Menu

      Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning podcasts, leading pentest gear, and inclusive community – where all hackers belong.

      PAYLOAD HUB
      Discover creative payloads from the Hak5 community with filtering by device and category.

      PAYLOAD STUDIO
      Unleash your hacking creativity with this full-featured web-based Payload development environment.

      PAYLOAD AWARDS
      Get your payload in front of thousands and enter to win. Nearly $10,000 in annual Hak5 prizes!

      ADVANCED DUCKYSCRIPT COURSE
      Learn directly from the creators! Unlock your creative potential with this comprehensive online course.

      [PAYLOAD] SERIES
      Join Hak5 hosts and collaborators as we dive into the techniques and code that make great payloads!

      Community developed payloads for Hak5 gear are featured and awarded at PayloadHub — a growing library of currated content.

      Unleash your hacking creativity with the online payload editor: PayloadStudio

      Link to your collections, sales and even external links

      Add up to five columns

      HashDumpBunny

      HashDumpBunny

      🏆   by 0iphor13 February 02, 2022

      Bash Bunny Credentials

      This payload will run an obfuscated script to dump user hashes. If you don't trust this obfuscated .bat file, you should run it within a save space first - w...
      Problem Steps Recorder

      Problem Steps Recorder

      by TW-D January 28, 2022

      Bash Bunny Credentials

      Partially avoids "PowerShell Script Block Logging". Closing of all windows. Hide "PowerShell" window. Abuse of "Windows Problem Steps Recorder" to spy on a u...

      ProcDumpBunny

      ProcDumpBunny

      by 0iphor13 January 25, 2022

      Bash Bunny Credentials

      It is simple - using a renamed version of procdump - you are able to dump hashes from lsass.exe. Plug in BashBunny. Exfiltrate the out.dmp file and read i...

      Win_SSLKeyLog

      Win_SSLKeyLog

      by TW-D January 21, 2022

      Bash Bunny Credentials

      Captures the client network session. Captures the client side session keys. Partially avoids "PowerShell Script Block Logging". Closing of all windows. Hid...

      wifigrabber

      wifigrabber

      by poundplay January 05, 2022

      Credentials OMG

      I took my own code and found the other version already made. I combined them to make it better this is a modified version of https://github.com/MTK911/Attiny...
      datacopier

      datacopier

      by Dante Sparda January 05, 2022

      Credentials USB Rubber Ducky

      this took a lot of digging and research. please use responsibly. I wrote this on a wim but of course you can filter whatever you want to the loot folder.

      Simple Windows Password Grabber

      Simple Windows Password Grabber

      by makozort January 05, 2022

      Credentials USB Rubber Ducky

      Target: Windows 10 (with admin access), might work with Windows 7 idk
      Mac Password Grabber

      Mac Password Grabber

      by Overtimedev December 21, 2021

      Bash Bunny Credentials

      Steals Mac Passwords using laZagne.py then stashes them in /loot/MacPass 1. put get-pip.py, laZagne.py and requirements.txt in the root folder of the bunny ...

      DumpCreds

      DumpCreds

      by cerebro11 October 05, 2021

      Bash Bunny Credentials

      Dumps the usernames & plaintext passwords from, Browsers (Chrome, FireFox), Windows Vault, Wi-Fi, sam, system, security from Registry => SAM Hashes (o...
      Keyhound

      Keyhound

      by cerebro11 September 28, 2021

      Credentials Key Croc

      Sets up Ethernet and HID keyboard interfaces simultaneously, then uses HID to import Sharphound into memory via KeyCroc web server and execute the attack. Re...

      Leaderboard

      2022 Payload Heroes
      1. 🥇   I AM JAKOBY
      2. 🥈   0iphor13
      3. 🥉   atomiczsec

      Get Rewarded

      Get your payload in front of thousands. Enter to win over $2,000 in prizes in the Hak5 Payload Awards!

      Awarded Payloads

      2023

       

      2022

      Contribute

      Submit entries to a payload repository by pull request. New to github? See this Hak5 tutorial video.

      Collaborate

      Get inspired, showcase your work and receive helpful feedback on your payloads in the Hak5 Community!

      Caution

      Third-party payloads executing as root may cause damage and come AS-IS without warranty or guarantees.

      Disclaimer

      Payloads are for education and auditing where permitted subject to local and international laws. Users are solely responsible for compliance. Hak5 claims no responsibility for unauthorized or unlawful use.

      Stats

      576 featured payloads in this library. Hundreds more at GitHub.com/Hak5.

      DEVICES

      CATEGORIES


      Previous 1 2 3