USB Rubber Ducky by Hak5 is a device that looks like an ordinary USB flash drive, but inside it hides the power of a top-tier scripting tool for automated attacks and penetration testing. The basic principle is simple—once plugged in, the Ducky identifies itself as a USB keyboard and can “type” almost any command, key sequence, or macro into the computer within seconds. This technique, known as keystroke injection, is what makes the Ducky an indispensable tool for every pentester, IT administrator, and security enthusiast.
What makes Rubber Ducky unique is its own language, Ducky Script, which in its latest version 3.0 allows not only sequential key entry, but also conditions, loops, variables, functions, and even the use of random data or more advanced HID and storage attacks. Even beginners can handle Ducky Script—simple payloads can be written in minutes, while advanced scripts allow for complex attacks, data exfiltration, LED control on the device, or interaction with the user via the button.
The device offers an arming mode, where upon connection it appears as a USB drive named DUCKY. You simply upload your script and the Ducky is ready for action. Modes can also be switched with the button on the device. For convenient payload creation, there is the web application Payload Studio, which offers guidance, automatic code generation, and a community payload library.
Thanks to the enhancements in Ducky Script 3.0, the Rubber Ducky now supports conditional attacks, multiple device modes (HID, storage, or both), random values (such as random device serial numbers), LED indicator control, and much more. Developers can also write more complex scripts that, for example, wait for a specific state of the computer, respond to button presses, save “loot” to a log, or automatically switch between attacks according to the situation.
Using the Rubber Ducky is extremely simple—upload your payload, plug it into the target computer, and watch as the Ducky performs your action within seconds. It’s used for penetration testing, security audits, IT task automation (such as password resets or mass configuration deployment), as well as for vulnerability demonstrations.
Detailed guides, documentation, and hundreds of ready-made payloads can be found at docs.hak5.org or in the community repositories on GitHub. USB Rubber Ducky by Hak5 is available here.
