ZSCactus WiFi Keystroke Injection BadUSB


Shipping Worldwide, dispatched within 24h of payment.

This is a badUSB device on steroids! Why you ask? well it enables you to :

1. Launch normal keystroke attacks when connected to a target machine.
2. Get instant access, steal credentials, browser data and even Wi-Fi passwords with a few clicks using the ready payloads.
3. Compatible with Windows, Linux and Mac OS.
4. Run your own payloads over Wi-Fi.
5. Control the mouse or inject keystrikes into the target machine over Wi-Fi.
6. Start a fake Wi-Fi network or Honeypot to hijack credentials.
7. Direct extraction of information (e.g. credentials) by visiting a URL.
8. Information extraction through built-in FTP server.
9. Modify the device settings, payloads and the network settings remotely over Wi-Fi.

+ Free 1 Month zSecurity Trial VIP membership.

16 in stock

Frequently Bought Together

USB Data Blocker

Hackers can fully compromise and hack a machine by simple connecting a USB device to it.

Any USB device can be used to hack you, even simple devices like a lamp or a charging cable!

With this data blocker, you can safely connect usb devices to your computer and provide power to the connected device without compromise the security of your machine.

Shipping Worldwide, dispatched within 24h of payment.

This Atmega 32u4 and ESP-12S based device can be used to launch normal auto-run-style keystroke attacks plus much more!

Please note, replacing the firmware will permanently remove the custom zSecurity functions.


Wi-Fi Control Center

ZSCactus can be configured and controlled over Wi-Fi using a mobile-friendly web interface. Simply connect the device to a USB power supply and connect to it’s  Wi-Fi network “ZSCactus“. The default password which can be changed from the settings is “zscactus“.

Once connected open up a web browser and navigate to to access the control center.

This control center can be used to do the following remotely over Wi-Fi:
1. Execute ready payloads.
2. Manage custom payloads (upload, delete, set as auto-run).
3. Send live keystrikes.
4. Control the mouse.
5. Start the fake Wi-Fi access point (Honeypot).
6. Access the harvested information.
7. Change the device settings.


Built-in Payloads

ZSCactus comes with 10 built-in payloads for Windows, Linux and OSX. These payloads can be used to gain full control over the target system, steal browser data including saved passwords, steal stored Wi-Fi passwords and even download and execute any file you want!

All you have to do is fill in one or two input boxes and ZSCactus will do the rest for you.


Honeypot Mode

This mode can be used to steal login credentials. It creates a fake WiFi network that asks clients to login using their social media account to access the internet. It can also be configured to serve custom HTML pages to hook the connected clients to BeEF or steal other data.

To enable Honeypot Mode click on “Honeypot” from the left menu of the control center and click on “Enable“.

Set the network name in the SSID input box, leave the password blank for an open network, and select the social accounts that you want to enable on the login screen.

When done click on “Apply settings“. Now when people connect to the new fake network (Honeypot) they’ll automatically be get the following page asking them to login to access the internet.

ZSCactus stores the submitted information in it’s storage. Connect to the fake access point, disregard the login prompt and navigate to to access the command center. Navigate to “Storage” and you should have a file named “honeypot-log.txt”.

This file contains all the data submitted to the fake login page.



This page allows you to manage your payloads, you can upload, run or delete custom payloads.

You can also set a payload to auto run when the device is connected to a computer.



This page allows you to send live keystrikes, payloads or mouse events remotely over Wi-Fi!




This page allows you to convert Ducky scripts into ZSCactus scripts.

Checkout the resources in the page for ready payloads and for some inspiration 😉



This page can be used to modify the device settings such as the Wi-Fi settings, the delays and more! The default credentials are “admin” / “zscactus”.


This page provides a detailed documentation of all the features that ZSCactus offers and how to use them.

Additional information

Weight 0.1 kg
Dimensions 10 × 10 × 1 cm

Estimate Delivery Time


1 – 3 working days.


3 – 10 working days.

All over the world

We ship to all countries, delivery time varies, please contact us for estimate delivery time.


There are no reviews yet.

Only logged in customers who have purchased this product may leave a review.