Posts
-
dexcount-gradle-plugin
A Gradle plugin to report the number of method references in your APK on every build.
The plugin is available from the Gradle Plugin Portal under the ID
com.getkeepsafe.dexcount, and from Maven Central under the coordinatescom.getkeepsafe.dexcount:dexcount-gradle-plugin:3.1.0.Snapshot builds are available from the Sonatype Snapshot Repository at
https://oss.sonatype.org/content/repositories/snapshots.Dexcount requires Java 8 or higher, Gradle 6.0 or higher, and Android Gradle Plugin 3.4.0 or higher.
Tags: #java • android • gradle
-
frida-dexdump
A frida tool to dump dex in memory to support security engineers analyzing malware.
frida-dexdumpis a frida tool to find and dump dex in memory to support security engineers in analyzing malware.Tags: #python
-
snowflakes
❄️ Falling snowflakes
- Only one JavaScript file
- CSS Animation
- Rubber design
- Flexible settings
Tags: #typescript • js • css
-
zipsell
A free open source platform for selling digital downloads such as ebooks
Zipsell helps you set up an online store for selling digital products such as ebooks, music, videos, source code etc.
Zipsell handles payment processing via stripe and sends customers secure expiring Amazon S3 links to the files they have purchased. Since it is self-hosted, you receive payments directly and avoid paying commissions to 3rd party marketplaces.
Zipsell is built with Ruby on Rails.
Demo site - http://demo.zipsell.org
Tags: #ruby • ecommerce-platform • downloads
-
MALSync
Integrates MyAnimeList/AniList/Kitsu/Simkl into various sites, with auto episode tracking.
MAL-Sync is a powerful extension and userscript, which enables automatic episode tracking between MyAnimeList/Anilist/Kitsu/Simkl and multiple anime streaming websites.
Makes it possible to use your MyAnimeList/Anilist/Kitsu/Simkl anime/mangalist as a centralized bookmarks system for all supported pages.
Tags: #typescript • myanimelist • 9anime
-
AndroidInstantVideo
展现Android硬编码下的视频数据流动,可以对视频做处理,例如加滤镜,加水印等,做直播推流(用RTMP)。 Show the stream of Android video hardware encode, including video processing and video publishing by RTMP.
展现Android硬编码下的视频数据流动,可以对视频做处理,例如加滤镜,加水印等。
本项目主要是为了展现Android使用硬编码下的视频数据流动,目前完成了H264和AAC编码以及对视频帧的图像处理,以及RTMP直播推流。欢迎Fork和Pull Request。
感谢以下项目 LibRtmp-Client-for-Android
Tags: #java • android • opengl
-
java-aes-crypto
A simple Android class for encrypting & decrypting strings, aiming to avoid the classic mistakes that most such classes suffer from.
Here are the features of this class. We believe that these properties are consistent with what a lot of people are looking for when encrypting Strings in Android.
- Works for strings: It should encrypt arbitrary strings or byte arrays. This means it needs to effectively handle multiple blocks (CBC) and partial blocks (padding). It consistently serializes and deserializes ciphertext, IVs, and key material using base64 to make it easy to store.
- Algorithm & Mode: We chose: AES 128, CBC, and PKCS5 padding. We would have picked GCM for its built-in integrity checking, but that’s only available since Android Jelly Bean.
- IV Handling: We securely generate a random IV before each encryption and provide a simple class to keep the IV and ciphertext together so they’re easy to keep track of and store. We set the IV and then request it back from the Cipher class for compatibility across various Android versions.
- Key generation: Random key generation with the updated generation code recommended for Android. If you want password-based keys, we provide functions to salt and generate them.
- Integrity: Lots of people think AES has integrity checking built in. The thinking goes, “if it decrypts correctly, it was generated by the person with the private key”. Actually, AES CBC allows an attacker to modify the messages. Therefore, we’ve also added integrity checking in the form of a SHA 256 hash.
- Older Phones: It’s designed for backward compatibility with older phones, including ciphers that are available for most versions of Android as well as entropy fixes for old Android bugs.
Tags: #java
-
intercom-rails
The easiest way to install Intercom in a Rails app.
The easiest way to install Intercom in a rails app.
For interacting with the Intercom REST API, use the
intercomgem (https://github.com/intercom/intercom-ruby)Requires Ruby 2.0 or higher.
Tags: #ruby
-
prisma-multi-tenant
🧭 Use Prisma as a multi-tenant provider for your application
npm i -g prisma-multi-tenant prisma-multi-tenant init # Init multi-tenancy in your Prisma projectTags: #typescript • prisma • multi-tenant
-
needle
The iOS Security Testing Framework
Assessing the security of an iOS application typically requires a plethora of tools, each developed for a specific need and all with different modes of operation and syntax. The Android ecosystem has tools like “drozer” that have solved this problem and aim to be a ‘one stop shop’ for the majority of use cases, however iOS does not have an equivalent.
Needle is the MWR’s iOS Security Testing Framework, released at Black Hat USA in August 2016. It is an open source modular framework which aims to streamline the entire process of conducting security assessments of iOS applications, and acts as a central point from which to do so. Needle is intended to be useful not only for security professionals, but also for developers looking to secure their code. A few examples of testing areas covered by Needle include: data storage, inter-process communication, network communications, static code analysis, hooking and binary protections. The only requirement in order to run Needle effectively is a jailbroken device.
The release of version 1.0.0 provided a major overhaul of its core and the introduction of a new native agent, written entirely in Objective-C. The new NeedleAgent is an open source iOS app complementary to Needle, that allows to programmatically perform tasks natively on the device, eliminating the need for third party tools.
Needle has been presented at and used by workshops in various international conferences like Black Hat USA/EU, OWASP AppSec and DEEPSEC. It was also included by ToolsWatch in the shortlist for the Top Security Tools of 2016, and it is featured in the OWASP Mobile Testing Guide.
Needle is open source software, maintained by MWR InfoSecurity.
Tags: #python • pentesting • ios
subscribe via RSS