A Python library that when attached to a running process, can scan the loaded modules for any that expose function signatures that may enable the bypass or extraction of login credentials.
Yoink works by recursively introspecting modules via getmembers(...) and then scanning over the internal code object of derived members objects subclassed from the Callable type. There are some checks as some Callable classes within Python do not contain code; usefully when implemented outside the standard def approach.
This is a brute force approach and technical example of how easy it is to bypass login functionality.
For example, if a module implemented:
def valid_user(username: str, password: str) -> bool:
...Do logic
return FalseYoink can detect this function is performing a security operation by its code co_varnames signature and wrap it, thus potentially bypassing security checks .