20 Open-source Free RAT (Remote Administration Tool) for Windows, Linux, and macOS

RAT stands for Remote Access Trojan. It is a type of malicious software that allows unauthorized individuals to remotely control a computer system. While RAT software can be used for legitimate purposes such as remote administration and tech support, it is often associated with cyber criminal activities.

Benefits of using RAT software include:

Remote administration: RAT software can enable system administrators to remotely manage and troubleshoot computer systems, which can be especially useful in large networks or when physical access to the system is not possible.
Tech support: RAT software can be utilized by tech support professionals to provide remote assistance and resolve technical issues for users.
Access: RAT software allows users to access and control a computer system from a remote location, providing flexibility and convenience.

However, it is important to note that RAT software can also be exploited by cybercriminals to gain unauthorized access to systems, steal sensitive information, or perform malicious activities.

Therefore, it is crucial to use RAT software responsibly and ensure proper security measures are in place to protect against unauthorized access.

What is a C2 Server?

C2 Server, also known as Command and Control Server, is a critical component in a RAT infrastructure. It is a server that allows cybercriminals to remotely control and manage the compromised systems through the RAT software. The C2 server acts as a central hub where the attacker can send commands and receive data from the infected machines. It provides the attacker with the ability to monitor and control multiple compromised systems simultaneously.

The C2 server is responsible for facilitating communication between the attacker and the compromised systems, enabling the attacker to execute various malicious activities, such as stealing data, spreading malware, or launching further attacks. It is important to note that the operation of a C2 server is illegal and unethical, as it involves unauthorized access and control of computer systems for malicious purposes.

In this list, you can find the best open-source RAT tool that you can explore their source-code, build, develop and manage yourself.

1- CHAOS

CHAOS is a free and open-source Remote Administration Tool that allow to generate binaries to control remote operating systems.

2- Musubi

Musubi is a Japanese braiding method for making decorative and functional cords, and it is depicted in several scenes in the movie. Musubi is a knot, a tying together, of connecting people and things. The photo shows two kumihimo cords in a musubi knot.

3- KIZAGAN

KIZAGAN is a RAT built with python.It can take camera snapshots, screenshots, browser data and cookies etc. Also, it has a keylogger and it is undetectable.

Features

Basic file/directory commands.(rename, delete, create etc.)
Can execute windows command prompt commands directly.
Can get camera snapshots.
Can get screenshots.
Can download files.
Can upload files.
Has keylogger.
Have persistence.(Persistence:It can hide itself to registry.)
Can take wifi names and passwords.
Can combine with a file you specify.
Constant connections.
Undetectable.
Can get browser saved usernames and passwords.
Can get browser cookies.

4- TacticalRMM

Tactical RMM is a web-based self-hosted remote monitoring & management tool, built with Django and Vue.

Features

Teamviewer-like remote desktop control
Real-time remote shell
Remote file browser (download and upload files)
Remote command and script execution (batch, powershell and python scripts)
Event log viewer
Services management
Windows patch management
Automated checks with email/SMS alerting (cpu, disk, memory, services, scripts, event logs)
Automated task runner (run scripts on a schedule)
Remote software installation via chocolatey
Software and hardware inventory

5- Spark

Spark is a free, safe, open-source, self-hosted web-based, cross-platform and full-featured RAT (Remote Administration Tool) that allow you to control all your devices via browser anywhere.

6- serpentine

serpentine is a Windows RAT (Remote Administration Tool) that lets you interact with the clients using a multiplatform RESTful C2 server. It includes a Keylogger, reverse proxy, remote desktop, and and take a desktop screenshot. It also offers a developer-friendly API.

7- Tornado

Tornado is a free and open-source anonymously Reverse Shell over Tor Network using Hidden services without Portforwarding.

8- TelegramRAT

TelegramRAT is a free Cross Platform Telegram based RAT that communicates via telegram to evade network restrictions.

Features

Execute Shell Commands in bot directly.
download file from client.
Get Client System Information.
Get Client Location Information.
Capture Screenshot
get url (Download file from URL)
More features will be added

9- Warith

Warith is a free and open-source, modular Remote Administration Tool (RAT) / Payload Dropper written in Go(lang) with a flexible command and control (C2) system*.

10- TewQ

TewQ is a free, open-Source Remote Administration Tool for Windows.

11- BlazeRAT

BlazeRAT is a free and open-source Linux RAT tool that enables you to control Linux desktop remotely.

Features

Desktop Screenshot
Webcam Screenshot/Video
Microphone Recorder
Keylogger
Geolocation based on IP/BSSID
File Manager
Task Manager
Remote Shell
Remote keyboard
Power control (shutdown, restart, suspend, logoff)
Volume control
Wipe user data (browsers history, passwords, cookies...)
Rights management using authorization tokens

12- TecSpy

TecSpy is a cloud-based Android Monitoring Tool, powered by NodeJS.

Features

GPS Logging
Microphone Recording
View Contacts
SMS Logs
Call Logs
View Installed Apps
View Stub Permissions
Live Clipboard Logging
Live Notification Logging (WhatsApp, Facebook, Instagram, Gmail, and more ....)
View Wi-Fi Networks (logs previously seen)
File Explorer & Downloader
Command Queuing
Device Admin

13- Goasm-RAT

Goasm-RAT is a simple Windows console remote administration tool, written in the Go lang and Intel x86 Assembly. It supports remote shell and screenshot.

14- Invoke

FUD Remote Administration tool for Windows Systems and Linux written in Python 3.

15- DUCKSPLOIT

DUCKSPLOIT is a free and open-source Windows Hacking FrameWork using Reverse Shell.

16- PhantomBlitz

PhantomBlitz is a Python-based framework that creates an executable file with various parameters. It allows users to perform a reverse TCP connection and execute cmd commands.

Features

Reverse TCP connection
Execute cmd commands
Collect OS info
Set clipboard text
Get clipboard text
Take screenshot
Start file server
Analyze LAN traffic
Type text
Download URL
Open link
Generate WLAN profile
Keylogger

17- Example RAT

This open-source project is for demonstration purposes only and should not be used maliciously.

Example RAT is a remote administration tool written in C# for the stub and PHP for the front-end control server.

18- VanillaRAT

VanillaRat is an advanced remote administration tool coded in C#. VanillaRat uses the Telepathy TCP networking library, dnlib module reading and writing library, and Costura. Fody dll embedding library.

Features

Remote Desktop Viewer (With remote click)
File Browser (Including downloading, drag and drop uploading, and file opening)
Process Manager
Computer Information
Hardware Usage Information (CPU usage, disk usage, available ram)
Message Box Sender
Text To Speech
Screen Locker
Live Keylogger (Also shows current window)
Website Opener
Application Permission Raiser (Normal -> Admin)
Clipboard Text (Copied text)
Chat (Does not allow for client to close form)
Audio Recorder (Microphone)
Process Killer (Task manager, etc.)
Remote Shell
Startup
Security Blacklist (Drag client into list if you don't want connection. Press del. key on client to remove from list)

19- Stitch

Stitch is a cross-platform python framework which allows you to build custom payloads for Windows, macOS and Linux as well.

You are able to select whether the payload binds to a specific IP and port, listens for a connection on a port, option to send an email of system info when the system boots, and option to start keylogger on boot. Payloads created can only run on the OS that they were created on.

Features

Command and file auto-completion
Antivirus detection
Able to turn off/on display monitors
Hide/unhide files and directories
View/edit the hosts file
View all the systems environment variables
Keylogger with options to view status, start, stop and dump the logs onto your host system
View the location and other information of the target machine
Execute custom python scripts which return whatever you print to screen
Screenshots
Virtual machine detection
Download/Upload files to and from the target system
Attempt to dump the systems password hashes
Payloads' properties are "disguised" as other known programs

20- ToRat

ToRat is a Remote Administration tool written in Go using Tor as a transport mechanism and RPC for communication.

Benefits of using RAT software include:

What is a C2 Server?

1- CHAOS

2- Musubi

3- KIZAGAN

Features

4- TacticalRMM

Features

5- Spark

6- serpentine

7- Tornado

8- TelegramRAT

Features

9- Warith

10- TewQ

11- BlazeRAT

Features

12- TecSpy

Features

13- Goasm-RAT

14- Invoke

15- DUCKSPLOIT

16- PhantomBlitz

Features

17- Example RAT

18- VanillaRAT

Features

19- Stitch

Features

20- ToRat

Tags

Related Articles in Open-source