Menu

      Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning podcasts, leading pentest gear, and inclusive community – where all hackers belong.

      PAYLOAD HUB
      Discover creative payloads from the Hak5 community with filtering by device and category.

      PAYLOAD STUDIO
      Unleash your hacking creativity with this full-featured web-based Payload development environment.

      PAYLOAD AWARDS
      Get your payload in front of thousands and enter to win. Nearly $10,000 in annual Hak5 prizes!

      ADVANCED DUCKYSCRIPT COURSE
      Learn directly from the creators! Unlock your creative potential with this comprehensive online course.

      [PAYLOAD] SERIES
      Join Hak5 hosts and collaborators as we dive into the techniques and code that make great payloads!

      Community developed payloads for Hak5 gear are featured and awarded at PayloadHub — a growing library of currated content.

      Unleash your hacking creativity with the online payload editor: PayloadStudio

      Link to your collections, sales and even external links

      Add up to five columns

      PayloadHub
      Previous  / Next

      JumpScare

      OMG Prank
      JumpScare
      Download Copy
      Title: JumpScare
      Author: I am Jakoby

      This script starts off using Invoke-WebRequests to download both and Image and Sound file Their system volume is then turned up to the max level The script will be paused until a mouse movement is detected At that point there desktop wallpaper will be changed to the scary image provided and the scream sound effect will be played.

      This payload is for OMG — a platform built for covert field-use with features that enhance remote execution, stealth and forensics evasion, all while being able to quickly change your tooling on the fly.

      Submit your own payload, or browse more featured OMG Payloads.

      Mischief Gadgets

      View Products

       

       

      Related Payloads

      Linux Blind Serial Command Injection
      Linux Blind Serial Command Injection
      Allows a remote attacker to execute commands on a Linux system via a serial connection, without receiving feedback on th
      Read More
      Lazagne Exfil
      Lazagne Exfil
      This payload downloads and runs Lazagne, stores all info to .txt file, sends file to telegram bot.
      Read More
      Google Exfil
      Google Exfil
      This payload runs Powershell script that zips google user data, uses gofile.io api to upload it, and then sends a downlo
      Read More

       


      Leaderboard

      2022 Payload Heroes
      1. 🥇   I AM JAKOBY
      2. 🥈   0iphor13
      3. 🥉   atomiczsec

      Get Rewarded

      Get your payload in front of thousands. Enter to win over $2,000 in prizes in the Hak5 Payload Awards!

      Awarded Payloads

      2023
      09: Follow someone on I...
      09: MacDocsExfill
      09: BunnyPicker
      09: MacFetch
      09: Email-Capture
      09: iOS-Logic-Bomb-Example
      09: Squirrel SSH Remote...
      09: X-Frame-Options Sca...
      09: Whatsapp Message Se...
      09: Hey! Got Any Grapes?
      09: Simple PSH Wallpape...
      09: Croc_Getonline
      09: EternalLock
      09: Windows Privilege E...
      09: ReverseDuckyUlitmate
      09: Triggered_Bunny
      09: Morse Code
      09: Bash-History
      09: Deshellerator
      09: cApS-Troll
      09: Standard Phishing C...
      09: USBScream
      09: ReverseDuckyPolymorph
      09: duckin8or
      09: Piano player payloa...
      09: ActiveSync-Exfil-Ex...

       

      2022
      09: ActiveSync-Exfil
      09: Printer-Recon
      09: Disable Windows Def...
      09: KeyLogin
      09: iOS-FullKeyboardAccess
      09: Simple-iOS-Profile-...
      09: DesktopDuck
      09: Shortcut-Jacker
      09: WifiProfile Stealer...
      09: 3_Payload_Menu
      09: The Penny Drops
      09: BunnyLogger 2.0
      09: Image over key refl...
      09: Bookmark-Hog
      09: wifi-to-dropbox
      09: "Microsoft Windows"...
      09: Mac_Exfil
      09: DROP-ZIP-EXCECUTE
      09: Rick Roll Updater
      09: Add_Local_Admin
      09: Simple USB File Ext...
      09: SamDumpBunny
      09: SharkDOS
      09: My Pictures 2 Ascii...
      09: FollinaBunny
      09: ScreenSaver_FuNNN_b-b
      09: Blue_Harvester
      09: Chrome Exfil
      09: Credz-Plz
      09: ReverseBunnySSL
      09: Fake sudo
      09: ADV-Recon
      09: ADV-Recon
      09: BLE_EXFIL_DEMO
      09: Physical_Rick_Roll
      09: KeyManager Backup
      09: "Microsoft Windows"...
      09: AUTOinCORRECT
      09: FodCableII - UAC By...
      09: OMG Acid Burn
      09: screenGrab
      09: "Microsoft Windows"...
      09: OMG-AwarenessTraining
      09: Random Video
      09: Funni Stick V3
      09: BunnyLogger
      09: iMessage Data Grabber
      09: DuckyLogger
      09: Nmap Recon
      09: HashDumpBunny
      09: Forward Email
      09: ReverseDucky3
      09: PwnKit Vulnerabilit...
      09: PwnKit Vulnerabilit...
      09: RemoteDeskCroc
      09: Tic-tac-toe / Nough...
      09: Install Reverse She...
      09: Android Meterpreter...
      09: "Microsoft Windows ...

      Contribute

      Submit entries to a payload repository by pull request. New to github? See this Hak5 tutorial video.

      Collaborate

      Get inspired, showcase your work and receive helpful feedback on your payloads in the Hak5 Community!

      Caution

      Third-party payloads executing as root may cause damage and come AS-IS without warranty or guarantees.

      Disclaimer

      Payloads are for education and auditing where permitted subject to local and international laws. Users are solely responsible for compliance. Hak5 claims no responsibility for unauthorized or unlawful use.

      Stats

      562 featured payloads in this library. Hundreds more at GitHub.com/Hak5.