Execute commands as NT AUTHORITY\SYSTEM with TrustedInstaller privileges

Execute commands as NT AUTHORITY\SYSTEM with TrustedInstaller privileges

by TW-D November 24, 2024

Execution USB Rubber Ducky

This payload launches a new cmd.exe process with elevated privileges under TrustedInstaller, by setting the TrustedInstaller process as the parent, the cmd.e...
Exfiltrate NTLM Hash To SD

Exfiltrate NTLM Hash To SD

by luu176 November 04, 2024

Exfiltration USB Rubber Ducky

This payload exfiltrates NTLM hash files to the Rubber Ducky's SD card for further analysis.

Same File Name Prank

Same File Name Prank

by Aleff September 24, 2024

Prank USB Rubber Ducky

This payload renames files and folders to all have a similar name.
Exfiltrate NTLM Hash

Exfiltrate NTLM Hash

by luu176 September 24, 2024

Exfiltration USB Rubber Ducky

A payload used to exfiltrate the NTLM hash on a Windows machine.

Local WLAN Borrower

Local WLAN Borrower

by yeetboy0330 September 17, 2024

Credentials USB Rubber Ducky

This script borrows the wifi passwords on the target system and puts them into a .txt file on the ducky.
Windows Screenshot Exfil

Windows Screenshot Exfil

by thomasboegl1 August 06, 2024

Exfiltration USB Rubber Ducky

This payload captures screenshots from a Windows machine every 10 seconds and uploads them to a specified server using the Powershell.

DNS TXT Command Injection

DNS TXT Command Injection

by nathansb2022 August 06, 2024

Execution USB Rubber Ducky

This payload uses Resolve-DnsName to perform a DNS name query resolution for a domain hosting a malicious TXT record
Duckie Harvest

Duckie Harvest

by nic005-arch July 24, 2024

Credentials USB Rubber Ducky

This payload extracts and saves Wi-Fi passwords and browser credentials from Google Chrome, Brave, Firefox, and Microsoft Edge on the target machine. Additio...

WiFi Passwords Exfiltration Via SCP

WiFi Passwords Exfiltration Via SCP

by F1ll0ry July 23, 2024

Exfiltration USB Rubber Ducky

This payload finds WiFi SSIDs and passwords on a Windows machine, saves them to a file, and sends the file to a VPS using SCP.
Lazagne Exfil

Lazagne Exfil

by mrproxy July 11, 2024

Exfiltration USB Rubber Ducky

This payload downloads and runs Lazagne, stores all info to .txt file, sends file to telegram bot.

Google Exfil

Google Exfil

by mrproxy July 11, 2024

Exfiltration USB Rubber Ducky

This payload runs Powershell script that zips google user data, uses gofile.io api to upload it, and then sends a download link through telegram bot or disco...
Defend Yourself From CVE-2023-23397

Defend Yourself From CVE-2023-23397

by Aleff July 09, 2024

Incident Response USB Rubber Ducky

This script sets a Firewall rule that will defend you against CVE-2023-23397.

The Perfect Stealthy Payload

The Perfect Stealthy Payload

by F1ll0ry July 09, 2024

General USB Rubber Ducky

Opens PowerShell as admin, creates a folder in Windows/temp called Cache, adds exclusion in Defender, downloads the payload from VPS/ inside the Cache folder...
Windows Duck In The Middle

Windows Duck In The Middle

by PlumpyTurkey June 26, 2024

Exfiltration USB Rubber Ducky

This payload sets up a trustworthy proxy for the user, enabling a Man-in-the-middle attack. After executing your payload, the proxy server will intercept all...

Windows Product Key Grabber

Windows Product Key Grabber

by PlumpyTurkey June 26, 2024

Exfiltration USB Rubber Ducky

This payload sends you the target PC's Windows product key via Dropbox.
Prank In The Middle

Prank In The Middle

by Aleff June 06, 2024

Prank USB Rubber Ducky

Automates a series of actions on a Windows system to manipulate the contents of emails found in a Thunderbird profile. Replaces the sender's email addresses ...

ExfiltrateSSHKeys

ExfiltrateSSHKeys

by thomasgruebl June 05, 2024

Exfiltration USB Rubber Ducky

This payload performs an SSH key exfiltration attack by checking the default ssh key location ~/.ssh/ and by performing a recursive pattern matching search f...
This Shell Doesn't Work, SO SAD!

This Shell Doesn't Work, SO SAD!

by Aleff June 05, 2024

Prank USB Rubber Ducky

This payload allows you to dump the RAM memory used by a running application by using the free software ProcDump.


1 2 3 13 Next