Skip to content

Add NullSec-QuickCreds multi-phase credential harvester#708

Open
bad-antics wants to merge 1 commit intohak5:masterfrom
bad-antics:nullsec-quickcreds
Open

Add NullSec-QuickCreds multi-phase credential harvester#708
bad-antics wants to merge 1 commit intohak5:masterfrom
bad-antics:nullsec-quickcreds

Conversation

@bad-antics
Copy link
Contributor

@bad-antics bad-antics commented Mar 5, 2026

NullSec-QuickCreds

A comprehensive multi-phase credential harvester for the Bash Bunny using HID+STORAGE attack mode.

Attack Phases

  1. WiFi Credentials - Extracts all saved WiFi profiles and plaintext passwords via netsh wlan
  2. System Info - Hostname, OS version, domain, architecture
  3. Clipboard - Captures current clipboard contents
  4. Recent Documents - Lists recently accessed files from Recent folder
  5. Browser Data Paths - Identifies Chrome, Firefox, Edge data directories
  6. Environment Secrets - Extracts sensitive environment variables (API keys, tokens, secrets)
  7. Cached Credentials - Dumps Windows Credential Manager entries via cmdkey
  8. Network Connections - Active TCP/UDP connections and listening ports

Features

  • LED Status Indicators - Visual feedback for each attack phase
  • HID+STORAGE Mode - Types commands via keyboard, saves loot to USB
  • Organized Output - Timestamped sections with clear headers
  • Hidden Execution - Minimized PowerShell window
  • Fast Execution - Completes all 8 phases in ~15 seconds

Output

Loot saved to: /loot/quickcreds/HOSTNAME_TIMESTAMP.txt

Tested on: Windows 10/11
Attack Mode: HID + STORAGE

@bad-antics
Add NullSec-QuickCreds credential harvester payload
657c1e8 
Multi-phase credential harvester using HID+STORAGE attack mode:
- WiFi profiles and passwords via netsh wlan
- System information and domain enumeration
- Clipboard contents capture
- Recent documents listing
- Browser data paths identification
- Environment variable secrets extraction
- Cached credentials via cmdkey
- Active network connections

Features LED status indicators for each phase and saves
all loot to USB storage in organized format.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@bad-antics