by the-jcksn April 08, 2022
Exfiltration USB Rubber Ducky
Creates zip folder of 5 most recent screenshots and sends them via outlook email.
🏆 by 0i41E April 08, 2022
Execution OMG
Use your O.MG Cable / Plug to bypass UAC using one of the Fodhelper.exe methods. This POC will get you an elevated powershell instance and won't trigger AV a...
🏆 by I am Jakoby April 08, 2022
OMG Prank
A script I put together to torment Call Center Scammers but can be used on your friends as well.. or Foes.
🏆 by drapl0n April 08, 2022
Bash Bunny Execution
screenGrab payload captures snapshots of target's screen periodically and store them into bunny.
by Kalani April 08, 2022
OMG Prank
On macOS, Launch terminal and use the command 'say' to read out a string. Requirements: Any DuckyScript Capable Device
by Kalani April 08, 2022
OMG Prank
On Windows, Launch Powershell and use the System.speech to read out a string. Requirements: Any DuckyScript Capable Device
by drapl0n April 08, 2022
Bash Bunny Execution
Taking advantaged of cached images, imagesOfYore is simple payload which exfiltrates every image that target ever had in his disk.
by drapl0n April 08, 2022
Bash Bunny Execution
bunnyDOS payload intelligently search target's network for open http(configurable for https) ports and executes DOS it.
by drapl0n April 01, 2022
Bash Bunny Execution
camPeek payload peeks through targets web cam and capture images and stores them in bunny.
by Kalani March 31, 2022
General OMG
On execution, this payload will cause the target
computer to launch the Calculator. This is tested working on Windows 2000 - Windows 11, and multiple Linux d...
🏆 by TW-D March 29, 2022
OMG Remote Access
1. Adds a user account (OMG_User:OMG_P@ssW0rD).
2. Adds this local user to local administrator group.
3. Shares "C:" directory (OMG_SHARE).
4. Adds a rule to...
by Angelina Tsuboi March 25, 2022
Prank USB Rubber Ducky
Opens a terminal window and produces a digital rain effect inspired by the Matrix using cmatrix.
🏆 by 0i41E March 23, 2022
General OMG
A small message box, telling the user that he violated the security policy. The hostname of the user will be send to a webhook to report the incident. Fill i...
by drapl0n March 23, 2022
Bash Bunny Execution
Exploit for a new Linux vulnerability known as 'Dirty Pipe(CVE-2022-0847)' allows local users to gain root privileges. The vulnerability is tracked as CVE-20...
by drapl0n March 23, 2022
Credentials USB Rubber Ducky
sudoSnatch payload grabs sudo password in plain text, immediately after target uses `sudo` command and sends it back to attacker remotely/locally..
by drapl0n March 22, 2022
Bash Bunny Credentials
sudoSnatch payload grabs sudo password in plain text, immediately after target uses sudo command and sends it back to attacker remotely/locally.
🏆 by Cribbit March 16, 2022
Bash Bunny General
Downloads a list of Hak5 vids from YouTube (about 15 in the rss feed).
Then pick one at random, then opens it in the browser.
by 0i41E March 14, 2022
Bash Bunny Credentials
MiniDumpBunny uses Powersploits Out-MiniDump script to dump lsass. The script was rewritten, adapted for BashBunny usage and obfuscated in multiple ways to e...
Leaderboard
Get Rewarded
Contribute
Collaborate
Caution
Disclaimer
Stats
