# screetsec/TheFatRat **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/screetsec-thefatrat).** 11,038 stars · 2,513 forks · C · gpl-3.0 ## Links - GitHub: https://github.com/screetsec/TheFatRat - awesome-repositories: https://awesome-repositories.com/repository/screetsec-thefatrat.md ## Topics `accessibility` `antivirus` `autorun` `backdoor` `bypass` `bypass-av` `bypassantivirus` `dracos` `hacking` `kali-linux` `linux` `malware` `metasploit-framework` `msfvenom` `rat` `remote` `remote-access` `thefatrat` `tool` `trojan` ## Description TheFatRat is a security exploitation framework designed to automate the creation, obfuscation, and deployment of payloads for penetration testing. It functions as a comprehensive toolkit that streamlines the exploitation lifecycle, enabling users to generate malicious executables, manage network listeners, and execute post-exploitation tasks through a unified command-line interface. The framework distinguishes itself by integrating various third-party exploitation utilities into a single, orchestrated workflow. It provides specialized capabilities for embedding code into legitimate binaries and modifying file metadata to test system resilience against signature-based detection. Additionally, the tool supports physical security assessments by generating autorun configurations for removable media to evaluate automated execution behaviors on target systems. Beyond core payload generation, the platform includes utilities for environment dependency validation to ensure all necessary components are configured correctly before testing begins. It also automates post-compromise actions, such as information gathering and credential extraction, to facilitate efficient security audits. ## Tags ### Security & Cryptography - [Evasive Payload Generators](https://awesome-repositories.com/f/security-cryptography/evasive-payload-generators.md) — Builds and disguises malicious executables and scripts for multiple operating systems. ([source](https://github.com/screetsec/TheFatRat/blob/master/README.md)) - [Penetration Testing Suites](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/offensive-red-team/offensive-security-frameworks/penetration-testing-suites.md) — Provides a comprehensive suite for automating security exploitation workflows, payload generation, and post-exploitation task management. - [Security Payload Generators](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing-tools/exploit-development-utilities/payload-creation-tools/security-payload-generators.md) — Automates the creation, obfuscation, and deployment of malicious payloads for security testing. - [Exploitation Frameworks](https://awesome-repositories.com/f/security-cryptography/exploitation-frameworks.md) — Implements a framework for embedding malicious code into binaries and preparing physical media for automated execution during security assessments. - [Payload Injectors](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing-tools/exploit-development-utilities/payload-injectors.md) — Inserts malicious code directly into existing legitimate applications, libraries, or documents. ([source](https://github.com/screetsec/TheFatRat/blob/master/CHANGELOG.md)) - [Executable Obfuscation Techniques](https://awesome-repositories.com/f/security-cryptography/evasive-payload-generators/executable-obfuscation-techniques.md) — Modifies executable files and scripts to bypass security software detection and signature-based filters. - [Exploitation Workflow Managers](https://awesome-repositories.com/f/security-cryptography/exploit-frameworks/exploitation-workflow-managers.md) — Orchestrates the configuration of listeners and the creation of payloads to simplify security testing tasks. ([source](https://github.com/screetsec/TheFatRat/blob/master)) - [Executable Obfuscators](https://awesome-repositories.com/f/security-cryptography/payload-obfuscation/executable-obfuscators.md) — Modifies file signatures and binary structures to evade detection by antivirus software and security filters. ([source](https://github.com/screetsec/TheFatRat#readme)) - [Post-Exploitation Tools](https://awesome-repositories.com/f/security-cryptography/security/utilities/security-tools/offensive-red-team/offensive-security-frameworks/post-exploitation-tools.md) — Executes automated scripts on compromised systems to gather information and extract credentials. ([source](https://github.com/screetsec/TheFatRat/tree/master/postexploit)) - [Binary Injection Techniques](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing/injection-payloads/binary-injection-techniques.md) — Embeds malicious code into legitimate software packages and binaries to test system resilience. - [Binary Injection Templates](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing/injection-payloads/binary-injection-templates.md) — Embeds malicious code into legitimate binaries by modifying file structures and injecting custom execution hooks. - [Executable Obfuscation Utilities](https://awesome-repositories.com/f/security-cryptography/payload-obfuscation/executable-obfuscation-utilities.md) — Modifies executable file signatures and structures to evade detection by antivirus software. - [Autorun Exploitation Tools](https://awesome-repositories.com/f/security-cryptography/exploitation-frameworks/autorun-exploitation-tools.md) — Creates autorun configuration files for removable storage devices to facilitate automatic execution. ([source](https://github.com/screetsec/TheFatRat/blob/master/README.md)) ### Software Engineering & Architecture - [Exploitation Tool Wrappers](https://awesome-repositories.com/f/software-engineering-architecture/application-frameworks/autonomous-agent-frameworks/external-tool-integrations/exploitation-tool-wrappers.md) — Integrates various third-party exploitation utilities into a single, orchestrated workflow. - [Binary Signature Modifiers](https://awesome-repositories.com/f/software-engineering-architecture/metadata-attachments/binary-metadata/binary-signature-modifiers.md) — Modifies file headers and padding to alter signatures for testing system resilience against detection. ### Web Development - [Backdoor Listener Managers](https://awesome-repositories.com/f/web-development/event-listener-managers/backdoor-listener-managers.md) — Establishes and manages network listeners to capture incoming connections from deployed backdoors. ([source](https://github.com/screetsec/TheFatRat#readme)) ### Development Tools & Productivity - [Automated Payload Execution](https://awesome-repositories.com/f/development-tools-productivity/workflow-automation-tools/automation-execution-frameworks/automated-payload-execution.md) — Triggers the automatic execution of files from removable media to evaluate system security controls. ([source](https://github.com/screetsec/TheFatRat/tree/master/autorun)) ### DevOps & Infrastructure - [Security Listener Profiles](https://awesome-repositories.com/f/devops-infrastructure/configuration-management/server-and-site-configuration/http-listener-configurations/security-listener-profiles.md) — Provides automated management of network listeners to capture incoming connections from deployed backdoors. - [Physical Media Assessment Tools](https://awesome-repositories.com/f/devops-infrastructure/security-automation-workflows/security-assessment-frameworks/physical-media-assessment-tools.md) — Generates autorun configurations for removable media to test automated execution behaviors. ### Operating Systems & Systems Programming - [Security](https://awesome-repositories.com/f/operating-systems-systems-programming/terminal-command-line-environments/shells-scripting/orchestration-scripts/security.md) — Uses modular command-line scripts to automate the configuration and execution of external security tools.