duckNet

duckNet

by drapl0n February 22, 2022

Remote Access USB Rubber Ducky

Create, Encode, Inject, Spread your duckNet and manage it using duckNetManager. duckNet is cluster of systems infected with persistentReverseDucky, which are...
SessionBunny

SessionBunny

by 0i41E February 14, 2022

Bash Bunny Credentials

This payload will run the famous SessionGopher script, which was only slightly modified. Searches for PuTTY, WinSCP, and Remote Desktop saved sessions, decry...

DuckyLogger

DuckyLogger

🏆   by drapl0n February 14, 2022

Credentials USB Rubber Ducky

DuckyLogger is a Key Logger which captures every key stroke of target and send them to attacker. - Live keystroke capturing. - Detailed key logs. - Persiste...
persistent Reverse Ducky

persistent Reverse Ducky

by drapl0n February 08, 2022

Remote Access USB Rubber Ducky

persistentReverseDucky provides you persistent reverse shell remotely/locally by creating non-root systemd service. Targets Unix-like operating systems with ...

"Microsoft Windows" WinRM Backdoor

by TW-D February 08, 2022

Bash Bunny Remote Access

1. Adds a user account. 2. Adds this local user to local administrator group. 3. If the target computer is equipped with a compatible Wi-Fi card : Avoids sec...

"Microsoft Windows" SMB Backdoor

by TW-D February 07, 2022

Bash Bunny Remote Access

1. Adds a user account. 2. Adds this local user to local administrator group. 3. If the target computer is equipped with a compatible Wi-Fi card : Avoids sec...

Nmap Recon

Nmap Recon

🏆   by TW-D February 07, 2022

Key Croc Recon

Ports Scanning with Nmap.
ReverseBunny

ReverseBunny

by 0i41E February 02, 2022

Bash Bunny Remote Access

Get remote access using obfuscated powershell code - If caught by AV, feel free to contact me.

WifiSnatch

WifiSnatch

by 0i41E February 02, 2022

Bash Bunny Exfiltration

Extract wifi information, such as passphrases & SSIDs
HashDumpBunny

HashDumpBunny

🏆   by 0i41E February 02, 2022

Bash Bunny Credentials

This payload will run an obfuscated script to dump user hashes. If you don't trust this obfuscated .bat file, you should run it within a save space first - w...

ReverseCable II

ReverseCable II

by 0i41E February 01, 2022

OMG Remote Access

UDP Reverse shell, based on ReverseDuckyIII, executed in the background. Might create a firewall pop up, but will execute anyway.
Forward Email

Forward Email

🏆   by Cribbit February 01, 2022

Mobile-Android USB Rubber Ducky

Forwards the last received email. Included are two versions one for Gmail and Samsung Email app this was tested on a S10 as there are many flavours of androi...

ReverseDucky3

ReverseDucky3

🏆   by 0i41E January 31, 2022

Remote Access USB Rubber Ducky

UDP Reverse shell executed in the background. Might create a firewall pop up, but will execute anyway.
PwnKit Vulnerability - Local Privilege Escalation - Compiled

PwnKit Vulnerability - Local Privilege Escalation - Compiled

🏆   by TW-D January 29, 2022

Bash Bunny Execution

This is a version of the PwnKit Vulnerability Local Privilege Escalation containing pre-compiled binaries for x86_64 Linux. If you don't want to use the p...


PwnKit Vulnerability - Local Privilege Escalation

PwnKit Vulnerability - Local Privilege Escalation

🏆   by TW-D January 29, 2022

Bash Bunny Execution

The Qualys Research Team has discovered a memory corruption vulnerability in polkit’s pkexec, a SUID-root program that is installed by default on every ma...

Problem Steps Recorder

Problem Steps Recorder

by TW-D January 28, 2022

Bash Bunny Credentials

Partially avoids "PowerShell Script Block Logging". Closing of all windows. Hide "PowerShell" window. Abuse of "Windows Problem Steps Recorder" to spy on a u...

ProcDumpBunny

ProcDumpBunny

by 0i41E January 25, 2022

Bash Bunny Credentials

It is simple - using a renamed version of procdump - you are able to dump hashes from lsass.exe. Plug in BashBunny. Exfiltrate the out.dmp file and read i...

SpearPhishCroc

SpearPhishCroc

by 0i41E January 24, 2022

Key Croc Phishing

Trigger a popup, demanding for valid credentials, popup can't be closed without valid credentials. Idea and code based on Invoke-CredentialsPhish from Nikhil...


Previous 1 26 27 28 29 30 33 Next