Menu

      Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning podcasts, leading pentest gear, and inclusive community – where all hackers belong.

      PAYLOAD HUB
      Discover creative payloads from the Hak5 community with filtering by device and category.

      PAYLOAD STUDIO
      Unleash your hacking creativity with this full-featured web-based Payload development environment.

      PAYLOAD AWARDS
      Get your payload in front of thousands and enter to win. Nearly $10,000 in annual Hak5 prizes!

      ADVANCED DUCKYSCRIPT COURSE
      Learn directly from the creators! Unlock your creative potential with this comprehensive online course.

      [PAYLOAD] SERIES
      Join Hak5 hosts and collaborators as we dive into the techniques and code that make great payloads!

      Community developed payloads for Hak5 gear are featured and awarded at PayloadHub — a growing library of currated content.

      Unleash your hacking creativity with the online payload editor: PayloadStudio

      Link to your collections, sales and even external links

      Add up to five columns

      Link File Analysis

      Link File Analysis

      by Paul Murton October 05, 2021

      Bash Bunny Incident Response

      In an incident where a user is suspected of exfiltrating data to a USB storage device, CD/DVD etc, its possible that the user may subsequently open an exfilt...
      Hidden Images

      Hidden Images

      by Paul Murton October 05, 2021

      Bash Bunny Incident Response

      A (naive) user may attempt to hide image(picture) files by simply renaming them to appear to be other filetypes (i.e. Word documents etc). This payload uses ...

      Change Windows Wallpaper

      Change Windows Wallpaper

      by xhico October 05, 2021

      Bash Bunny Prank

      Changes the users wallpaper from the ${SWITCH_POSITION} folder in the payloads library of the Bash Bunny USB Disk partition.
      Fake Win10 Update Extractor

      Fake Win10 Update Extractor

      by HackingMark September 30, 2021

      Bash Bunny Exfiltration

      A stupid easy to use file extractor leveraging the USB storage attack mode. Will stuff the found files in the /loot/USB-Exfiltration/Computername-Date folder...

      Optical Exfiltration

      Optical Exfiltration

      by bg-wa September 28, 2021

      Bash Bunny Exfiltration

      Quick HID only attack to write an HTML/JS file to target machine and open a browser, to exfiltrate data Using QR Codes and a video recording device.
      Powershell TCP extractor

      Powershell TCP extractor

      by $irLurk$alot January 24, 2020

      Bash Bunny Exfiltration

      Copies data to temp directory and uses powershell tcp socket to extract to a listener on remote machine. The payload copies target to %APPDATA%, change this...

      Dropbox Exfiltrator Proof-of-Concept

      Dropbox Exfiltrator Proof-of-Concept

      by Hak5Darren January 24, 2020

      Bash Bunny Exfiltration

      Staged powershell payload which downloads and executes exfil.ps1 from dropbox which compresses the users documents folder and uploads it to dropbox. This pa...
      Faster SMB Exfiltrator

      Faster SMB Exfiltrator

      by Hak5Darren January 24, 2020

      Bash Bunny Exfiltration

      Exfiltrates select files from users's documents folder via SMB. Liberated documents will reside in Bash Bunny loot directory under loot/smb_exfiltrator/HOSTN...

      USB Exfiltrator

      USB Exfiltrator

      by Hak5Darren January 24, 2020

      Bash Bunny Exfiltration

      Exfiltrating files from the users Documents folder Saves to the loot folder on the Bash Bunny USB Mass Storage partition named by the victim hostname, date a...
      RDP Checker

      RDP Checker

      by Hak5Darren January 24, 2020

      Bash Bunny Recon

      Checks whether RDP is enabled on target machine Green=Enabled. Red=Disabled.

      Leaderboard

      2022 Payload Heroes
      1. 🥇   I AM JAKOBY
      2. 🥈   0iphor13
      3. 🥉   atomiczsec

      Get Rewarded

      Get your payload in front of thousands. Enter to win over $2,000 in prizes in the Hak5 Payload Awards!

      Awarded Payloads

      2023

       

      2022

      Contribute

      Submit entries to a payload repository by pull request. New to github? See this Hak5 tutorial video.

      Collaborate

      Get inspired, showcase your work and receive helpful feedback on your payloads in the Hak5 Community!

      Caution

      Third-party payloads executing as root may cause damage and come AS-IS without warranty or guarantees.

      Disclaimer

      Payloads are for education and auditing where permitted subject to local and international laws. Users are solely responsible for compliance. Hak5 claims no responsibility for unauthorized or unlawful use.

      Stats

      575 featured payloads in this library. Hundreds more at GitHub.com/Hak5.

      DEVICES

      CATEGORIES


      Previous 1 5 6 7