i am a pentester and these are my profiles. i use them constantly and am constantly adding and updating them. +v indicates its pasting from your clipboard, useful for pasting in a hostname for nmap or testssl. im not entirely consistant with the naming.

if you are unsure of what a duckypad is or would like to buy one (non-affiliated): https://www.tindie.com/products/dekunukem/duckypad-do-it-all-mechanical-macropad/

the following previews were generated using this script: https://github.com/jayrox/duckypad_profile_preview_gen

i am starting to add some documentation to the keys using a comment format of REM DOC: in the individual keys that will be parsed out by the generator code.

Profile 1: -

Key descriptions:

• Windows: Windows based commands
• NumPad: NumPad
• Help: Helpful websites
• SetVars: Env variables used in the various scripts.
• HTB: Hacktheboxisms - http://app.hackthebox.eu/
• TestSSL: Testing TLS/SSL encryption anywhere on any port - https://github.com/drwetter/testssl.sh
• NMap: the Network Mapper. - https://github.com/nmap/nmap
• PS: PowerShell
• Witness: Witness Me
• NetExec: https://github.com/Pennyw0rth/NetExec
• curl: cURL
• Nikto: Nikto
• GoBustr: GoBuster

$${\textsf{\color{#00ffff} Windows }}$$	$${\textsf{\color{#80ff00} NumPad }}$$	Help
$${\textsf{\color{#0080ff} Squiddy }}$$	----	$${\textsf{\color{#ff0d86} SetVars }}$$
$${\textsf{\color{#00ff00}   HTB   }}$$	$${\textsf{\color{#c993ff} TestSSL }}$$	$${\textsf{\color{#0f0fff}  NMap  }}$$
$${\textsf{\color{#80ffff}   PS   }}$$	$${\textsf{\color{#ffff00} Witness }}$$	$${\textsf{\color{#ffff00} NetExec }}$$
curl	$${\textsf{\color{#c0c0c0}  Nikto  }}$$	$${\textsf{\color{#ff8040} GoBustr }}$$

Profile 2: -

Key descriptions:

• Skpfish: SkipFish

$${\textsf{\color{#ff0d86} Skpfish }}$$	$${\textsf{\color{#0080c0}  ffuf  }}$$	$${\textsf{\color{#46c2ff} OpenSSL }}$$
$${\textsf{\color{#ff8484} Bludhnd }}$$	ADSI	$${\textsf{\color{#ee82ee} OneLine }}$$
$${\textsf{\color{#00ff00} Python }}$$	$${\textsf{\color{#00ffff}   Dig   }}$$	$${\textsf{\color{#ff8000} SMBCli }}$$
$${\textsf{\color{#8080ff}  MSSQL  }}$$	Respond	$${\textsf{\color{#800040} EvilWin }}$$
$${\textsf{\color{#80ffff} SMBMAP }}$$	$${\textsf{\color{#8af493} SQLMap }}$$	$${\textsf{\color{#ff0080}  WFuzz  }}$$

Profile 3: -

Key descriptions:

• CME: CrackMapExec
• John: Password cracker John
• PGo: Little automation to run the CalcyIV/PokeGenie scanners

$${\textsf{\color{#ffff00}   CME   }}$$	$${\textsf{\color{#00ff40}   GAU   }}$$	$${\textsf{\color{#ff8040}  MySQL  }}$$
$${\textsf{\color{#00ff00} Hashcat }}$$	VS	$${\textsf{\color{#00ff00}  John  }}$$
Waymore	-	-
-	-	-
Ansible	-	$${\textsf{\color{#8000ff}   PGo   }}$$

Profile 4: Windows

$${\textsf{\color{#a000ff}  vol-  }}$$	$${\textsf{\color{#a000ff}  mute  }}$$	$${\textsf{\color{#a000ff}  vol+  }}$$
$${\textsf{\color{#a000ff}   <<   }}$$	$${\textsf{\color{#a000ff}   ||   }}$$	$${\textsf{\color{#a000ff}   >>   }}$$
intro	hide	dev
taskMgr	files	sysInfo
diskMgr	-	taskViw

Profile 5: NumPad

$${\textsf{\color{#00ffff}    x    }}$$	$${\textsf{\color{#00ffff}    -    }}$$	$${\textsf{\color{#00ffff}    +    }}$$
7	8	9
4	5	6
1	2	3
0	.	$${\textsf{\color{#00ffff}  enter  }}$$

Profile 6: Help

Key descriptions:

• WADComs: Launches Firefox to https://wadcoms.github.io/
• LOLBAS: Launches Firefox to https://lolbas-project.github.io/
• GTFOBin: Launches Firefox to https://gtfobins.github.io/
• Payload: Launches Firefox to https://github.com/swisskyrepo/PayloadsAllTheThings

Explain	WADComs	LOLBAS
tldr	GTFOBin	Payload
$${\textsf{\color{#8000ff}  Kali  }}$$	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	-

Profile 7: Setup

Key descriptions:

• Bash: Adds a few aliases to the .bashrc file to help set env variables that can be used in other profiles
• ZSH: Adds a few aliases to the .zshrc file to help set env variables that can be used in other profiles
• Fish: Adds a few aliases to the ~/.config/fish/config.fish file to help set env variables that can be used in other profiles
• SetVars: Go to the SetVars profile.

$${\textsf{\color{#ffff00}  Bash  }}$$	$${\textsf{\color{#80ff00}   ZSH   }}$$	$${\textsf{\color{#80ffff}  Fish  }}$$
-	-	-
-	-	-
-	-	-
$${\textsf{\color{#ff0000} SetVars }}$$	$${\textsf{\color{#ff8000}  Help  }}$$	-

Profile 8: SetVars

Key descriptions:

• ECHO: Print out env variables used in the various scripts.

Host(s)	Port(s)	-
Domain	DC IP	-
User	Pass	-
$${\textsf{\color{#80ffff}  LHOST  }}$$	$${\textsf{\color{#80ffff}  LPORT  }}$$	-
$${\textsf{\color{#80ff00}  ECHO  }}$$	$${\textsf{\color{#ff8000}  Home  }}$$	-

Profile 9: OneLiners

Key descriptions:

• CU Enc: Uses certurl to base64 encode a file
• CU Dec: Uses certurl to base64 decode a file
• CU DL: Uses certurl to download a remote file

$${\textsf{\color{#00ff00} CU Enc }}$$	$${\textsf{\color{#ee82ee} CU Dec }}$$	$${\textsf{\color{#ff00ff} CU Hash }}$$
$${\textsf{\color{#00ffff}  Whois  }}$$	$${\textsf{\color{#13cbec} FndFile }}$$	$${\textsf{\color{#0080ff}  CU DL  }}$$
-	-	-
test	test2	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	-

Profile 10: Squiddy

Key descriptions:

• Squiddy: Launch Squiddy, my personal pentest tracking and report generation tool

Squiddy	-	-
-	-	-
-	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	-

Profile 11: Ansible

Setup	-	-
-	-	-
-	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	-

Profile 12: HTB

Key descriptions:

• Procs: Get running processes
• Upgrade: Upgrade reverse shell

Sudo-l	FndRoot	ls -la
GetCap	AppArmo	Procs
-------	$${\textsf{\color{#00ff00} Upgrade }}$$	-------
Hosts	NC 4444	Srv80
$${\textsf{\color{#80ffff} Page 2 }}$$	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#80ffff} Windows }}$$

Profile 13: HTB2

Key descriptions:

• +Hosts: Creates a prompt for an IP and Host name, then adds them to the /etc/hosts file
• GetMail: Get Mail folders
• BashRev: Uses LHOST and LPORT from the SetVars profile
• BashRev: More info: https://swisskyrepo.github.io/InternalAllTheThings/cheatsheets/shell-reverse-cheatsheet/
• FixVPN: Updates the HTB VPN to NOT be the default/main connection. Thus fixing the issue where external resources are unable to load.

$${\textsf{\color{#ee82ee} +Hosts }}$$	Py2SH	Py3SH
GetMail	-	$${\textsf{\color{#00ff00} BashRev }}$$
-	-	-
-	FixVPN	$${\textsf{\color{#ff0000} DelRout }}$$
$${\textsf{\color{#80ffff} Page 1 }}$$	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#80ffff} Windows }}$$

Profile 14: Win

Key descriptions:

• Whoami: Get Windows user's privs
• Whoami: https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Windows%20-%20Privilege%20Escalation.md

Whoami	-	-
$${\textsf{\color{#80ffff} Certify }}$$	-	-
Dir A	Set	-
-	-	-
$${\textsf{\color{#80ffff}  Linux  }}$$	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 15: PowerShell

Key descriptions:

• TLS12: Enable TLS 1.2
• Proxy: Setup PowerShell to use the corporate proxy authenticated
• Daren: Some PowerShell functions from Daren

$${\textsf{\color{#81e8fe}  TLS12  }}$$	$${\textsf{\color{#00ff00}  Proxy  }}$$	$${\textsf{\color{#ff8040}  PSv2  }}$$
$${\textsf{\color{#a000ff} AMSI-S }}$$	$${\textsf{\color{#0000ff} AMSI-PS }}$$	AMSI3
PwrCat	$${\textsf{\color{#9cced3}  Daren  }}$$	$${\textsf{\color{#ff0000}  NoAV  }}$$
$${\textsf{\color{#00ff00}  PSVer  }}$$	LngMode	$${\textsf{\color{#ffff80}   IP   }}$$
$${\textsf{\color{#80ffff} Page 2 }}$$	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 16: PowerShell2

$${\textsf{\color{#0080ff} ChgRCPW }}$$	MpPref	$${\textsf{\color{#ff0080} CvtTime }}$$
GetC_DN	Priv	Obj SID
GetU_Pr	-	S- SID
ExecPol	U GUID	C GUID
$${\textsf{\color{#80ffff} Page 1 }}$$	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#80ffff} Page 3 }}$$

Profile 17: PowerShell3

IEX	-	-
DL	-	-
-	-	-
-	-	-
$${\textsf{\color{#80ffff} Page 1 }}$$	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#80ffff} Page 2 }}$$

Profile 18: TestSSL

Key descriptions:

• Mass+v: Runs TestSSL against hosts in the clipboard. One host per line, saves output as JSON

Full	Short	Mass+v
$${\textsf{\color{#0080ff} Full+v }}$$	$${\textsf{\color{#0080ff} Short+v }}$$	$${\textsf{\color{#0080ff} Protos }}$$
$${\textsf{\color{#0080ff}  SMTP  }}$$	$${\textsf{\color{#0080ff} Server }}$$	$${\textsf{\color{#0080ff} Vulners }}$$
$${\textsf{\color{#0080ff}  SCIR  }}$$	$${\textsf{\color{#0080ff} Headers }}$$	$${\textsf{\color{#0080ff} Ciphers }}$$
$${\textsf{\color{#ff80ff} Color3 }}$$	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 19: NMap

Full	Fast	$${\textsf{\color{#ff00ff}  Mods  }}$$
$${\textsf{\color{#0080ff} Full+v }}$$	$${\textsf{\color{#0080ff} Fast+v }}$$	Mass+v
$${\textsf{\color{#008000}  SSH22  }}$$	$${\textsf{\color{#0080ff} SSH22+v }}$$	-
$${\textsf{\color{#00ff00} Scripts }}$$	-	Paste
$${\textsf{\color{#80ff80}  Grep  }}$$	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 20: CrackMapExec

Key descriptions:

• SetVars: This profile requires the DP_USERNAME, DP_PASSWORD, DP_DOMAIN, and DP_HOSTS env variables be set. Go to the SetVars profile to set.

Simple	-	$${\textsf{\color{#00ff00} Verify }}$$
$${\textsf{\color{#03effc} AuthSMB }}$$	$${\textsf{\color{#ff8000} Spider }}$$	$${\textsf{\color{#80ffff} FileOut }}$$
$${\textsf{\color{#03effc} AuthWRM }}$$	LDAP	-
RidBrut	$${\textsf{\color{#00ff00}   Run   }}$$	$${\textsf{\color{#ff0000} Redact }}$$
$${\textsf{\color{#ff0000} SetVars }}$$	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 21: NetExec

Key descriptions:

• RIDBrut: Enumerate usernames
• Shares: Enumerate SMB shares.
• Users: Enumerate SMB shares.
• Spider: Enumerate SMB shares.
• Basic: Test connection
• Help: Try username as blank, 'anonymous', 'guest', or pass a file of users

ZeroLog	$${\textsf{\color{#808080} PetitPo }}$$	$${\textsf{\color{#ff0080} RIDBrut }}$$
$${\textsf{\color{#00ff00} Shares }}$$	$${\textsf{\color{#0080ff}  Users  }}$$	$${\textsf{\color{#ff80ff} Spider }}$$
Basic	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 22: WitnessMe

BasicSS	-	-
-	-	-
-	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	-

Profile 23: Skipfish

Basic	$${\textsf{\color{#00ffff} Basic+v }}$$	-
-	-	-
-	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 24: curl

Key descriptions:

• ikL: Include response headers in output, allow insecure connections and follow redirects
• ikL+v: Include response headers in output, allow insecure connections and follow redirects. Pastes URL from clipboard

ikL	dl_file	-
$${\textsf{\color{#0080ff}  ikL+v  }}$$	dl_file	-
-	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 25: Nikto

Basic	-	-
80,443	-	-
-	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 26: GoBuster

Dir	-	$${\textsf{\color{#ee82ee}  ExLen  }}$$
-	-	Follow
-	-	Output
-	-	K Cert
-	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 27: WFuzz

FuzzSub	Size	-
-	-	-
-	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 28: ffuf

Key descriptions:

• Size: Filter on size
• Words: Filter on words

Dir	-	-
Sub DNS	Size	$${\textsf{\color{#00ffff}  Words  }}$$
-	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 29: OpenSSL

SCIR	-	-
-	-	-
-	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	-

Profile 30: Bloodhound

Key descriptions:

• SetVars: This profile requires the DP_USERNAME, DP_PASSWORD, DP_DOMAIN, and DP_DC_IP env variables be set. Go to the SetVars profile to set.

Neo4j	Start	-
PyBlood	-	-
-	-	-
-	CrtiVln	-
$${\textsf{\color{#ff0000} SetVars }}$$	$${\textsf{\color{#ff8000}  Home  }}$$	-

Profile 31: ADSI

Display	SAM	Title
Admin	-	-
-	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	-

Profile 32: Python

venv+r	$${\textsf{\color{#00ff00} venv+a }}$$	-
-	-	-
-	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	-

Profile 33: Dig

Key descriptions:

• Server: Use a specific dns server

dig	-	Types
Server	-	-
-	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	-

Profile 34: SMBMAP

Key descriptions:

• SetVars: This profile requires the DP_USERNAME, DP_PASSWORD, DP_DOMAIN, and DP_HOSTS env variables be set. Go to the SetVars profile to set.

Base	$${\textsf{\color{#ff0080}  Anon  }}$$	-
Recurse	Grep	Find
-	-	-
-	-	-
$${\textsf{\color{#ff0000} SetVars }}$$	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 35: SMBClient

Key descriptions:

• Get: Get individual file

Connect	-	$${\textsf{\color{#80ffff}  NoPW  }}$$
$${\textsf{\color{#0ff06f}   LS   }}$$	-	-
$${\textsf{\color{#ff0080}   Get   }}$$	-	$${\textsf{\color{#ee82ee} Get All }}$$
-	-	-
$${\textsf{\color{#ff0000} SetVars }}$$	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 36: Responder

Start	-	-
-	-	-
-	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 37: EvilWinRM

Key descriptions:

• SetVars: This profile requires the DP_USERNAME, DP_PASSWORD, and DP_DOMAIN env variables be set. Go to the SetVars profile to set.

$${\textsf{\color{#80ff00} Connect }}$$	-	$${\textsf{\color{#80ffff}  Menu  }}$$
-	-	-
$${\textsf{\color{#0080ff}   DL   }}$$	$${\textsf{\color{#ff0080}   UL   }}$$	-
-	-	-
$${\textsf{\color{#ff0000} SetVars }}$$	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 38: getallurls

Key descriptions:

• Crawl: Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
• FSCode: Ignore certain HTTP status codes
• Proxy: Set proxy, Burp is default

Crawl	-	Out
FSCode	Timeout	Threads
-	-	-
Proxy	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 39: MSSQLCli

Key descriptions:

• SetVars: This profile requires the DP_USERNAME, DP_PASSWORD, DP_DOMAIN, DP_PORTS, and DP_HOSTS env variables be set. Go to the SetVars profile to set.

$${\textsf{\color{#00ff00} Connect }}$$	-	ConVars
$${\textsf{\color{#0423fb}  Roles  }}$$	-	$${\textsf{\color{#ff8040}  Info  }}$$
$${\textsf{\color{#f10edb} Linked }}$$	$${\textsf{\color{#0080ff} QLinked }}$$	Tables
$${\textsf{\color{#fc0347} Version }}$$	DBs	$${\textsf{\color{#00ff00}   USE   }}$$
$${\textsf{\color{#ff0000} SetVars }}$$	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 40: SQLMap

$${\textsf{\color{#00ff00}  Base  }}$$	Host	File
dbms	DBs	Tables
Data	DB	Table
$${\textsf{\color{#80ffff}  Dump  }}$$	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 41: MySQL

Connect	-	-
DBs	Use DB	-
Tables	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 42: Hashcat

Key descriptions:

• Detect: Use hashcat to detect hashing algorithm
• Crack: Use hashcat to crack hashes in file
• Show: Show cracked password from hashcat

Detect	-	-
Crack	-	Show
-	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 43: VS

Key descriptions:

• Compile: Compile a .cs file

Compile	-	-
-	-	-
-	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	-

Profile 44: John

Key descriptions:

• Crack: Update the path for rockyou.txt, may need to extract from tar.gz
• Crack: locate rockyou.txt
• Crack: tar -xvf /full/path/to/rockyou.txt.tar.gz
• Show: Show any cracked passwords
• SSH2Joh: Find the path for SSH2John: locate ssh2john
• SSH2Joh: Python script: https://raw.githubusercontent.com/magnumripper/JohnTheRipper/bleeding-jumbo/run/ssh2john.py

$${\textsf{\color{#00ff00}  Crack  }}$$	Show	-
$${\textsf{\color{#00ffff} SSH2Joh }}$$	-	-
-	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 45: Waymore

URLs +v	$${\textsf{\color{#00ff40} Resp +v }}$$	$${\textsf{\color{#ff0080} Both +v }}$$
-	-	-
-	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	$${\textsf{\color{#ffff00}  Help  }}$$

Profile 46: PokemonGo

Key descriptions:

• Scan: Does not currently work

Scan	-	-
-	-	-
-	-	-
-	-	-
-	$${\textsf{\color{#ff8000}  Home  }}$$	-