Menu

      Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning podcasts, leading pentest gear, and inclusive community – where all hackers belong.

      PAYLOAD HUB
      Discover creative payloads from the Hak5 community with filtering by device and category.

      PAYLOAD STUDIO
      Unleash your hacking creativity with this full-featured web-based Payload development environment.

      PAYLOAD AWARDS
      Get your payload in front of thousands and enter to win. Nearly $10,000 in annual Hak5 prizes!

      ADVANCED DUCKYSCRIPT COURSE
      Learn directly from the creators! Unlock your creative potential with this comprehensive online course.

      [PAYLOAD] SERIES
      Join Hak5 hosts and collaborators as we dive into the techniques and code that make great payloads!

      Community developed payloads for Hak5 gear are featured and awarded at PayloadHub — a growing library of currated content.

      Unleash your hacking creativity with the online payload editor: PayloadStudio

      Link to your collections, sales and even external links

      Add up to five columns

      Blind OS Command Injection using Serial Number

      Blind OS Command Injection using Serial Number

      🏆   by TW-D November 15, 2024

      Key Croc Remote Access

      This payload allows a remote attacker to execute commands on a Linux system using the serial number as a vector to pass the commands to be executed
      Bouncy Coil

      Bouncy Coil

      🏆   by Cribbit August 16, 2024

      General OMG

      This payload uses Powershell to create a O.MG Coil that bounces around the screen.

      Duckie Harvest

      Duckie Harvest

      🏆   by nic005-arch July 24, 2024

      Credentials USB Rubber Ducky

      This payload extracts and saves Wi-Fi passwords and browser credentials from Google Chrome, Brave, Firefox, and Microsoft Edge on the target machine. Additio...
      Windows Duck In The Middle

      Windows Duck In The Middle

      🏆   by PlumpyTurkey June 26, 2024

      Exfiltration USB Rubber Ducky

      This payload sets up a trustworthy proxy for the user, enabling a Man-in-the-middle attack. After executing your payload, the proxy server will intercept all...

      Linux Keystroke Reflection

      Linux Keystroke Reflection

      🏆   by TW-D June 24, 2024

      Exfiltration Key Croc

      Implementation of the "Keystroke Reflection" technique for file exfiltration.
      MacAlertPhisher

      MacAlertPhisher

      🏆   by 90N45-d3v June 07, 2024

      Bash Bunny Phishing

      Creates a customizable alert that prompts for the victim's credentials and shares them with you via Discord.

      TV-Menu-Trigger

      TV-Menu-Trigger

      🏆   by 90N45-d3v June 06, 2024

      Bash Bunny Prank

      This payload opens the main menu of a TV repeatedly at a random interval (1-10 minutes) to confuse users.
      adb shell dumpsys

      adb shell dumpsys

      🏆   by D14b0l1c June 05, 2024

      Bash Bunny Mobile-Android

      Collects android device information over adb

      KeyLogger

      KeyLogger

      🏆   by thedragonkeeper January 15, 2024

      Bash Bunny Recon

      Captures all keyboard input without the need for root access Uses the user keyboard map file for decoding the captured data

      Leaderboard

      2024 Payload Heroes
      1. 🥇   Cribbit
      2. 🥈   InfoSecREDD
      3. 🥉   TW-D
      2023 Payload Heroes
      1. 🥇   Aleff
      2. 🥈   0i41E
      3. 🥉   Spywill
      2022 Payload Heroes
      1. 🥇   I AM JAKOBY
      2. 🥈   0iphor13
      3. 🥉   atomiczsec

      Get Rewarded

      Get your payload in front of thousands. Enter to win over $2,000 in prizes in the Hak5 Payload Awards!

      Awarded Payloads

      2025

       

      2024
      Blind OS Command In...
      Bouncy Coil
      Duckie Harvest
      Windows Duck In The...
      Linux Keystroke Ref...
      MacAlertPhisher
      TV-Menu-Trigger
      adb shell dumpsys
      KeyLogger

       

      2023

       

      2022

      Contribute

      Submit entries to a payload repository by pull request. New to github? See this Hak5 tutorial video.

      Collaborate

      Get inspired, showcase your work and receive helpful feedback on your payloads in the Hak5 Community!

      Caution

      Third-party payloads executing as root may cause damage and come AS-IS without warranty or guarantees.

      Disclaimer

      Payloads are for education and auditing where permitted subject to local and international laws. Users are solely responsible for compliance. Hak5 claims no responsibility for unauthorized or unlawful use.

      Stats

      588 featured payloads in this library. Hundreds more at GitHub.com/Hak5.

      DEVICES

      CATEGORIES