TheFatRat

TheFatRat is a Linux-based tool used in penetration testing and security research that automates the process of generating executable payloads. A payload here is a small program that, when run on a target machine, establishes a remote connection back to the tester's system, allowing them to interact with that machine. The tool wraps around MSFvenom and Metasploit, which are established penetration testing frameworks, to make payload creation faster and more menu-driven.

The tool can produce payloads targeting Windows, Android, Mac, and Linux systems in various file formats. It also includes options for embedding a payload inside an existing application file, setting up a listener that waits for incoming connections, and detecting your external IP address automatically. A file size tool is included for padding files. There is also support for creating USB autorun files used in physical access testing scenarios.

The README states the tool is intended for educational purposes and for use only against systems the user has explicit permission to test. Unauthorized use against systems without consent is described as illegal, and the developers disclaim responsibility for misuse.

Installation runs through a shell script that handles dependencies. A separate diagnostic script is provided to check whether all required components installed correctly. The README links to documentation in the Certified Ethical Hacker curriculum and to several tutorial videos demonstrating different use cases.

The project is available in BlackArch, a Linux distribution focused on security testing tools. It is written primarily in C and shell scripting.