Bad USB

Extract usernames, passwords, and cookies from a target using a programmable USB device.

This project encompasses three key elements. The first component is an information-stealing tool developed in .NET C# that extracts vital data from web browsers and transfers it to the attacker's server. The second component is a serverless API using Azure Functions, also built in C# .NET, which receives the extracted file and saves it in blob storage before updating the record in Cosmos DB. The third component involves the utilization of a malicious USB device, specifically an Arduino Digispark Bad USB, to download and initiate the malware.

Key Components:

Hardware: Arduino
File Storage: Azure Blob
Database: Cosmos Database

Project Overview:

This project is intended solely for educational purposes, demonstrating the risks associated with leaving devices unattended in both workplace and public settings.

Technology Stack:

Hardware:
- Arduino Digispark
- Arduino Language Based on C
Backend:
- .Net C#
- Azure Functions
- Cosmos NoSql Database
Agent:
- C# .NET Information Stealer

GitHub Backend Serverless API Project

GitHub .NET Malware Project

GitHub Bad USB Project

Youtube Demo