Note: Wireless testing has the element of physical access to a given facility. This can be used to emulate a physical attacker, a visitor to the organization, or a malicious employee. Always discuss use of physical attacks with your point of contact prior to executing them.
The USB Rubber Ducky is a malicious Human Interface Device (HID) that can be used to execute commands on a target device. In the context of Wireless testing, a USB Rubber Ducky can be useful for dumping a Pre-Shared Key (PSK) from a connected host.
Example ducky scripts can be found on GitHub. However, the following commands are typically used to manually expose a PSK for a given network.
netsh wlan show profiles
netsh wlan show profile [Name] key=clear
The PSK for the target network will be displayed in the results. An example script from the Hak5 repo can be found below.