pmsosa / Duckhunt
Licence: mit
🎯 Prevent RubberDucky (or other keystroke injection) attacks
Stars: ✭ 386
Programming Languages
python
139335 projects - #7 most used programming language
Labels
Projects that are alternatives of or similar to Duckhunt
Cool ui
用flutter实现一些我认为好看的UI控件,有Popover,仿Weui的Toast,自定义键盘
Stars: ✭ 349 (-9.59%)
Mutual labels: keyboard
Keyberon
A rust crate to create a pure rust keyboard firmware.
Stars: ✭ 355 (-8.03%)
Mutual labels: keyboard
React Native Input Scroll View
Perfect TextInput ScrollView
Stars: ✭ 323 (-16.32%)
Mutual labels: keyboard
Phpmussel
PHP-based anti-virus anti-trojan anti-malware solution.
Stars: ✭ 337 (-12.69%)
Mutual labels: protection
Http Auth
Node.js package for HTTP basic and digest access authentication.
Stars: ✭ 355 (-8.03%)
Mutual labels: protection
Neural chinese transliterator
Can CNNs transliterate Pinyin into Chinese characters correctly?
Stars: ✭ 310 (-19.69%)
Mutual labels: keyboard
Hidekeyboard
仿iOS输入法点击输入框以外区域 自动隐藏软键盘轻量级库 , Imitation iOS automatic hidden soft keyboard
Stars: ✭ 341 (-11.66%)
Mutual labels: keyboard
Python Keyboard
A hand-wired USB & Bluetooth keyboard powered by Python and more
Stars: ✭ 360 (-6.74%)
Mutual labels: keyboard
Chrome Fast Tab Switcher
⌨️ React-based extension to quickly switch to other open Chrome tabs with just your keyboard
Stars: ✭ 332 (-13.99%)
Mutual labels: keyboard
Ssrf vulnerable lab
This Lab contain the sample codes which are vulnerable to Server-Side Request Forgery attack
Stars: ✭ 361 (-6.48%)
Mutual labels: attack
Switch Desktop
⚡️ Keyboard-driven commands to navigate your apps faster
Stars: ✭ 320 (-17.1%)
Mutual labels: keyboard
Keyboardchangelistener
Simple and powerful keyboard show/hidden listeners
Stars: ✭ 352 (-8.81%)
Mutual labels: keyboard
Awesome Cybersecurity Datasets
A curated list of amazingly awesome Cybersecurity datasets
Stars: ✭ 380 (-1.55%)
Mutual labels: attack
Rbtray
A fork of RBTray from http://sourceforge.net/p/rbtray/code/.
Stars: ✭ 365 (-5.44%)
Mutual labels: keyboard
DuckHunter
Prevent RubberDucky (or other keystroke injection) attacks
Try Out the new setup GUI it helps you to setup the software and we have just released a new feature that allows you to run the script every time your computer starts automatically
Read this program's postmortem at my blog
[Rubberduckies](https://hakshop.myshopify.com/products/usb-rubber-ducky-deluxe) are small usb devices that pretend to be usb keyboards and can type on their own at very high speeds. Because most -if not all- OS trust keyboards automatically, it is hard to protect oneself from these attacks. Intro
DuckHunt is a small efficient script that acts as a daemon consistently monitoring your keyboard usage (right now, speed and selected window) that can catch and prevent a rubber ducky attack. (Technically it helps prevent any type of automated keystroke injection attack, so things like Mousejack injections are also covered.)
Features
Protection Policy
- Paranoid: When an attack is detected, keyboard input is disallowed until a password is input. Attack will also be logged.
- Normal: When an attack is detected, keyboard input will temporarily be disallowed. (After it is deemed that the treat is over, keyboard input will be allowed again). Attack will also be logged.
- Sneaky: When an attacks is detected, a few keys will be dropped (enough to break any attack, make it look as if the attacker messed up.) Attack will also be logged.
- LogOnly: When an attack is detected, simply log the attack and in no way stop it.
Extras
- Program Blacklist: If there are specific programs you neve use (cmd, powershell). Consider interactions with them as highly suspecious and take action based on the protection policy.
- Support for AutoType software (eg. KeePass, LastPass, Breevy)
Setup
Regular users:
- Choose and download one of the two options that best suits you:
- Now, copy the .exe above to the startup menu.
- In Windows XP,Vista,7 : This folder should be accessible from your Start Menu
- In Windows 10: Open a directory explorer an go to "%appdata%\Microsoft\Windows\Start Menu\Programs\Startup" (copy paste it in without the quotation marks).
Advanced Users
- Keep Reading...
- Feel Free to contact me, add issues, fork, and get involved with this project :). Together we can make a stronger tool!
Requirements
Advanced Setup
- Step 1. Customize duckhunt.conf variables to your desire
- You can customize the password, speed threshold, privacy, etc.
- Step 2. Turn the duckhunt-configurable**.py** to a duckhunt-configurable**.pyw** so that the console doesn't show up when you run the program
- Step 3. (opt) Use Py2Exe to create an executable.
- Step 4. Run the program. You are now protected from RubberDuckies!
TODO
- More monitoring features:
- Add OSX & Linux support!
- Look for certain patterns (eg. "GUI D, GUI R, cmd, ENTER")
Happy Hunting!
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].