Jack into any Ethernet port and instantly run recon, exfiltration, and attack
payloads. Pocket-sized, keychain-ready, armed with nmap out of the box.
The opportunistic pentester's best friend.
The Shark Jack is a tiny Linux computer disguised as an Ethernet connector. Find an
open port on a switch, wall jack, or the back of a workstation β plug it in, flip the
switch to attack, and the payload fires immediately. The default payload runs an
ultra-fast nmap scan of the entire subnet. Recover the results later via SSH or
exfiltrate instantly through Cloud CΒ². It's designed for speed: get in, get intel, get out.
~10s
BOOT TO ATTACK
15min
BATTERY RUNTIME
β
CABLE RUNTIME
// Variants
Two Editions, One Mission
ORIGINAL
π
Shark Jack (Battery)
Self-contained with internal Li-ion battery. 10β15 minutes of standalone operation.
Keychain-sized. Charge via USB-C, deploy anywhere.
β Internal battery
β Fully standalone
β Keychain-portable
β RGB LED feedback
β No serial console
β Limited runtime
CABLE
π
Shark Jack Cable
USB-C powered for unlimited runtime. Interactive serial console via USB-C.
Connect to laptop, power bank, or even a smartphone for field deployment.
β Unlimited runtime (USB-C)
β Serial shell via USB-C
β Smartphone OTG compatible
β OTA firmware updates
β Long-term headless deployment
β RGB LED feedback
// Operation
Three Positions, Total Control
β‘
Off / Charge
Device powered down. Charges via USB-C. Blue blink = charging, solid blue = full.
LED: BLUE
π§
Arming Mode
SSH server at 172.16.24.1. Load payloads, retrieve loot, configure settings.
LED: BLUE BLINK
π¦
Attack Mode
Payload executes immediately. NETMODE assigns network role. LED tracks stages.
LED: PAYLOAD DEFINED
// Capabilities
Key Features
βΈ
Armed Out of the Box β Default payload runs an ultra-fast nmap scan of the connected network. Plug in, scan, retrieve results. Zero setup required.
βΈ
Bash Payload System β Standard Bash scripting extended with Hak5 API commands: LED, NETMODE, C2CONNECT, C2EXFIL, SWITCH, BATTERY, SERIAL_WRITE.
βΈ
Dual Network Modes β DHCP_CLIENT joins the target network and receives an IP. DHCP_SERVER assigns IPs to directly connected targets for isolated attacks.
βΈ
Cloud CΒ² β Remote management from anywhere via browser. Exfiltrate loot, deploy payloads, and drop into a full Linux shell β all over the web.
βΈ
RGB LED Feedback β Color-coded LED tracks payload stages: SETUP, ATTACK, SPECIAL, CLEANUP, FINISH. Know exactly what's happening at a glance.
βΈ
Serial Console (Cable) β Interactive shell over USB-C. Real-time payload output, live loot access, and OTA updates β even from an Android phone.
βΈ
Full Linux Shell β Root access via SSH (arming mode) or serial (Cable). All standard Linux network utilities are pre-installed and ready.
βΈ
Community Payloads β Growing library on GitHub: recon, exfiltration, DHCP spoofing, MITM, reverse shells, and more. Fork, modify, contribute.
// Arsenal
Pre-installed Network Tools
The Shark Jack ships with a curated set of Linux network utilities ready to use in payloads or directly from the shell.
nmap
tcpdump
ngrep
wget
curl
python
iptables
arp
ifconfig
netcat
ssh
scp
ip
route
dig
bash
// Payload Example
Network Recon + Cloud CΒ² Exfiltration
This payload joins the target network, scans all hosts, saves results locally, and exfiltrates loot to Cloud CΒ² β all in under a minute.