Newsletter
Join the Community
Subscribe to our newsletter for the latest news and updates
TapDucky turns any rooted phone into the legendary USB Rubber Ducky, enabling Android USB HID keystroke injection for authorized testing and automation.
Autonomous AI agent system for complex penetration testing, integrating security tools, long-term memory, and smart task delegation in sandboxed Docker.
Rust-based Windows PE manual loader supporting x86/x64. Implements manual mapping, base relocations, and import resolution for memory-based execution.
Premier hardware store for offensive security, providing Flipper Zero, Proxmark, Hak5 tools, SDR equipment, and specialized RFID cloning hardware.
TapDucky transforms rooted Android devices into a versatile USB HID Keystroke Injector, enabling them to emulate a USB keyboard, mouse, or composite HID device. This open-source tool is designed for authorized testing and automation, allowing users to create, customize, schedule, and execute DuckyScript payloads directly from their phone.
Key features include a robust DuckyScript engine supporting a wide range of commands for text, key combinations, mouse actions, control flow (IF/WHILE), functions, and variables. It offers live validation with human-readable issues, placeholder parameters, and optional jitter for human-like timing. Payload management is streamlined with creation/editing capabilities, quick sharing, and a GitHub-backed payload library that automatically validates DuckyScript and can convert Digispark .ino sketches.
TapDucky provides flexible scheduling options, including one-time execution, app cold start, app foreground, or when an HID session is armed, with optional daily time windows and dial shortcut bindings. Device diagnostics offer a snapshot of kernel/gadget status, UDC info, and keyboard layouts, ensuring compatibility and troubleshooting. A rooted Android device with Linux USB gadget (ConfigFS) support and Android 11+ is required for full functionality.
