurity.wtf/favicon.ico') | |
| favicon = response.content.encode('base64') |
insi2304
/ Frida iOS patch and deploy
Last active
December 12, 2021 18:55
— forked from gwsu2008/resign.sh
Frida iOS patch and deploy
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Grab UDID: | |
| ios-deploy -c | grep -oE 'Found ([0-9A-Za-z\-]+)' | sed 's/Found //g' | |
| system_profiler SPUSBDataType | sed -n -E -e '/(iPhone|iPad)/,/Serial/s/ *Serial Number: *(.+)/\1/p' | |
| instruments -s devices | grep -v Simulator | |
| ----------------------------------------------------------- | |
| Frida patch and deploy using objection: | |
| security find-identity -p codesigning -v |
insi2304
/ hbh-header-abuse-test.py
Created
June 12, 2020 06:18
— forked from ndavison/hbh-header-abuse-test.py
Attempts to find hop-by-hop header abuse potential against the provided URL.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # github.com/ndavison | |
| import requests | |
| import random | |
| import string | |
| from argparse import ArgumentParser | |
| parser = ArgumentParser(description="Attempts to find hop-by-hop header abuse potential against the provided URL.") | |
| parser.add_argument("-u", "--url", help="URL to target (without query string)") |
insi2304
/ sslsub.sh
Created
May 22, 2020 06:07
— forked from gwen001/sslsub.sh
get altnames from ssl certificates
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function sslsub() { | |
| timeout 3 openssl s_client -showcerts -servername $1 -connect $1:443 <<< "Q" 2>/dev/null | openssl x509 -text -noout | grep DNS | tr ',' '\n' | cut -d ':' -f 2 | sort -fu | |
| } |
insi2304
/ ejs.sh
Created
May 21, 2020 12:48
— forked from gwen001/ejs.sh
onliner to extract endpoints from JS files of a given host
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| curl -L -k -s https://www.example.com | tac | sed "s#\\\/#\/#g" | egrep -o "src['\"]?\s*[=:]\s*['\"]?[^'\"]+.js[^'\"> ]*" | awk -F '//' '{if(length($2))print "https://"$2}' | sort -fu | xargs -I '%' sh -c "curl -k -s \"%\" | sed \"s/[;}\)>]/\n/g\" | grep -Po \"(['\\\"](https?:)?[/]{1,2}[^'\\\"> ]{5,})|(\.(get|post|ajax|load)\s*\(\s*['\\\"](https?:)?[/]{1,2}[^'\\\"> ]{5,})\"" | awk -F "['\"]" '{print $2}' | sort -fu | |
| # using linkfinder | |
| function ejs() { | |
| URL=$1; | |
| curl -Lks $URL | tac | sed "s#\\\/#\/#g" | egrep -o "src['\"]?\s*[=:]\s*['\"]?[^'\"]+.js[^'\"> ]*" | sed -r "s/^src['\"]?[=:]['\"]//g" | awk -v url=$URL '{if(length($1)) if($1 ~/^http/) print $1; else if($1 ~/^\/\//) print "https:"$1; else print url"/"$1}' | sort -fu | xargs -I '%' sh -c "echo \"\n##### %\";wget --no-check-certificate --quiet \"%\"; basename \"%\" | xargs -I \"#\" sh -c 'linkfinder.py -o cli -i #'" | |
| } | |
| # with file download (the new best one): | |
| # but there is a bug if you don't provide a root url |
insi2304
/ wordgrab.sh
Created
May 21, 2020 12:47
— forked from gwen001/wordgrab.sh
create a wordlist from the target itself
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #using cewl | |
| wordgrab() { | |
| url=$1 | |
| cewl.rb -u "Mozilla/5.0 (X11; Linux; rv:74.0) Gecko/20100101 Firefox/74.0" -d 0 -m 3 https://www.$1 | tr '[:upper:]' '[:lower:]' |sort -fu | grep -v "robin wood" | |
| } | |
| # added min length 3 | |
| wordgrab() { | |
| url=$1 | |
| tmpfile="$(date "+%s")" |
NewerOlder