The Key Croc by Hak5 is a keylogger armed with pentest tools, remote access and payloads that trigger multi-vector attacks when chosen keywords are typed. It's the ultimate key-logging pentest implant.
More than just recording and streaming keystrokes online, it exploits the target with payloads that trigger when keywords of interest are typed.
By emulating trusted devices like serial, storage, HID and Ethernet, it opens multiple attack vectors – from keystroke injection to network hijacking.
Imagine capturing credentials and systematically using them to exfiltrate data. Or pentest from anywhere, live in a web browser with Cloud C2.
It's simple too. A hidden button turns it into a flash drive, where changing settings is just editing a text file. And with a root shell your favorite pentest tools like nmap, responder, impacket and metasploit are at the ready.
$119.99
From the pioneers of Keystroke Injection comes the next generation of keylogging – with active attack payloads.
Trigger payloads when the target's typing matches a pattern – from a simple keyword to an advanced regular expression – even if the target makes a typo and hits backspace.
Save a number of keystrokes typed before or after a payload gets matched. Then use those keystrokes in a Cloud C2 notification, or actively against the target in an advanced payload.
Imagine capturing the keys pressed after a lock shortcut like [CTRL-ALT-DELETE] or [CTRL-CMD-Q], then using captured credentials to automatically trigger a silent network exfiltration payload.
Simultaneously emulate numerous trusted USB devices. Pass through and inject keystrokes with the HID attack mode. Gain network access to the target with the Ethernet attack mode. Present the Key Croc as a flash drive with the Storage attack mode. Even emulate a serial device for some crafty attacks using the Serial attack mode.
The full-featured Linux box has a root shell at the ready. And with its quad-core 1.2 GHz ARM CPU and desktop-class SSD, your favorite tools – from Nmap and Responder to Impacket and Metasploit are just a few commands away.
Pentest from anywhere online with the free self-hosted Cloud C2 and watch keystrokes in real-time. Or inject your own keystrokes live, exfiltrate loot, manage payloads, and even get a root shell for advanced attacks right from your web browser.
The Key Croc is already setup to record keystrokes out of the box. Just plug it in and away you go. It even clones the keyboard hardware IDs automatically.
Then to get the loot, simply press a hidden arming button. It'll become a flash drive, letting you copy logs by drag and drop.
Activating payloads and configuring settings like WiFi and SSH is as easy as editing a text file.
OK, the Key Croc from @Hak5 is pretty epic. I've been messing with it the past couple of days and the practical uses for this are endless.
— Dave Kennedy (@HackingDave) May 14, 2020
I'm a huge fan.
1.2ghz quad-core ARM7 with an 8GB SSD. The ability for c2 but also interact with keyboard sequences is awesome. pic.twitter.com/EiTAvUwWHu
I had the Key Croc waiting for a locking screen sequence after capturing the username and password and then logging in and delivering a TrevorC2 payload, closing the window, then locking the screen.
— Dave Kennedy (@HackingDave) May 14, 2020
The ability to interact with keystrokes and have a plant on a network is great. pic.twitter.com/uK2pRNlcdg