hak5/usbrubberducky-payloads

This is the official collection of scripts for the USB Rubber Ducky, a physical hardware tool sold by Hak5. The device looks like an ordinary USB flash drive, but when plugged into a computer it identifies itself as a keyboard rather than a storage device. Computers automatically trust keyboards, so the device can type keystrokes into the target machine at speeds far beyond what a human could manage. The scripts in this repository are called payloads, and each one instructs the device to perform a specific sequence of keyboard actions: opening a terminal, running a command, changing a system setting, and so on. Uses range from legitimate IT automation tasks (the kind of repetitive work a sysadmin might do across many machines) to security testing and penetration testing, where a tester needs to demonstrate what an attacker with brief physical access to a computer could accomplish. Payloads are written in DuckyScript, a simple language created specifically for the Rubber Ducky. The 2022 version of the device introduced DuckyScript 3.0, which added loops, conditional logic, and functions, making it far more capable than the original three-command version from 2010. Payloads must be compiled using Hak5's PayloadStudio tool before being loaded onto the device. The repository is community-driven: anyone can submit a new payload or improve an existing one via a pull request. Payloads are organized into categories covering areas like credential gathering, remote access, system administration, and pranks. The README links to documentation, a quick-start guide, a Discord server, and Hak5's commercial PayloadStudio editor. Hak5 notes that it does not guarantee payload functionality and advises users to review the legal section before use. The device and the payloads in this repository are intended for authorized security testing and educational purposes.