Introducing WiFi Duck - A Wireless BadUSB

Introducing WiFi Duck - A Wireless BadUSB


2 min read

A user-friendly open-source project to learn about keystroke injection attacks or BadUSBs.

What is a BadUSB?

By emulating a USB keyboard, a BadUSB can gain full access to a computer in a matter of seconds!

This is made possible by the fact that keyboards are trusted by computers. You can have complete control over a computer with just a keyboard.

WiFi Duck in action

A BadUSB pretends to be a keyboard to the computer to send keystrokes. But unlike a human, it can type hundreds of characters per second. By using a simple scripting language, it's easy to make BadUSBs type whatever you want.

The WiFi Duck goes a step further. By adding WiFi, it turns into a remote-controlled BadUSB/keyboard. You can connect to it and manage all scripts from within a web interface. This means that, unlike other BadUSBs, you don't need to install an app, log in, compile or copy scripts to an SD card.


  1. Plugin your WiFi Duck
  2. Connect to the WiFi network wifiduck with the password wifiduck
  3. Open a browser and visit
  4. Write, save and run your first script
  5. [Recommended] Open Settings (top right corner) and update SSID and password


We teamed up with DSTIKE and Maltronics to turn this project into a product!

Malduino W

Malduino W

A nicely encased, inconspicuous-looking BadUSB by Maltronics. Having USB-A and USB-C makes it compatible with all kinds of devices. It comes flashed with the WiFi Duck firmware and works plug and play.

🛒 Purchase one at - documentation can be found here.



A custom-designed development board by Travis Lin coming pre-flashed with the WiFi Duck firmware.

🛒 Purchase one at - Watch the How to Update Tutorial here.


This tool is intended to be used for testing, training, and educational purposes only. Never use it to do harm or create damage!


If you want to learn more about this project, visit or visit the project's Github repository at