Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning podcasts, leading pentest gear, and inclusive community – where all hackers belong.

PAYLOAD HUB
Discover creative payloads from the Hak5 community with filtering by device and category.

PAYLOAD STUDIO
Unleash your hacking creativity with this full-featured web-based Payload development environment.

PAYLOAD AWARDS
Get your payload in front of thousands and enter to win. Nearly $10,000 in annual Hak5 prizes!

ADVANCED DUCKYSCRIPT COURSE
Learn directly from the creators! Unlock your creative potential with this comprehensive online course.

[PAYLOAD] SERIES
Join Hak5 hosts and collaborators as we dive into the techniques and code that make great payloads!

Community developed payloads for Hak5 gear are featured and awarded at PayloadHub — a growing library of currated content.

Unleash your hacking creativity with the online payload editor: PayloadStudio

Link to your collections, sales and even external links

Add up to five columns

Menu

      Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning podcasts, leading pentest gear, and inclusive community – where all hackers belong.

      PAYLOAD HUB
      Discover creative payloads from the Hak5 community with filtering by device and category.

      PAYLOAD STUDIO
      Unleash your hacking creativity with this full-featured web-based Payload development environment.

      PAYLOAD AWARDS
      Get your payload in front of thousands and enter to win. Nearly $10,000 in annual Hak5 prizes!

      ADVANCED DUCKYSCRIPT COURSE
      Learn directly from the creators! Unlock your creative potential with this comprehensive online course.

      [PAYLOAD] SERIES
      Join Hak5 hosts and collaborators as we dive into the techniques and code that make great payloads!

      Community developed payloads for Hak5 gear are featured and awarded at PayloadHub — a growing library of currated content.

      Unleash your hacking creativity with the online payload editor: PayloadStudio

      Link to your collections, sales and even external links

      Add up to five columns

      Founded in 2005, Hak5's mission is to advance the InfoSec industry. We do this through our award winning podcasts, leading pentest gear, and inclusive community – where all hackers belong.

      PAYLOAD HUB
      Discover creative payloads from the Hak5 community with filtering by device and category.

      PAYLOAD STUDIO
      Unleash your hacking creativity with this full-featured web-based Payload development environment.

      PAYLOAD AWARDS
      Get your payload in front of thousands and enter to win. Nearly $10,000 in annual Hak5 prizes!

      ADVANCED DUCKYSCRIPT COURSE
      Learn directly from the creators! Unlock your creative potential with this comprehensive online course.

      [PAYLOAD] SERIES
      Join Hak5 hosts and collaborators as we dive into the techniques and code that make great payloads!

      Community developed payloads for Hak5 gear are featured and awarded at PayloadHub — a growing library of currated content.

      Unleash your hacking creativity with the online payload editor: PayloadStudio

      Link to your collections, sales and even external links

      Add up to five columns

      Public IP Grabber

      Public IP Grabber

      by Matthew Kayne February 27, 2022

      Exfiltration USB Rubber Ducky

      Extracts the public IP address of the current connected network onto the ducky
      WifiSnatch

      WifiSnatch

      by 0i41E February 02, 2022

      Bash Bunny Exfiltration

      Extract wifi information, such as passphrases & SSIDs

      KeePass Automated Exporter

      KeePass Automated Exporter

      by jrwimmer January 19, 2022

      Bash Bunny Exfiltration

      Performs keystroke automation to export an unencrypted copy of an unlocked KeePass database The copy is saved to the loot folder on the Bash Bunny USB Mass S...
      MS Teams Exfiltration

      MS Teams Exfiltration

      by Jules Bozouklian January 19, 2022

      Exfiltration Shark Jack

      Exfiltrate data with microsoft teams

      FreeDaNutz

      FreeDaNutz

      by infoskirmish,com January 05, 2022

      Exfiltration Packet Squirrel

      This payload will compress the entire /mnt/loot folder. It will then send via scp that folder to a host you specify. This payload runs some checks to make su...
      Email-Sender

      Email-Sender

      by TheDragonkeeper January 05, 2022

      Exfiltration Packet Squirrel

      Sends emails / has html and file support / it can be used with bash and python.

      Gather Network Info

      Gather Network Info

      by JonnyBanana January 05, 2022

      Exfiltration USB Rubber Ducky

      gathernetworkInfo a info stealer script by JonnyBanana
      Ducky WiFi Grabber

      Ducky WiFi Grabber

      by Zero_Sploit January 05, 2022

      Exfiltration USB Rubber Ducky

      Steals wifi passwords and sends them to your outlook email. Some editing on your part is needed such as outlook email & password

      Read It Out

      Read It Out

      by Cribbit December 21, 2021

      Bash Bunny Exfiltration

      Super subtle exfiltration method. Gets the Microsoft Speech API (SAPI) to read out the content of text files in the MyDocuments directory.
      SanDisk Wireless Stick Exfiltration

      SanDisk Wireless Stick Exfiltration

      by TW-D December 21, 2021

      Bash Bunny Exfiltration

      Uses the "SanDisk Wireless Stick" for files exfiltration. 1. Avoids "PowerShell Script Block Logging". 2. Hide "PowerShell" window. 3. Deletes Wi-Fi conne...

      Smart Data Thief

      Smart Data Thief

      by saintcrossbow December 21, 2021

      Bash Bunny Exfiltration

      Make your Bash Bunny into the perfect data thief. This payload is ideal for demonstrating the need to lock workstations: using it, you can stroll through a f...
      Exfiltrate WiFi names & PSK over DNS, now with AES-256 encryption in transit

      Exfiltrate WiFi names & PSK over DNS, now with AES-256 encryption in transit

      by Keld Norman October 17, 2021

      Exfiltration OMG

      Building upon the earlier WiFi2DNS payload that uses stealthy DNS exfiltration, Keld Norman has applied AES-256 encryption for a much more secure transit of ...

      Exfiltrate WiFi names and PSKs over DNS

      Exfiltrate WiFi names and PSKs over DNS

      by @keld_norman October 12, 2021

      Exfiltration OMG

      WiFi names and PSK are exfiltrated over DNS.
      Fake Win10 Update Extractor

      Fake Win10 Update Extractor

      by HackingMark September 30, 2021

      Bash Bunny Exfiltration

      A stupid easy to use file extractor leveraging the USB storage attack mode. Will stuff the found files in the /loot/USB-Exfiltration/Computername-Date folder...

      Optical Exfiltration

      Optical Exfiltration

      by bg-wa September 28, 2021

      Bash Bunny Exfiltration

      Quick HID only attack to write an HTML/JS file to target machine and open a browser, to exfiltrate data Using QR Codes and a video recording device.
      Powershell TCP extractor

      Powershell TCP extractor

      by $irLurk$alot January 24, 2020

      Bash Bunny Exfiltration

      Copies data to temp directory and uses powershell tcp socket to extract to a listener on remote machine. The payload copies target to %APPDATA%, change this...

      Dropbox Exfiltrator Proof-of-Concept

      Dropbox Exfiltrator Proof-of-Concept

      by Hak5Darren January 24, 2020

      Bash Bunny Exfiltration

      Staged powershell payload which downloads and executes exfil.ps1 from dropbox which compresses the users documents folder and uploads it to dropbox. This pa...
      Faster SMB Exfiltrator

      Faster SMB Exfiltrator

      by Hak5Darren January 24, 2020

      Bash Bunny Exfiltration

      Exfiltrates select files from users's documents folder via SMB. Liberated documents will reside in Bash Bunny loot directory under loot/smb_exfiltrator/HOSTN...

      Leaderboard

      2024 Payload Heroes
      1. 🥇   Cribbit
      2. 🥈   InfoSecREDD
      3. 🥉   TW-D
      2023 Payload Heroes
      1. 🥇   Aleff
      2. 🥈   0i41E
      3. 🥉   Spywill
      2022 Payload Heroes
      1. 🥇   I AM JAKOBY
      2. 🥈   0iphor13
      3. 🥉   atomiczsec

      Get Rewarded

      Get your payload in front of thousands. Enter to win over $2,000 in prizes in the Hak5 Payload Awards!

      Awarded Payloads

      2025

       

      2024

       

      2023

       

      2022

      Contribute

      Submit entries to a payload repository by pull request. New to github? See this Hak5 tutorial video.

      Collaborate

      Get inspired, showcase your work and receive helpful feedback on your payloads in the Hak5 Community!

      Caution

      Third-party payloads executing as root may cause damage and come AS-IS without warranty or guarantees.

      Disclaimer

      Payloads are for education and auditing where permitted subject to local and international laws. Users are solely responsible for compliance. Hak5 claims no responsibility for unauthorized or unlawful use.

      Stats

      595 featured payloads in this library. Hundreds more at GitHub.com/Hak5.

      DEVICES

      CATEGORIES


      Previous 1 5 6 7 8 Next
      Click Titles to See Recipes FAKE LOGON SCREEN TW-D Bash Bunny Phishing Noodle Soup With Shrimps Savory & Spicy access_time 35 minutes list_alt 520 calories Ceasars Salad With Bacon Finger Lickin' Good access_time 20 minutes list_alt 600 calories Asian Tofu Bowl Light & Healthy access_time 50 minutes list_alt 400 calories Quinoa With Steamed Vegetables The Vitamin Bomb access_time 25 minutes list_alt 350 calories Avocado Breads With A Poached Egg Tasty & Fast access_time 15 minutes list_alt 250 calories