git404hub

what is thefatrat fr?

screetsec/thefatrat — explained in plain English

Analysis updated 2026-06-24

11,221CAudience · ops devopsComplexity · 4/5Setup · moderate

tl;dr

A Linux penetration testing tool that automates generating remote-access payloads for Windows, Android, Mac, and Linux targets by wrapping MSFvenom and Metasploit, for authorized security testing only.

vibe map

mindmap
  root((repo))
    What it does
      Generates payloads
      Sets up listeners
      Automates MSFvenom
    Target platforms
      Windows and Android
      Mac and Linux
    Features
      File embedding
      USB autorun files
      Auto IP detection
    Requirements
      Linux host
      Metasploit installed
      Authorized use only

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

what do people make with this?

VIBE 1

Generate a remote-access payload for a Windows target during an authorized penetration test.

VIBE 2

Embed a test payload inside an existing application file to simulate a social-engineering attack scenario.

VIBE 3

Set up a Metasploit listener and test USB autorun payloads as part of a physical access security assessment.

what's the stack?

CShellMetasploit

how it stacks up fr

screetsec/thefatratapple/darwin-xnulibvips/libvips
Stars11,22111,23711,310
LanguageCCC
Setup difficultymoderatehardmoderate
Complexity4/55/53/5
Audienceops devopsdeveloperdeveloper

Figures from each repo's GitHub metadata at analysis time.

how do i run it?

Difficulty · moderate time til it works · 30min

Requires Metasploit Framework and several Linux dependencies installed via the provided setup script.

in plain english

TheFatRat is a Linux-based tool used in penetration testing and security research that automates the process of generating executable payloads. A payload here is a small program that, when run on a target machine, establishes a remote connection back to the tester's system, allowing them to interact with that machine. The tool wraps around MSFvenom and Metasploit, which are established penetration testing frameworks, to make payload creation faster and more menu-driven. The tool can produce payloads targeting Windows, Android, Mac, and Linux systems in various file formats. It also includes options for embedding a payload inside an existing application file, setting up a listener that waits for incoming connections, and detecting your external IP address automatically. A file size tool is included for padding files. There is also support for creating USB autorun files used in physical access testing scenarios. The README states the tool is intended for educational purposes and for use only against systems the user has explicit permission to test. Unauthorized use against systems without consent is described as illegal, and the developers disclaim responsibility for misuse. Installation runs through a shell script that handles dependencies. A separate diagnostic script is provided to check whether all required components installed correctly. The README links to documentation in the Certified Ethical Hacker curriculum and to several tutorial videos demonstrating different use cases. The project is available in BlackArch, a Linux distribution focused on security testing tools. It is written primarily in C and shell scripting.

prompts (copy fr)

prompt 1
I'm doing an authorized pentest on a Windows target. Show me how to use TheFatRat to generate an MSFvenom payload, set up the listener, and catch the connection.
prompt 2
How do I embed a TheFatRat payload inside a legitimate-looking Android APK for an authorized mobile security test?
prompt 3
I've installed TheFatRat but the diagnostic script reports missing components. Walk me through fixing common dependency issues on Kali Linux.

Frequently asked questions

what is thefatrat fr?

A Linux penetration testing tool that automates generating remote-access payloads for Windows, Android, Mac, and Linux targets by wrapping MSFvenom and Metasploit, for authorized security testing only.

What language is thefatrat written in?

Mainly C. The stack also includes C, Shell, Metasploit.

How hard is thefatrat to set up?

Setup difficulty is rated moderate, with roughly 30min to a first successful run.

Who is thefatrat for?

Mainly ops devops.

peek the repo → explain another one

This repo across BitVibe Labs

double-check against the repo, no cap.