* Uploaded ReverseBunny
Obfuscated reverse shell via powershell
* Uploaded WifiSnatch
Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇
* Update ReverseBunny.txt
Changed payload to evade Windows Defender
* Update payload.txt
Added new "Eject Method" - props to Night(9o3)
* Update README.md
* Deleted ReverseBunny.txt
Deleted because of higher risk to get caught by AV
* Updated ReverseBunny to version 1.2
Updated ReverseBunny to version 1.2.
- Deleted payload on disk because of AV
- Added custom shell design
* Updated ReverseBunny to version 1.2
Updated README for ReverseBunny update
* Updated payload
fixed some stupid left overs <3
* Uploaded pingUinBunny
a reverse shell using icmp
* Delete payloads/library/remote_access/switch1 directory
* Uploaded pingUinBunny
A reverse shell using icmp
* Update README.md
* Update README.md
* Updated to PingZhell
* Update Bunny.pl
* Update README.md
* Update README.md
* Update payload.txt
* Rename payloads/library/remote_access/pingUinBunny/Bunny.pl to payloads/library/remote_access/PingZhellBunny/Bunny.pl
* Rename payloads/library/remote_access/pingUinBunny/PingZhell.ps1 to payloads/library/remote_access/PingZhellBunny/PingZhell.ps1
* Rename payloads/library/remote_access/pingUinBunny/README.md to payloads/library/remote_access/PingZhellBunny/README.md
* Rename payloads/library/remote_access/pingUinBunny/payload.txt to payloads/library/remote_access/PingZhellBunny/payload.txt
* Update payload.txt
* Update README.md
* Update README.md
* Update Bunny.pl
* Created ProcDumpBunny
Dump lsass.exe with a renamed version of procdump and get the users hashes with Mimikatz
* Update README.md
* Update payload.txt
* Updated ReverseBunny
Fixed wrong DELAY commands
* Updated PingZhellBunny
Fixed wrong DELAY commands
* Updated WifiSnatch
Fixed multiple mistakes
* Uploaded HashDumpBunny
Use your BashBunny to dump the user hashes of your target - similar to the msf post-module.
The script was obfuscated with multiple layers, so don't be confused.
If you don't trust this script, run it within a save testing space - which should be best practice anyways ;)
* added example picture
* Update README.md
* Uploaded SessionBunny
Utilize SessionGopher (Slightly modified) to find PuTTY, WinSCP, and Remote Desktop saved sessions. It decrypts saved passwords for WinSCP.
Extracts FileZilla, SuperPuTTY's saved session information in the sitemanager.xml file and decodes saved passwords.
Afterwards decide which is important and what you want to save onto your BashBunny.
* Uploaded SessionBunny
Utilize the famous, here slightly modified SessionGopher script, to find PuTTY, WinSCP, and Remote Desktop saved sessions. It decrypts saved passwords for WinSCP.
Extracts FileZilla, SuperPuTTY's saved session information in the sitemanager.xml file and decodes saved passwords.
Decide which inforamtion you wanna take with you - save it onto your BashBunny!
* Update README.md
* Delete SessionBunny directory
* Uploaded MiniDumpBunny
Dump lsass with this rewritten and for BashBunny adapted version of Powersploits Out-MiniDump.
* Update README.md
added disclaimer
* Update README.md
* Update README.md
* Update README.md
* Uploaded ReverseBunnySSL
* Update README.md
* Update README.md
* Update payload.txt
* Update README.md
* Uploaded SamDumpBunny
Dumps users sam & system hive, which can be used later to extract the users hashes
* added Disclaimer
Added disclaimer about samdump2
* Uploaded ReverseBunny
Obfuscated reverse shell via powershell
* Uploaded WifiSnatch
Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇
* Update ReverseBunny.txt
Changed payload to evade Windows Defender
* Update payload.txt
Added new "Eject Method" - props to Night(9o3)
* Update README.md
* Deleted ReverseBunny.txt
Deleted because of higher risk to get caught by AV
* Updated ReverseBunny to version 1.2
Updated ReverseBunny to version 1.2.
- Deleted payload on disk because of AV
- Added custom shell design
* Updated ReverseBunny to version 1.2
Updated README for ReverseBunny update
* Updated payload
fixed some stupid left overs <3
* Uploaded pingUinBunny
a reverse shell using icmp
* Delete payloads/library/remote_access/switch1 directory
* Uploaded pingUinBunny
A reverse shell using icmp
* Update README.md
* Update README.md
* Updated to PingZhell
* Update Bunny.pl
* Update README.md
* Update README.md
* Update payload.txt
* Rename payloads/library/remote_access/pingUinBunny/Bunny.pl to payloads/library/remote_access/PingZhellBunny/Bunny.pl
* Rename payloads/library/remote_access/pingUinBunny/PingZhell.ps1 to payloads/library/remote_access/PingZhellBunny/PingZhell.ps1
* Rename payloads/library/remote_access/pingUinBunny/README.md to payloads/library/remote_access/PingZhellBunny/README.md
* Rename payloads/library/remote_access/pingUinBunny/payload.txt to payloads/library/remote_access/PingZhellBunny/payload.txt
* Update payload.txt
* Update README.md
* Update README.md
* Update Bunny.pl
* Created ProcDumpBunny
Dump lsass.exe with a renamed version of procdump and get the users hashes with Mimikatz
* Update README.md
* Update payload.txt
* Updated ReverseBunny
Fixed wrong DELAY commands
* Updated PingZhellBunny
Fixed wrong DELAY commands
* Updated WifiSnatch
Fixed multiple mistakes
* Uploaded HashDumpBunny
Use your BashBunny to dump the user hashes of your target - similar to the msf post-module.
The script was obfuscated with multiple layers, so don't be confused.
If you don't trust this script, run it within a save testing space - which should be best practice anyways ;)
* added example picture
* Update README.md
* Uploaded SessionBunny
Utilize SessionGopher (Slightly modified) to find PuTTY, WinSCP, and Remote Desktop saved sessions. It decrypts saved passwords for WinSCP.
Extracts FileZilla, SuperPuTTY's saved session information in the sitemanager.xml file and decodes saved passwords.
Afterwards decide which is important and what you want to save onto your BashBunny.
* Uploaded SessionBunny
Utilize the famous, here slightly modified SessionGopher script, to find PuTTY, WinSCP, and Remote Desktop saved sessions. It decrypts saved passwords for WinSCP.
Extracts FileZilla, SuperPuTTY's saved session information in the sitemanager.xml file and decodes saved passwords.
Decide which inforamtion you wanna take with you - save it onto your BashBunny!
* Update README.md
* Delete SessionBunny directory
* Uploaded MiniDumpBunny
Dump lsass with this rewritten and for BashBunny adapted version of Powersploits Out-MiniDump.
* Update README.md
added disclaimer
* Update README.md
* Update README.md
* Update README.md
* Uploaded ReverseBunnySSL
* Update README.md
* Update README.md
* Update payload.txt
* Update README.md
* Uploaded SamDumpBunny
Dumps users sam & system hive, which can be used later to extract the users hashes
* Uploaded ReverseBunny
Obfuscated reverse shell via powershell
* Uploaded WifiSnatch
Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇
* Update ReverseBunny.txt
Changed payload to evade Windows Defender
* Update payload.txt
Added new "Eject Method" - props to Night(9o3)
* Update README.md
* Deleted ReverseBunny.txt
Deleted because of higher risk to get caught by AV
* Updated ReverseBunny to version 1.2
Updated ReverseBunny to version 1.2.
- Deleted payload on disk because of AV
- Added custom shell design
* Updated ReverseBunny to version 1.2
Updated README for ReverseBunny update
* Updated payload
fixed some stupid left overs <3
* Uploaded pingUinBunny
a reverse shell using icmp
* Delete payloads/library/remote_access/switch1 directory
* Uploaded pingUinBunny
A reverse shell using icmp
* Update README.md
* Update README.md
* Updated to PingZhell
* Update Bunny.pl
* Update README.md
* Update README.md
* Update payload.txt
* Rename payloads/library/remote_access/pingUinBunny/Bunny.pl to payloads/library/remote_access/PingZhellBunny/Bunny.pl
* Rename payloads/library/remote_access/pingUinBunny/PingZhell.ps1 to payloads/library/remote_access/PingZhellBunny/PingZhell.ps1
* Rename payloads/library/remote_access/pingUinBunny/README.md to payloads/library/remote_access/PingZhellBunny/README.md
* Rename payloads/library/remote_access/pingUinBunny/payload.txt to payloads/library/remote_access/PingZhellBunny/payload.txt
* Update payload.txt
* Update README.md
* Update README.md
* Update Bunny.pl
* Created ProcDumpBunny
Dump lsass.exe with a renamed version of procdump and get the users hashes with Mimikatz
* Update README.md
* Update payload.txt
* Updated ReverseBunny
Fixed wrong DELAY commands
* Updated PingZhellBunny
Fixed wrong DELAY commands
* Updated WifiSnatch
Fixed multiple mistakes
* Uploaded HashDumpBunny
Use your BashBunny to dump the user hashes of your target - similar to the msf post-module.
The script was obfuscated with multiple layers, so don't be confused.
If you don't trust this script, run it within a save testing space - which should be best practice anyways ;)
* added example picture
* Update README.md
* Uploaded SessionBunny
Utilize SessionGopher (Slightly modified) to find PuTTY, WinSCP, and Remote Desktop saved sessions. It decrypts saved passwords for WinSCP.
Extracts FileZilla, SuperPuTTY's saved session information in the sitemanager.xml file and decodes saved passwords.
Afterwards decide which is important and what you want to save onto your BashBunny.
* Uploaded SessionBunny
Utilize the famous, here slightly modified SessionGopher script, to find PuTTY, WinSCP, and Remote Desktop saved sessions. It decrypts saved passwords for WinSCP.
Extracts FileZilla, SuperPuTTY's saved session information in the sitemanager.xml file and decodes saved passwords.
Decide which inforamtion you wanna take with you - save it onto your BashBunny!
* Update README.md
* Delete SessionBunny directory
* Uploaded MiniDumpBunny
Dump lsass with this rewritten and for BashBunny adapted version of Powersploits Out-MiniDump.
* Update README.md
added disclaimer
* Update README.md
* Update README.md
* Uploaded ReverseBunny
Obfuscated reverse shell via powershell
* Uploaded WifiSnatch
Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇
* Update ReverseBunny.txt
Changed payload to evade Windows Defender
* Update payload.txt
Added new "Eject Method" - props to Night(9o3)
* Update README.md
* Deleted ReverseBunny.txt
Deleted because of higher risk to get caught by AV
* Updated ReverseBunny to version 1.2
Updated ReverseBunny to version 1.2.
- Deleted payload on disk because of AV
- Added custom shell design
* Updated ReverseBunny to version 1.2
Updated README for ReverseBunny update
* Updated payload
fixed some stupid left overs <3
* Uploaded pingUinBunny
a reverse shell using icmp
* Delete payloads/library/remote_access/switch1 directory
* Uploaded pingUinBunny
A reverse shell using icmp
* Update README.md
* Update README.md
* Updated to PingZhell
* Update Bunny.pl
* Update README.md
* Update README.md
* Update payload.txt
* Rename payloads/library/remote_access/pingUinBunny/Bunny.pl to payloads/library/remote_access/PingZhellBunny/Bunny.pl
* Rename payloads/library/remote_access/pingUinBunny/PingZhell.ps1 to payloads/library/remote_access/PingZhellBunny/PingZhell.ps1
* Rename payloads/library/remote_access/pingUinBunny/README.md to payloads/library/remote_access/PingZhellBunny/README.md
* Rename payloads/library/remote_access/pingUinBunny/payload.txt to payloads/library/remote_access/PingZhellBunny/payload.txt
* Update payload.txt
* Update README.md
* Update README.md
* Update Bunny.pl
* Created ProcDumpBunny
Dump lsass.exe with a renamed version of procdump and get the users hashes with Mimikatz
* Update README.md
* Update payload.txt
* Updated ReverseBunny
Fixed wrong DELAY commands
* Updated PingZhellBunny
Fixed wrong DELAY commands
* Updated WifiSnatch
Fixed multiple mistakes
* Uploaded HashDumpBunny
Use your BashBunny to dump the user hashes of your target - similar to the msf post-module.
The script was obfuscated with multiple layers, so don't be confused.
If you don't trust this script, run it within a save testing space - which should be best practice anyways ;)
* added example picture
* Update README.md
* Uploaded SessionBunny
Utilize SessionGopher (Slightly modified) to find PuTTY, WinSCP, and Remote Desktop saved sessions. It decrypts saved passwords for WinSCP.
Extracts FileZilla, SuperPuTTY's saved session information in the sitemanager.xml file and decodes saved passwords.
Afterwards decide which is important and what you want to save onto your BashBunny.
* Uploaded SessionBunny
Utilize the famous, here slightly modified SessionGopher script, to find PuTTY, WinSCP, and Remote Desktop saved sessions. It decrypts saved passwords for WinSCP.
Extracts FileZilla, SuperPuTTY's saved session information in the sitemanager.xml file and decodes saved passwords.
Decide which inforamtion you wanna take with you - save it onto your BashBunny!
* Update README.md
* Delete SessionBunny directory
* Uploaded MiniDumpBunny
Dump lsass with this rewritten and for BashBunny adapted version of Powersploits Out-MiniDump.
* Uploaded ReverseBunny
Obfuscated reverse shell via powershell
* Uploaded WifiSnatch
Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇
* Update ReverseBunny.txt
Changed payload to evade Windows Defender
* Update payload.txt
Added new "Eject Method" - props to Night(9o3)
* Update README.md
* Deleted ReverseBunny.txt
Deleted because of higher risk to get caught by AV
* Updated ReverseBunny to version 1.2
Updated ReverseBunny to version 1.2.
- Deleted payload on disk because of AV
- Added custom shell design
* Updated ReverseBunny to version 1.2
Updated README for ReverseBunny update
* Updated payload
fixed some stupid left overs <3
* Uploaded pingUinBunny
a reverse shell using icmp
* Delete payloads/library/remote_access/switch1 directory
* Uploaded pingUinBunny
A reverse shell using icmp
* Update README.md
* Update README.md
* Updated to PingZhell
* Update Bunny.pl
* Update README.md
* Update README.md
* Update payload.txt
* Rename payloads/library/remote_access/pingUinBunny/Bunny.pl to payloads/library/remote_access/PingZhellBunny/Bunny.pl
* Rename payloads/library/remote_access/pingUinBunny/PingZhell.ps1 to payloads/library/remote_access/PingZhellBunny/PingZhell.ps1
* Rename payloads/library/remote_access/pingUinBunny/README.md to payloads/library/remote_access/PingZhellBunny/README.md
* Rename payloads/library/remote_access/pingUinBunny/payload.txt to payloads/library/remote_access/PingZhellBunny/payload.txt
* Update payload.txt
* Update README.md
* Update README.md
* Update Bunny.pl
* Created ProcDumpBunny
Dump lsass.exe with a renamed version of procdump and get the users hashes with Mimikatz
* Update README.md
* Update payload.txt
* Updated ReverseBunny
Fixed wrong DELAY commands
* Updated PingZhellBunny
Fixed wrong DELAY commands
* Updated WifiSnatch
Fixed multiple mistakes
* Uploaded HashDumpBunny
Use your BashBunny to dump the user hashes of your target - similar to the msf post-module.
The script was obfuscated with multiple layers, so don't be confused.
If you don't trust this script, run it within a save testing space - which should be best practice anyways ;)
* added example picture
* Update README.md
* Uploaded SessionBunny
Utilize SessionGopher (Slightly modified) to find PuTTY, WinSCP, and Remote Desktop saved sessions. It decrypts saved passwords for WinSCP.
Extracts FileZilla, SuperPuTTY's saved session information in the sitemanager.xml file and decodes saved passwords.
Afterwards decide which is important and what you want to save onto your BashBunny.
* Uploaded SessionBunny
Utilize the famous, here slightly modified SessionGopher script, to find PuTTY, WinSCP, and Remote Desktop saved sessions. It decrypts saved passwords for WinSCP.
Extracts FileZilla, SuperPuTTY's saved session information in the sitemanager.xml file and decodes saved passwords.
Decide which inforamtion you wanna take with you - save it onto your BashBunny!
* Update README.md
* Delete SessionBunny directory
* Uploaded ReverseBunny
Obfuscated reverse shell via powershell
* Uploaded WifiSnatch
Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇
* Update ReverseBunny.txt
Changed payload to evade Windows Defender
* Update payload.txt
Added new "Eject Method" - props to Night(9o3)
* Update README.md
* Deleted ReverseBunny.txt
Deleted because of higher risk to get caught by AV
* Updated ReverseBunny to version 1.2
Updated ReverseBunny to version 1.2.
- Deleted payload on disk because of AV
- Added custom shell design
* Updated ReverseBunny to version 1.2
Updated README for ReverseBunny update
* Updated payload
fixed some stupid left overs <3
* Uploaded pingUinBunny
a reverse shell using icmp
* Delete payloads/library/remote_access/switch1 directory
* Uploaded pingUinBunny
A reverse shell using icmp
* Update README.md
* Update README.md
* Updated to PingZhell
* Update Bunny.pl
* Update README.md
* Update README.md
* Update payload.txt
* Rename payloads/library/remote_access/pingUinBunny/Bunny.pl to payloads/library/remote_access/PingZhellBunny/Bunny.pl
* Rename payloads/library/remote_access/pingUinBunny/PingZhell.ps1 to payloads/library/remote_access/PingZhellBunny/PingZhell.ps1
* Rename payloads/library/remote_access/pingUinBunny/README.md to payloads/library/remote_access/PingZhellBunny/README.md
* Rename payloads/library/remote_access/pingUinBunny/payload.txt to payloads/library/remote_access/PingZhellBunny/payload.txt
* Update payload.txt
* Update README.md
* Update README.md
* Update Bunny.pl
* Created ProcDumpBunny
Dump lsass.exe with a renamed version of procdump and get the users hashes with Mimikatz
* Update README.md
* Update payload.txt
* Updated ReverseBunny
Fixed wrong DELAY commands
* Updated PingZhellBunny
Fixed wrong DELAY commands
* Updated WifiSnatch
Fixed multiple mistakes
* Uploaded HashDumpBunny
Use your BashBunny to dump the user hashes of your target - similar to the msf post-module.
The script was obfuscated with multiple layers, so don't be confused.
If you don't trust this script, run it within a save testing space - which should be best practice anyways ;)
* added example picture
* Update README.md
* Uploaded ReverseBunny
Obfuscated reverse shell via powershell
* Uploaded WifiSnatch
Get your targets stored wifi information and credentials, store them on your Bashbunny and hop away 🐇
* Update ReverseBunny.txt
Changed payload to evade Windows Defender
* Update payload.txt
Added new "Eject Method" - props to Night(9o3)
* Update README.md
* Deleted ReverseBunny.txt
Deleted because of higher risk to get caught by AV
* Updated ReverseBunny to version 1.2
Updated ReverseBunny to version 1.2.
- Deleted payload on disk because of AV
- Added custom shell design
* Updated ReverseBunny to version 1.2
Updated README for ReverseBunny update
* Updated payload
fixed some stupid left overs <3
* Uploaded pingUinBunny
a reverse shell using icmp
* Delete payloads/library/remote_access/switch1 directory
* Uploaded pingUinBunny
A reverse shell using icmp
* Update README.md
* Update README.md
* Updated to PingZhell
* Update Bunny.pl
* Update README.md
* Update README.md
* Update payload.txt
* Rename payloads/library/remote_access/pingUinBunny/Bunny.pl to payloads/library/remote_access/PingZhellBunny/Bunny.pl
* Rename payloads/library/remote_access/pingUinBunny/PingZhell.ps1 to payloads/library/remote_access/PingZhellBunny/PingZhell.ps1
* Rename payloads/library/remote_access/pingUinBunny/README.md to payloads/library/remote_access/PingZhellBunny/README.md
* Rename payloads/library/remote_access/pingUinBunny/payload.txt to payloads/library/remote_access/PingZhellBunny/payload.txt
* Update payload.txt
* Update README.md
* Update README.md
* Update Bunny.pl
* Created ProcDumpBunny
Dump lsass.exe with a renamed version of procdump and get the users hashes with Mimikatz
* Update README.md
* Update payload.txt
* Add Win_SSLKeyLog
Captures the client network session.
Captures the client side session keys.
1) Partially avoids "PowerShell Script Block Logging".
2) Closing of all windows.
3) Hide "PowerShell" window.
4) Check if current process have "Administrator" privilege.
5) Sets the "SSLKEYLOGFILE" environment variable to store SSL session key information.
6) Starts a "Network Tracing Session" with "ETW (Event Tracing for Windows)".
7) Writes the file system cache to disk (thanks to @dark_pyrro).
8) Safely eject (thanks to @Night (9o3)).
* Correction of some information in "README.md"
