by Cribbit December 21, 2021
Bash Bunny Prank
Replaces the standard arrow with a little bash bunny icon.
I have included a both a static and animated cursor.
by Cribbit December 21, 2021
Bash Bunny Exfiltration
Super subtle exfiltration method.
Gets the Microsoft Speech API (SAPI) to read out the content of text files in the MyDocuments directory.
by TW-D December 21, 2021
Bash Bunny Exfiltration
Uses the "SanDisk Wireless Stick" for files exfiltration.
1. Avoids "PowerShell Script Block Logging".
2. Hide "PowerShell" window.
3. Deletes Wi-Fi conne...
by Cribbit December 21, 2021
Bash Bunny Execution
Installs and runs a SSH Server on Windows.
by Cribbit December 21, 2021
Bash Bunny Prank
Spinning Ascii Hak5 Logo in a powershell window. Props to TW-D for the inspiration, audibleblink for python server code "execution/ShellExec/payload.txt" and...
by saintcrossbow December 21, 2021
Bash Bunny General
This payload was made in the style of Q Branch: it provides multiple options for attack and getting out of bad situations. Switching into this payload will p...
by saintcrossbow December 21, 2021
Bash Bunny Exfiltration
Make your Bash Bunny into the perfect data thief. This payload is ideal for demonstrating the need to lock workstations: using it, you can stroll through a f...
by cerebro11 October 05, 2021
Bash Bunny Credentials
Dumps the usernames & plaintext passwords from, Browsers (Chrome, FireFox), Windows Vault, Wi-Fi, sam, system, security from Registry => SAM Hashes (o...
by Paul Murton October 05, 2021
Bash Bunny Incident Response
In an incident where a user is suspected of exfiltrating data to a USB storage device, CD/DVD etc, its possible that the user may subsequently open an exfilt...
by Paul Murton October 05, 2021
Bash Bunny Incident Response
A (naive) user may attempt to hide image(picture) files by simply renaming them to appear to be other filetypes (i.e. Word documents etc). This payload uses ...
by xhico October 05, 2021
Bash Bunny Prank
Changes the users wallpaper from the ${SWITCH_POSITION} folder in the payloads library of the Bash Bunny USB Disk partition.
by HackingMark September 30, 2021
Bash Bunny Exfiltration
A stupid easy to use file extractor leveraging the USB storage attack mode. Will stuff the found files in the /loot/USB-Exfiltration/Computername-Date folder...
by bg-wa September 28, 2021
Bash Bunny Exfiltration
Quick HID only attack to write an HTML/JS file to target machine and open a browser, to exfiltrate data Using QR Codes and a video recording device.
by $irLurk$alot January 24, 2020
Bash Bunny Exfiltration
Copies data to temp directory and uses powershell tcp socket to extract to a listener on remote machine.
The payload copies target to %APPDATA%, change this...
by Hak5Darren January 24, 2020
Bash Bunny Exfiltration
Staged powershell payload which downloads and executes exfil.ps1 from dropbox which compresses the users documents folder and uploads it to dropbox.
This pa...
by Hak5Darren January 24, 2020
Bash Bunny Exfiltration
Exfiltrates select files from users's documents folder via SMB. Liberated documents will reside in Bash Bunny loot directory under loot/smb_exfiltrator/HOSTN...
by Hak5Darren January 24, 2020
Bash Bunny Exfiltration
Exfiltrating files from the users Documents folder Saves to the loot folder on the Bash Bunny USB Mass Storage partition named by the victim hostname, date a...
by Hak5Darren January 24, 2020
Bash Bunny Recon
Checks whether RDP is enabled on target machine Green=Enabled. Red=Disabled.