Your Cart is Empty
Sold Out
Imagine plugging in a seemingly innocent USB drive into a computer and installing backdoors, exfiltrating documents, or capturing credentials.
With a few well crafted keystrokes anything is possible. If only you had a few minutes, a photographic memory and perfect typing accuracy.
The USB Rubber Ducky injects keystrokes at superhuman speeds, violating the inherent trust computers have in humans by posing as a keyboard.
Inventing keystroke injection in 2010, the USB Rubber Ducky became the must-have pentest tool. With a covert design and simple "Ducky Script" language, this bad USB infiltrates systems and imaginations the world over.
Nearly every computing devices accepts human input from keyboards, hence the ubiquitous HID specification - or Human Interface Device. Keyboards announce themselves to computers as HID devices and are in turn automatically recognized and accepted.
The USB Rubber Ducky delivers powerful payloads in seconds by taking advantage of the target computers inherent trust all while deceiving humans by posing as an ordinary USB drive.
Ducky Script is an incredibly simple language. Write payloads in any text editor – from notepad to nano.
REM to comment, STRING for long blocks of text, DELAY to momentarily pause and any combination of special keystrokes.
That's it! You just learned Ducky Script!
Learning from the experiences of hundreds of hackers worldwide testing its original prototype, we developed a truly remarkable platform with incredible processing power and versatility.
Featuring a fast 60 MHz 32-bit CPU, convenient type-A USB connector, Micro SD expandable memory, programmable payload replay button, JTAG interface with GPIO and DFU bootloader – it's truly hackable.
That's right - this little quacker is so effective, it was featured on Mr. Robot with one of our favorite password stealing payloads.
The little duck gets around too, with cameos on National Geographic and The Blacklist. Pretty cool.
A two second HID attack against Windows and Mac that launches the website of your choosing. That's by far the most effective security awareness payload for the USB Rubber Ducky.
Using a USB Rubber Ducky and this simple payload, Windows password hashes can be captured for cracking in less than two seconds.
Did you know the first USB Rubber Ducky was invented by Hak5 founder Darren Kitchen while working as a sysadmin?
Tired of typing the same commands to fix printers and network shares again and again, the device evolved out of laziness.
He programmed a development board to emulate the typing for him - and thus the keystroke injection attack was born.
Needing a case - a miniature bath time friend, the rubber ducky, was requisitioned.
Since 2010 these bad little usb devices have helped pentesters and sysadmins the world over - thanks to one good little duck.
