Skip to content

ZeroTrace HID

Day-1 walkthrough, your first authorized injection in 15 minutes

The fastest way to know whether ZeroTrace fits your workflow is to run a real authorized HID injection against a target you control, end-to-end, in a single sitting. This walkthrough is the curated path: fifteen minutes from unboxing to a working scripted injection on your own laptop, driven from your phone over Bluetooth.

If you finish this and the workflow makes sense, the rest of the docs (every feature, every script primitive) is reference material you can dip into as you need it. If you finish this and something feels off, that signal is what we want, drop a note in the Discord and tell us where the path got rough.

Authorized testing only. The target machine in this walkthrough is your own laptop. ZeroTrace is built for authorized security testing, never run scripts against systems you do not own or have written permission to test.

What you need

  • One ZeroTrace HID device (Ghost or Mini work the same way for this walkthrough)
  • A USB-C cable and a host machine to act as the target (Windows, macOS, or Linux)
  • The ZeroTrace mobile app installed on your phone (iOS or Android)
  • About fifteen uninterrupted minutes

If you do not have the mobile app yet, install it first, every step below assumes it is running on your phone.

Step 1, Connect (2 minutes)

Plug the device's USB port into the target machine with a USB-C data cable, this is the port that delivers keystrokes to the host. Power on the device.

On your phone, open the ZeroTrace app and pair the device. The app scans for ZeroTrace hardware over Bluetooth and bonds in a guided wizard; tap your device when it appears. Once paired, it shows on the home screen with its firmware type and a live signal indicator.

If the device does not show up, see Connect for the troubleshooting matrix, and Pairing for the Bluetooth side; nine times out of ten a no-show on the target is a USB-C cable that is power-only rather than data-capable.

Step 2, Confirm OS detection (1 minute)

Before any payload runs, ZeroTrace's firmware verifies what it is plugged into. The OS-detection feature confirms the host operating system so the script can branch on it.

Open the device in the app and look at the Executor. The detected target OS is shown as it runs, Windows, macOS, or Linux. This is your first checkpoint: if OS detection works, the firmware is talking to the host correctly and you are ready to run a script.

Step 3, Load your first script (3 minutes)

Open the Executor tab in the app. We will run a simple, harmless demonstration script: open the host's calculator and type a short sum into it.

Paste the following into the editor:

// Open the system calculator, then type a sum
delay 1500
mediaKey 'calculator'
delay 2000
write '1+1='

This uses real ZeroTrace script commands, delay to pace the run, mediaKey 'calculator' to open the calculator via the standard media key, and write to type. It is intentionally inert, no network calls, no privileged operations, nothing your host would not let any USB keyboard do. It exists to prove the loop: device → host → keystroke injection → visible result.

See the scripting language reference for every command, and Multi-language for keyboard-layout details if you are on a non-English layout.

Step 4, Trigger and watch (2 minutes)

Tap run in the Executor. The app fires the script and you watch it execute line by line. You should see the calculator open on your host and 1+1= typed into it, showing 2.

If you see the result, you have reached first success, the authorized HID injection workflow is working end-to-end on your hardware, driven from your phone.

Step 5, What changed (3 minutes)

Take stock before moving on:

  • The device executed a script you wrote, on a target you authorised, with no telemetry leaving your phone or your machine.
  • Everything ran locally, over a direct Bluetooth link between your phone and the device. There is no account and nothing phones home.
  • The device is ready to run a different script as soon as you load one, and you can save scripts to the device so they travel with the hardware.

This is the unit operation. Every authorized engagement, no matter how complex, is a sequence of these unit operations strung together.

Step 6, Where to go next (4 minutes)

Now that the loop works, three productive directions to explore:

  1. Scripting reference. Read the scripting language overview. Learn conditionals, variables, repeat blocks. The ZeroTrace script DSL is small and predictable; you can be productive in an hour.
  2. Live input and fleet runs. The mobile app also gives you live keyboard, mouse, and gamepad control, and the Executor can broadcast one script to several devices at once.
  3. TraceNet mesh. Link multiple devices into a TraceNet mesh and run synchronized payloads across the whole fleet.

If any of these felt rough, drop a note in Discord, Day-1 walkthroughs are the part of the docs we most want to keep tight, and your friction is what tells us where the path is unclear.

You own this stack. Lifetime firmware updates, no subscriptions on the core, no cloud account that has to stay alive for the device to work. The script you wrote in step 3 will still run the same way in five years.