GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → AHXR → Ghost

AHXR / Ghost

Licence: gpl-3.0
👻 RAT (Remote Access Trojan) - Silent Botnet - Full Remote Command-Line Access - Download & Execute Programs - Spread Virus' & Malware

Labels

windowshackingmalwareremotetrojanbackdoorratbotnet

Projects that are alternatives of or similar to Ghost

Thefatrat
Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
Stars: ✭ 5,944 (+1805.13%)
Mutual labels:  hacking, malware, remote, trojan, backdoor, rat
Networm
Python network worm that spreads on the local network and gives the attacker control of these machines.
Stars: ✭ 135 (-56.73%)
Mutual labels:  hacking, malware, trojan, backdoor, rat
Lime Rat
LimeRAT | Simple, yet powerful remote administration tool for Windows (RAT)
Stars: ✭ 663 (+112.5%)
Mutual labels:  malware, remote, trojan, backdoor, rat
Telegram Rat
Windows Remote Administration Tool via Telegram. Written in Python
Stars: ✭ 201 (-35.58%)
Mutual labels:  hacking, malware, remote, rat
Unencrypted Backdoor With Process Cloaking
Unencrypted backdoor
Stars: ✭ 16 (-94.87%)
Mutual labels:  malware, trojan, backdoor, rat
Mass Rat
Basic Multiplatform Remote Administration Tool - Xamarin
Stars: ✭ 127 (-59.29%)
Mutual labels:  malware, remote, backdoor, rat
ToxicEye
👽 Program for remote control of windows computers via telegram bot. Written in C#
Stars: ✭ 305 (-2.24%)
Mutual labels:  backdoor, malware, trojan, rat
Remot3d
Remot3d: is a simple tool created for large pentesters as well as just for the pleasure of defacers to control server by backdoors
Stars: ✭ 263 (-15.71%)
Mutual labels:  malware, remote, trojan, backdoor
Xeexe Topantivirusevasion
Undetectable & Xor encrypting with custom KEY (FUD Metasploit Rat) bypass Top Antivirus like BitDefender,Malwarebytes,Avast,ESET-NOD32,AVG,... & Automatically Add ICON and MANIFEST to excitable
Stars: ✭ 387 (+24.04%)
Mutual labels:  hacking, malware, backdoor, rat
Paradoxiarat
ParadoxiaRat : Native Windows Remote access Tool.
Stars: ✭ 395 (+26.6%)
Mutual labels:  hacking, backdoor, rat, botnet
Powershell Rat
Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (+103.85%)
Mutual labels:  hacking, trojan, backdoor, rat
Goat
🐐 GoAT (Golang Advanced Trojan) is a trojan that uses Twitter as a C&C server
Stars: ✭ 218 (-30.13%)
Mutual labels:  hacking, malware, trojan
N00brat
Remote Administration Toolkit (or Trojan) for POSiX (Linux/Unix) system working as a Web Service
Stars: ✭ 148 (-52.56%)
Mutual labels:  hacking, trojan, rat
Proton
Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.
Stars: ✭ 142 (-54.49%)
Mutual labels:  hacking, backdoor, rat
paradoxiaRAT
ParadoxiaRat : Native Windows Remote access Tool.
Stars: ✭ 583 (+86.86%)
Mutual labels:  backdoor, botnet, rat
Caesar
An HTTP based RAT (Remote Administration Tool) that allows you to remotely control devices from your browser
Stars: ✭ 240 (-23.08%)
Mutual labels:  hacking, remote, rat
RoboThief-Telegram-Session-Stealer
Robo Thief is a software for steal telegram session .
Stars: ✭ 18 (-94.23%)
Mutual labels:  malware, trojan, rat
PyIris
PyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.
Stars: ✭ 296 (-5.13%)
Mutual labels:  backdoor, trojan, rat
DcRat
A simple remote tool in C#.
Stars: ✭ 709 (+127.24%)
Mutual labels:  backdoor, remote, rat
RSB-Framework
Windows/Linux - ReverseShellBackdoor Framework
Stars: ✭ 44 (-85.9%)
Mutual labels:  backdoor, trojan, rat
View All Similar Projects ➔

ghost

ghost is a light RAT that gives the server/attacker full remote access to the user's command-line interpreter (cmd.exe). They are allowed to execute commands silently without the client/zombie noticing. The server/attacker is also given the ability to download and execute files on the client/zombie's computer. This is also a silent and hidden process. Like most Remote Access Trojans, this download and execution ability helps distribute viruses and other pieces of malware.

This malware is distributed simply by running zombie.exe. This file name can be changed to whatever. There is no restriction. When run, it searches for the first two arguments (IP & Port). If neither is provided, the program doesn't run. With that being said, make sure you provide the server's IP and Port in the command-line arguments. Example:

zombie.exe 127.0.0.1 27015

Bot Features

  • Remote command execution
  • Silent background process
  • Download and run file (Hidden)
  • Safe Mode startup
  • Will automatically connect to the server
  • Data sent and received is encrypted (substitution cipher)
  • Files are hidden
  • Installed Antivirus shown to server
  • Easily spread malware through download feature
  • Startup info doesn't show in msconfig or other startup checking programs like CCleaner
  • Disable Task Manager

When successfully started, it adds itself to the start-up pool and runs silently in the background. It will try to repeatedly connect to the server. This process does not hog any memory or CPU usage. This means that the zombie will silently just idle in the background and whenever the server is up, it will automatically connect.

When starting the server, it will prompt for you a listening port. This is the port that you need to use in the command-line for zombie.exe. Once you provide the port, your server information will be provided and the menu will be down. The IP address provided is your external IP. With that being said, unless the client/zombie is actively looking and tracking open connections, it will probably be smart to run this server under a remote location if you want to stay anonymous. If this does not interest you, simply renaming zombie.exe and/or changing the assembly information using a tool will likely fool the client/zombie.

Note: This project was only made for education purposes and to test out my recently published repositories (ahxrlogger & ahxrsocket). If you choose to use this for malicious reasons, you are completely responsible for the outcome.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].