Turn Your ESP32 Into a Bluetooth HID Attack Tool (Bluetooth Ducky)



In today’s era of cybersecurity awareness, ethical hackers and red teamers are always seeking powerful, stealthy tools. What if you could turn a tiny ESP32 board into a Bluetooth-based Rubber Ducky, capable of injecting keystrokes wirelessly? Welcome to Bluetooth Ducky, a creative hacking tool built on ESP32 that emulates a Bluetooth HID keyboard and executes commands silently — once paired.

⚙️ What is Bluetooth Ducky?

Bluetooth Ducky is a portable payload injector built using the ESP32 dev board. Similar to the famous USB Rubber Ducky, this version connects wirelessly over Bluetooth and acts as a keyboard. Once paired with a device, it sends keystrokes like opening CMD, sending URLs, typing scripts, or even stealing saved Wi-Fi passwords — all without needing a USB port.

It’s perfect for:

  • Penetration testing
  • Physical red team exercises
  • Social engineering
  • Wi-Fi sniffing bait setups


🧰 What You’ll Need

📥 Step 1: Setup Arduino IDE


First, install Arduino IDE from arduino.cc.

Add ESP32 to Arduino:

  1. Open Arduino IDE.

  2. Go to File > Preferences.

  3. In the “Additional Board Manager URLs”, paste:

https://raw.githubusercontent.com/espressif/arduino-esp32/gh-pages/package_esp32_index.json

  • Now go to Tools > Board > Boards Manager, search for esp32, and install V.2.0.7 it.


📚 Step 2: Install Required Library


This tool uses the ESP32-BLE-Keyboard library by T-vK.

To install:

  • Download the ZIP from GitHub:
    ESP32-BLE-Keyboard ZIP
  • In Arduino IDE, go to Sketch > Include Library > Add .ZIP Library... and select the downloaded file.

📝 Step 3: Load the Ducky Code.


Now open the Ducky.ino file (provided in my GitHub repo) in Arduino IDE.

✅ My version supports commands like:

  • notepad, cmd, shutdown
  • google <search>, youtube <search>
  • whatsapp <no> <msg>
  • WiFi to dump saved Wi-Fi passwords
  • Fake update screens or Spam pop-ups
  • And many more via Serial Monitor

🔌 Step 4: Upload to Your ESP32


  1. Go to Tools > Board and select ESP32 Dev Module.
  2. Connect your ESP32 via USB.
  3. Select the correct port under Tools > Port.
  4. Click ✅ Verify and then ⬆️ Upload.
Once uploaded, unplug and replug or power via battery — your ESP32 is now a Bluetooth Ducky!


📲 Step 5: Use the Bluetooth Ducky


When powered, your ESP32 will act like a Bluetooth keyboard.

  • Ask the target device (phone/laptop) to pair with your ESP32.
  • After first manual pairing, all future connections are silent & automatic.
  • Once connected, your payload will automatically type into the device — just like a physical keyboard.

🖥️ Optional: Serial Monitor GUI


You can also send real-time commands to your ESP32 via Serial using my Bluetooth Ducky Monitor App.

Download it from the Releases Section of the GitHub repo.

It allows you to:

  • Send commands like google hacking tricks
  • Trigger payloads on demand
  • Monitor logs and debug output


🔐 Real-World Ethical Use Cases
  • Drop the device near a shared workspace — when paired, it executes payloads silently.
  • Send Fake OS updates or Spam pop-ups to prank coworkers.
  • Demonstrate Wi-Fi password theft using WiFi command (only for awareness training).
  • Use url <payload> to open backdoor downloaders in lab simulations.

⚠️ Warning: This tool is powerful. Use it only on systems you own or have permission to test. Unauthorized use is illegal.


👥 About the Creator

Project by:
Linuxndroid & Krishna Rajput UP61
Follow us for more tools, ideas, and hacking experiments.


🧠 Final Thoughts

Bluetooth Ducky is not just a fun project — it's a practical tool for teaching wireless HID attacks, understanding security flaws in Bluetooth pairing, and building real-world red team payloads.

I’ll keep updating it with features like;

  • Cross-platform GUI support
  • Scriptable payload loader
  • Encrypted payload over Serial

Fork it, try it, and contribute your payload ideas!
Check the repo here: Bluetooth-Ducky GitHub


#BluetoothDucky #ESP32Hack #RedTeamTool #EthicalHacking #HIDAttack #WirelessPayload #ArduinoHacking #BluetoothKeyboardHack #RubberDuckyESP32 #HackToolESP32 #CyberSecurityTool #PenetrationTesting #BluetoothExploit #BLEHacking #ESP32Project #Linuxndroid


 👥 Watch YouTube Video

Post a Comment

0 Comments