by TW-D November 24, 2024
Execution USB Rubber Ducky
This payload launches a new cmd.exe process with elevated privileges under TrustedInstaller, by setting the TrustedInstaller process as the parent, the cmd.e...
by luu176 November 04, 2024
Exfiltration USB Rubber Ducky
This payload exfiltrates NTLM hash files to the Rubber Ducky's SD card for further analysis.
by Aleff September 24, 2024
Prank USB Rubber Ducky
This payload renames files and folders to all have a similar name.
by luu176 September 24, 2024
Exfiltration USB Rubber Ducky
A payload used to exfiltrate the NTLM hash on a Windows machine.
by yeetboy0330 September 17, 2024
Credentials USB Rubber Ducky
This script borrows the wifi passwords on the target system and puts them into a .txt file on the ducky.
by thomasboegl1 August 06, 2024
Exfiltration USB Rubber Ducky
This payload captures screenshots from a Windows machine every 10 seconds and uploads them to a specified server using the Powershell.
by nathansb2022 August 06, 2024
Execution USB Rubber Ducky
This payload uses Resolve-DnsName to perform a DNS name query resolution for a domain hosting a malicious TXT record
by nic005-arch July 24, 2024
Credentials USB Rubber Ducky
This payload extracts and saves Wi-Fi passwords and browser credentials from Google Chrome, Brave, Firefox, and Microsoft Edge on the target machine. Additio...
by F1ll0ry July 23, 2024
Exfiltration USB Rubber Ducky
This payload finds WiFi SSIDs and passwords on a Windows machine, saves them to a file, and sends the file to a VPS using SCP.
by mrproxy July 11, 2024
Exfiltration USB Rubber Ducky
This payload downloads and runs Lazagne, stores all info to .txt file, sends file to telegram bot.
by mrproxy July 11, 2024
Exfiltration USB Rubber Ducky
This payload runs Powershell script that zips google user data, uses gofile.io api to upload it, and then sends a download link through telegram bot or disco...
by Aleff July 09, 2024
Incident Response USB Rubber Ducky
This script sets a Firewall rule that will defend you against CVE-2023-23397.
by F1ll0ry July 09, 2024
General USB Rubber Ducky
Opens PowerShell as admin, creates a folder in Windows/temp called Cache, adds exclusion in Defender, downloads the payload from VPS/ inside the Cache folder...
by PlumpyTurkey June 26, 2024
Exfiltration USB Rubber Ducky
This payload sets up a trustworthy proxy for the user, enabling a Man-in-the-middle attack. After executing your payload, the proxy server will intercept all...
by PlumpyTurkey June 26, 2024
Exfiltration USB Rubber Ducky
This payload sends you the target PC's Windows product key via Dropbox.
by Aleff June 06, 2024
Prank USB Rubber Ducky
Automates a series of actions on a Windows system to manipulate the contents of emails found in a Thunderbird profile. Replaces the sender's email addresses ...
by thomasgruebl June 05, 2024
Exfiltration USB Rubber Ducky
This payload performs an SSH key exfiltration attack by checking the default ssh key location ~/.ssh/ and by performing a recursive pattern matching search f...
by Aleff June 05, 2024
Prank USB Rubber Ducky
This payload allows you to dump the RAM memory used by a running application by using the free software ProcDump.