HakShop - the premiere store of Hak5. Home to exclusive hacking equipment, award winning media and immersive information security training. Established 2005.
The WiFi Pineapple® NANO and TETRA are the 6th generation auditing platforms from Hak5. Thoughtfully developed for mobile and persistent deployments, they build on over 8 years of WiFi penetration testing expertise.
The Bash Bunny by Hak5 is the world's most advanced USB attack platform. It delivers penetration testing attacks and IT automation tasks in seconds by emulating combinations of trusted USB devices - like gigabit Ethernet, serial, flash storage and keyboards. With it, computers are tricked into divulging data, exfiltrating documents, installing backdoors and many more exploits.
The LAN Turtle is a covert Systems Administration and Penetration Testing tool providing stealth remote access, network intelligence gathering, and man-in-the-middle surveillance capabilities through a simple graphic shell.
Housed within a generic "USB Ethernet Adapter" case, the LAN Turtle’s covert appearance allows it to blend into many IT environments.
The USB Rubber Ducky is a keystroke injection tool disguised as a generic flash drive. Computers recognize it as a regular keyboard and accept pre-programmed keystroke payloads at over 1000 words per minute.
Payloads are crafted using a simple scripting language and can be used to drop reverse shells, inject binaries, brute force pin codes, exfiltrate data and many other automated functions for the penetration tester and systems administrator.
A two second HID attack against Windows and Mac that launches the website of your choosing. That's by far the most effective security awareness payload for the USB Rubber Ducky.
Cyber security awareness building is important, and developing an effective security awareness program - or at least raising eyebrows that one is even necessary - doesn't need to be difficult.
Using a USB Rubber Ducky and this simple payload, Windows password hashes can be captured for cracking in less than two seconds.
This technique works against almost all versions of Microsoft Windows and only requires a 5 line Ducky Script and an open source server setup on the target network.