Available Payloads - click a row to edit the payload
# Name Description
1 CaptivePortal Redirects and spoofs all DNS requests to the Bash Bunny, and serves a configurable captive portal. All captured credentials will be logged in the payload's folder in a file named *capture.log*.
2 QuickCreds Snags credentials from locked or unlocked machines Based on the attack by Mubix of Room362.com Implements a responder attack. Saves creds to the loot folder on the USB Disk Looks for *NTLM* log files
3 NMapper Scans target with nmap using specified options Saves sequential logs to mass storage loot folder
4 RDPChecker Checks whether RDP is enabled on target machine
5 ToolsInstaller Moves tools from the tools_to_install/ USB disk to /pentest on the Bash Bunny
6 USBExfiltrator Exfiltrates files from the users Documents folder
7 ExecutableInstaller Copies an executable (or executable in a directory) from the Bash Bunny USB Mass Storage to %APPDATA%
8 DuckyLibraryUpdate Adds support for new languages. and uses the Ducktoolkit python library for encoding.
9 DuckyTemplate Boilerplate for running Ducky Code on a Bash Bunny
10 MACInfoGrabber A payload that grabs the chrome cookies sqlite3 file and also any spreadsheets in the Documents folder and places them inside a folder on the BashBunny called MacLoot.
11 BunnyTap Based on PoisonTap created by @SamyKamkar
12 SmacAndGrab Mounts as storage and acts as HID. Backup a list of files to the BashBunny
13 WiPassDump Dumps saved Wi-Fi infos including clear text passwords to the bash bunny
14 90sMode Turns back the clock to a k-rad ultra ereet 1990's VGA resolution Executes p.ps1 from the selected switch folder of the Bash Bunny USB Disk partition.
15 GitBunnyGit Clones the bashbunny-payloads repository and also will update an existing repository. Use this payload to get all the other payloads!
16 MacReverseShell opens a python reverse shell to the IP and PORT of your choosing. Also, as a nice little bonus, it runs the DYLD exploit that, if vulnerable will give you a root shell
17 RAZ_ReverseShell Executes a netcat reverse cmd shell at a given IP and Port
18 RAZ_VBScript Executes a VBScript, concealed in a hidden PowerShell window