RAT stands for Remote Access Trojan. It is a type of malicious software that allows unauthorized individuals to remotely control a computer system. While RAT software can be used for legitimate purposes such as remote administration and tech support, it is often associated with cybercriminal activities.
Benefits of using RAT software include:
- Remote administration: RAT software can enable system administrators to remotely manage and troubleshoot computer systems, which can be especially useful in large networks or when physical access to the system is not possible.
- Tech support: RAT software can be utilized by tech support professionals to provide remote assistance and resolve technical issues for users.
- Flexibility: RAT software allows users to access and control a computer system from a remote location, providing flexibility and convenience.
However, it is important to note that RAT software can also be exploited by cybercriminals to gain unauthorized access to systems, steal sensitive information, or perform malicious activities. Therefore, it is crucial to use RAT software responsibly and ensure proper security measures are in place to protect against unauthorized access.
C2 Server, also known as Command and Control Server, is a critical component in a RAT infrastructure. It is a server that allows cybercriminals to remotely control and manage the compromised systems through the RAT software. The C2 server acts as a central hub where the attacker can send commands and receive data from the infected machines. It provides the attacker with the ability to monitor and control multiple compromised systems simultaneously.
The C2 server is responsible for facilitating communication between the attacker and the compromised systems, enabling the attacker to execute various malicious activities, such as stealing data, spreading malware, or launching further attacks. It is important to note that the operation of a C2 server is illegal and unethical, as it involves unauthorized access and control of computer systems for malicious purposes.
In this list, you can find the best open-source RAT tool that you can explore their source-code, build, develop and manage yourself.
CHAOS is a free and open-source Remote Administration Tool that allow to generate binaries to control remote operating systems.
Musubi is a Japanese braiding method for making decorative and functional cords, and it is depicted in several scenes in the movie. Musubi is a knot, a tying together, of connecting people and things. The photo shows two kumihimo cords in a musubi knot.
KIZAGAN is a RAT built with python.It can take camera snapshots, screenshots, browser data and cookies etc. Also, it has a keylogger and it is undetectable.
- Basic file/directory commands.(rename, delete, create etc.)
- Can execute windows command prompt commands directly.
- Can get camera snapshots.
- Can get screenshots.
- Can download files.
- Can upload files.
- Has keylogger.
- Have persistence.(Persistence:It can hide itself to registry.)
- Can take wifi names and passwords.
- Can combine with a file you specify.
- Constant connections.
- Can get browser saved usernames and passwords.
- Can get browser cookies.
Tactical RMM is a web-based self-hosted remote monitoring & management tool, built with Django and Vue.
- Teamviewer-like remote desktop control
- Real-time remote shell
- Remote file browser (download and upload files)
- Remote command and script execution (batch, powershell and python scripts)
- Event log viewer
- Services management
- Windows patch management
- Automated checks with email/SMS alerting (cpu, disk, memory, services, scripts, event logs)
- Automated task runner (run scripts on a schedule)
- Remote software installation via chocolatey
- Software and hardware inventory
Spark is a free, safe, open-source, self-hosted web-based, cross-platform and full-featured RAT (Remote Administration Tool) that allow you to control all your devices via browser anywhere.
serpentine is a Windows RAT (Remote Administration Tool) that lets you interact with the clients using a multiplatform RESTful C2 server. It includes a Keylogger, reverse proxy, remote desktop, and and take a desktop screenshot. It also offers a developer-friendly API.
Tornado is a free and open-source anonymously Reverse Shell over Tor Network using Hidden services without Portforwarding.
TelegramRAT is a free Cross Platform Telegram based RAT that communicates via telegram to evade network restrictions.
- Execute Shell Commands in bot directly.
- download file from client.
- Get Client System Information.
- Get Client Location Information.
- Capture Screenshot
- get url (Download file from URL)
- More features will be added
Warith is a free and open-source, modular Remote Administration Tool (RAT) / Payload Dropper written in Go(lang) with a flexible command and control (C2) system*.
TewQ is a free, open-Source Remote Administration Tool for Windows.
BlazeRAT is a free and open-source Linux RAT tool that enables you to control Linux desktop remotely.
- Desktop Screenshot
- Webcam Screenshot/Video
- Microphone Recorder
- Geolocation based on IP/BSSID
- Remote Shell
- Remote keyboard
- Power control (shutdown, restart, suspend, logoff)
- Volume control
- Wipe user data (browsers history, passwords, cookies...)
- Rights management using authorization tokens
TecSpy is a cloud-based Android Monitoring Tool, powered by NodeJS.
- GPS Logging
- Microphone Recording
- View Contacts
- SMS Logs
- Call Logs
- View Installed Apps
- View Stub Permissions
- Live Clipboard Logging
- Live Notification Logging (WhatsApp, Facebook, Instagram, Gmail, and more ....)
- View Wi-Fi Networks (logs previously seen)
- File Explorer & Downloader
- Command Queuing
- Device Admin
Goasm-RAT is a simple Windows console remote administration tool, written in Go and Intel x86 Assembly. It supports remote shell and screenshot.
FUD Remote Administration tool for Windows Systems and Linux written in Python3.
DUCKSPLOIT is a free and open-source Windows Hacking FrameWork using Reverse Shell.
PhantomBlitz is a Python-based framework that creates an executable file with various parameters. It allows users to perform a reverse TCP connection and execute cmd commands.
- Reverse TCP connection
- Execute cmd commands
- Collect OS info
- Set clipboard text
- Get clipboard text
- Take screenshot
- Start file server
- Analyze LAN traffic
- Type text
- Download URL
- Open link
- Generate WLAN profile
17- Example RAT
This open-source project is for demonstration purposes only and should not be used maliciously. I am not responsible for any damages that occur from use of this tool.
Example RAT is a remote administration tool written in C# for the stub and PHP for the front-end control server.
VanillaRat is an advanced remote administration tool coded in C#. VanillaRat uses the Telepathy TCP networking library, dnlib module reading and writing library, and Costura.Fody dll embedding library.
- Remote Desktop Viewer (With remote click)
- File Browser (Including downloading, drag and drop uploading, and file opening)
- Process Manager
- Computer Information
- Hardware Usage Information (CPU usage, disk usage, available ram)
- Message Box Sender
- Text To Speech
- Screen Locker
- Live Keylogger (Also shows current window)
- Website Opener
- Application Permission Raiser (Normal -> Admin)
- Clipboard Text (Copied text)
- Chat (Does not allow for client to close form)
- Audio Recorder (Microphone)
- Process Killer (Task manager, etc.)
- Remote Shell
- Security Blacklist (Drag client into list if you don't want connection. Press del. key on client to remove from list)
Stitch is a cross-platform python framework which allows you to build custom payloads for Windows, Mac OSX and Linux as well. You are able to select whether the payload binds to a specific IP and port, listens for a connection on a port, option to send an email of system info when the system boots, and option to start keylogger on boot. Payloads created can only run on the OS that they were created on.
- Command and file auto-completion
- Antivirus detection
- Able to turn off/on display monitors
- Hide/unhide files and directories
- View/edit the hosts file
- View all the systems environment variables
- Keylogger with options to view status, start, stop and dump the logs onto your host system
- View the location and other information of the target machine
- Execute custom python scripts which return whatever you print to screen
- Virtual machine detection
- Download/Upload files to and from the target system
- Attempt to dump the systems password hashes
- Payloads' properties are "disguised" as other known programs
ToRat is a Remote Administration tool written in Go using Tor as a transport mechanism and RPC for communication.