Hans Alemão hansalemaos
hansalemaos
/ resolution_monitor.py
Created
April 11, 2024 06:50
— forked from bufferbob/resolution_monitor.py
automatic "refresh all" rainmeter command when screen resolution change, can be useful in some situations
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import ctypes, subprocess, time | |
| time.sleep(30) # wait a bit at startup, rainmeter may not yet be launched | |
| previous_resolution = '' | |
| while True: | |
| current_resolution = f'{ctypes.windll.user32.GetSystemMetrics(0)}x{ctypes.windll.user32.GetSystemMetrics(1)}' | |
| if current_resolution != previous_resolution: | |
| subprocess.call([r'C:\Program Files\Rainmeter\Rainmeter.exe', '!RefreshApp']) | |
| previous_resolution = current_resolution |
hansalemaos
/ amsi-eicar.py
Created
April 11, 2024 06:46
— forked from ek-nath/amsi-eicar.py
Demo python script for AMSI API
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Python Port of https://gist.github.com/richinseattle/1cafd9368890ecf3d8e1dbbc18f2fe38 | |
| from ctypes import HRESULT, windll, POINTER, byref | |
| from ctypes.wintypes import HANDLE, LPCWSTR, UINT, LPCSTR | |
| from enum import IntEnum | |
| from comtypes.hresult import S_OK | |
| class AMSI_RESULT(IntEnum): | |
| AMSI_RESULT_CLEAN = 0, | |
| AMSI_RESULT_NOT_DETECTED = 1 |
hansalemaos
/ monitor_info_win32.py
Created
April 11, 2024 06:46
— forked from io-mi/monitor_info_win32.py
Get monitor metrics (DPI and scale factor) in python win32
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from ctypes import POINTER, WINFUNCTYPE, Array, Structure, sizeof, windll, c_uint32, byref, HRESULT, c_void_p | |
| from ctypes.wintypes import BOOL, HANDLE, HDC, HMONITOR, HWND, LONG, LPARAM, LPDWORD, LPRECT, LPWSTR, PDWORD, PHANDLE, PUINT, RECT, UINT, POINT, DWORD, USHORT, WCHAR | |
| from enum import IntEnum, auto | |
| class MONITOR_DPI_TYPE(IntEnum): | |
| MDT_EFFECTIVE_DPI = 0, | |
| MDT_ANGULAR_DPI = 1, | |
| MDT_RAW_DPI = 2, | |
| MDT_DEFAULT = MDT_EFFECTIVE_DPI |
hansalemaos
/ unix_hide_on_windows.py
Created
April 11, 2024 06:45
— forked from goovi/unix_hide_on_windows.py
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import sys | |
| import os.path | |
| import ctypes | |
| FILE_ATTRIBUTE_HIDDEN = 0x02 | |
| count = 0 | |
| def process(directory): | |
| for f in os.listdir(directory): |
hansalemaos
/ amsi_patch.py
Created
April 11, 2024 06:41
— forked from evbit/amsi_patch.py
code to patch AMSI according to this method https://corneacristian.medium.com/bypass-windows-defender-fa3ff53f264b
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from ctypes import windll | |
| from ctypes import wintypes | |
| import ctypes | |
| import wmi # http://timgolden.me.uk/python/wmi/cookbook.html | |
| import platform | |
| def get_proc_pid(proc: str): | |
| w = wmi.WMI() | |
| procs = w.Win32_Process(name=proc) | |
| try: |
hansalemaos
/ mojang_bypass.py
Created
April 11, 2024 06:34
— forked from zaknesler/mojang_bypass.py
Mojang VPN bypass
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os, ctypes, sys, socket | |
| # Windows only. | |
| # Mojang rightfully blocks banned IP addresses from authenticating. Most IP addresses on most VPN providers are banned. | |
| # Running this file will route known Mojang IP addresses to the default gateway, bypassing any VPNs. | |
| hosts = [ | |
| 'sessionserver.mojang.com', | |
| 'authserver.mojang.com', | |
| 'mcoapi.minecraft.net', |
hansalemaos
/ crude_ioctl_fuzzer.py
Created
April 11, 2024 06:29
— forked from uf0o/crude_ioctl_fuzzer.py
A crude IOCTL fuzzer for windows driver testing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import random | |
| import sys | |
| import io | |
| from ctypes import windll, POINTER, byref | |
| from ctypes.wintypes import LPVOID, DWORD, LPCSTR, LPSTR, BOOL, HANDLE | |
| DeviceIoControl = windll.kernel32.DeviceIoControl | |
| CreateFileA = windll.kernel32.CreateFileA | |
| CloseHandle = windll.kernel32.CloseHandle |
hansalemaos
/ keep_awake.pyw
Created
April 11, 2024 06:21
— forked from DocMinus/keep_awake.pyw
Prevent Windows from sleeping (i.e. keep system awake)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import tkinter as tk | |
| import ctypes | |
| import sys | |
| class myBox(tk.Tk): | |
| '''Prevents a Windows system from sleeping by keeping the screen alive. | |
| At the same time an excercise in using tkinter.... | |
| (Python 3) | |
| Inspired by multiple code snippets on the net, certainly the | |
| SetThreadExecutionState gimmick. |
hansalemaos
/ steam_path_winreg_replacer.py
Created
April 11, 2024 06:19
— forked from feliposz/steam_path_winreg_replacer.py
A small script to replace all entries in the windows registry to a new value. I did this after moving my Steam folder to another drive.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import winreg | |
| import ctypes, sys | |
| ORIG_STEAM_PATH = "C:\\Program Files (x86)\\Steam" | |
| NEW_STEAM_PATH = "G:\\Steam" | |
| def recurse_regkey(key): | |
| num_sub_keys, num_vals, modif = winreg.QueryInfoKey(key) | |
| for i in range(num_vals): | |
| value_name, value_data, val_type = winreg.EnumValue(key, i) |
hansalemaos
/ win32_verstamp.py
Created
April 11, 2024 06:14
— forked from cas--/win32_verstamp.py
Stamp windows exe files with version information
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| """ Stamp a Win32 binary with version information. | |
| Original code from pywin32 module. | |
| Modified to only use ctypes, making it standalone. | |
| """ | |
| import ctypes | |
| import os | |
| import struct | |
| import glob |
NewerOlder