Skip to content

Instantly share code, notes, and snippets.

View omespino's full-sized avatar

Omar Espino omespino

32 followers · 11 following
View GitHub Profile
@nullenc0de
nullenc0de / aodirb.py
Created November 21, 2022 15:17
pip3 install asyncio and pip3 install import aiohttp
import asyncio
import aiohttp
import time
import sys
import argparse
import os
parser = argparse.ArgumentParser(description='Directory Bruteforce')
parser.add_argument('-u', '--url', help='URL to bruteforce', required=True)
parser.add_argument('-w', '--wordlist', help='Wordlist to use', required=True)
@DanielVF
DanielVF / sample.md
Last active April 11, 2025 16:20
Sample Vulnerability Report

Impact

CRITICAL! Almost all USDC liquidity on the REKT/USDC uniswap pool can be stolen, due to an authorization issue with burnFrom() on the REKT token.

Background

Uniswap v2 pools get the prices for their swaps by comparing the relative amounts of each of the two tokens that they hold. If the pool holds very little of token A, and a lot of token B, then it only takes a little of token A to buy a lot of token B.

Currently REKT and USDC are fairly priced in the pool. If there were to suddenly be very little REKT in the pool, but the same amount of USDC, then very little REKT would be able to buy a lot of USDC.

@6e726d
6e726d / AWS-CLI-V2_Burp-Suite.txt
Last active January 23, 2025 21:02
HowTo set up AWS CLI version 2 to use Burp Suite
$ # HowTo set up AWS CLI version 2 to use Burp Suite
$
$ # Requirements: Burp Suite, curl
$
$ # 1. Installing AWS CLI version 2, configure and test
$
$ curl https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip -o Downloads/awscliv2.zip
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 33.5M 100 33.5M 0 0 6825k 0 0:00:05 0:00:05 --:--:-- 7290k
@ctrl-freak
ctrl-freak / android-adb-pull-apk.md
Last active March 15, 2025 11:52
Retrieve APK from Non-Rooted Android Device through ADB

https://stackoverflow.com/a/18003462/348146

None of these suggestions worked for me, because Android was appending a sequence number to the package name to produce the final APK file name (this may vary with the version of Android OS). The following sequence of commands is what worked for me on a non-rooted device:

  1. Determine the package name of the app, e.g. com.example.someapp. Skip this step if you already know the package name.

    adb shell pm list packages

    Look through the list of package names and try to find a match between the app in question and the package name. This is usually easy, but note that the package name can be completely unrelated to the app name. If you can't recognize the app from the list of package names, try finding the app in Google Play using a browser. The URL for an app in Google Play contains the package name.