"Microsoft Windows 10" Fake Logon Screen

🏆   by TW-D January 07, 2022

Bash Bunny Phishing

Change "monitor-timeout (AC and DC)" at NEVER with "powercfg" utility. Change "standby-timeout (AC and DC)" at NEVER with "powercfg" utility. Retrieve the...

PingZhellBunny

PingZhellBunny

by 0iphor13 December 23, 2021

Bash Bunny Remote Access

Imagine a scenario in which communication to and from the server is protected and filtered by a firewall and does not allow TCP shell communication to take p...

Android Open URL

Android Open URL

by bg-wa December 22, 2021

Bash Bunny Mobile-Android

Opens the browser to a specified url on an unlocked android phone.
Powershell Local DNS Poisoning

Powershell Local DNS Poisoning

by SammyTheBEAST December 22, 2021

Bash Bunny Phishing

Redirects a given domain name to the target IP address. Uses the run prompt and Powershell to edit the hosts file, should work with any Windows version with ...

Mac Password Grabber

Mac Password Grabber

by Overtimedev December 21, 2021

Bash Bunny Credentials

Steals Mac Passwords using laZagne.py then stashes them in /loot/MacPass 1. put get-pip.py, laZagne.py and requirements.txt in the root folder of the bunny ...
Excel QR Rickroll

Excel QR Rickroll

by Cribbit December 21, 2021

Bash Bunny Prank

Create a QR code in Excel that points to Rick Astley - Never Gonna Give You Up on YouTube

Replace Cursor

Replace Cursor

by Cribbit December 21, 2021

Bash Bunny Prank

Replaces the standard arrow with a little bash bunny icon. I have included a both a static and animated cursor.
Read It Out

Read It Out

by Cribbit December 21, 2021

Bash Bunny Exfiltration

Super subtle exfiltration method. Gets the Microsoft Speech API (SAPI) to read out the content of text files in the MyDocuments directory.

SanDisk Wireless Stick Exfiltration

SanDisk Wireless Stick Exfiltration

by TW-D December 21, 2021

Bash Bunny Exfiltration

Uses the "SanDisk Wireless Stick" for files exfiltration. 1. Avoids "PowerShell Script Block Logging". 2. Hide "PowerShell" window. 3. Deletes Wi-Fi conne...
Win SSH server

Win SSH server

by Cribbit December 21, 2021

Bash Bunny Execution

Installs and runs a SSH Server on Windows.

Spinning Around

Spinning Around

by Cribbit December 21, 2021

Bash Bunny Prank

Spinning Ascii Hak5 Logo in a powershell window. Props to TW-D for the inspiration, audibleblink for python server code "execution/ShellExec/payload.txt" and...
Revolver

Revolver

by saintcrossbow December 21, 2021

Bash Bunny General

This payload was made in the style of Q Branch: it provides multiple options for attack and getting out of bad situations. Switching into this payload will p...

Smart Data Thief

Smart Data Thief

by saintcrossbow December 21, 2021

Bash Bunny Exfiltration

Make your Bash Bunny into the perfect data thief. This payload is ideal for demonstrating the need to lock workstations: using it, you can stroll through a f...
DumpCreds

DumpCreds

by cerebro11 October 05, 2021

Bash Bunny Credentials

Dumps the usernames & plaintext passwords from, Browsers (Chrome, FireFox), Windows Vault, Wi-Fi, sam, system, security from Registry => SAM Hashes (o...

Link File Analysis

Link File Analysis

by Paul Murton October 05, 2021

Bash Bunny Incident Response

In an incident where a user is suspected of exfiltrating data to a USB storage device, CD/DVD etc, its possible that the user may subsequently open an exfilt...
Hidden Images

Hidden Images

by Paul Murton October 05, 2021

Bash Bunny Incident Response

A (naive) user may attempt to hide image(picture) files by simply renaming them to appear to be other filetypes (i.e. Word documents etc). This payload uses ...

Change Windows Wallpaper

Change Windows Wallpaper

by xhico October 05, 2021

Bash Bunny Prank

Changes the users wallpaper from the ${SWITCH_POSITION} folder in the payloads library of the Bash Bunny USB Disk partition.
Fake Win10 Update Extractor

Fake Win10 Update Extractor

by HackingMark September 30, 2021

Bash Bunny Exfiltration

A stupid easy to use file extractor leveraging the USB storage attack mode. Will stuff the found files in the /loot/USB-Exfiltration/Computername-Date folder...