Jingsong87's Stars
bloodyev/TikTok-accounts-create
TikTok accounts create api
bloodyev/tiktok-mass-creator-accounts
mass registration of tik tok accounts, tik tok likes, comments, tik tok latest version
bloodyev/tiktok-api-x-gorgon
tiktok API 1. login to the user by email and username 2. register new device 3
bloodyev/TikTok-created-accounts
x gorgon x ladon x argus TikTok api login follow like
bloodyev/Excel-files-line-count
Excel files line count
bloodyev/Algorithm-X-Gorgon-Tik-Tok
Algorithm generate, X-Ladon, X-Argus, X-Gorgon, X-Khronos
bloodyev/instagram-account-creator
instagram-account-creator
bloodyev/TikTok-Douyin-Api
Security Our analysis of security issues in TikTok and Douyin resulted in the following high-level findings: All of TikTok and most of Douyin’s network traffic were adequately protected using HTTPS. For some data, an additional layer of encryption, which we dubbed “ttEncrypt,” was employed. We engineered a way to intercept the clear-text data before they were encrypted with ttEncrypt. We examined the data and found no clear reason why these data had to be encrypted again on top of the existing transport encryption provided by HTTPS, as these ttEncrypt-ed data were not confidential. Most of TikTok and Douyin’s API requests are protected with a custom signature in the HTTP header named “X-Gorgon.” The signature is generated using a native library module, which made it difficult for us to understand its inner workings. We think the purpose of this signature is to prevent third-party programs from imitating and sending TikTok/Douyin API requests. We found that there are people selling and buying third-party implementations of ttEncrypt and X-Gorgon algorithms. These third-party implementations might be produced to serve the need of bots (programs disguised as real users). Douyin loads some of its code components via the Internet. It can also update itself without any user interaction. Such code loading was adequately protected using HTTPS, making it difficult for attackers to inject malicious code in the loading process. However, this feature is a security issue because it bypasses the operating system’s and user’s control of what code could run on the device. TikTok does not include this feature.
bloodyev/xlog-tiktok
tiktok xlog
bloodyev/x-gorgon-x-argus-x-ladon
X-Ladon, X-Argus, X-Gorgon, X-Khronos, device register,
bloodyev/tiktok-register
Simple example of an account register with TikTok API
bloodyev/tiktok-api-private
tiktok private api
bloodyev/tiktok-api-create-accounts
hello tiktok api full methods x-gorgon x-argus x-ladon create accounts
bloodyev/Instagram-api
bloodyev/X-Ladon-X-Argus-X-Gorgon-X-Khronos-main
X-Ladon-X-Argus-X-Gorgon-X-Khronos-main
bloodyev/tiktok-api
tiktok api last version mass account creator of tik tok accounts, tik tok likes, comments, tik tok latest version
bloodyev/tiktok-api-creator-accounts
tiktok api creator accounts new version
bloodyev/tiktok
tiktok api last version mass account creator of tik tok accounts, tik tok likes, comments, tik tok latest version
bloodyev/tiktok_api
tiktok api last version mass account creator of tik tok accounts, tik tok likes, comments, tik tok latest version, x-gorgon, x-ladon, x-argus, algorithms