by jrwimmer January 19, 2022
Bash Bunny Exfiltration
Performs keystroke automation to export an unencrypted copy of an unlocked KeePass database The copy is saved to the loot folder on the Bash Bunny USB Mass S...
🏆 by TW-D January 07, 2022
Bash Bunny Phishing
Change "monitor-timeout (AC and DC)" at NEVER with "powercfg" utility. Change "standby-timeout (AC and DC)" at NEVER with "powercfg" utility. Retrieve the...
by 0iphor13 December 23, 2021
Bash Bunny Remote Access
Imagine a scenario in which communication to and from the server is protected and filtered by a firewall and does not allow TCP shell communication to take p...
by bg-wa December 22, 2021
Bash Bunny Mobile-Android
Opens the browser to a specified url on an unlocked android phone.
by SammyTheBEAST December 22, 2021
Bash Bunny Phishing
Redirects a given domain name to the target IP address. Uses the run prompt and Powershell to edit the hosts file, should work with any Windows version with ...
by Overtimedev December 21, 2021
Bash Bunny Credentials
Steals Mac Passwords using laZagne.py then stashes them in /loot/MacPass
1. put get-pip.py, laZagne.py and requirements.txt in the root folder of the bunny
...
by Cribbit December 21, 2021
Bash Bunny Prank
Create a QR code in Excel that points to Rick Astley - Never Gonna Give You Up on YouTube
by Cribbit December 21, 2021
Bash Bunny Prank
Replaces the standard arrow with a little bash bunny icon.
I have included a both a static and animated cursor.
by Cribbit December 21, 2021
Bash Bunny Exfiltration
Super subtle exfiltration method.
Gets the Microsoft Speech API (SAPI) to read out the content of text files in the MyDocuments directory.
by TW-D December 21, 2021
Bash Bunny Exfiltration
Uses the "SanDisk Wireless Stick" for files exfiltration.
1. Avoids "PowerShell Script Block Logging".
2. Hide "PowerShell" window.
3. Deletes Wi-Fi conne...
by Cribbit December 21, 2021
Bash Bunny Execution
Installs and runs a SSH Server on Windows.
by Cribbit December 21, 2021
Bash Bunny Prank
Spinning Ascii Hak5 Logo in a powershell window. Props to TW-D for the inspiration, audibleblink for python server code "execution/ShellExec/payload.txt" and...
by saintcrossbow December 21, 2021
Bash Bunny General
This payload was made in the style of Q Branch: it provides multiple options for attack and getting out of bad situations. Switching into this payload will p...
by saintcrossbow December 21, 2021
Bash Bunny Exfiltration
Make your Bash Bunny into the perfect data thief. This payload is ideal for demonstrating the need to lock workstations: using it, you can stroll through a f...
by cerebro11 October 05, 2021
Bash Bunny Credentials
Dumps the usernames & plaintext passwords from, Browsers (Chrome, FireFox), Windows Vault, Wi-Fi, sam, system, security from Registry => SAM Hashes (o...
by Paul Murton October 05, 2021
Bash Bunny Incident Response
In an incident where a user is suspected of exfiltrating data to a USB storage device, CD/DVD etc, its possible that the user may subsequently open an exfilt...
by Paul Murton October 05, 2021
Bash Bunny Incident Response
A (naive) user may attempt to hide image(picture) files by simply renaming them to appear to be other filetypes (i.e. Word documents etc). This payload uses ...
by xhico October 05, 2021
Bash Bunny Prank
Changes the users wallpaper from the ${SWITCH_POSITION} folder in the payloads library of the Bash Bunny USB Disk partition.
Get Rewarded
Contribute
Collaborate
Caution
Disclaimer
Stats
Leaderboard