Table of Contents
I am currently the #1 ranked payload contributor to Hak5. I decided to make this repository to share all of the functions I have come up with to develop my payloads. With the goal of building this repository with other like minded hackers. 😈
To submit your own function use this TEMPLATE
File must be saved as a .md file and then submit a pull request for review.
PowerShell to DuckyScript Converter<--- Use to format your PS scripts into ready to use DuckyScript Payload
This is a collection of powershell functions that should be added to your arsenal. If you are looking to write your own payloads please feel free to reference this collection of functions we have gathered here
- 📝 There will be a description of the payloads intended purpose
- ♻️ The functions themselves will be provided in easy copy and paste format
- 🔠 Examples of payloads that have used these functions will also be available
- 📽️ A video tutorial for each function is provided as well!
🧬
Functions | Description |
---|---|
Detect Mouse Movement | Used to find out if target stepped away or came back to their PC. |
Set-Volume | Used to set the volume of the targets PC. |
PlaySound | Used to play a sound file from the console window. |
Minimize-Apps | Used to minimize all the apps on your targets screen. |
Set-WallPaper | Used to change the targets desktop wallpaper. |
Hide-Msg | Use steganography to hide a secret message in an image. |
MsgBox | Use this function to make a generic pop up message box. |
Speak | Used to turn text to speech and talk through your targets speakers. |
Clean-Exfil | This function is to erase any trace of you after wreaking havok on your target. |
If-Admin | This function is to test if your target is an Admin, If $True run a secondary function. |
Invoke-WebRequest | This function is used to either download or upload files or data. |
NS-Lookup | This function is used to download and execute payloads from DNS TXT Records |
DropBox-Upload | This function is used to upload "aquired" files to Dropbox. |
Discord-Upload | This function is used to upload "aquired" files to Discord. |
PowerShell-2-Batch | This function is used to convert PowerShell scripts to a .BAT file. |
B64-text | These functions are used to either encode/decode scripts in Base64. |
B64-img | These functions are used to either encode/decode images in Base64. |
TXT-img | This function is used to convert a word document to an image. |
Abuse-CapsLock | Use the capslock to act as an indicator for script progression. |
Add-Network | Use this function to add a network profile to your targets PC. Either SECURED or OPEN. |
Wifi-Pass | Use these functions to enumerate your targets wifi and get their wifi passwords. |
Get-GeoLocation | Use this function to get the Geo-Location of your target. |
Get-BrowserData | Use this function to get the browser history and bookmarks from browsers |
Function | Description |
---|---|
UAC-Bypass | Used to run any command with Admin level privledges completely bypassing the UAC |