ThevenRex ThevenRexOff

Reverse Engineering Webpack Apps

Some notes and techniques for reverse engineering Webpack (and a little bit about React/Vue/Angular) apps.

Some notes and tools on fingerprinting minified JavaScript libraries, AST fingerprinting, source code similarity, etc.

Some notes/resources for bypassing anti-bot/scraping features on Cloudflare, Akamai, etc.

https://www.zenrows.com/blog/bypass-cloudflare
- https://www.zenrows.com/blog/bypass-cloudflare#waiting-room-reverse-engineer
  - Lots of neat content in this section about the high level aspects of how the Cloudflare JavaScript check works, some of it's obfuscation techniques, and the general flow of things.
https://www.zenrows.com/blog/bypass-akamai
- https://www.zenrows.com/blog/bypass-akamai#akamais-javascript-challenge-explained
Less detail than the Cloudflare post had, but still some useful detail

Some notes, tools, and techniques for reverse engineering Golang binaries.

Some notes/resources for bypassing anti-bot/scraping features on Cloudflare, Akamai, etc.

	// Charles Proxy License
	// Registration code for any version of Charles, who would want to use a cracked version?
	// Charles 4.5.5 is currently the latest version and is available.

	Registered Name: https://zhile.io
	License Key: 48891cf209c6d32bf4
	Author: Neo Peng

	var $jscomp = $jscomp \|\| {};
	$jscomp.scope = {};
	$jscomp.arrayIteratorImpl = function (h) {
	var n = 0;
	return function () {
	return n < h.length ? { done: false, value: h[n++] } : { done: true };
	};
	};
	$jscomp.arrayIterator = function (h) {
	return { next: $jscomp.arrayIteratorImpl(h) };

	/*
	* Adyen 4.5.0 encryption by github.com/levi-nz
	*
	* This code is a rough implementation and can be improved in some places.
	* Read comments throughout the code for more information.
	*/

	const jose = require('node-jose');

	// Parse the key from the string found in securedFields.html ("10001\|...")