lu4p / Torat
Licence: unlicense
ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication
Stars: ✭ 415
Labels
Projects that are alternatives of or similar to Torat
Stitch
Python Remote Administration Tool (RAT)
Stars: ✭ 2,018 (+386.27%)
Mutual labels: cross-platform, payload, rat, keylogger, reverse-shell
Pupy
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+1523.37%)
Mutual labels: payload, rat, post-exploitation, reverse-shell
ToRat client
This is the ToRat client, a part of the ToRat Project.
Stars: ✭ 29 (-93.01%)
Mutual labels: reverse-shell, tor, post-exploitation, payload
Proton
Proton Framework is a Windows post-exploitation framework similar to other Windows post-exploitation frameworks. The major difference is that the Proton Framework does most of its operations using Windows Script Host, with compatibility in the core to support a default installation of Windows 2000 with no service packs all the way through Windows 10.
Stars: ✭ 142 (-65.78%)
Mutual labels: payload, rat, post-exploitation, privilege-escalation
Tinkerershell
A simple python reverse shell written just for fun.
Stars: ✭ 62 (-85.06%)
Mutual labels: rat, keylogger, reverse-shell
Evilosx
An evil RAT (Remote Administration Tool) for macOS / OS X.
Stars: ✭ 1,826 (+340%)
Mutual labels: rat, post-exploitation, reverse-shell
Thoron
Thoron Framework is a Linux post-exploitation framework that exploits Linux TCP vulnerability to provide a shell-like connection. Thoron Framework has the ability to create simple payloads to provide Linux TCP attack.
Stars: ✭ 87 (-79.04%)
Mutual labels: rat, post-exploitation, reverse-shell
gtfo
Search for Unix binaries that can be exploited to bypass system security restrictions.
Stars: ✭ 88 (-78.8%)
Mutual labels: reverse-shell, post-exploitation, privilege-escalation
Covertutils
A framework for Backdoor development!
Stars: ✭ 424 (+2.17%)
Mutual labels: payload, post-exploitation, reverse-shell
trolo
trolo - an easy to use script for generating Payloads that bypasses antivirus
Stars: ✭ 45 (-89.16%)
Mutual labels: reverse-shell, rat, payload
Phpsploit
Full-featured C2 framework which silently persists on webserver with a single-line PHP backdoor
Stars: ✭ 1,188 (+186.27%)
Mutual labels: persistence, post-exploitation, privilege-escalation
Teardroid-phprat
🇮🇳 🤖 It's easy to use android botnet work without port forwarding, vps and android studio
Stars: ✭ 417 (+0.48%)
Mutual labels: rat, keylogger, post-exploitation
ToxicEye
👽 Program for remote control of windows computers via telegram bot. Written in C#
Stars: ✭ 305 (-26.51%)
Mutual labels: rat, keylogger, payload
tor-rootkit
A Python 3 standalone Windows 10 / Linux Rootkit using Tor.
Stars: ✭ 142 (-65.78%)
Mutual labels: reverse-shell, tor, rat
Rebus.SqlServer
🚌 Microsoft SQL Server transport and persistence for Rebus
Stars: ✭ 35 (-91.57%)
Mutual labels: persistence, transport
Loki.Rat
Loki.Rat is a fork of the Ares RAT, it integrates new modules, like recording , lockscreen , and locate options. Loki.Rat is a Python Remote Access Tool.
Stars: ✭ 63 (-84.82%)
Mutual labels: rat, payload
MsfMania
Python AV Evasion Tools
Stars: ✭ 388 (-6.51%)
Mutual labels: reverse-shell, privilege-escalation
WinRAT
(Windows/Linux/Mac) Remote Administration Tool
Stars: ✭ 35 (-91.57%)
Mutual labels: rat, payload
rpc2socks
Post-exploit tool that enables a SOCKS tunnel via a Windows host using an extensible custom RPC proto over SMB through a named pipe.
Stars: ✭ 126 (-69.64%)
Mutual labels: rpc, post-exploitation
maalik
Feature-rich Post Exploitation Framework with Network Pivoting capabilities.
Stars: ✭ 75 (-81.93%)
Mutual labels: rat, payload
A Cross Platform Remote Administration tool written in Go using Tor as its transport mechanism currently supporting Windows, Linux, MacOS clients.
DISCLAIMER
USE FOR EDUCATIONAL PURPOSES ONLY
Wiki
Preview
Client Commands
| Command | Status | Info |
|---|---|---|
| cd | Working | change the working directory of the client |
| ls | Working | list the content of the working directory of the client |
| shred | Working | delete files/ directories unrecoverable |
| screen | Working | take a Screenshot of the client |
| cat | Working | view Textfiles from the client including .docx, .rtf, .pdf, .odt |
| alias | Working | give the client a custom alias |
| down | Working | download a file from the client |
| up | Working | upload a file to the client |
| speedtest | Working | speedtest a client's internet connection |
| hardware | Working | collects a variety of hardware specs from the client |
| netscan | Working | scans a clients entire network for online devices and open ports |
| gomap | Working | scan a local ip on a clients network for open ports and services |
| escape | Working | escape a command and run it in a native shell on the client |
| reconnect | Not Working | tell the client to reconnect |
| help | Working | lists possible commands with usage info |
| exit | Working | background current session and return to main shell |
Server Commands
| Command | Status | Info |
|---|---|---|
| select | Working | select client to interact with |
| list | Working | list all connected clients |
| alias | Working | select client to give an alias |
| cd | Working | change the working directory of the server |
| help | Working | lists possible commands with usage info |
| exit | Working | exit the server |
Current Features
Architecture
- RPC (Remote procedure Call) based communication for easy addition of new functionality
- Automatic upx leads to client binaries of ~6MB with embedded Tor
- sqlite via gorm for storing information about the clients
- client is obfuscated via garble
Server Shell
-
Cross Platform reverse shell (Windows, Linux, Mac OS)
-
Supports multiple connections
-
Welcome Banner
-
Colored Output
-
Tab-Completion of:
- Commands
- Files/ Directories in the working directory of the server
-
Unique persistent ID for every client
- give a client an Alias
- all Downloads from client get saved to ./$ID/$filename
Persistence
-
Windows:
- [ ] Multiple User Account Control Bypasses (Privilege escalation)
- [ ] Multiple Persistence methods (User, Admin)
-
Linux:
- [ ] Multiple Persistence methods (User, Admin)
Tor
-
Fully embedded Tor within go
-
the ToRAT_client communicates over TLS encrypted RPC proxied through Tor with the ToRat_server (hidden service)
- [x] anonymity of client and server
- [x] end-to-end encryption
-
optional transport without Tor e.g. Use Tor2Web, a DNS Hostname or public/ local IP
- [x] smaller binary ~3MB upx'ed
- [ ] anonymity of client and server
Upcoming Features
- [ ] Bulk Commands
- [ ] Persistence and privilege escalation for Linux
- [ ] Persistence and privilege escalation for Mac OS
- [ ] Support for Android and iOS (needs fix of https://github.com/ipsn/go-libtor/issues/12)
- [ ] File-less Persistence on Windows
Contribution
All contributions are welcome you don't need to be an expert in Go to contribute.
Credits
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].