Everything in this repository should ONLY be used for educational and training purposes. The scripts ARE NOT intended to be used "in the field". As a reminder, all offenses against the confidentiality, integrity and availability of computer data and systems, including illegal access, is a crime.
As technology continues to advance, one persistant problem remains: the vulnerability of humans to cyber-attacks.
While most envision hackers as masterminds using intricate techniques and methods, the reality is that most successful attacks are a result of exploiting human error (layer 8 vulnerability). Hotplugs are devices hidden in the packaging of common peripherals:
- Most commonly, an abandoned USB, such as the Rubber Ducky
- A lent phone charger
These scripts have only been tested on Windows machines. Reading the Ducky Syntax documentation will grant you some understanding of the scripts and how to convert them to other systems. Do note, that depending on the hardware, the DELAYs may have to be tweaked for slower hosts.
Finally, the fun part!
| SCRIPT | DESCRIPTION |
|---|---|
| disable_defender | Disables Defender' real-time protection |
| disable_user_account_control | Disable user notifications for modifications applied to the computer |
| enable_bluetooth | As the name suggests, it enable Bluetooth |
| i_ate_your_cookies | A simple example that opens notepad and writes some text |
| rickroll | Opens a browser to a specific link |
| wifi_exfiltration | Retrieves all stored network profiles |