Skip to content

Instantly share code, notes, and snippets.

View iMushlih's full-sized avatar

Muhammad Mushlih iMushlih

  • Indonesia
View GitHub Profile
@iMushlih
iMushlih / vpn-openconnect-connect-to-cisco-anyconnect.md
Created April 20, 2026 09:29 — forked from stefancocora/vpn-openconnect-connect-to-cisco-anyconnect.md
Split tunneling with openconnect - A guide on how to use openconnect to establish a vpn connection to an enterprise cisco anyconnect vpn endpoint with client side routing.

Introduction

The purpose of this short howto is to show you how to:

  • use openconnect [1] to connect to an enterprise cisco anyconnect endpoint
  • whilst minimizing the amount of traffic that your route through the vpn connection

Usually VPN administrators will puth the default route to the users, so that all user traffic is routed through the vpn connection. This is to address the various security concerns around compromised user computers bridging external internet traffic into the secure VPN network.

While the VPN administrator can push routes to the clients, the client can ignore these default routes and establish client side routing so that only the required A.B.C.D/E network is routed through the VPN. All other traffic will still use the clients default route and default outbound internet connection.

@iMushlih
iMushlih / disable-android-ssl-pinning.js
Created April 1, 2026 08:18 — forked from 1mm0rt41PC/disable-android-ssl-pinning.js
A Frida script to bypass SSL Pinning on Android and webview security. https://blog.jamie.holdings/2019/01/19/advanced-certificate-bypassing-in-android-with-frida/. An update has been done here => https://codeshare.frida.re/@akabe1/frida-multiple-unpinning/
// start with:
// frida -U -l pinning.js -f [APP_ID] --no-pause
Java.perform(function () {
console.log('')
console.log('===')
console.log('* Injecting hooks into common certificate pinning methods *')
console.log('===')
var X509TrustManager = Java.use('javax.net.ssl.X509TrustManager');
@iMushlih
iMushlih / sslkeylogger.js
Created November 5, 2025 23:19 — forked from vadim-a-yegorov/sslkeylogger.js
/**
* Android, iOS (12.0-15.7.3), Linux universal SSLKEYLOG dumper.
*
* Usage:
*
* # For iOS and mac:
* rvictl -s [UDID]
* # Then open Wireshark and select rvi0
*
* # For iOS and not mac:
@iMushlih
iMushlih / cloud_metadata.txt
Created May 6, 2025 23:41 — forked from jhaddix/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@iMushlih
iMushlih / update-golang.md
Created June 14, 2024 16:04 — forked from nikhita/update-golang.md
How to update the Go version

How to update the Go version

System: Debian/Ubuntu/Fedora. Might work for others as well.

1. Uninstall the exisiting version

As mentioned here, to update a go version you will first need to uninstall the original version.

To uninstall, delete the /usr/local/go directory by:

@iMushlih
iMushlih / burpandroid.sh
Created June 8, 2024 15:59 — forked from BitTheByte/burpandroid.sh
Convert burp.pem to Android certificate
openssl x509 -inform der -in ca.der -out burp.pem
name=$(openssl x509 -inform PEM -subject_hash_old -in burp.pem | head -1)
cp burp.pem "$name.0"
rm burp.pem
echo "[~] Run using adb: adb push $name.0 /system/etc/security/cacerts/$name.0"
@iMushlih
iMushlih / burpcert.sh
Created June 8, 2024 15:59 — forked from BitTheByte/burpcert.sh
Generate custom CA certificate for burp to work with Android
# mkdir certificates && cd certificates
sudo apt-get install openssl
cp /usr/lib/ssl/openssl.cnf ./
openssl req -x509 -days 730 -nodes -newkey rsa:2048 -outform der -keyout server.key -out ca.der -extensions v3_ca -config openssl.cnf
openssl rsa -in server.key -inform pem -out server.key.der -outform der
openssl pkcs8 -topk8 -in server.key.der -inform der -out server.key.pkcs8.der -outform der -nocrypt
rm openssl.cnf
rm server.key
rm server.key.der
@iMushlih
iMushlih / private-docker-regs-with-free-tiers.markdown
Created May 8, 2024 02:20 — forked from JakubOboza/private-docker-regs-with-free-tiers.markdown
Private Docker registry with free tiers for Developers.

List of sites with free tier limits

  • Docker Hub - One private repo/image spot for free
  • Three Scale - Very generous free tier 50GB of space, 500 Pulls a month etc..
  • Canister - 20 private repos with almost no limits on free tier
  • Code Fresh - Free tier for developers

Setup your own private registry

@iMushlih
iMushlih / exploitable_webpaths.md
Created May 7, 2024 09:38 — forked from kafkaesqu3/exploitable_webpaths.md
easy wins - exploitable/leaky web paths
Exploit/description Path
Microsoft Office Online Server SSRF (relay) /op/view.aspx
CVE-2017-11317 CVE-2019-18935 /Telerik.Web.Ui.WebResource.axd?type=rau
CVE-2017-11317 CVE-2019-18935 /Telerik.Web.UI.DialogHandler.aspx
CVE-2020-17519 /jobmanager/logs/
CVE-2017-7615 /verify.php?id=1&confirm_hash=
CVE-2018-1000130 /jolokia
CVE-2018-1000130 /actuator/jolokia
leak /actuator/env
@iMushlih
iMushlih / ipconfig.md
Created December 8, 2022 06:12 — forked from ipoddubny/ipconfig.md
How to get public IP address from Linux shell

http

curl ifconfig.co
curl icanhazip.com
curl ifconfig.me
curl http://smart-ip.net/myip

telnet