michaellcader

#!/system/bin/sh

set -ex

ip rule del fwmark 666 table 666 || true
ip route del local 0.0.0.0/0 dev lo table 666 || true

iptables -t nat -F
iptables -t nat -X
iptables -t mangle -F

michaellcader

// Usage : frida -U -f bundle_id -l cordova-enable-webview-debug.js --no-pause 

Java.perform(function() {
    var Webview = Java.use("android.webkit.WebView")
    Webview.loadUrl.overload("java.lang.String").implementation = function(url) {
        console.log("[+]Loading URL from", url);
        this.setWebContentsDebuggingEnabled(true);
        this.loadUrl.overload("java.lang.String").call(this, url);
    }
});

michaellcader

• 打开 chrome://flags，启用：

• manifest.json

{
    "manifest_version": 2,
    "name": "Refine Inspector",

michaellcader

function hook_okhttp3() {
    Java.perform(function() {
        var ByteString = Java.use("com.android.okhttp.okio.ByteString");
        var Buffer = Java.use('okio.Buffer');         var Interceptor = Java.use("okhttp3.Interceptor");
        var MyInterceptor = Java.registerClass({
            name: "okhttp3.MyInterceptor",
            implements: [Interceptor],
            methods: {
                intercept: function(chain) {
                    var request = chain.request();

michaellcader

/2
/graphql-proxy/admin
/3.0/
/3ds_callback
/3ds_update_payment_callback
/accounts
/active
/activity
/actuator
/actuator/auditevents

michaellcader

git clone https://github.com/projectdiscovery/fuzzing-templates.git 2>/dev/null
git clone https://github.com/ExpLangcn/NucleiTP.git 2>/dev/null
wget https://github.com/projectdiscovery/pdtm/releases/download/v0.0.9/pdtm_0.0.9_linux_amd64.zip 2>/dev/null
wget https://github.com/tomnomnom/unfurl/releases/download/v0.4.3/unfurl-linux-amd64-0.4.3.tgz 2>/dev/null
git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev 2>/dev/null
wget https://github.com/hahwul/dalfox/releases/download/v2.9.2/dalfox_2.9.2_linux_amd64.tar.gz 2>/dev/null
wget https://github.com/tomnomnom/waybackurls/releases/download/v0.1.0/waybackurls-linux-amd64-0.1.0.tgz 2>/dev/null
git clone https://github.com/michaellcader/ghauri.git 2>/dev/null;cd ghauri;python  -m pip install -e . 2>/dev/null
wget https://github.com/tomnomnom/qsreplace/releases/download/v0.0.3/qsreplace-linux-amd64-0.0.3.tgz;tar zxvf qsreplace-linux-amd64-0.0.3.tgz 2>/dev/null
tar zxvf waybackurls-linux-amd64-0.1.0.tgz 2>/dev/null

michaellcader

云

IaaS指提供系统（可以自己选）或者储存空间之类的硬件，软件要自己手动装；PaaS提供语言环境和框架（可以自己选）；SaaS只能使用开发好的软件（卖软件本身）；BaaS一般类似于非关系数据库，但各家不通用，有时还有一些其它东西。

其他人的集合

• https://education.github.com/pack GitHub学生包，需用教育邮箱验证。各种福利，可从DigitalOcean上手
• https://github.com/ripienaar/free-for-dev 本文尽量不与此项目重复
• https://free.zhelper.net/
• https://github.com/AchoArnold/discount-for-student-dev

michaellcader

<?xml version="1.0" standalone="no"?>
<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">

<svg version="1.1" baseProfile="full" xmlns="http://www.w3.org/2000/svg">
  <polygon id="triangle" points="0,0 0,50 50,0" fill="#009900" stroke="#004400"/>
  <script type="text/javascript">
    alert(document.domain);
  </script>
</svg>

michaellcader

michaellcader

for file in /Applications/*
do
  echo "--------------" >>results.out
  echo "$file" >>results.out
  codesign -d --entitlements - "$file" >> results.out
done