BunnyPicker

BunnyPicker
Download Copy
Title: BunnyPicker
Author: rf_bandit

Get password for logged-in user and unlock machine. Based on quickcreds and win10lockpicker.

🏆   Recognized with a Payload Award in September 2023

 

Credential harvesting is the method of obtaining credentials — think usernames and passwords. Many techniques are used to obtain credentials, from keylogging to credential dumping. With a set of credentials in hand, red teamers may access systems and make lateral movement across the network, as well as creating their own credentials which may be difficult to detect in a breach. See all credential payloads.

This payload is for the Bash Bunny. Simultaneously mimic multiple trusted devices to trick targets into divulging sensitive information without triggering defenses. The Bash Bunny is truly the world's most advanced USB attack platform.

Submit your own payload, or browse more featured Bash Bunny Payloads.

 

 

Related Payloads

Droidex
Droidex
Droidex exfiltrates the top file stored in the Downloads directory of target mobile device to a self-hosted python webse
Read More
edit2exfil
edit2exfil
edit2exfil is a persistent file exfiltration payload that embeds itself as a cronjob on Linux systems via bash script, r
Read More
PixelReflection
PixelReflection
This payload exfiltrates files by creating a 1 pixel sized form in the top left of the screen and changes the background
Read More