Payloads Tagged "USB Rubber Ducky"

ExfilWindowsCreds

🏆 by jakobfriedl March 16, 2025

Exfiltration USB Rubber Ducky

This collection of payloads dumps Windows Credentials using mimikatz and features multiple exfiltration methods.

Randomizing User-Agent

🏆 by Aleff February 23, 2025

Execution USB Rubber Ducky

This DuckyScript payload automates the process of modifying the Google Chrome user-agent dynamically by integrating a random user-agent

Screenshare Over LAN

🏆 by beigeworm February 04, 2025

Recon USB Rubber Ducky

This payload starts up a HTTP server and streams the local desktop to a browser window for other devices on the network.

VM Detect

by beigeworm February 04, 2025

Recon USB Rubber Ducky

This payload uses various methods to determine if the machine is a VM and will generate a console readout and verbose text file

FileHunter

🏆 by 0i41E January 03, 2025

Exfiltration USB Rubber Ducky

Crawls all drives of the target system for a specific file or file type, to then compress and exfiltrate them to the Ducky.

Silent File Exfiltrator

by itsOwen January 03, 2025

Exfiltration USB Rubber Ducky

This DS1 payload executes a stealthy script that silently collects and exfiltrates specific file types through Discord webhooks.

Global Powershell Logging and Transcription

by beigeworm January 03, 2025

Incident Response USB Rubber Ducky

This payload executes a script that logs all PowerShell input and output to a text file in the documents folder.

USB Poison

🏆 by beigeworm January 03, 2025

General USB Rubber Ducky

This payload executes a script that waits for new USB flash storage devices to be connected. When a new device connects, this script will copy a desired file...

$Execute commands as NT AUTHORITY\SYSTEM with TrustedInstaller privileges$

Execute commands as NT AUTHORITY\SYSTEM with TrustedInstaller privileges

by TW-D November 24, 2024

Execution USB Rubber Ducky

This payload launches a new cmd.exe process with elevated privileges under TrustedInstaller, by setting the TrustedInstaller process as the parent, the cmd.e...

Exfiltrate NTLM Hash To SD

by luu176 November 04, 2024

Exfiltration USB Rubber Ducky

This payload exfiltrates NTLM hash files to the Rubber Ducky's SD card for further analysis.

Same File Name Prank

by Aleff September 24, 2024

Prank USB Rubber Ducky

This payload renames files and folders to all have a similar name.

Exfiltrate NTLM Hash

by luu176 September 24, 2024

Exfiltration USB Rubber Ducky

A payload used to exfiltrate the NTLM hash on a Windows machine.

Local WLAN Borrower

by yeetboy0330 September 17, 2024

Credentials USB Rubber Ducky

This script borrows the wifi passwords on the target system and puts them into a .txt file on the ducky.

Windows Screenshot Exfil

by thomasboegl1 August 06, 2024

Exfiltration USB Rubber Ducky

This payload captures screenshots from a Windows machine every 10 seconds and uploads them to a specified server using the Powershell.

DNS TXT Command Injection

by nathansb2022 August 06, 2024

Execution USB Rubber Ducky

This payload uses Resolve-DnsName to perform a DNS name query resolution for a domain hosting a malicious TXT record

WiFi Passwords Exfiltration Via SCP

by F1ll0ry July 23, 2024

Exfiltration USB Rubber Ducky

This payload finds WiFi SSIDs and passwords on a Windows machine, saves them to a file, and sends the file to a VPS using SCP.

Duckie Harvest

🏆 by NiK0-Byt3 July 15, 2024

Credentials USB Rubber Ducky

This payload extracts and saves Wi-Fi passwords and browser credentials from Google Chrome, Brave, Firefox, and Microsoft Edge on the target machine. Additio...