HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.

Last update: May 10, 2022

Related tags

Overview

HatLoads

HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.

Features

Contains a lot of useful shellcodes in assembly and bytes.
Support for most common platforms like macOS, Linux, Windows.
Ability to get custom code and assemble it.

Installation

pip3 install git+https://github.com/EntySec/HatLoads

Basic functions

There are all HatLoads basic functions that can be used to generate payloads.

get_payload(self, platform, arch, payload, options={}, assemble=True) - Get assembly shellcode or assembled shellcode.

Examples

from hatloads import HatLoads

options = {
    'RHOST': '127.0.0.1',
    'RPORT': 8888
}

hatloads = HatLoads()
shellcode = hatloads.get_payload('macos', 'x64', 'shell_reverse_tcp')

Having a weak password is not good for a system that demands high confidentiality and security of user credentials

Having a weak password is not good for a system that demands high confidentiality and security of user credentials. It turns out that people find it difficult to make up a strong password that is strong enough to prevent unauthorized users from memorizing it.

0 Feb 7, 2022

NEW FACEBOOK CLONER WITH NEW PASSWORD, TERMUX FB CLONE, FB CLONING COMMAND. M

81 Jan 8, 2023

Simple script for looping a Denial Of Service (DoS) attack over one single mac address in range

Bluetooth Simple Denial Of Service (DoS) Legal Note This project is made only for educational purposes and for helping in Proofs of Concept. The autho

1 Jan 9, 2022

Some Attacks of Exchange SSRF ProxyLogon&ProxyShell

Some Attacks of Exchange SSRF This project is heavily replicated in ProxyShell, NtlmRelayToEWS https://mp.weixin.qq.com/s/GFcEKA48bPWsezNdVcrWag Get 1

129 Dec 30, 2022

LeLeLe: A tool to simplify the application of Lattice attacks.

LeLeLe is a very simple library (300 lines) to help you more easily implement lattice attacks, the library is inspired by Z3Py (python interfa

4 Dec 14, 2021

Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.

Dependency Combobulator Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage

84 Dec 23, 2022

Wordlist attacks on Bitwarden data.json files

BitwardenDecryptBrute This is a slightly modified version of BitwardenDecrypt. In addition to the decryption this version can do wordlist attacks for

42 Nov 9, 2022

Python Toolkit containing different Cyber Attacks Tools

Helikopter Python Toolkit containing different Cyber Attacks Tools. Tools in Helikopter Toolkit 1. FattyNigger (PYTHON WORM) 2. Taxes (PYTHON PASS EXT

22 Dec 4, 2022

Official implementation of the paper "Backdoor Attacks on Self-Supervised Learning".

SSL-Backdoor Abstract Large-scale unlabeled data has allowed recent progress in self-supervised learning methods that learn rich visual representation

44 Nov 21, 2022

Releases(1.0.0)

1.0.0(Feb 6, 2022)

Source code(tar.gz)
Source code(zip)

Owner

EntySec

EntySec is a group of security professionals and software engineers involved in the development of security tools and services.

GitHub Repository https://hatsploit.netlify.app

Website OSINT untuk mencari informasi dari email dan nomor telepon. Dibuat dengan React dan Flask.

Inspektur Cari informasi mengenai email dan nomor telepon dengan mudah. Inspektur adalah aplikasi OSINT yang berguna untuk mencari informasi berdasark

36 Dec 04, 2022

A proxy server application written in python for trial purposes

python-proxy-server This is a proxy server ❤️ application written in python ❤️ for trial purposes. The purpose of the application; Connecting to Hacke

2 Dec 27, 2021

BuddyPress is an open source WordPress plugin to build a community site. In releases of BuddyPress from 5.0.0 before 7.2.1 it's possible for a non-privileged, regular user to obtain administrator rights by exploiting an issue in the REST API members endpoint. The vulnerability has been fixed in BuddyPress 7.2.1. Existing installations of the plugin should be updated to this version to mitigate the issue.

CVE-2021-21389 BuddyPress 7.2.1 - REST API Privilege Escalation to RCE PoC (Full) Affected version: 5.0.0 to 7.2.0 User requirement: Subscriber user

17 Nov 09, 2022

MSDorkDump is a Google Dork File Finder that queries a specified domain name and variety of file extensions

MSDorkDump is a Google Dork File Finder that queries a specified domain name and variety of file extensions (pdf, doc, docx, etc), and downloads them.

150 Jan 03, 2023

Docker is an open platform for developing, shipping, and running applications OS-level virtualization to deliver software in packages called containers However, 'security' is a top request on Docker's public roadmap This project aims at vulnerability check for such docker containers. New contributions are accepted

Docker-Vulnerability-Check Docker is an open platform for developing, shipping, and running applications OS-level virtualization to deliver software i

103 Aug 20, 2022

This is a partial and quick and dirty proof of concept implementation of the following specifications to configure a tor client to use trusted exit relays only.

This is a partial and quick and dirty proof of concept implementation of the following specifications to configure a tor client to use trusted exit re

22 Nov 09, 2022

PoC for CVE-2021-26855 -Just a checker-

CVE-2021-26855 PoC for CVE-2021-26855 -Just a checker- Usage python3 CVE-2021-26855.py -u https://mail.example.com -c example.burpcollaborator.net # C

17 Dec 22, 2022

SPV SecurePasswordVerification

SPV SecurePasswordVerification Its is python module for doing a secure password verification without sharing the password directly. Features The passw

1 Feb 12, 2022

Remote control your Greenbone Vulnerability Manager (GVM)

Greenbone Vulnerability Management Tools The Greenbone Vulnerability Management Tools gvm-tools are a collection of tools that help with remote contro

130 Dec 17, 2022

Workshop Material on VM-based Deobfuscation

Analysis of Virtualization-based Obfuscation This repository contains slides, samples and code of the 4h code deobfuscation workshop at r2con2021. We

133 Dec 18, 2022

A hashtag check python module

3 Aug 10, 2022

A simple python code for hacking profile views

This code for hacking profile views. Not recommended to adding profile views in profile. This code is not illegal code. This code is for beginners.

3 Nov 28, 2021

Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks.

Driver Buddy Reloaded Quickstart Table of Contents Installation Usage About Driver Buddy Reloaded Finding DispatchDeviceControl Labelling WDM & WDF St

199 Jan 04, 2023

HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.

Related tags

Overview

HatLoads

Features

Installation

Basic functions

Examples

You might also like...

Having a weak password is not good for a system that demands high confidentiality and security of user credentials

NEW FACEBOOK CLONER WITH NEW PASSWORD, TERMUX FB CLONE, FB CLONING COMMAND. M

Simple script for looping a Denial Of Service (DoS) attack over one single mac address in range

Some Attacks of Exchange SSRF ProxyLogon&ProxyShell

LeLeLe: A tool to simplify the application of Lattice attacks.

Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.

Wordlist attacks on Bitwarden data.json files

Python Toolkit containing different Cyber Attacks Tools

Official implementation of the paper "Backdoor Attacks on Self-Supervised Learning".

Releases(1.0.0)

1.0.0(Feb 6, 2022)

Owner

EntySec

Website OSINT untuk mencari informasi dari email dan nomor telepon. Dibuat dengan React dan Flask.

A proxy server application written in python for trial purposes

MSDorkDump is a Google Dork File Finder that queries a specified domain name and variety of file extensions

This is a partial and quick and dirty proof of concept implementation of the following specifications to configure a tor client to use trusted exit relays only.

PoC for CVE-2021-26855 -Just a checker-

SPV SecurePasswordVerification

Remote control your Greenbone Vulnerability Manager (GVM)

Workshop Material on VM-based Deobfuscation

A hashtag check python module

A simple python code for hacking profile views

Driver Buddy Reloaded is an IDA Pro Python plugin that helps automate some tedious Windows Kernel Drivers reverse engineering tasks.

A python script to bypass 403-forbidden.

adb - A tool that allows you to search for vulnerable android devices across the world and exploit them.

GitGuardian Shield: protect your secrets with GitGuardian

Northwave Log4j CVE-2021-44228 checker

Looks at Python code to search for things which look "dodgy" such as passwords or diffs

exchange-ssrf-rce

POC for detecting the Log4Shell (Log4J RCE) vulnerability.