Skip to content

TBJr/Flipper-payloads

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

55 Commits
assets
assets
 
 
badusb
badusb
 
 
host
host
 
 
.env.example
.env.example
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

Flipper Payload Arsenal by TBJr

A collection of custom BadUSB payloads for Flipper Zero. Built for pranks, education, and ethical testing only.

Payloads

Windows

Payload Version Description
badusb/Windows/GhostSnitch 1.2 Roast prank — recon, TTS, wallpaper, Discord report
badusb/Windows/GhostSnitch_Stealth 1.4 Same as above with auto-elevation to Administrator
badusb/Windows/GhostSnitch_Stego 1.1 Roast prank — steganographic wallpaper variant
badusb/Windows/Keylogger 2.0 AES-encrypted keystroke logger with optional Discord exfil

Unix / macOS

Payload Version Description
badusb/Unix/GhostSnitch_Unix 1.2 Roast prank for macOS and Linux — TTS, WiFi, wallpaper
badusb/Unix/Keylogger_Unix 2.0 AES-encrypted keystroke logger — xinput (X11), Wayland, macOS

Android

Payload Version Description
badusb/Android/GhostSnitch_Android 3.2 Web-based roast via Chrome — device info, IP, TTS

iOS

Payload Version Description
badusb/iOS/GhostSnitch_iOS 1.1 Web-based roast via Safari — device info, IP, TTS

Setup Before Deploying

Discord webhook (Windows GhostSnitch, Unix Keylogger)

The webhook URL is stored as $webhookUrl = 'REPLACE_ME' at the top of each script.
Replace REPLACE_ME with your Discord webhook URL before hosting. Exfil is silently skipped when the placeholder is left in place.

Hosting

All host/ scripts are served from GitHub Pages at:

https://tbjr.github.io/Flipper-payloads/host/<filename>

Fork the repo and update the URL in each ducky script if you host your own copy.

Platform Notes

Web-based payloads (Android & iOS)

Both web payloads show a "Tap to Continue" button when the page loads.
The target must tap it once — this is required by browser autoplay policy and cannot be bypassed from a web page. The TTS roast only fires after that tap.

Windows keylogger

Delivery changed in v2.0 from a hardcoded Base64 command to irm | iex, matching the other Windows payloads. The keylogger now uses GetAsyncKeyState for real keystroke capture (the previous IsKeyLocked only detected Caps Lock).

Unix keylogger

  • Linux X11: works without root via xinput test
  • Linux Wayland: requires root to read /dev/input/event*
  • macOS: requires Accessibility permission + pyobjc (pip3 install pyobjc)

WiFi password (Windows)

netsh wlan show profile key=clear requires Administrator. GhostSnitch_Stealth auto-elevates; the base GhostSnitch gracefully reports the limitation if not elevated.

Disclaimer

For educational and ethical testing purposes only. Deploying these payloads without explicit permission from the device owner may violate local laws.

Credits

Inspired by AcidBurn by I am Jakoby. Extended and rebuilt for multi-platform HID delivery by TBJr.

About

🎭 A Flipper Zero BadUSB payload arsenal. GhostSnitch collects system recon and roasts the target via TTS across Windows, macOS, Linux, Android, and iOS. Also includes AES-encrypted keyloggers for Windows and Unix. Built for laughs and ethical testing.

tbjr.github.io/Flipper-payloads/

Topics

android windows macos linux bash ios powershell prank web-speech-api educational keylogger aes-encryption badusb ducky-script flipper-zero hid-attack

Resources

Readme
Activity

Stars

3 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases 4

Keylogger v1.1 – Stealth, Encrypted & Auto-Resurrecting Latest
Apr 22, 2025
+ 3 releases

Packages

 
 
 

Contributors

Languages