HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.

Last update: May 10, 2022

Related tags

Overview

HatLoads

HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.

Features

Contains a lot of useful shellcodes in assembly and bytes.
Support for most common platforms like macOS, Linux, Windows.
Ability to get custom code and assemble it.

Installation

pip3 install git+https://github.com/EntySec/HatLoads

Basic functions

There are all HatLoads basic functions that can be used to generate payloads.

get_payload(self, platform, arch, payload, options={}, assemble=True) - Get assembly shellcode or assembled shellcode.

Examples

from hatloads import HatLoads

options = {
    'RHOST': '127.0.0.1',
    'RPORT': 8888
}

hatloads = HatLoads()
shellcode = hatloads.get_payload('macos', 'x64', 'shell_reverse_tcp')

Having a weak password is not good for a system that demands high confidentiality and security of user credentials

Having a weak password is not good for a system that demands high confidentiality and security of user credentials. It turns out that people find it difficult to make up a strong password that is strong enough to prevent unauthorized users from memorizing it.

0 Feb 7, 2022

NEW FACEBOOK CLONER WITH NEW PASSWORD, TERMUX FB CLONE, FB CLONING COMMAND. M

81 Jan 8, 2023

Simple script for looping a Denial Of Service (DoS) attack over one single mac address in range

Bluetooth Simple Denial Of Service (DoS) Legal Note This project is made only for educational purposes and for helping in Proofs of Concept. The autho

1 Jan 9, 2022

Some Attacks of Exchange SSRF ProxyLogon&ProxyShell

Some Attacks of Exchange SSRF This project is heavily replicated in ProxyShell, NtlmRelayToEWS https://mp.weixin.qq.com/s/GFcEKA48bPWsezNdVcrWag Get 1

129 Dec 30, 2022

LeLeLe: A tool to simplify the application of Lattice attacks.

LeLeLe is a very simple library (300 lines) to help you more easily implement lattice attacks, the library is inspired by Z3Py (python interfa

4 Dec 14, 2021

Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.

Dependency Combobulator Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage

84 Dec 23, 2022

Wordlist attacks on Bitwarden data.json files

BitwardenDecryptBrute This is a slightly modified version of BitwardenDecrypt. In addition to the decryption this version can do wordlist attacks for

42 Nov 9, 2022

Python Toolkit containing different Cyber Attacks Tools

Helikopter Python Toolkit containing different Cyber Attacks Tools. Tools in Helikopter Toolkit 1. FattyNigger (PYTHON WORM) 2. Taxes (PYTHON PASS EXT

22 Dec 4, 2022

Official implementation of the paper "Backdoor Attacks on Self-Supervised Learning".

SSL-Backdoor Abstract Large-scale unlabeled data has allowed recent progress in self-supervised learning methods that learn rich visual representation

44 Nov 21, 2022

Releases(1.0.0)

1.0.0(Feb 6, 2022)

Source code(tar.gz)
Source code(zip)

Owner

EntySec

EntySec is a group of security professionals and software engineers involved in the development of security tools and services.

GitHub Repository https://hatsploit.netlify.app

A simple python script for hosting a Snowflake Proxy in your python program or with it's standalone cli

snowflake-cli Snowflake is a system to defeat internet censorship, made by Tor Project. The system works by volunteers who run the snowflake extension

6 Jul 14, 2022

It's a simple tool for test vulnerability Apache Path Traversal

SimplesApachePathTraversal Simples Apache Path Traversal It's a simple tool for test vulnerability Apache Path Traversal https://blog.mrcl0wn.com/2021

56 Dec 27, 2022

Wordlist attacks on Bitwarden data.json files

BitwardenDecryptBrute This is a slightly modified version of BitwardenDecrypt. In addition to the decryption this version can do wordlist attacks for

42 Nov 09, 2022

Python exploit for vsftpd 2.3.4 - Backdoor Command Execution

CVE-2011-2523 - vsftpd 2.3.4 Exploit Discription vsftpd, which stands for Very Secure FTP Daemon,is an FTP server for Unix-like systems, including Lin

5 Nov 08, 2022

APKLeaks - Scanning APK file for URIs, endpoints & secrets.

3.5k Jan 09, 2023

Chromepass - Hacking Chrome Saved Passwords

Chromepass - Hacking Chrome Saved Passwords and Cookies View Demo · Report Bug · Request Feature Table of Contents About the Project AV Detection Gett

622 Jan 04, 2023

Privacy-respecting metasearch engine

Privacy-respecting, hackable metasearch engine / pronunciation səːks. If you are looking for running instances, ready to use, then visit searx.space.

12.4k Jan 08, 2023

Osint-Tool - Information collection tool in python

Osint-Tool Herramienta para la recolección de información Pronto más opciones In

3 Apr 09, 2022

CVE-2021-40346 integer overflow enables http smuggling

CVE-2021-40346-POC CVE-2021-40346 integer overflow enables http smuggling Reference: https://jfrog.com/blog/critical-vulnerability-in-haproxy-cve-2021

34 Nov 15, 2022

Unsafe Twig processing of static pages leading to RCE in Grav CMS 1.7.10

CVE-2021-29440 Unsafe Twig processing of static pages leading to RCE in Grav CMS 1.7.10 Grav is a file based Web-platform. Twig processing of static p

6 Oct 10, 2022

Send CVE information to the specified mailbox (from Github)

91 Nov 08, 2022

Flutter Reverse Engineering Framework

This framework helps reverse engineer Flutter apps using patched version of Flutter library which is already compiled and ready for app repacking. There are changes made to snapshot deserialization p

910 Jan 01, 2023

Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.

GoodHound ______ ____ __ __ / ____/___ ____ ____/ / / / /___ __ ______ ____/ / / / __/ __ \/ __ \/ __

352 Jan 02, 2023

labsecurity is a framework and its use is for ethical hacking and computer security

labsecurity labsecurity is a framework and its use is for ethical hacking and computer security. Warning This tool is only for educational purpose. If

16 Dec 08, 2022

利用NTLM Hash读取Exchange邮件

GetMail 利用NTLM Hash读取Exchange邮件：在进行内网渗透时候，我们经常拿到的是账号的Hash凭据而不是明文口令。在这种情况下采用邮件客户端或者WEBMAIL的方式读取邮件就很麻烦，需要进行破解，NTLM的破解主要依靠字典强度，破解概率并不是很大。

[email protected]"> 388 Dec 27, 2022

Exploit for GitLab CVE-2021-22205 Unauthenticated Remote Code Execution

Vuln Impact An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files tha

2 Dec 30, 2021

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

Pupy Installation Installation instructions are on the wiki, in addition to all other documentation. For maximum compatibility, it is recommended to u

7.4k Jan 04, 2023

HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.

Related tags

Overview

HatLoads

Features

Installation

Basic functions

Examples

You might also like...

Having a weak password is not good for a system that demands high confidentiality and security of user credentials

NEW FACEBOOK CLONER WITH NEW PASSWORD, TERMUX FB CLONE, FB CLONING COMMAND. M

Simple script for looping a Denial Of Service (DoS) attack over one single mac address in range

Some Attacks of Exchange SSRF ProxyLogon&ProxyShell

LeLeLe: A tool to simplify the application of Lattice attacks.

Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.

Wordlist attacks on Bitwarden data.json files

Python Toolkit containing different Cyber Attacks Tools

Official implementation of the paper "Backdoor Attacks on Self-Supervised Learning".

Releases(1.0.0)

1.0.0(Feb 6, 2022)

Owner

EntySec

A simple python script for hosting a Snowflake Proxy in your python program or with it's standalone cli

It's a simple tool for test vulnerability Apache Path Traversal

Wordlist attacks on Bitwarden data.json files

Python exploit for vsftpd 2.3.4 - Backdoor Command Execution

APKLeaks - Scanning APK file for URIs, endpoints & secrets.

Chromepass - Hacking Chrome Saved Passwords

Privacy-respecting metasearch engine

Osint-Tool - Information collection tool in python

CVE-2021-40346 integer overflow enables http smuggling

Unsafe Twig processing of static pages leading to RCE in Grav CMS 1.7.10

Send CVE information to the specified mailbox (from Github)

Flutter Reverse Engineering Framework

Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.

labsecurity is a framework and its use is for ethical hacking and computer security

利用NTLM Hash读取Exchange邮件

Exploit for GitLab CVE-2021-22205 Unauthenticated Remote Code Execution

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

A Python Scanner for log4j

Tool to decrypt iOS apps using r2frida

Log4j exploit catcher, detect Log4Shell exploits and try to get payloads.