HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.

Last update: May 10, 2022

Related tags

Overview

HatLoads

HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.

Features

Contains a lot of useful shellcodes in assembly and bytes.
Support for most common platforms like macOS, Linux, Windows.
Ability to get custom code and assemble it.

Installation

pip3 install git+https://github.com/EntySec/HatLoads

Basic functions

There are all HatLoads basic functions that can be used to generate payloads.

get_payload(self, platform, arch, payload, options={}, assemble=True) - Get assembly shellcode or assembled shellcode.

Examples

from hatloads import HatLoads

options = {
    'RHOST': '127.0.0.1',
    'RPORT': 8888
}

hatloads = HatLoads()
shellcode = hatloads.get_payload('macos', 'x64', 'shell_reverse_tcp')

Having a weak password is not good for a system that demands high confidentiality and security of user credentials

Having a weak password is not good for a system that demands high confidentiality and security of user credentials. It turns out that people find it difficult to make up a strong password that is strong enough to prevent unauthorized users from memorizing it.

0 Feb 7, 2022

NEW FACEBOOK CLONER WITH NEW PASSWORD, TERMUX FB CLONE, FB CLONING COMMAND. M

81 Jan 8, 2023

Simple script for looping a Denial Of Service (DoS) attack over one single mac address in range

Bluetooth Simple Denial Of Service (DoS) Legal Note This project is made only for educational purposes and for helping in Proofs of Concept. The autho

1 Jan 9, 2022

Some Attacks of Exchange SSRF ProxyLogon&ProxyShell

Some Attacks of Exchange SSRF This project is heavily replicated in ProxyShell, NtlmRelayToEWS https://mp.weixin.qq.com/s/GFcEKA48bPWsezNdVcrWag Get 1

129 Dec 30, 2022

LeLeLe: A tool to simplify the application of Lattice attacks.

LeLeLe is a very simple library (300 lines) to help you more easily implement lattice attacks, the library is inspired by Z3Py (python interfa

4 Dec 14, 2021

Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.

Dependency Combobulator Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage

84 Dec 23, 2022

Wordlist attacks on Bitwarden data.json files

BitwardenDecryptBrute This is a slightly modified version of BitwardenDecrypt. In addition to the decryption this version can do wordlist attacks for

42 Nov 9, 2022

Python Toolkit containing different Cyber Attacks Tools

Helikopter Python Toolkit containing different Cyber Attacks Tools. Tools in Helikopter Toolkit 1. FattyNigger (PYTHON WORM) 2. Taxes (PYTHON PASS EXT

22 Dec 4, 2022

Official implementation of the paper "Backdoor Attacks on Self-Supervised Learning".

SSL-Backdoor Abstract Large-scale unlabeled data has allowed recent progress in self-supervised learning methods that learn rich visual representation

44 Nov 21, 2022

Releases(1.0.0)

1.0.0(Feb 6, 2022)

Source code(tar.gz)
Source code(zip)

Owner

EntySec

EntySec is a group of security professionals and software engineers involved in the development of security tools and services.

GitHub Repository https://hatsploit.netlify.app

A token logger for discord + steals Brave/Chrome passwords and usernames

Backdoor Machine - ❗ For educational purposes only ❗ A program made in python for stealing passwords and usernames from Google Chrome/Brave and tokenl

36 Jul 18, 2021

A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.

A simple python script to dump remote files through a local file read or local file inclusion web vulnerability. Features Dump a single file w

48 Dec 03, 2022

To explore creating an application that detects available connections at once from wifi and bluetooth

Signalum A Linux Package to detect and analyze existing connections from wifi and bluetooth. Also checkout the Desktop Application. Signalum Installat

56 Mar 03, 2021

An All-In-One Pure Python PoC for CVE-2021-44228

Python Log4RCE An all-in-one pure Python3 PoC for CVE-2021-44228. Configure Replace the global variables at the top of the script to your configuratio

178 Nov 09, 2022

Directory Traversal in Afterlogic webmail aurora and pro

CVE-2021-26294 Exploit Directory Traversal in Afterlogic webmail aurora and pro . Description: AfterLogic Aurora and WebMail Pro products with 7.7.9 a

8 Nov 09, 2022

PassLock is a medium-security password manager that encrypts passwords using Advanced Encryption Standards (AES)

A medium security python password manager that encrypt passwords using Advanced Encryption Standard (AES) PassLock is a password manager and password

44 Nov 18, 2022

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

2.8k Dec 29, 2022

Python HDFS client

Python HDFS client Because the world needs yet another way to talk to HDFS from Python. Usage This library provides a Python client for WebHDFS. NameN

82 Dec 28, 2022

Mad Spammer is a python webhook spammer which is very easy and safe to use.

Mad Spammer 👿 Pre-Setup: Open your terminal/console and type: pip install module colorama python MadSpammer.py Setup: After doing that, you should be

1 Nov 26, 2021

A repository to detect the ARP spoofing in any devices and prevent Man in the Middle(MITM) attack using Python3

arp_spoof_detector A repository to detect the ARP spoofing in any devices and prevent Man in the Middle(MITM) attack using Python3 Usage: git clone ht

1 Oct 30, 2021

Bypass ReCaptcha: A Python script for dealing with recaptcha

Bypass ReCaptcha Bypass ReCaptcha is a Python script for dealing with recaptcha.

1 Jan 11, 2022

自动化爆破子域名，并遍历所有端口寻找http服务，并使用crawlergo、dirsearch、xray等工具扫描并集成报告；支持动态添加扫描到的域名至任务；

AutoScanner AutoScanner是什么 AutoScanner是一款自动化扫描器，其功能主要是遍历所有子域名、及遍历主机所有端口寻找出所有http服务，并使用集成的工具进行扫描，最后集成扫描报告；工具目前有：oneforall、masscan、nmap、crawlergo、dirse

633 Dec 30, 2022

VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit

Vortex VPN Overall Reconnaissance, Testing, Enumeration and Exploitation Toolkit Overview A very simple Python framework, inspired by SprayingToolkit,

315 Dec 28, 2022

Apache OFBiz rmi反序列化EXP(CVE-2021-26295)

Apache OFBiz rmi反序列化EXP(CVE-2021-26295) 目前仅支持nc弹shell 将ysoserial.jar放置在同目录下，py3运行，根据提示输入漏洞url，你的vps地址和端口第二次使用建议删除exp.ot 本工具仅用于安全测试，禁止未授权非法攻击站点，否则后果自负

15 Nov 09, 2022

Fast Fb Cracking Tool

fb-brute Fast Fb Cracking Tool 🏆

8 Jun 29, 2022

Meterpreter Reverse shell over TOR network using hidden services

Poiana Reverse shell over TOR network using hidden services Features - Create a hidden service - Generate non-staged payload (python/meterpreter_rev

80 Dec 21, 2022

script that pulls cve collections from NVD.NIST.GOV.

# cvepull.py #script that pulls cve collections from NVD.NIST.GOV. #edit line 17 (timedelta) number to change the amount of days to search backwards

1 Dec 18, 2021

一个自动挖掘漏洞的框架，日后会发展成强大的信息收集+漏洞挖掘脚本！

介绍工具介绍这是一款致力于将各类优秀脚本集合在一起调用、联动，最终可形成超级渗透脚本的工具。目的是扫描到更全的资产信息，发现更多的漏洞利用。但是这是通过牺牲扫描速度来提升扫描广度的。所以不太适合要进行紧急信息收集和漏洞利用的情况。

23 Jul 05, 2022

python写的一款免杀工具（shellcode加载器）BypassAV，国内杀软全过（windows denfend）

266 Jan 02, 2023

ONT Analysis Toolkit (OAT)

A toolkit for monitoring ONT MinION sequencing, followed by data analysis, for viral genomes amplified with tiled amplicon sequencing.

6 Jun 14, 2022

HatSploit collection of generic payloads designed to provide a wide range of attacks without having to spend time writing new ones.

Related tags

Overview

HatLoads

Features

Installation

Basic functions

Examples

You might also like...

Having a weak password is not good for a system that demands high confidentiality and security of user credentials

NEW FACEBOOK CLONER WITH NEW PASSWORD, TERMUX FB CLONE, FB CLONING COMMAND. M

Simple script for looping a Denial Of Service (DoS) attack over one single mac address in range

Some Attacks of Exchange SSRF ProxyLogon&ProxyShell

LeLeLe: A tool to simplify the application of Lattice attacks.

Dependency Combobulator is an Open-Source, modular and extensible framework to detect and prevent dependency confusion leakage and potential attacks.

Wordlist attacks on Bitwarden data.json files

Python Toolkit containing different Cyber Attacks Tools

Official implementation of the paper "Backdoor Attacks on Self-Supervised Learning".

Releases(1.0.0)

1.0.0(Feb 6, 2022)

Owner

EntySec

A token logger for discord + steals Brave/Chrome passwords and usernames

A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.

To explore creating an application that detects available connections at once from wifi and bluetooth

An All-In-One Pure Python PoC for CVE-2021-44228

Directory Traversal in Afterlogic webmail aurora and pro

PassLock is a medium-security password manager that encrypts passwords using Advanced Encryption Standards (AES)

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能

Python HDFS client

Mad Spammer is a python webhook spammer which is very easy and safe to use.

A repository to detect the ARP spoofing in any devices and prevent Man in the Middle(MITM) attack using Python3

Bypass ReCaptcha: A Python script for dealing with recaptcha

自动化爆破子域名，并遍历所有端口寻找http服务，并使用crawlergo、dirsearch、xray等工具扫描并集成报告；支持动态添加扫描到的域名至任务；

VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit

Apache OFBiz rmi反序列化EXP(CVE-2021-26295)

Fast Fb Cracking Tool

Meterpreter Reverse shell over TOR network using hidden services

script that pulls cve collections from NVD.NIST.GOV.

一个自动挖掘漏洞的框架，日后会发展成强大的信息收集+漏洞挖掘脚本！

python写的一款免杀工具（shellcode加载器）BypassAV，国内杀软全过（windows denfend）

ONT Analysis Toolkit (OAT)