a-study-of-remote-access-trojans
a-study-of-remote-access-trojans copied to clipboard
Published
20 hours ago •
stratosphereips
stratosphereips
This repository contains a curated list of papers, articles and other sources related to remote access trojans.
A Study of Remote Access Trojans
This repository contains a curated list of papers, articles and other sources related to remote access trojans. Entries are sorted alphabetically. For corrections, suggestions, or missing papers, please either open an issue or submit a pull request.
Coverage of this Study of RATs:
- Nov 9, 2020 - What is a RAT? How remote access Trojans became a major threat | CSO Online (accessed Oct. 01, 2022).
Remote Access Trojans
A4zeta
- Megasecurity: A4zeta all [Web Archive]
- Megasecurity: A4zeta beta1 [Web Archive]
- Megasecurity: A4zeta beta2 [Web Archive]
Android Tester RAT
- ANDROID TESTER V6.4.6 (RAT) Cracked + Source - BlackHatRussia [Web Archive]
- Dissecting a RAT. Android Tester Trojan Analysis and Decoding. - Stratosphere Laboratory [Web Archive]
Async RAT
- AsyncRAT - GitHub [Web Archive]
- AsyncRAT - GitHub [Web Archive]
- AsyncRAT - TCP Asynchronous Socket - Remote Administration Tool - Raid Forums [Web Archive]
Atelier Web Remote Commander
- Atelier Web Homepage [Web Archive]
- 2016 Hack Windows Server in Network using Atelier Web Remote Command [Web Archive]
Back Orifice
- 1998 Hacker Group Says Program Can Exploit Microsoft Security Hole
- Wikipedia: Back Orifice [Web Archive]
- Back Orifice XP [Web Archive]
- Threat Description: BO2K [Web Archive]
- Back Orifice Windows Remote Administration Tool [Web Archive]
- MISP RAT Cluster [Web Archive]
- Tracking the Back Orifice Trojan On a University Network [Web Archive]
- Symantec: Back Orifice [Web Archive]
BbsRAT
- Mitre: BBSRAT [Web Archive]
- 2015 BBSRAT Attacks Targeting Russian Organizations Linked to Roaming Tiger [Web Archive]
- 2020 How to perform long term monitoring of careless threat actors [Web Archive]
- 2020 Shadows in the Rain [Web Archive]
Bifrost
- Study on the Undetectable Server Bifrost 1.2d for the AV [Web Archive]
- Malware Info: Bifrost Trojan [Web Archive]
- Wikipedia: Bifrost [Web Archive]
- BIFROSE Now More Evasive Through Tor, Used for Targeted Attack [Web Archive]
- The Malicious Intent of the “Here You Have” Mail Worm, Part 2 [Web Archive]
Casper
CasuS
ComRAT
- 2014 The Uroburos case: new sophisticated RAT identified [Web Archive]
- 2015 Tools used by the Uroburos actors [Web Archive]
- 2020 From Agent.BTZ to ComRAT v4: A ten‑year journey [Web Archive]
Coringa RAT (njRAT variant)
CyberGate RAT
- 2011 CyberGate RAT - Hacking Facebook, Twitter and Email Id's Passwords [Web Archive]
- 2011 RAT Tutorial For Beginners (best version ever) [Web Archive]
- 2013 CyberGate RAT COMPLETE TUTORIAL [Web Archive]
- 2014 CyberGate: En febrero nuestra aerolínea te obsequia... [Web Archive]
DarkNet RAT
D.I.R.T. (Data Interception by Remote Transmission)
- Codex Data Systems: D.I.R.T [Web Archive]
- Megasecurity: DIRT Manual [Web Archive]
- The Dangers of Dissent: The FBI and Civil Liberties since 1965 [Web Archive]
- 1998 It's getting easier to dig up DIRT [Web Archive]
- 1998 TheCodex's D.I.R.T. surveillance software [Web Archive]
- 1998 Network World Magazine [Web Archive]
- 2001 Trojan vendor dishes the Dirt [Web Archive]
- 2001 Reg duped by crime-busting D.I.R.T Trojan [Web Archive]
- 2001 UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF NEW YORK UNITED STATES OF AMERICA v. FRANK JONES [Web Archive]
- 2001 THE DIRT ON BIG BROTHER HE CAN USE YOUR NET SERVICE TO SPY ON YOU [Web Archive]
- 2002 Law-enforcement DIRT Trojan released [Web Archive]
- 2002 D.I.R.T. Spyware Exposed on Web [Web Archive]
- 2002 DIRT Guide [Web Archive]
- 2002 Cryptome dishes the Dirt [Web Archive]
- 2014 D.I.R.T [Web Archive]
DroidJack RAT
- Using DroidJack spyware to snoop on your spouse could get you arrested - Sophis [Web Archive]
- Iranian Hackers’ Rising Interest in Targeting Android Systems With DroidJack, AndroRAT - RecordedFuture [Web Archive]
- DroidJack RAT hits hacker forums, comes from legitimate app developers - SCMagazine [Web Archive]
- DroidJack RAT: A tale of how budding entrepreneurism can turn to cybercrime - Broadcom Symantec [Web Archive]
- Police in US, Europe raid homes of supersnoop Droidjack RAT suspects - The Register [Web Archive]
- Using DroidJack to spy on an Android? Expect a visit from the police - Eset [Web Archive]
Girlfriend
Grifin
Hawk
HawkEye
- 2016 iSpy Keylogger [Web Archive]
- 2018 LastLine: The Latest 100 Threats Seen in Finance [Web Archive]
- 2019 HAWKEYE Remote Access Trojan [Web Archive]
hsidir
IKlogger
JadeRAT
- 2017 JadeRAT mobile surveillanceware spikes in espionage activity [Web Archive]
- 2017 Lookout Mobile Threat Report [Web Archive]
- 2017 Hackers linked to Chinese government used mobile malware to spy on ethnic minority [Web Archive]
JhoneRAT
- 2020 JhoneRAT: Cloud based python RAT targeting Middle Eastern countries [Web Archive]
- 2020 JhoneRat – a snake in the network [Web Archive]
KevDroid RAT
- Fake AV Investigation Unearths KevDroid, New Android Malware - Cisco Talos [Web Archive]
- KevDroid - NJCCIC Threat Profile [Web Archive]
LokiTech
MadRAT
MofoTro
- Megasecurity: MofoTro Beta [Web Archive]
- Facebook post: Remote Administration Tools/Trojans [Web Archive]
MRA RAT
Nerbian
- 2022 Proofpoint: Nerbian RAT Using COVID-19 Themes Features Sophisticated Evasion Techniques
- 2022 Bleeping Computer: New stealthy Nerbian RAT malware spotted in ongoing attacks
- 2022 Infosec Institute: Nerbian RAT Using COVID-19 templates
Net Devil
- Cisco Security: Backdoor Net-Devil [Web Archive]
- PC-Freak: Net-Devil [Web Archive]
- 2002 Symantec: Backdoor.NetDevil [Web Archive]
- 2004 OPTIXPRO 1.31 and NETDEVIL1.5 TROJAN BACKDOOR EXPOLIT [Web Archive]
NetSupport Manager
- NetSupport Manager Homepage [Web Archive]
- Wikipedia: NetSupport Manager [Web Archive]
- 2014 An Intro to NetSupport Manager Scripts [Web Archive]
- 2017 EITest: HoeflerText Popups Targeting Google Chrome Users Now Push RAT Malware [Web Archive]
- 2018 Fake Software Update Abuses NetSupport Remote Access Tool [Web Archive]
- 2019 NetSupport RAT installed via fake update notices [Web Archive]
- 2020 Operation TA505: investigating the ServHelper backdoor with NetSupport RAT. Part 2. [Web Archive]
NokNok
- Megasecurity: NokNok 5.0 [Web Archive]
- Megasecurity: NokNok All Versions [Web Archive]
- PC-FREAK: NokNok [Web Archive]
- 2004 TROJAN: NokNok Client Command [Web Archive]
ObliqueRAT
- 2020 ObliqueRAT: New RAT hits victims' endpoints via malicious documents [Web Archive]
- 2020 Transparent Tribe: Evolution analysis, part 2 [Web Archive]
- South Asia APT organizes the "transparent tribe" to compete with opponents on mobile [Web Archive]
Overseer RAT
- Free 3 Month License to OverSeer RAT (Silent Miner RAT with inbuilt crypter) - HackForums
- Overseer RAT : 0.2 - Nulled [Web Archive]
- MONERO AND WANNAMINE - The cyber-criminal cryptocurrency and miner malware of choice - Accenture [Web Archive]
Pandora
Poison Ivy
- 2008 Poison Ivy Remote Administration Tool Homepage [Web Archive]
- 2014 Cisco Talos: Threat Spotlight: Group 72 [Web Archive]
- 2014 FireEye: POISON IVY: Assessing Damage and Extracting Intelligence [Web Archive]
- 2016 Operation DustySky - Part 2 [Web Archive]
- F-Secure: Backdoor:W32/PoisonIvy [Web Archive]
ProAgent RAT
ProRAT
- Megasecurity: ProRat 1.0b [Web Archive]
- An Introduction To Keyloggers, RATS And Malware [Web Archive]
- 2012 [Tutorial] ProRat V1.9 SETUP, Its guide,port forwarding & FAQs [Q&A] [Web Archive]
- 2014 HACK A SYSTEM USING RAT’S [Web Archive]
- 2015 New RATs Emerge from Leaked Njw0rm Source Code [Web Archive]
- 2020 Carders: ProRat ~Best and Free Remote Administration Tools~Backdoor Trojan Horse [Web Archive]
PubNub RAT
Socket23
Sparta RAT
- Megasecurity: Sparta 1.1 (a) [Web Archive]
- Megasecurity: Sparta 1.1 (b1) client [Web Archive]
- Megasecurity: Sparta all [Web Archive]
Subseven
- Symantec: Backdoor.SubSeven [Web Archive]
- Wikipedia: Sub7
- What is SubSeven? Giving away control of your machine! [Web Archive]
- SubSeven: The Malware the Launched 1,000 IT Careers [Web Archive]
- Deconstructing SubSeven, the Trojan Horse of Choice [Web Archive]
- Sub Seven: A Risk to Your Internet Security [Web Archive]
Tapaoux
- 2014 Kaspersky: THE DARKHOTEL APT A STORY OF UNUSUAL HOSPITALITY [Web Archive]
- 2016 DarkHotel: Give Us All Your Data and Enjoy Your Stay [Web Archive]
Tequila Bandita
- Megasecurity: tequila bandita 1.2 beta 1 [Web Archive]
- Megasecurity: Toquitobadito All [Web Archive]
Theef
Toquito Bandito
Turkojan
- TURKOJAN Homepage [Web Archive]
- 2003 Symantec: Backdoor.Turkojan [Web Archive]
- 2016 Turkish Journalist Jailed for Terrorism Was Framed, Forensics Report Shows [Web Archive]
Vigilix
xHacker RAT
- 2007 Romanian Security Team Forum: xHacker 3.0 PRO Leaked! [Web Archive]
- 2016 Quora: How can I build a RAT (Remote Access Trojan) from scratch? For educational purposes only
WebMonitor RAT
- Revcode Website [Web Archive]
- WebMonitor RAT [PC + Android, Keylogger (No root), C++, No PORTFORWARD] #1 ON MARKET - HackForums [Web Archive]
- Say “Cheese”: WebMonitor RAT Comes with C2-as-a-Service (C2aaS) - PaloAlto Networks [Web Archive]
- Who’s Behind the RevCode WebMonitor RAT? [Web Archive]
- WebMonitor RAT Bundled with Zoom Installer [Web Archive]
Metadata
23
Stars
6
Forks
Watchers
Owner
stratosphereips
Metadata
This repository contains a curated list of papers, articles and other sources related to remote access trojans.