Jump to content

Digital Forensic Application


Recommended Posts

Hello, I'm new to the community but a long time user of the awesome tools from a side-line interest perspective.

Bit of background,  I work in digital forensics and I'm looking to see how we can successfully utilize the Bash Bunny to assist us when on scene (raids, warrants, etc).

We are authorized to use equipment/scripts/tools so long as we know how they interact with the target, and what files/data they may change.


My idea is that we often arrive at a residential or business premises and people do not comply with unlocking machines, terminals or servers.  Is there a way for us to pull off registry files, decrypt user logons (SAM file?), or specifically scan for files with a specific keyword, identify them, then extract them?  Or any other form of use that you believe would support the use in digital forensics?


Link to comment
Share on other sites

44 minutes ago, Jtyle6 said:

I don't know if this is for the Bash Bunny.


Actually, we put the Rubber Ducky to good use as a Mouse Jiggler to keep workstations from auto-locking, so I am hopeful that the Bash Bunny has a better application based on it's beefier specification!

Link to comment
Share on other sites

Check the Bash Bunny payload repo on GitHub, some similar payloads already exist. If they are useful depends on the target environment (and the fact that some of them are aged and therefore might not be useful in a fully patched and correctly set up environment).

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...