Or is it? ThisIsNotMalware
ThisIsNotMalware
/ samsung_remote.py
Created
November 26, 2019 09:19
— forked from danielfaust/samsung_remote.py
Samsung TV Remote Control Python Script
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import time | |
| import socket | |
| import base64 | |
| src = '192.168.1.2' # ip of remote | |
| mac = '00-AB-11-11-11-11' # mac of remote | |
| remote = 'python remote' # remote name | |
| dst = '192.168.1.3' # ip of tv | |
| app = 'python' # iphone..iapp.samsung |
ThisIsNotMalware
/ Kill-Ransomware.ps1
Created
November 5, 2019 14:51
— forked from thomaspatzke/Kill-Ransomware.ps1
Ransomware Killer
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Ransomware Killer v0.1 by Thomas Patzke <[email protected]> | |
| # Kill all parent processes of the command that tries to run "vssadmin Delete Shadows" | |
| # IMPORTANT: This must run with Administrator privileges! | |
| Register-WmiEvent -Query "select * from __instancecreationevent within 0.1 where targetinstance isa 'win32_process' and targetinstance.CommandLine like '%vssadmin%Delete%Shadows%'" -Action { | |
| # Kill all parent processes from detected vssadmin process | |
| $p = $EventArgs.NewEvent.TargetInstance | |
| while ($p) { | |
| $ppid = $p.ParentProcessID | |
| $pp = Get-WmiObject -Class Win32_Process -Filter "ProcessID=$ppid" | |
| Write-Host $p.ProcessID |