Bash Bunny Mark 2

159.00 €

incl. VAT, plus delivery
Not in stock
Delivery time: 5 day(s)

Description

Bash Bunny Mark II USB


The best penetration testers know that with the right tools and a few seconds of physical access, all bets are off. Since 2005 Hak5 has been developing just such tools - combining lethal power elegant simplicity. Now, with the Bash Bunny Mark II, we're taking pentesting to the next level...


Hak5 Bash Bunny Mark II.

The groundbreaking payload platform that introduced multi-vector USB attacks has evolved.
Premium Penetration Test Platform

7 second boot with an 8 GB desktop-class SSD.
MicroSD XC for ultra-high-capacity exfiltration.
Bluetooth LE for remote triggers and geofencing.
Easy 3-way payload switch and RGB LED indicator.
Dedicated Serial interface to an unlocked root shell.

Pull off covert attacks or IT automation tasks faster than ever with just the flick of a switch. The NEW Bash Bunny Mark II goes from plug to pwn in 7 seconds — so when the light turns green it's a hacked machine.

Now with faster performance, wireless geofencing, remote triggers and MicroSD support, the Bash Bunny is an even more impressive tool for your Red Team arsenal.

Simultaneously mimic multiple trusted devices to trick targets into divulging sensitive information without triggering defenses. The Bash Bunny is truly the world's most advanced USB attack platform.

WHEN THE LIGHT TURNS GREEN, IT'S A HACKED MACHINE.


The best red teams know that with the right tools and a few seconds of physical access, all bets are off...

POWERFUL PAYLOADS


Compromise a locked machine, capture credentials, exfiltrate loot, plant backdoors...
Or perform vulnerability scans, offline patching — even fix printers... All with simple text-file payloads.
Combined with your favorite Linux pentest tools like nmap, metasploit, responder, impacket on this fast Debian box.


SIMPLE SCRIPTING LANGUAGE


DuckyScript™ makes payloads quick, easy and fun. Toss in the power of bash with familiar Linux tools and it's game on!
Mimic a HID keyboard and USB Ethernet adapter simultaneously? ATTACKMODE HID AUTO_ETHERNET
Need the target computer's hostname?


Powerful Hardware

Under the hood it's a full featured Linux computer — so tools you've come to love work out of the box. It's fast too — booting in under 7 seconds thanks to the powerful quad-core CPU and desktop-class SSD. The payload switch and RGB LED make selecting and monitoring attacks convenient — and with a dedicated Serial console, there's always a Linux terminal at the ready.


GIGS AND GIGS OF LOOT
Exfiltrate en masse with new out-of-band techniques and ultra-high-capacity MicroSD cards.
Get gigs of loot (or the entire disk) to make a bold impression on the next engagement.
No traversing the firewall or triggering detection systems.


GEOFENCING
Limit the scope of engagement by preventing payloads from executing off-site.
Immobilize payloads until it enters the premises.
Even destroy loot based on the wireless environment.


REMOTE TRIGGERS
Take social engineering to the next level and trigger multiple payload stages when the target's back is turned.
Trigger from a phone app or any discreet bluetooth device.
Even automate tasks when a device is in proximity.

GET TARGET_HOSTNAME
Pause the payload until your phone's bluetooth is on?
WAIT_FOR_PRESENT my-device-name
How about injecting keystrokes into the run dialog?
RUN WIN cmd /K color a \& tree c:\\
Fancy a red light? LED R. Blue? LED B.
Seriously, that simple.


Looking for inspiration? Check out the growing library of community developed payloads from our repo!

Diverse targets? Carry multiple payloads and pick the perfect attack with the flick of a switch.

Keep this must-have tool at the ready for opportunistic loot grabbing on your next physical engagement or social engineering exercise.

ADVANCED ATTACKS

For the sake of convenience, computers trust a number of devices. Flash drives, Ethernet adapters, serial devices and keyboards to name a few. These have become mainstays of modern computing. Each has their own unique attack vectors. When combined? The possibilities are limitless. The Bash Bunny is all of these things, alone – or in combination – and more!
SIMPLE PAYLOADS

Each attack, or payload, is written in a simple Ducky Script™ language consisting of text files. A central repository is home to a growing library of community developed payloads. Staying up to date with all of the latest attacks is just a matter of downloading files from git. Then loads ’em onto the Bash Bunny just as you would any ordinary flash drive.
POWERFUL HARDWARE

It's a full featured Linux box that'll run your favorite tools even faster now thanks to the optimized quad-core CPU, desktop-class SSD and doubled RAM. Choose and monitor payloads with the selection switch and RGB LED. Access an unlocked root terminal via dedicated Serial console. Exfiltrate gigs of loot via MicroSD. Even remotely trigger or geofence payloads via Bluetooth.
CARRY MULTIPLE PAYLOADS

Flick the switch to your payload of choice, plug in the Bash Bunny and get instant feedback from the multi-color LED. From plug to pwn in 7 seconds with its quad-core CPU and desktop-class SSD.
MIMIC MULTIPLE DEVICES

Mimic trusted devices like keyboards, serial, storage, and Ethernet for multi-vector attacks. From keystroke injection to network hijacking – trick computers into divulging data, exfiltrating files and installing backdoors.
SETUP WITH THE FLICK OF A SWITCH

It's simple. Flick the switch and it turns into a flash drive, where changing settings is just editing a text file. And with a root shell your favorite pentest tools like nmap, responder, impacket and metasploit are at the ready.


Hak5 Bash Bunny and more Hak5 products at HackmoD