by drapl0n March 22, 2022
Bash Bunny Credentials
sudoSnatch payload grabs sudo password in plain text, immediately after target uses sudo command and sends it back to attacker remotely/locally.
🏆 by Cribbit March 16, 2022
Bash Bunny General
Downloads a list of Hak5 vids from YouTube (about 15 in the rss feed).
Then pick one at random, then opens it in the browser.
by 0iphor13 March 14, 2022
Bash Bunny Credentials
MiniDumpBunny uses Powersploits Out-MiniDump script to dump lsass. The script was rewritten, adapted for BashBunny usage and obfuscated in multiple ways to e...
by drapl0n March 12, 2022
Bash Bunny Remote Access
LinuxPreter injects meterpreter payload, make it persistent and triggers payload on launch of terminal/shell.
by drapl0n March 08, 2022
Bash Bunny Exfiltration
intel(intelligence) payload collects detailed information of victims machine.
1. Prevent storing history.
2. Fetching BashBunny's block device.
3. Mounting B...
🏆 by drapl0n March 07, 2022
Bash Bunny Credentials
Keylogger which sends each and every keystroke of target remotely/locally.
Features:
- Live keystroke capturing.
- Detailed key logs.
...
by drapl0n March 04, 2022
Bash Bunny Credentials
Taking advantage of plain stored ssh private keys in home dir, sshDump grabs them for you.
by Cribbit February 27, 2022
Bash Bunny General
Creates a hidden link file that override the ctrl+c functionality. So, where the use press ctrl+c it lunches the first sign-in animation.
Notes: to kill the...
by 0iphor13 February 14, 2022
Bash Bunny Credentials
This payload will run the famous SessionGopher script, which was only slightly modified. Searches for PuTTY, WinSCP, and Remote Desktop saved sessions, decry...
by TW-D February 08, 2022
Bash Bunny Remote Access
1. Adds a user account.
2. Adds this local user to local administrator group.
3. If the target computer is equipped with a compatible Wi-Fi card : Avoids sec...
by TW-D February 07, 2022
Bash Bunny Remote Access
1. Adds a user account.
2. Adds this local user to local administrator group.
3. If the target computer is equipped with a compatible Wi-Fi card : Avoids sec...
by 0iphor13 February 02, 2022
Bash Bunny Remote Access
Get remote access using obfuscated powershell code - If caught by AV, feel free to contact me.
by 0iphor13 February 02, 2022
Bash Bunny Exfiltration
Extract wifi information, such as passphrases & SSIDs
🏆 by 0iphor13 February 02, 2022
Bash Bunny Credentials
This payload will run an obfuscated script to dump user hashes. If you don't trust this obfuscated .bat file, you should run it within a save space first - w...
🏆 by TW-D January 29, 2022
Bash Bunny Execution
This is a version of the PwnKit Vulnerability Local Privilege Escalation containing pre-compiled binaries for x86_64 Linux. If you don't want to use the p...
🏆 by TW-D January 29, 2022
Bash Bunny Execution
The Qualys Research Team has discovered a memory corruption vulnerability in polkit’s pkexec, a SUID-root program that is installed by default on every ma...
by TW-D January 28, 2022
Bash Bunny Credentials
Partially avoids "PowerShell Script Block Logging". Closing of all windows. Hide "PowerShell" window. Abuse of "Windows Problem Steps Recorder" to spy on a u...
by 0iphor13 January 25, 2022
Bash Bunny Credentials
It is simple - using a renamed version of procdump - you are able to dump hashes from lsass.exe. Plug in BashBunny. Exfiltrate the out.dmp file and read i...
Get Rewarded
Contribute
Collaborate
Caution
Disclaimer
Stats
Leaderboard