Bash Bunny Mark II

If you can physically access a device, the Bash Bunny will get you electronic access. In short - it's the world's most powerful USB Attack Platform.

In detail, it is a cross-platform, multi-payload, multi-tool capable of simultaneously emulating and abusing devices trusted by devices - input devices, storage devices, network devices.

Disguised as a normal USB-drive, infinitely configurable, and backed by the Hak5 payload repository, the Bash Bunny is a one-stop physical hacking tool.

This is the Mark II, which includes wireless geofencing, remote triggers, microSD support and faster performance!

Overview

Regardless of operating system (MacOS, Linux, Windows, Android) - all modern devices implement the notion of trusted devices - that is devices that a system will automatically trust and accept without the need for confirmation or drivers.

There are several categories of Trusted Devices, including:

• HID ("Human Input Devices") - Keyboards, Mice, etc.
• Storage Devices - Flash drives, etc.
• Network Devices - Ethernet Adaptors, etc.

The Bash Bunny can emulate all these devices, simultaneously - and then abuse this trust via scriptable Payloads.

Easily write or customize your own payload or use one of the hundreds available in the Bash Bunny repository.

Multiple payloads can be stored and selected via physical switch. The RGB LED provides instantaneous, covert feedback on the payload status.

The Bash Bunny is a powerful quad-core fully featured Linux machine in a tiny package - accessible over serial interface.

Although it is infinitely configurable, common use cases include: