by Dante Sparda January 05, 2022
Credentials USB Rubber Ducky
this took a lot of digging and research. please use responsibly. I wrote this on a wim but of course you can filter whatever you want to the loot folder.
by makozort January 05, 2022
Credentials USB Rubber Ducky
Target: Windows 10 (with admin access), might work with Windows 7 idk
by 0i41E December 23, 2021
Bash Bunny Remote Access
Imagine a scenario in which communication to and from the server is protected and filtered by a firewall and does not allow TCP shell communication to take p...
by bg-wa December 22, 2021
Bash Bunny Mobile-Android
Opens the browser to a specified url on an unlocked android phone.
by SammyTheBEAST December 22, 2021
Bash Bunny Phishing
Redirects a given domain name to the target IP address. Uses the run prompt and Powershell to edit the hosts file, should work with any Windows version with ...
by Overtimedev December 21, 2021
Bash Bunny Credentials
Steals Mac Passwords using laZagne.py then stashes them in /loot/MacPass
1. put get-pip.py, laZagne.py and requirements.txt in the root folder of the bunny
...
by Cribbit December 21, 2021
Bash Bunny Prank
Create a QR code in Excel that points to Rick Astley - Never Gonna Give You Up on YouTube
by Cribbit December 21, 2021
Bash Bunny Prank
Replaces the standard arrow with a little bash bunny icon.
I have included a both a static and animated cursor.
by Cribbit December 21, 2021
Bash Bunny Exfiltration
Super subtle exfiltration method.
Gets the Microsoft Speech API (SAPI) to read out the content of text files in the MyDocuments directory.
by TW-D December 21, 2021
Bash Bunny Exfiltration
Uses the "SanDisk Wireless Stick" for files exfiltration.
1. Avoids "PowerShell Script Block Logging".
2. Hide "PowerShell" window.
3. Deletes Wi-Fi conne...
by Cribbit December 21, 2021
Bash Bunny Execution
Installs and runs a SSH Server on Windows.
by Cribbit December 21, 2021
Bash Bunny Prank
Spinning Ascii Hak5 Logo in a powershell window. Props to TW-D for the inspiration, audibleblink for python server code "execution/ShellExec/payload.txt" and...
by saintcrossbow December 21, 2021
Bash Bunny General
This payload was made in the style of Q Branch: it provides multiple options for attack and getting out of bad situations. Switching into this payload will p...
by saintcrossbow December 21, 2021
Bash Bunny Exfiltration
Make your Bash Bunny into the perfect data thief. This payload is ideal for demonstrating the need to lock workstations: using it, you can stroll through a f...
by jrwimmer December 21, 2021
General LAN Turtle
Simplified SD card storage.
Based off this guide (https://openwrt.org/docs/guide-user/additional-software/extroot_configuration) from the OpenWRT documenta...
by Keld Norman October 17, 2021
Exfiltration OMG
Building upon the earlier WiFi2DNS payload that uses stealthy DNS exfiltration, Keld Norman has applied AES-256 encryption for a much more secure transit of ...
by @keld_norman October 12, 2021
Exfiltration OMG
WiFi names and PSK are exfiltrated over DNS.
by cerebro11 October 05, 2021
Bash Bunny Credentials
Dumps the usernames & plaintext passwords from, Browsers (Chrome, FireFox), Windows Vault, Wi-Fi, sam, system, security from Registry => SAM Hashes (o...
Get Rewarded
Contribute
Collaborate
Caution
Disclaimer
Stats
Leaderboard