Install, build and debug a react native app in WSL2 (Windows Subsystem for Linux) and Ubuntu.
############################################################################################################ | |
################## ############################# | |
################## ############################# | |
This Gist collection contains all localstack related examples | |
################## ############################# | |
################## ############################# | |
############################################################################################################ |
# https://securitychops.com/2019/08/31/dev/random/one-liner-to-install-burp-cacert-into-android.html | |
# | |
curl --proxy http://127.0.0.1:8080 -o cacert.der http://burp/cert \ | |
&& openssl x509 -inform DER -in cacert.der -out cacert.pem \ | |
&& cp cacert.der $(openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1).0 \ | |
&& adb root \ | |
&& adb remount \ | |
&& adb push $(openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1).0 /sdcard/ \ | |
&& echo -n "mv /sdcard/$(openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1).0 /system/etc/security/cacerts/" | adb shell \ | |
&& echo -n "chmod 644 /system/etc/security/cacerts/$(openssl x509 -inform PEM -subject_hash_old -in cacert.pem |head -1).0" | adb shell \ |
This will guide you through setting up a replica set in a docker environment using.
- Docker Compose
- MongoDB Replica Sets
- Mongoose
- Mongoose Transactions
Thanks to https://gist.github.com/asoorm for helping with their docker-compose file!
#!/usr/bin/env bash | |
# Update brew repo. | |
printf "%s" "Updating brew repo..." | |
brew update &> /dev/null | |
echo "✅" | |
# Get the currently installed and new version of nghttp2. | |
printf "%s" "Fetch installed and stable nghttp2 versions..." | |
VERSION_INSTALLED="$(brew list --versions | grep nghttp2 | awk '{print $2}')" |
An open redirect was almost everything I needed in two different bug bounty programs to get access to user accounts. In one of the cases a JWT was leaked, and in the other the CSRF token was leaked. The issue was mostly the same in both cases: not validating, or URI encoding, user input in the client-side, and sending sensitive information to my server using an open redirect.
- There is an open redirect on https://example.com/redirect?url=https://myserver.com/attack.php
- User loads https://example.com/?code=VALUE
- Javascript code in https://example.com/ makes a GET request to https://example.com/verify/VALUE with a header
x-csrf-token
set to the CSRF token for the session of the userGET /verify/VALUE HTTP/1.1 Host: example.com
FROM busybox | |
ARG PUID=1000 | |
ARG PGID=1000 | |
RUN addgroup -g ${PGID} abc && \ | |
adduser -D -u ${PUID} -G abc abc | |
USER abc |
Just create a new InterceptHandler and add it to your app. Different settings should be configured in your config file, so that it is easy to change settings.
Logging is then as easy as:
from loguru import logger
logger.info("I am logging from loguru!")
. | |
.. | |
........ | |
@ | |
* | |
*.* | |
*.*.* | |
🎠|