8754d6eab4
Update sy_cred.ps1
2024-07-24 21:23:43 +02:00
791133a14e
Update README.md
2024-07-24 21:23:04 +02:00
dc4ccd1874
Update README.md
2024-07-24 21:22:14 +02:00
7972203c71
Update README.md
2024-07-24 21:18:14 +02:00
10b6ea2f0e
Update sy_cred.ps1
2024-07-24 21:15:49 +02:00
3dc6750316
Update payload.txt
2024-07-24 21:14:16 +02:00
fcc1caf610
Update sy_cred.ps1
2024-07-24 19:58:46 +02:00
d68bf2967f
Update payload.txt
2024-07-24 19:52:11 +02:00
c231b242cb
Create sy_cred.ps1
2024-07-24 19:51:53 +02:00
ab486b9b9f
Create payload.txt
2024-07-24 19:50:19 +02:00
4f1ae9c312
Create README.md
2024-07-24 19:47:41 +02:00
30de5c0260
Merge pull request #465 from F1ll0ry/master
...
WiFi-Passwords-Exfiltration-Via-SCP
2024-07-23 03:14:22 -04:00
6bce38ad77
Renamed directory from WiFi-Passwords-Exfiltration to WiFi-Passwords-Exfiltration-Via-SCP
2024-07-22 09:01:08 +00:00
e17abcfa02
Merge pull request #464 from PlumpyTurkey/master
...
Updates extensions and payloads
2024-07-21 21:16:19 -04:00
023c46c15a
Fixed a typo in the extension
2024-07-19 01:40:38 +03:00
152f89c78d
fixed the extension
2024-07-19 01:34:58 +03:00
c79209168a
Update payload.txt
...
Fixing my mistake of wrong extension.
2024-07-18 16:56:45 -04:00
6a33d49db1
Update payload.txt
...
Fixing Extension call. content was missing.
2024-07-18 16:54:34 -04:00
cd3d4e7e42
Create README.md
2024-07-18 12:05:14 +03:00
25b879d4ff
Create Payload.txt
2024-07-18 12:04:12 +03:00
17b28cd2ee
Moved WiFi-Passwords-Exfiltration files to exfiltration directory
2024-07-18 11:51:12 +03:00
50812cddfa
Updated a typo
2024-07-18 11:35:55 +03:00
114209b817
Create README.md
2024-07-18 10:59:30 +03:00
c174b59c50
Create payload.txt
2024-07-18 10:56:11 +03:00
da3191f6f2
Updates version badge
2024-07-12 16:51:33 +02:00
3e5ca780e6
Updates extensions
2024-07-12 16:46:13 +02:00
52f6bdbc6f
Uses a function instead of executing directly
2024-07-12 16:41:39 +02:00
b469affe05
Merge pull request #410 from Mr-Proxy-source/master
...
1 New Mobile IOS payload | 2 New Exfiltration payloads
2024-07-11 10:51:10 -04:00
c59a06365e
Added line number.
2024-07-10 01:41:10 +02:00
69b17636d2
Remove link.
2024-07-10 01:40:38 +02:00
d67cbf2004
Added instructions to readme.
2024-07-10 01:40:10 +02:00
a8411c91f7
Fix link.
2024-07-10 01:35:51 +02:00
4fb883c8ee
Merge pull request #354 from aleff-github/patch-68
...
Defend Yourself From CVE-2023-23397
2024-07-09 09:45:15 -04:00
b19ede4efe
Merge pull request #461 from F1ll0ry/master
...
The-Perfect-Stealthy-Payload
2024-07-09 09:32:00 -04:00
fd925f1fe3
Rename folder from 'Cache Folder Exclusion & Payload Download + Persistence' to 'The-Perfect-Stealthy-Payload'
2024-07-09 06:30:20 +00:00
6a5a148642
Revert "Rename payloads/library/general/Cache Folder Exclusion & Payload Download + Persistence/README.md to payloads/library/general/The-Perfect-Stealthy-Payload"
...
This reverts commit 972d70d78e
2024-07-09 06:26:21 +00:00
972d70d78e
Rename payloads/library/general/Cache Folder Exclusion & Payload Download + Persistence/README.md to payloads/library/general/The-Perfect-Stealthy-Payload
2024-07-09 09:18:47 +03:00
25a18f4e96
[+] PASSIVE_WINDOWS_DETECT
2024-07-09 07:35:40 +02:00
db42b39dc0
Removing made changes.
2024-07-03 18:59:09 +02:00
50faacbf53
Update payload.txt
2024-07-03 10:58:31 +03:00
1309e9b825
Update payload.txt
2024-07-03 10:57:30 +03:00
f1c213b48c
Update README.md
2024-07-03 10:56:17 +03:00
ffea938417
Fixed defining for google exfil
2024-07-02 12:12:43 +02:00
c4aaea55be
Fix for defining
2024-07-02 12:11:11 +02:00
18e495712b
added PASSIVE_WINDOWS_DETECT
2024-07-01 14:21:10 +03:00
6afdd39d95
add onemillioncheckboxes.com checker payload
2024-06-26 17:02:10 -04:00
1bdf62bc7e
Merge pull request #431 from PlumpyTurkey/master
...
New Payloads and Extensions
2024-06-26 16:45:10 -04:00
07a4f98dc9
Update payload.txt
2024-06-25 15:50:21 +03:00
9cb9099976
Create README.md
...
initial commit
2024-06-25 13:26:57 +03:00
95c823b642
initial commit
...
Created the Payload
2024-06-25 13:16:31 +03:00
68997ce959
Update payload.txt
2024-06-11 19:57:36 -07:00
cd63cd6b2e
Fixing REM typo
2024-06-10 11:57:26 -04:00
bf5044f3c7
Update payload.txt
2024-06-10 08:47:04 -07:00
cd3704042c
Merge pull request #411 from Kr1ss-XD/patch-DuckyLogger
...
Patch ducky logger
2024-06-09 15:27:26 -04:00
b59f95f00d
Merge pull request #453 from aleff-github/patch-86
...
Prank In The Middle - Thunderbird
2024-06-06 22:02:49 -04:00
255713357b
[+] STRINGLN_POWERSHELL
2024-06-06 10:03:22 +02:00
a787588a04
Merge pull request #442 from thomasgruebl/new-sshkey-exfiltration-feature
...
adding new ExfiltrateSSHKeys payload
2024-06-05 15:29:07 -04:00
4650098cea
Merge pull request #441 from wino-willy/wino-willy-BeEF_Injection
...
Wino willy BeEF Injection
2024-06-05 15:24:02 -04:00
d9b3ac4ed3
Merge pull request #443 from aleff-github/patch-84
...
This Damn Shell Doesn't Work, SO SAD! :C
2024-06-05 15:00:51 -04:00
8ba844143c
Merge pull request #444 from aleff-github/patch-85
...
Dump Windows Memory Through ProcDump
2024-06-05 14:16:21 -04:00
510c6dadf6
Add missing quotes
2024-06-04 12:28:22 +02:00
fe2a080aae
Update payload.txt
2024-06-04 07:39:16 +02:00
9ac4d543b1
Image removed to lighten repository
2024-06-03 09:02:52 +02:00
f2e1f66bc6
Prank In The Middle - Thunderbird
...
The name of the payload `Prank In The Middle` is named after the pun Prank + Man In The Middle in that this operation, in some ways, can remotely be configured as a MITM attack but since it was created specifically for playful purposes then here is the reason for the union with the word Prank.
I don't know if anyone else has uploaded the same thing in the past, so apologies if it already exists.
2024-06-03 08:53:17 +02:00
3da90fee4d
Small updates
2024-06-02 13:25:50 +02:00
ea737c4c6d
Various small updates
2024-06-02 13:23:36 +02:00
f8a4371552
Update "PowerShell To Dropbox" Extension
2024-06-02 13:21:39 +02:00
ba07d3810e
Merge branch 'hak5:master' into master
2024-06-02 10:21:10 +00:00
3627585903
Redefined from "#ONE_ONLY_IF..." to "#TARGET_KALI_LINUX"
2024-06-01 10:50:35 +02:00
f143daa518
Redefined DEFINEtions from $ to #
2024-06-01 10:47:20 +02:00
2e892e4b0e
Aporting hak5peaks tips
...
[#] Extension renamed to `_` instead of `-` and only all caps
[#] Windows to all caps
[+] Added #DRIVER-LABEL
[#] Unordered spacing removed
2024-06-01 10:26:10 +02:00
40f7f072ea
Changed Username
2024-05-28 19:25:26 +02:00
821255659e
Tip from hak5peaks
2024-05-23 18:05:34 +02:00
942bd88b8b
Tip from hak5peaks
2024-05-23 18:01:01 +02:00
45ab8a2a48
Merge pull request #437 from jbjb6000/patch-1
...
Update payload.txt
2024-05-21 21:35:16 -04:00
f134a9bd65
making requested changes
2024-05-18 10:16:58 +02:00
7aed09beb7
README
2024-03-26 10:15:14 +01:00
dbe778bb92
Dump Windows Memory Through ProcDump
...
This payload allows you to dump the RAM memory used by a running application by using the free software ProcDump.
2024-03-26 10:11:55 +01:00
05b31b2756
DELAY
2024-03-20 10:37:51 +01:00
f6736094e9
ALT F4
2024-03-20 10:33:42 +01:00
0cf15c4743
readme
2024-03-20 10:09:40 +01:00
ea4efd07b8
This damn shell doesn't work, SO SAD! :C
...
This payload can be used to prank your friends so that when they open their terminal it will close immediately.
I don't know if anyone else has uploaded the same thing in the past, so apologies if it already exists.
2024-03-20 10:05:27 +01:00
c1e4956391
adding new ExfiltrateSSHKeys payload
2024-03-16 11:50:56 +01:00
e3842d8a78
Update payload.txt
...
Missed a few grammatical errors
2024-03-15 05:25:57 -07:00
c6a048252d
BeEF_Injection
...
Hello,
Long time listener, first time caller. I came up with this payload when I was trying to figure out a quick way to hook a browser using the BeEF framework. The premise is pretty simple, it opens a bunch of Chrome tabs and the idea being that one of them is the attackers hosted ip/domain. I chose to write in DS 1.0 so it is as backwards compatible as possible. Anyways I read the submission guidelines carefully so let me know if I'm off in any way.
Any and all help is much appreciated.
Sincerely,
\/\/1/\/0
\/\/1|_|_Y
2024-03-15 05:09:01 -07:00
8bc5dd096c
Update payload.txt
...
Fixed spelling and grammar errors in the comments
2024-03-06 20:34:11 +00:00
b3c95f7b7d
Update payload.txt
...
Updated the zip file to point to the new version path.
2024-02-08 18:01:26 -05:00
a8e430148d
Update 1 payload
...
- Update "Windows Privilege Excalibur" payload
2024-01-20 19:05:20 +01:00
05014bee3f
Add 1 extension and 2 payloads
...
- Add "Run Hosted PowerShell" extension
- Add "Windows Duck In The Middle" payload
- Add "Windows Product Key Grabber" payload
2024-01-20 19:02:46 +01:00
761a5fa08c
Remove 1 extension and 1 payload
...
- Remove "PowerShell To Dropbox" extension
- Remove "Windows Product Duckey" payload
2024-01-20 18:54:57 +01:00
35fc314e15
Update payload.txt
2024-01-14 12:56:38 +01:00
203bf15391
Update README.md
2024-01-14 12:56:23 +01:00
76b023efa3
Update README.md
2024-01-14 12:55:18 +01:00
dc5c20e7ac
Update README.md
2024-01-14 11:51:58 +01:00
bf9ec4cfc0
Merge remote-tracking branch 'upstream/master' into patch-66
2024-01-14 11:43:28 +01:00
8d3adb90ad
space removed
2024-01-14 11:27:35 +01:00
bf2dfb7c17
Merge pull request #347 from aleff-github/patch-64
...
Install And Run Any Arbitrary Executable - No Internet And Root Needed
2024-01-08 02:24:00 -05:00
6cf55d1bd6
Merge pull request #346 from aleff-github/patch-63
...
Send Messages In Discord Channel-Server
2024-01-08 02:23:09 -05:00
2fea45c738
Merge pull request #342 from aleff-github/patch-61
...
Try To Catch Me
2024-01-08 02:22:09 -05:00
d75f9f96cc
Merge pull request #341 from aleff-github/patch-60
...
Create And Exfiltrate A Webhook Of Discord
2024-01-08 02:21:56 -05:00
aa7262756d
Merge pull request #340 from aleff-github/patch-59
...
Uninstall A Specific App On Windows Through Control Panel
2024-01-08 02:20:46 -05:00
aca79ca70b
Merge pull request #339 from aleff-github/patch-58
...
Tree Structure Of The Operating System
2024-01-08 02:20:26 -05:00
ef35f52d18
Merge pull request #338 from aleff-github/patch-57
...
Exfiltrates the entire database of the Notion client
2024-01-08 02:19:37 -05:00
276a5f0cd5
Merge pull request #337 from aleff-github/patch-56
...
Export all saved certificates with Adobe Reader
2024-01-08 02:18:02 -05:00
7652db1704
Extension: SAVE FILES IN RUBBER DUCKY STORAGE
...
Creation of the extension "SAVE FILES IN RUBBER DUCKY STORAGE" based on the old proposal "Send Files Through Dropbox - Windows"[1]
[1] https://github.com/hak5/usbrubberducky-payloads/pull/399
2024-01-04 17:04:18 +01:00
e595d71ac3
USB Rubber Ducky Storage
...
The method of data storage via USB Rubber Ducky storage has been added.
2024-01-04 16:31:43 +01:00
8ee67a811b
Merge pull request #420 from aleff-github/patch-82
...
Set An Arbitrary And Persistent Tor Circuit
2024-01-03 16:31:45 -05:00
ccf6b714c4
Merge pull request #419 from aleff-github/patch-81
...
Set Tor Bridge
2024-01-03 16:30:30 -05:00
6c9e9a2467
Merge pull request #397 from aleff-github/patch-78
...
Auto-Check Cisco IOS XE Backdoor based on CVE-2023-20198 and CVE-2023-20273
2024-01-03 16:19:24 -05:00
3aa2efa83e
Merge pull request #396 from aleff-github/patch-77
...
Exploit Citrix NetScaler ADC and Gateway through CVE-2023-4966
2024-01-03 16:18:39 -05:00
182556bc5b
Update payload.txt
...
Changed to example.com
2024-01-03 13:41:01 +01:00
b3d5c158b6
Update payload.txt
...
Changed to example.com
2024-01-03 13:40:46 +01:00
9718911405
Merge pull request #371 from aleff-github/master-1
...
Telegram Persistent Connection Linux
2024-01-02 19:15:43 -05:00
f0e8d867e1
Merge pull request #372 from aleff-github/master-2
...
Persistent Reverse Shell - Telegram Based
2024-01-02 19:15:14 -05:00
03c5e74877
Merge pull request #373 from aleff-github/master-3
...
Persistent Keylogger - Telegram Based
2024-01-02 19:14:51 -05:00
763d9784fb
Merge pull request #380 from jasonotu/master
...
initial commit of cloud exfil script
2024-01-02 19:13:45 -05:00
cc99c256a2
Update payload.txt
...
https://github.com/hak5/usbrubberducky-payloads?tab=readme-ov-file#staged-payloads
2024-01-02 22:52:12 +01:00
107bf5cf84
Update payload.txt
...
https://github.com/hak5/usbrubberducky-payloads?tab=readme-ov-file#staged-payloads
2024-01-02 22:49:28 +01:00
6b040e9cf2
Added DEFINE
2024-01-02 22:34:06 +01:00
6c60e2dcd3
Added DEFINE
2024-01-02 22:28:02 +01:00
a83f7c7a0e
Update README.md
2024-01-02 22:24:33 +01:00
c7558fc4d3
Added DEFINE
...
I added defining for url
2024-01-02 22:17:51 +01:00
3a216241d8
Merge branch 'hak5:master' into master
2024-01-01 17:40:58 +01:00
522cd06ef4
Update README.md
...
Added a description note on how to find the fingerprint of a node
2023-12-30 15:24:35 +01:00
965bd3fc6e
README
2023-12-28 16:52:26 +01:00
860c373b6a
Set An Arbitrary And Persistent Tor Circuit
...
The "Set An Arbitrary And Persistent Tor Circuit" script is a payload designed to empower users to customize their Tor circuit according to their preferences using Duckyscript language. This payload provides the flexibility to set arbitrary Tor nodes and manually create a persistent circuit.
2023-12-28 16:51:28 +01:00
f2c040605d
Update payload.txt
2023-12-28 00:08:11 +01:00
65d9f0004b
Create README.md
2023-12-28 00:03:40 +01:00
633d31e4f8
Set Tor Bridge
...
This versatile payload empowers users to manually configure Tor bridges, enabling the selection of any bridge of their choice.
2023-12-28 00:01:42 +01:00
785785489a
Changed delay
2023-12-24 10:53:23 +01:00
67115463d3
Changed delay
2023-12-24 10:53:05 +01:00
e0f1b84606
Added Delay
2023-12-24 10:52:47 +01:00
060984bccf
Added Delay
2023-12-24 10:51:47 +01:00
fb05fe51cf
Added Delay
2023-12-24 10:51:16 +01:00
4e2254d617
Signed-off-by: Kr1ss <kr1ss.x@yandex.com>
...
don't start systemd units twice
The `systemctl enable` command already starts the service/timer unit
given as an argument when the `--now` flag is included.
2023-12-20 19:08:17 +01:00
90a5cbdb44
Signed-off-by: Kr1ss <kr1ss.x@yandex.com>
...
fix shell history removal
The `rm -f` command was called without a target argument, since the
"HISTFILE" variable is unset before. This is fixed by this patch.
2023-12-20 19:04:34 +01:00
c72627a412
Added payload Google Exfiltration
...
This payload runs powershell script that zip google user data, uses gofile.io api to upload it, and then sends download link to telegram bot or discord webhook.
2023-12-19 16:38:50 +01:00
ad5f2987e0
Fixed payload
...
Line 10 added r after GUI, line 11 added delay.
2023-12-18 16:01:02 +01:00
6da8967591
Create payload.ps1
2023-12-18 02:00:26 +01:00
905485f7f3
Create README.md
2023-12-18 02:00:22 +01:00
e734499f3d
Create payload.txt
2023-12-18 02:00:14 +01:00
e6232e8209
Update payload.txt
2023-12-16 21:50:48 +01:00
7618103407
Update README.md
2023-12-16 21:50:33 +01:00
13d64db0ab
Create payload.txt
2023-12-16 21:50:11 +01:00
ae396a6c8d
Create README.md
2023-12-16 21:47:06 +01:00
9635507e95
Update payload.txt
2023-12-16 21:56:53 +05:30
0c494f10ef
uploading DuckyLogger2
2023-12-16 21:54:00 +05:30
ab604673f2
Create README.md
2023-12-16 21:48:41 +05:30
c5ecfcdc5b
Merge branch 'hak5:master' into master
2023-11-09 07:50:31 +01:00
eb1884f7c4
remove 'scary category' in attempt to appease the ai bot overlords - will restore if unsuccessful
2023-11-09 01:28:55 -05:00
514521c965
Merge branch 'hak5:master' into master
2023-11-06 10:36:07 +01:00
0bd6624877
README
2023-11-03 12:45:02 +01:00
40b33c703e
Exfiltrate Windows Product Key
...
Through this payload, you can export the key information related to the Windows Product Key, knowing its type and the key itself, using a Discord Webhook.
2023-11-03 12:44:11 +01:00
a65d53a28d
README
2023-10-31 16:18:06 +01:00
8da36a1aba
Auto-Check Cisco IOS XE Backdoor based on CVE-2023-20198 and CVE-2023-20273
...
Use this script to set up an automated integrity verification system for your Cisco IOS XE machine in relation to the attack that could create a backdoor on Cisco IOS XE systems vulnerable to CVE-2023-20198 and CVE-2023-20273.
2023-10-31 16:16:51 +01:00
08fad9096d
Update
2023-10-31 14:25:50 +01:00
c3b747b41e
README
2023-10-31 13:34:07 +01:00
21f0037697
Exploit Citrix NetScaler ADC and Gateway through CVE-2023-4966
...
This payload sends an HTTP request to a remote server using the `curl` command. If the request succeeds, it means the exploit was successful. Conversely, if the request fails, it indicates that the target has resisted the attack.
2023-10-31 13:32:56 +01:00
5a387a8785
Add files via upload
2023-10-30 17:40:51 +01:00
0d39a15207
added DEFINE for endpoint
2023-10-28 18:54:35 -04:00
02be145e13
Update payload.txt
2023-10-25 20:41:23 +02:00
f7e06f9c84
Fixing DOWN_ARROW bug
...
Fix bug reported by Ø1phor1³ [1] via official Discord channel of Hak5.
[1] Report message link: https://discord.com/channels/506629366659153951/522275837651714048/1166732148569538661
2023-10-25 18:31:34 +02:00
d5b3419ff9
Include the DETECT_READY extension
2023-10-19 09:08:13 +02:00
81077db152
moved to execution
2023-10-19 08:57:45 +02:00
59a64c7d1d
optimization
2023-10-19 08:55:05 +02:00
22a5428515
optimization
2023-10-19 08:51:07 +02:00
0c75510cbb
New README
2023-10-19 08:48:42 +02:00
3855c6fa17
fix payload
2023-10-19 08:41:42 +02:00
1584ffbb15
optimization
2023-10-19 08:39:57 +02:00
d893fb51a2
optimization
2023-10-19 08:34:57 +02:00
3b115eccbe
Var redefined
2023-10-19 08:29:15 +02:00
4e30b23a55
Renamed
2023-10-18 11:52:21 +02:00
8f2f7d36d9
Resolved problems on definitions
2023-10-18 11:44:29 +02:00
1b1b04e3d3
Update dependencies
2023-10-18 11:36:43 +02:00
3b2fee98fc
Moved to new category
2023-10-18 11:32:54 +02:00
4986b7dca8
Edit files with new category
2023-10-18 11:30:35 +02:00
a9fb6e98dd
moved to execution
2023-10-18 11:28:05 +02:00
48ffc96539
Removal of excess files
2023-10-18 11:22:04 +02:00
92defad8d7
moved to incident-response
2023-10-18 11:14:44 +02:00
810f95b616
fix
2023-10-18 11:10:55 +02:00
bda84a99b1
fix
2023-10-18 11:06:49 +02:00
da5acc3da0
renamed properly
2023-10-18 11:03:14 +02:00
899ad2c484
Moved to execution
2023-10-18 10:22:23 +02:00
bf1cf5957b
Conceptual errors
2023-10-18 09:25:55 +02:00
088512fbba
renamed properly
2023-10-18 08:56:32 +02:00
d5b87f9c37
typing errors
2023-10-18 08:42:31 +02:00
0064de89fa
Update payload.txt
2023-10-18 08:39:41 +02:00
595be1e800
Update payload.txt
2023-10-18 08:37:13 +02:00
8aa8102318
Update and rename Windows_Elevated_Execution to WINDOWS_ELEVATED_EXECUTION
2023-10-18 08:35:04 +02:00
efb6a5b65e
Update WINDOWS11_CONSOLE_DOWNGRADE
2023-10-18 08:34:14 +02:00
e15aaf2b78
Update and rename Windows11_Console_Downgrade to WINDOWS11_CONSOLE_DOWNGRADE
2023-10-18 08:33:57 +02:00
ad27b19b79
typing errors
2023-10-18 08:33:53 +02:00
48a5e747c6
Update and rename Rolling_Powershell_Execution to ROLLING_POWERSHELL_EXECUTION
2023-10-18 08:33:20 +02:00
26b219282d
Update and rename Powershell_Download to POWERSHELL_DOWNLOAD
2023-10-18 08:32:37 +02:00
a80ad4b08b
Update and rename Detect_Finished to DETECT_FINISHED
2023-10-18 08:32:07 +02:00
7822b3dbbb
Update WINDOWS_FILELESS_HID_EXFIL
2023-10-18 08:31:38 +02:00
a483d8299b
Update payload.txt
2023-10-18 08:31:18 +02:00
b74e42fc6f
Update and rename Windows_Fileless_HID_Exfil to WINDOWS_FILELESS_HID_EXFIL
2023-10-18 08:29:25 +02:00
80cd3721fa
Merge branch 'hak5:master' into master
2023-10-18 08:27:14 +02:00
7c340d533d
Merge pull request #313 from hak5/self_destruct
...
Add Extensions
2023-10-17 17:18:53 -04:00
Nicolo’
Peaks
zb0r
Robert Naame
PlumpyTurkey
Mr. Proxy
Alessandro Greco
Dallas Winger
LulzAnarchyAnon
0i41E
Thomas Gruebl
wino-willy
Matthew Kayne
jbjb6000
Dallas Winger
Mr. Proxy
0iphor13
Kr1ss
drapl0n
jasonotu