This payload will share the entire victims "C:" drive to the entire network for further exploitation.
A payload to prank your friends into thinking their computer got hit with ransomware.
A payload to exfiltrate clipboard contents
A payload to get rid of the ugly windows activation watermark.
This script will get rid of the ugly windows watermark. This script will automatically reboot...
This payload will enumerate through the browser directories, looking for the file that stores the history.
These files will be saved to the temp directory.
1. Checks the availability of binaries on the system.
2. Builds a list of possible payloads.
3. Performs one at random.
BunnyLogger is a Key Logger which captures every key stroke of target and send them to attacker.
This payload will enumerate through the browser directories, looking for the file that stores the bookmark history These files will be saved to the bash bunn...
Copies the "ssh" command spoofing program to the user's home directory.
Defines a new persistent "ssh" alias with the file "~/.bash_aliases".
When the user e...
Exfiltrates files from logged in users Documents and Desktop folders.
Extract useful information such as nmap scan results, wifi keys, Local DNS Cache, User privileges and group memberships, user folder contents with images and...
A stupid easy to use file extractor leveraging the USB storage attack mode. Will stuff the found files in the /loot/simple-usb-file-extractor folder. Also de...
Uses CLSID to open system dialogs to swap the left and right mouse button, change the region to Welsh and turn off system sounds.
mine4me make your target's system mine Monero for you.
1. Hide "PowerShell" window.
2. Change "monitor-timeout (AC and DC)" at NEVER with "powercfg" utility.
3. Change "standby-timeout (AC and DC)" at NEVER with ...
SamDumpBunny dumps the users sam and system hive and compresses them into a zip file. Afterwards you can use a tool like samdump2 to extract the users hashes.
Converts Jpeg, Png & BMP's in the My Pictures to ascii art versions.
Executes code leveraging CVE-2022-30190 aka Follina using a malicious html file hosted on the Bunny itself. Whilst this exploit can be called via a malicious...