Partially avoids "PowerShell Script Block Logging". Closing of all windows. Hide "PowerShell" window. Abuse of "Windows Problem Steps Recorder" to spy on a user's activities. Writes the file system cache to disk. Safely eject.
Credential harvesting is the method of obtaining credentials — think usernames and passwords. Many techniques are used to obtain credentials, from keylogging to credential dumping. With a set of credentials in hand, red teamers may access systems and make lateral movement across the network, as well as creating their own credentials which may be difficult to detect in a breach. See all credential payloads.
This payload is for the Bash Bunny. Simultaneously mimic multiple trusted devices to trick targets into divulging sensitive information without triggering defenses. The Bash Bunny is truly the world's most advanced USB attack platform.
Get inspired, showcase your work and receive helpful feedback on your payloads in the Hak5 Community!
Caution
Third-party payloads executing as root may cause damage and come AS-IS without warranty or guarantees.
Disclaimer
Payloads are for education and auditing where permitted subject to local and international laws. Users are solely responsible for compliance. Hak5 claims no responsibility for unauthorized or unlawful use.
Stats
255 featured payloads in this library. Hundreds more at GitHub.com/Hak5.
Credential harvesting is the method of obtaining credentials — think usernames and passwords. Many techniques are used to obtain credentials, from keylogging to credential dumping. With a set of credentials in hand, red teamers may access systems and make lateral movement across the network, as well as creating their own credentials which may be difficult to detect in a breach. See all 
Leaderboard
Get Rewarded
Contribute
Collaborate
Caution
Disclaimer
Stats