HatAsm - a HatSploit native powerful assembler and disassembler that provides support for all common architectures

Related tags

MiscellaneousHatAsm
Overview

HatAsm

HatAsm is a HatSploit native powerful assembler and disassembler that provides support for all common architectures.

Features

  • Assembler and disassembler both available in one tool.
  • Support for most common architectures like x64, x86, aarch64, armle, mipsle, mipsbe.
  • Ability to assemble code right into the byte code.

Installation

pip3 install git+https://github.com/EntySec/HatAsm

Basic functions

There are all HatAsm basic functions that can be used to generate payload, covert data, assemble code or inject shellcode.

  • assemble(arch, code, mode=None) - Generate byte code for specified target from specified code (mode argument is used for armle and armbe to switch between thumb command set mode or arm).
  • disassemble(arch, code, mode=None) - Generate byte code for specified target from specified code (mode argument is used for armle and armbe to switch between thumb command set mode or arm).
  • hexdump(code, length=16, sep='.') - Hexdump for byte code.

Assembling code

It's very easy to assemble code for various targets in HatAsm. Let's assemble a simple code that calls shutdown for Linux.

Examples

from hatasm import HatAsm

code = """
start:
    push 0x3e
    pop rax
    push -1
    pop rdi
    push 0x9
    pop rsi
    syscall
"""

hatasm = HatAsm()
shellcode = hatasm.assemble('x64', code)

HatAsm CLI

HatAsm also has their own command line interface that can be invoked by executing hatasm command:

usage: hatasm [-h] [--arch ARCH] [--mode MODE] [-i INPUT] [-o OUTPUT] [-a]
              [-d]

HatAsm is a HatSploit native powerful assembler and disassembler that provides
support for all common architectures.

optional arguments:
  -h, --help            show this help message and exit
  --arch ARCH           Architecture to assemble or disassemble for.
  --mode MODE           Architecture mode (used for armle or armbe -
                        arm/thumb).
  -i INPUT, --input INPUT
                        Input file for assembler or disassembler.
  -o OUTPUT, --output OUTPUT
                        Output file to write output.
  -a, --assembler       Launch HatAsm assembler.
  -d, --disassembler    Launch HatAsm disassembler.

Examples

hatasm -a --arch x64

Run interactive assembler shell for x64 architecture.

hatasm > nop
00000000  90                                               |.               |
hatasm > start:
........     xor rax, rax
........     cdq
........     nop
........     
00000000  48 31 c0 99 90                                   |H1...           |
hatasm >

Write macos execve /bin/sh shellcode from command-line.

hatasm > start:
........     xor rax, rax
........     cdq
........     push rax
........     mov rdi, 0x68732f6e69622f2f
........     push rdi
........     push rsp
........     pop rdi
........     xor rsi, rsi
........     mov al, 0x2
........     ror rax, 0x28
........     mov al, 0x3b
........     syscall
........
00000000  48 31 c0 99 50 48 bf 2f  2f 62 69 6e 2f 73 68 57 |H1..PH.//bin/shW|
00000010  54 5f 48 31 f6 b0 02 48  c1 c8 28 b0 3b 0f 05    |T_H1...H..(.;.. |
hatasm >
You might also like...
A Powerful Tool For Making Combo List(All possible modes)
A Powerful Tool For Making Combo List(All possible modes)

ComboMaker A Powerful Tool For Making Combo List Introduction Check out all possible Combo list build modes with this tool =) How to Install Open the

MasterBurnt 7 Jan 7, 2023
That is a example of a Book app on Python, made with support of all JS libraries on React framework
That is a example of a Book app on Python, made with support of all JS libraries on React framework

React+Python Books App You can use this repository whenever you want Used for a video Create the database: python -m dbutils Start the web server: pyt

Koma Human 1 Apr 20, 2022
Wrappers around the most common maya.cmds and maya.api use cases

Maya FunctionSet (maya_fn) A package that decompose core maya.cmds and maya.api features to a set of simple functions. Tests The recommended approach

Ryan Porter 9 Mar 12, 2022
A Python tool to check ASS subtitles for common mistakes and errors.

A Python tool to check ASS subtitles for common mistakes and errors.

null 1 Dec 18, 2021
A collection of common regular expressions bundled with an easy to use interface.

CommonRegex Find all times, dates, links, phone numbers, emails, ip addresses, prices, hex colors, and credit card numbers in a string. We did the har

Madison May 1.5k Dec 31, 2022
Team Curie is a group of people working together to achieve a common aim
Team Curie is a group of people working together to achieve a common aim

Team Curie is a group of people working together to achieve a common aim. We are enthusiasts!.... We are setting the pace!.... We offer encouragement and motivation....And we believe TeamWork makes the DreamWork.

null 4 Aug 7, 2021
A practice program to find the LCM i.e Lowest Common Multiplication of two numbers using python without library.

Finding-LCM-using-python-from-scratch Here, I write a practice program to find the LCM i.e Lowest Common Multiplication of two numbers using python wi

Sachin Vinayak Dabhade 4 Sep 24, 2021
An improved version of the common ˙pacman -S˙
An improved version of the common ˙pacman -S˙

BetterPacmanLook An improved version of the common pacman -S. Installation I know that this is probably one of the worst solutions and i will be worki

null 1 Nov 6, 2021
A compilation of useful scripts to automate common tasks

Scripts-To-Automate-This A compilation of useful scripts for common tasks Name What it does Type Add file extensions Adds ".png" to a list of file nam

null 0 Nov 5, 2021
Releases(1.0.0)
Owner
EntySec
EntySec is a group of security professionals and software engineers involved in the development of security tools and services.
EntySec
GitHub Repository
Defichain maxi - Scripts to optimize performance on defichain rewards

defichain_maxi This script is made to optimize your defichain vault rewards by m

kuegi 75 Dec 31, 2022
System Information Utility With Python

System-Information-Utility This is a simple utility, for the terminal, which allows you to find out information about your PC. It's very easy to run t

2 Apr 15, 2022
Генератор отчетов на Python с использованием библиотеки docx для работы с word-файлами и запросов к сервису

Генератор отчетов на Python с использованием библиотеки docx для работы с word-файлами и запросов к сервису

Semyon Esaev 2 Jun 24, 2022
thonny plugin for gitonic

thonny-gitonic thonny plugin for gitonic open gitonic in thonny by pressing Control+Shift+g, or via tools menu press ESC key to minimize gitonic windo

karl 1 Apr 12, 2022
Tucan Discord Token Generator - Remastered

TucanGEN-SRC Tucan Discord Token Generator - Remastered Tucan source made better by me. -- idk if it works anymore Includes: hCaptcha Bypass Automatic

Vast 8 Nov 04, 2022
Parser for RISC OS Font control characters in Python

RISC OS Font control parsing in Python This repository contains a class (FontControlParser) for parsing font control codes from a byte squence, in Pyt

Charles Ferguson 1 Nov 02, 2021
Python-Roadmap - Дорожная карта по изучению Python

Python Roadmap Я решил сделать что-то вроде дорожной карты (Roadmap) для изучения языка Python. Возможно, если найдутся желающие дополнять ее, модифиц

Ruslan Prokhorov 1.2k Dec 28, 2022
Sardana integration into the Jupyter ecosystem.

sardana-jupyter Sardana integration into the Jupyter ecosystem.

Marc Espín 1 Dec 23, 2021
A collection of daily usage utility scripts in python. Helps in automation of day to day repetitive tasks.

Kush's Utils Tool is my personal collection of scripts which is used to automated daily tasks. It is a evergrowing collection of scripts and will continue to evolve till the day I program. This is al

Kushagra 10 Jan 16, 2022
A comprensive software collection for nmea manipulation

nmeatoolkit A comprensive software collection for nmea manipulation; it includes a library and a collections of command line tools. Library pipes: con

Davide Gessa 1 Sep 14, 2022
ChainJacking is a tool to find which of your Go lang direct GitHub dependencies is susceptible to ChainJacking attack.

ChainJacking is a tool to find which of your Go lang direct GitHub dependencies is susceptible to ChainJacking attack.

Checkmarx 36 Nov 02, 2022
Film-dosimetry - Film dosimetry for DUVS

film-dosimetry Film dosimetry for DUVS Hi David and Joe, here we go this is a te

Christine L Kuryla 3 Jan 20, 2022
Bookmarkarchiver - Python script that archives all of your bookmarks on the Internet Archive

bookmarkarchiver Python script that archives all of your bookmarks on the Internet Archive. Supports all major browsers. bookmarkarchiver uses the off

Anthony Chen 3 Oct 09, 2022
This Python script can enumerate all URLs present in robots.txt files, and test whether they can be accessed or not.

Robots.txt tester With this script, you can enumerate all URLs present in robots.txt files, and test whether you can access them or not. Setup Clone t

Podalirius 32 Oct 10, 2022
SpaCy3Urdu: run command to setup assets(dataset from UD)

Project setup run command to setup assets(dataset from UD) spacy project assets It uses project.yml file and download the data from UD GitHub reposito

Muhammad Irfan 1 Dec 14, 2021
tetrados is a tool to generate a density of states using the linear tetrahedron method from a band structure.

tetrados tetrados is a tool to generate a density of states using the linear tetrahedron method from a band structure. Currently, only VASP calculatio

Alex Ganose 1 Dec 21, 2021
A collection of existing KGQA datasets in the form of the huggingface datasets library, aiming to provide an easy-to-use access to them.

KGQA Datasets Brief Introduction This repository is a collection of existing KGQA datasets in the form of the huggingface datasets library, aiming to

Semantic Systems research group 21 Jan 06, 2023
Simple Kahoot Botter.

Kahoot A simple Botter made in Python 3 for Kahoot.com. Also sorry for the shitty code lol. How to Run You need Python 3 installed on your device. Aft

7 Jun 29, 2022
We are building an open database of COVID-19 cases with chest X-ray or CT images.

🛑 Note: please do not claim diagnostic performance of a model without a clinical study! This is not a kaggle competition dataset. Please read this pa

Joseph Paul Cohen 2.9k Dec 30, 2022
DG - A(n) (unusual) programming language

DG - A(n) (unusual) programming language General structure There are no infix-operators (i.e. 1 + 1) Each operator takes 2 parameters When there are m

1 Mar 05, 2022