Win_SSLKeyLog

Win_SSLKeyLog
Download Copy
Title: Win_SSLKeyLog
Author: TW-D

Captures the client network session. Captures the client side session keys. Partially avoids "PowerShell Script Block Logging". Closing of all windows. Hide "PowerShell" window. Check if current process have "Administrator" privilege. Sets the "SSLKEYLOGFILE" environment variable to store SSL session key information. Starts a "Network Tracing Session" with "ETW (Event Tracing for Windows)". Writes the file system cache to disk. Safely eject.

Credential harvesting is the method of obtaining credentials — think usernames and passwords. Many techniques are used to obtain credentials, from keylogging to credential dumping. With a set of credentials in hand, red teamers may access systems and make lateral movement across the network, as well as creating their own credentials which may be difficult to detect in a breach. See all credential payloads.

This payload is for the Bash Bunny. Simultaneously mimic multiple trusted devices to trick targets into divulging sensitive information without triggering defenses. The Bash Bunny is truly the world's most advanced USB attack platform.

Submit your own payload, or browse more featured Bash Bunny Payloads.

 

 

Related Payloads

Uninstall Signal
Uninstall Signal
A script used to uninstall signal-desktop app on Windows users. Open a PowerShell, stop the Signal proccess if it runs
Read More
Starting a PowerShell with administrator permissions in Windows 10/11
Starting a PowerShell with administrator permissions in Windows 10/11
This script can be considered by people who are new to the world of scripts written in DuckyScript so that they can unde
Read More
Change the password of the windows user
Change the password of the windows user
Through this script you will be able to change windows user's password super fast. A PowerShell with administrator perm
Read More