Intro
Neighborhood

• SANS Pen Testing Blog
• Reverse Engineering Android Apps
  • Decoding Android App Resources
  • APKTool
  • Manipulating Android Apps
• Linux File System
  • Mount a RPi File System Image
• Web Vulnerabilities
  • PHP Local File Inclusion
• JS Meteor Framework
  • Mining Meteor
  • TamperMonkey and MeteorMiner

• Python script: tweet_finder.py
  • Query a target Twitter user's account
  • Print out all the statuses of that user
• Configuration File: config.json

{
    "target": <Username of Twitter Account to Query>,
    "consumerKey": <API Key>,
    "consumerSecret": <Secret Key>,
    "accessToken": <Application API Key>,
    "accessSecret": <Application Secret>
}

1. What is the secrete message in Santa's tweets? [Done]
2. What is inside the ZIP file distributed by Santa's team? [Done?]