Leron Gray daddycocoaman
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import ctypes | |
| from pathlib import Path | |
| shellcode = bytearray(Path("shellcode.bin").read_bytes()) | |
| kernel32 = ctypes.windll.kernel32 | |
| kernel32.VirtualAlloc.restype = ctypes.c_void_p | |
| kernel32.RtlMoveMemory.argtypes = [ctypes.c_void_p, ctypes.c_void_p, ctypes.c_size_t] | |
daddycocoaman
/ pyfi.py
Last active
September 29, 2022 16:11
Getting Wi-Fi SSIDs and passwords on Windows
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import xml.etree.ElementTree as ET | |
| from ctypes import Structure, pointer, windll, wintypes | |
| # https://learn.microsoft.com/en-us/windows/win32/api/guiddef/ns-guiddef-guid | |
| class GUID(Structure): | |
| _fields_ = [ | |
| ("Data1", wintypes.DWORD), | |
| ("Data2", wintypes.WORD), | |
| ("Data3", wintypes.WORD), | |
| ("Data4", wintypes.BYTE * 8), |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Customized from https://github.com/prompt-toolkit/python-prompt-toolkit/blob/master/prompt_toolkit/widgets/base.py | |
| from typing import Generic, Sequence, Tuple, TypeVar | |
| from prompt_toolkit.application import get_app | |
| from prompt_toolkit.filters import Condition | |
| from prompt_toolkit.formatted_text import ( | |
| AnyFormattedText, | |
| StyleAndTextTuples, | |
| to_formatted_text, | |
| ) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Don't actually use this. Why would you use this? Seriously, don't use it, fam. | |
| import inspect | |
| from types import FunctionType | |
| from typing import Callable | |
| def param_inherit(inherited_func: Callable): | |
| """Allows function to inherit the parameters of another function""" | |
| def decorator(func: Callable): |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ################################################## | |
| ## PyDefenderCheck - Python implementation of DefenderCheck | |
| ################################################## | |
| ## Author: daddycocoaman | |
| ## Based on: https://github.com/matterpreter/DefenderCheck | |
| ################################################## | |
| import argparse | |
| import enum |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import asyncio | |
| import aiodns | |
| import aiofiles | |
| import aiohttp | |
| from colorama import Fore | |
| from dataclasses import field, dataclass | |
| from pycares import ares_query_cname_result | |
| from concurrent.futures import ThreadPoolExecutor | |
| import sys | |
| import re |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* Opens 98 Windows! | |
| Author: Daddycocoaman */ | |
| import System.Windows.Forms | |
| for i in range(0, 98): | |
| MessageBox.Show("Windows ${i + 1}!", "MalWARE") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* Pings all of your available networks and tells your net that you're snitching | |
| Author: Daddycocoaman */ | |
| import System | |
| import System.Net.NetworkInformation | |
| import System.Net | |
| import System.Net.Sockets | |
| import System.Text | |
| BUFFER = ASCIIEncoding().GetBytes("IMSNITCHINGONALLYALLCAUSEMALWARE") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* Creates a "uncloseable" form window with an ASCII cat. It's SO Cat! | |
| Author: Daddycocoaman */ | |
| import System.Windows.Forms | |
| import System.Drawing | |
| SOCAT = """ | |
| |\__/,| (`\ | |
| |o o |__ _) | |
| _.( T ) ` / |
daddycocoaman
/ stickynoteparser.py
Created
September 14, 2019 02:34
Parses sticky note files in .snt/.sqlite formats. Sqlite files may require the WAL and SHM files of the same name as well. Once run, WAL/SHM files will be merged into .sqlite file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import json | |
| import sqlite3 | |
| import olefile | |
| import argparse | |
| def parse_snt_file(file): | |
| # https://www.tutorialspoint.com/python_digital_forensics/python_digital_forensics_important_artifacts_in_windows | |
| if not olefile.isOleFile(file): | |
| return "Invalid OLE file" | |