alphaSeclab/awesome-rat: RAT resources. 100+ open source RAT, 500+ RAT analysis blog/video.

收集的所有开源工具: 超过18K, 包括Markdown和Json两种格式
逆向资源: IDA/Ghidra/x64dbg/OllDbg/WinDBG/CuckooSandbox/Radare2/BinaryNinja/DynamoRIO/IntelPin/Frida/QEMU/Android安全/iOS安全/Window安全/Linux安全/macOS安全/游戏Hacking/Bootkit/Rootkit/Angr/Shellcode/进程注入/代码注入/DLL注入/WSL/Sysmon/...
网络相关的安全资源: 代理/GFW/反向代理/隧道/VPN/Tor/I2P，以及中间人/PortKnocking/嗅探/网络分析/网络诊断等
攻击性网络安全资源: 漏洞/渗透/物联网安全/数据渗透/Metasploit/BurpSuite/KaliLinux/C&C/OWASP/免杀/CobaltStrike/侦查/OSINT/社工/密码/凭证/威胁狩猎/Payload/WifiHacking/无线攻击/后渗透/提权/UAC绕过/...

开源远控工具，和恶意远控分析报告。
English Version

工具
文章
- (569) 新添加

新添加

[5131星][4m] [Py] n1nj4sec/pupy Python编写的远控、后渗透工具，跨平台（Windows, Linux, OSX, Android）
[1432星][3y] [Py] nathanlopez/stitch 一个跨平台的远控框架，可为Windows，Mac OSX和Linux构建自定义的Payload
[1113星][1y] [ObjC] neoneggplant/eggshell iOS/macOS/Linux Remote Administration Tool
[683星][1y] [PS] arvanaghi/sessiongopher 使用WMI为远程访问工具（如WinSCP，PuTTY，SuperPuTTY，FileZilla和Microsoft远程桌面）提取保存的会话信息。PowerShell编写
[633星][11m] [Py] mehulj94/braindamage 使用Telegram做C&C服务器的远控
[501星][20d] [C++] m2team/nsudo 强大的系统管理工具
[372星][3m] [C++] werkamsus/lilith 基于C ++开发的基于控制台的超轻量RAT
[347星][7m] [C#] beckzhu/simpleremote 远程管理工具。轻量级、选项卡式、免费、开源的远程连接管理工具，支持RDP、SSH、Telnet协议
[293星][4m] [C++] yuanyuanxiang/simpleremoter 基于gh0st的远程控制器：实现了终端管理、进程管理、窗口管理、远程桌面、文件管理、语音管理、视频管理、服务管理、注册表管理等功能
[284星][2y] [Py] 0xislamtaha/python-rootkit Python远控，用于获取Meterpreter会话
[264星][7y] [C++] sin5678/gh0st a open source remote administrator tool
[205星][2y] [C#] them4hd1/vayne-rat 用C＃编码的免费和开源远程管理工具。
[191星][1m] [PHP] 0blio/caesar 基于HTTP的RAT，从浏览器远程控制设备
[189星][2y] [C++] ahxr/ghost a light RAT that gives the server/attacker full remote access to the user's command-line interprete
[185星][2m] [Py] pure-l0g1c/loki 远程访问工具，使用 RSA-2048 + AES-256 保护通信安全
[160星][2y] [C++] hussein-aitlahcen/blackhole C# RAT (Remote Administration Tool)
[156星][3y] [Visual Basic .NET] mwsrc/plasmarat Remote Access Trojan(RAT), Miner, DDoS
[138星][2y] [Py] anhkgg/pyrat 基于python XmlRPC完成的远控开源项目，包括客户端和服务端（也叫控制端，后统称服务端）
[121星][3y] [Visual Basic .NET] mwsrc/njrat njRAT SRC Extract
[113星][3y] [C#] leurak/trollrat 远程管理工具（RAT），该工具采用与其他RAT不同的方法，不做数据窃取等，只是为了trolling
[98星][4y] [Py] ridter/myjsrat This is JSRat.ps1 in Python
[95星][7y] [C#] ilikenwf/darkagent DarkAgent Remote Administration Tool RAT by DragonHunter
[95星][2y] [Pascal] senjaxus/allakore_remote Delphi Seattle编写的远控
[94星][29d] [Go] lu4p/torat Go语言编写的远程管理工具，使用Tor作为传输机制，使用RPC进行通信
[94星][2m] [JS] securityrat/securityrat OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development
[81星][3y] [Py] lukasikic/hacoder.py FUD Backdoor Generator / Remote Administration Tool
[79星][1y] [C#] advancedhacker101/c-sharp-r.a.t-server a remote administration tool built with c#
[78星][4y] [C++] rwhitcroft/dnschan 使用DNS通信的远程访问木马
[76星][4y] [Py] ahhh/reverse_https_bot A python based https remote access trojan for penetration testing
[65星][5m] [Visual Basic .NET] thesph1nx/rt-101 VB.net Remote Administrator Tool (RAT)
[62星][2y] [Java] ghosts/maus Lightweight remote administrative client written in Java.
[60星][10d] [Py] angus-y/pyiris-backdoor a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems.
[55星][4y] [Py] ahhh/ntp_trojan Reverse NTP remote access trojan in python, for penetration testers
[55星][3y] [Py] m4sc3r4n0/spyrat Python Remote Access Trojan
[55星][11d] [Py] uninett/nav Network Administration Visualized
[51星][9m] [C#] fsecurelabs/sharpgpo-remoteaccesspolicies A C# tool for enumerating remote access policies through group policy.
[49星][1y] [Java] blackhacker511/blackrat Java编写的远控
[46星][2m] [C#] brunull/pace A Remote Access Tool for Windows.
[44星][12d] [Py] technowlogy-pushpender/technowhorse TechNowHorse is a RAT (Remote Administrator Trojan) Generator for Windows/Linux systems written in Python 3.
[43星][5y] [C#] c4bbage/xrat xRAT 2.0 - Free, Open-Source Remote Administration Tool
[42星][1y] [PHP] davidtavarez/pinky pinky - The PHP mini RAT (Remote Administration Tool)
[40星][2y] [C#] wearelegal/cinarat CinaRAT - Cina Is Not A Remote Administration Tool
[39星][4y] [Pascal] senjaxus/delphi_remote_access_pc Remote access in Delphi 7 and Delphi XE5 (With sharer files, CHAT and Forms Inheritance) || Acesso Remoto em Delphi 7 e Delphi XE5 (Com Compartilhador de Arquivos, CHAT e Herança de Formulários)
[39星][3y] [Visual Basic .NET] mwsrc/betterrat Better Remote Access Trojan
[32星][4m] [C#] blackvikingpro/aresskit Next Generation Remote Administration Tool (RAT)
[32星][3y] [Pascal] mwsrc/xtremerat XtremeRAT SRC Extract
[31星][2y] [C#] valsov/backnet Remote Administration Tool with botnet capability, Windows
[27星][2y] [Py] the404hacking/windows-python-rat A New Microsoft Windows Remote Administrator Tool [RAT] with Python by Sir.4m1R.
[25星][2y] [Py] thegeekht/loki.rat Loki.Rat is a fork of the Ares RAT, it integrates new modules, like recording , lockscreen , and locate options. Loki.Rat is a Python Remote Access Tool.
[23星][1y] [C] hardenedbsd/secadm HardenedBSD Security Administration
[23星][2y] [C] p4p1/p4p1 Reverse shell for remote administration
[23星][2m] [JS] roemhildtg/spectre-canjs A WIP data administration component library built on the Spectre.css framework enabled with CanJS
[21星][4m] [C#] nyan-x-cat/revengerat-stub-cssharp Revenge-RAT C# Stub - Fixed
[19星][7m] [C#] rainkin1993/remote-access-trojan-database A database of RAT collected from Internet
[18星][3y] [Visual Basic .NET] malwares/plasmarat Remote Access Trojan(RAT), Miner, DDoS
[18星][3y] [Shell] mitchellkrogza/linux-server-administration-scripts Simple bash administration scripts for Linux to make your life easier.
[17星][3y] [Py] landonpowell/orwell-rat-and-botnet Orwell is a RAT and Botnet designed as a trio of programs by Landon Powell.
[16星][2y] [Py] lithium95/controll_remote_access_trojan Created a VERY SIMPLE remote access Trojan that will establish administrative control over any windows machine it compromises.
[16星][17d] [Py] kaiiyer/backnet Backdoor+Botnet or BackNet is a Python Remote Access Tool.
[14星][1y] shifa123/maarc A Python - Remote Administration Tool (RAT)
[13星][3y] [C++] erhanbaris/relec-ransomware Ransomware application clone with administration dashboard
[12星][2y] [JS] node-rat/noderat NodeRat is remote access tool made with NodeJS and python
[11星][3y] [Pascal] mwsrc/schwarze-sonne-rat SS-RAT (Schwarze-Sonne-Remote-Access-Trojan)
[10星][2y] [Go] alanbaumgartner/aurora Aurora Remote Administration Tool
[9星][3m] [Py] federicochieregato/darkfox Remote access trojan created using WinRar with firefox installer and python Reverse Shell embedded.
[7星][4y] [C#] pigeonhands/mlrat Plugin Driven Remote Administration Tool (Unsupported)
[5星][9m] [Py] apacketofsweets/apollo A simple, lightweight Remote Access Tool written in Python
[4星][3y] [C++] mz-eur/invidia Invidia Remote Administration Tool
[3星][12m] [Py] jakhax/shellverse Shellverse is a multi-client and multi-threaded Remote Administration Tool and post-exploitation tool
[2星][4y] [Visual Basic .NET] retrobyte/shadowtech-rat An example of a remote administration tool.
[2星][4m] [Py] gbrn1/pirate Python Remote Access Tool
[0星][2y] [Shell] jondade/admin Random systems and network administration scripts and sample code

Android

[1745星][7m] [Smali] ahmyth/ahmyth-android-rat Android Remote Administration Tool
[920星][7y] designativedave/androrat Remote Administration Tool for Android devices
[903星][5y] [Java] wszf/androrat Remote Administration Tool for Android
[163星][2y] [Java] the404hacking/androrat AndroRAT | Remote Administrator Tool for Android OS Hacking
[132星][3y] [Java] mwsrc/betterandrorat Android Remote Access Trojan
[65星][6y] [Java] ibrahimbalic/androidrat Android RAT
[60星][2y] [Java] globalpolicy/phonemonitor A Remote Administration Tool for Android devices
[47星][3y] [Py] alessandroz/pupy Python编写的远控、后渗透工具，跨平台（Windows, Linux, OSX, Android）
[5星][2y] rev-code/androidclient Android remote administration client

Windows

[2840星][8m] [C#] quasar/quasarrat Remote Administration Tool for Windows
[599星][1y] [PS] fortynorthsecurity/wmimplant This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/remote machine. WMImplant is WMI based.
[500星][6m] [Visual Basic .NET] nyan-x-cat/lime-rat LimeRAT | Simple, yet powerful remote administration tool for Windows (RAT)
[469星][4m] [Py] viralmaniar/powershell-rat Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
[329星][3y] [Pascal] malwares/remote-access-trojan Windows Remote-Access-Trojan
[323星][10d] [C#] nyan-x-cat/asyncrat-c-sharp Open-Source Remote Administration Tool For Windows C# (RAT)
[317星][6m] [Py] mvrozanti/rat-via-telegram Windows Remote Administration Tool via Telegram
[226星][4y] [Py] hood3drob1n/jsrat-py This is my implementation of JSRat.ps1 in Python so you can now run the attack server from any OS instead of being limited to a Windows OS with Powershell enabled.
[149星][9m] [Py] safebreach-labs/sireprat Remote Command Execution as SYSTEM on Windows IoT Core
[108星][7m] [C#] dannythesloth/vanillarat VanillaRat is an advanced remote administration tool completely coded in C# for Windows.
[105星][11m] [Py] thelinuxchoice/pyrat Windows远控
[104星][8m] [C#] r-smith/splice-admin A remote Windows administration tool. You know you want it.
[100星][2y] [Py] syss-research/outis a custom Remote Administration Tool (RAT) or something like that. It was build to support various transport methods (like DNS) and platforms (like Powershell).
[68星][1m] [PS] dsccommunity/certificatedsc This DSC Resource module can be used to simplify administration of certificates on a Windows Server.
[67星][4y] [C#] stphivos/rat-shell Windows Remote Access Trojan (RAT)
[39星][3y] [Py] swordf1sh/moderat Experimental Windows Remote Administration and Spy Tool in Python + GUI
[20星][12m] [Visual Basic] nyan-x-cat/asyncrat Remote Administration Tool For Windows
[17星][9m] [Py] operatorequals/smbrat A Windows Remote Administration Tool in Visual Basic with UNC paths
[16星][2y] [PS] yschgroup/skyrat SkyRAT - Powershell Remote Administration Tool

macOS

[1335星][1y] [Py] marten4n6/evilosx An evil RAT (Remote Administration Tool) for macOS / OS X.
[408星][1m] [ObjC] sap/macos-enterprise-privileges For Mac users in an Enterprise environment this app ensures secure environment and yet gives the User control over administration of their machine by elevating their level of access to Administrator privilege on macOS X. Users can set the time frame using Preferences to perform specific tasks such as install or remove an application.
[72星][4y] [Pascal] xlinshan/coldroot Mac OS Trojan (RAT) made with love <3
[68星][1y] [Py] kdaoudieh/bella Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS.
[20星][3y] [Py] cys3c/evilosx A pure python, post-exploitation, remote administration tool (RAT) for macOS / OS X.
[4星][3y] [Py] kai5263499/bella A pure python, post-exploitation, data mining tool and remote administration tool for macOS.

Linux

[130星][7m] [C] abhishekkr/n00brat 用于POSiX（Linux / Unix）系统的远程管理工具包（或Trojan），以Web服务方式运行
[67星][8m] [JS] webxscan/linux_rat LINUX集群控制(LINUX反弹式远控)
[49星][3m] [C] thibault-69/rat-hodin-v2.9 Remote Administration Tool for Linux
[19星][1y] [C] lillypad/swamp-rat A Linux RAT in C
[7星][3m] [C] ctsecurity/stealth-kid-rat Stealth Kid RAT (SKR) is an open source Linux remote administration tool written in C. Licensed under MIT. The SKR project is fully developed and tested on Debian GNU-Linux (Deb 9.3 "Stretch") platform. The RAT will soon be available on Windows platform by mid 2018.

其他

[780星][2m] [Py] kevthehermit/ratdecoders Python Decoders for Common Remote Access Trojans
[157星][1y] [Py] fireeye/geologonalyzer 用于分析远程访问日志以查找异常的实用程序，例如旅行可行性和数据中心源。

新添加

2019.12 [ptsecurity] Turkish tricks with worms, RATs… and a freelancer
2019.12 [carbonblack] Threat Analysis Unit (TAU) Threat Intelligence Notification: BlackRemote RAT
2019.11 [4hou] 双加载的ZIP文件传播Nanocore RAT
2019.11 [fortinet] Double Trouble: RevengeRAT and WSHRAT
2019.11 [krebsonsecurity] Orcus RAT Author Charged in Malware Scheme
2019.10 [pentestpartners] Objections to IoT regulation. A rational reply
2019.10 [fortinet] A Deep-Dive Analysis of the NukeSped RATs
2019.10 [fortinet] New Variant of Remcos RAT Observed In the Wild
2019.10 [tencent] 快Go矿工（KuaiGoMiner）控制数万电脑挖矿，释放远控木马窃取机密
2019.10 [4hou] 快go矿工（KuaiGoMiner）控制数万电脑挖矿，释放远控木马窃取机密
2019.10 [freebuf] 反间谍之旅：首款安卓远控木马工具分析
2019.10 [angelalonso] WSH RAT - Analysis of the code
2019.10 [angelalonso] Fudcrypt using H-Worm from WSH RAT
2019.10 [TheLinuxFoundation] Tracing Resource-constrained Embedded Systems using eBPF - Ioan-Adrian Ratiu, Collabora
2019.09 [4hou] 病毒团伙利用phpStudy RCE漏洞批量抓鸡，下发四个远控木马
2019.09 [360] Revenge-RAT is used in phishing emails attacks against Italy
2019.09 [malware] 2019-09-24 - PCAP AND MALWARE FOR AN ISC DIARY (QUASAR RAT)
2019.09 [aliyun] 利用badusb对用户进行木马远控
2019.09 [fortinet] New NetWire RAT Variant Being Spread Via Phishing
2019.09 [myonlinesecurity] Some changes to Remcos Rat persistence method
2019.09 [myonlinesecurity] Fake TNT delivery drops WSHRAT via DiscordApp
2019.09 [myonlinesecurity] Fake invoice tries to deliver Remcos RAT
2019.09 [freebuf] 黑客购买新型WSH RAT最新变种样本，攻击银行客户
2019.09 [sensecy] ARABIC-SPEAKING THREAT ACTOR RECYCLES THE SOURCE CODE OF POPULAR RAT SPYNOTE AND SELLS IT IN THE DARK WEB, AS NEW
2019.09 [malware] 2019-09-13 - WSHRAT INFECTION FROM MALSPAM
2019.09 [freebuf] 钓鱼邮件中的Remcos RAT变种分析
2019.09 [malware] 2019-09-03 - PCAP AND MALWARE FOR AN ISC DIARY (REMCOS RAT)
2019.09 [angelalonso] WSH RAT and the link to unknowcrypter and Fudcrypt
2019.08 [securelist] Fully equipped Spying Android RAT from Brazil: BRATA
2019.08 [talosintelligence] RAT Ratatouille: Backdooring PCs with leaked RATs
2019.08 [malware] 2019-08-26 - DATA DUMP: SOCGHOLISH CAMPAIGN PUSHES NETSUPPORT RAT
2019.08 [4hou] Adwind远控当前被广泛用于公共事业部门的攻击活动中
2019.08 [malware] 2019-08-23 - DATA DUMP (URSNIF, RIG EK, NETWIRE RAT)
2019.08 [fortinet] Fake Indian Income Tax Calculator Delivers xRAT Variant
2019.08 [trendmicro] Analysis: New Remcos RAT Arrives Via Phishing Email
2019.08 [bromium] Decrypting L0rdix RAT’s C2
2019.07 [tencent] 商贸信家族新活跃：利用钓鱼邮件传播商业远控木马RevetRAT
2019.07 [hackingarticles] EvilOSX-RAT for MacOS/OSX
2019.07 [bromium] An Analysis of L0rdix RAT, Panel and Builder
2019.07 [freebuf] 关于远控木马你应该了解的知识点
2019.07 [trendmicro] Spam Campaign Targets Colombian Entities with Custom-made ‘Proyecto RAT,’ Uses Email Service YOPmail for C&C
2019.07 [homelandsecuritynewswire] Trump Is Rattling Sabers in Cyberspace — but Is the U.S. Ready?
2019.07 [freebuf] APT34核心组件Glimpse：远控复现与流量分析
2019.07 [d] Red Team Diary, Entry #1: Making NSA’s PeddleCheap RAT Invisible
2019.07 [yoroi] Spotting RATs: Tales from a Criminal Attack
2019.07 [cybersecpolitics] Book Review: Delusions of Intelligence, R.A. RATCLIFF
2019.07 [4hou] 探寻木马进化趋势：APT32多版本远控木马Ratsnif的横向分析
2019.07 [4hou] 浅谈远控木马
2019.07 [talosintelligence] RATs and stealers rush through “Heaven’s Gate” with new loader
2019.06 [myonlinesecurity] More AgentTesla keylogger and Nanocore RAT in one bundle
2019.06 [4hou] 警惕H-worm蠕虫病毒伪装电影样片钓鱼，草率点击附件会中远控木马
2019.06 [myonlinesecurity] Nanocore RAT via fake DHL failed delivery in Chinese
2019.06 [myonlinesecurity] Remcos Rat via fake invoice using multiple delivery methods.
2019.06 [4hou] TA505在最新攻击活动中使用HTML, RAT和其他技术
2019.06 [trendmicro] Shifting Tactics: Breaking Down TA505 Group’s Use of HTML, RATs and Other Techniques in Latest Campaigns
2019.06 [HackerSploit] Remcos RAT Review - The Most Advanced Remote Access Tool
2019.05 [Fig] Forest CS Skip Backwalk Strat 2nd Frame Adjustment (Swordless)
2019.05 [4hou] 提高恶意软件多任务处理能力的Babylon RAT
2019.05 [myonlinesecurity] nanocore RAT via fake order in password protected word doc with wrong password
2019.05 [360] 记一次利用XLM宏投放远控工具的垃圾邮件活动
2019.05 [arxiv] [1905.07273] Finding Rats in Cats: Detecting Stealthy Attacks using Group Anomaly Detection
2019.05 [freebuf] 基于Python的BS远控Ares实战
2019.05 [4hou] C&C远控工具:WebSocket C2
2019.05 [myonlinesecurity] Fake Payment receipt vbs drops njrat bladabindi downloads Agent Tesla via Sendspace.
2019.04 [freebuf] 看我如何揪出远控背后的幕后黑手
2019.04 [4hou] C&C远控工具：Ares
2019.04 [krebsonsecurity] Who’s Behind the RevCode WebMonitor RAT?
2019.04 [freebuf] 门罗币挖矿&远控木马样本分析
2019.04 [4hou] 门罗币挖矿+远控木马样本分析
2019.04 [yoroi] LimeRAT spreads in the wild
2019.03 [360] 木马作者主动提交Tatoo远控后门程序
2019.03 [HackerSploit] How To Automatically Embed Payloads In APK's - Evil-Droid, Thefatrat & Apkinjector
2019.03 [alienvault] The odd case of a Gh0stRAT variant
2019.03 [flashpoint] FIN7 Revisited: Inside Astra Panel and SQLRat Malware
2019.03 [paloaltonetworks] Cardinal RAT Sins Again, Targets Israeli Fin-T
2019.03 [malware] 2019-03-06 - QUICK POST: KOREAN MALSPAM PUSHES FLAWED AMMYY RAT MALWARE
2019.03 [alienvault] Mapping TrickBot and RevengeRAT with MITRE ATT&CK and AlienVault USM Anywhere
2019.02 [dodgethissecurity] Reverse Engineering an Unknown RAT – Lets call it SkidRAT 1.0
2019.02 [4hou] Revenge RAT恶意软件升级版来袭
2019.02 [myonlinesecurity] Fake Blockchain authentication update delivers Dark Comet RAT
2019.02 [securityartwork] Case study: “Imminent RATs” (III)
2019.02 [securityartwork] Case study: “Imminent RATs” (II)
2019.02 [securityledger] ExileRAT Malware Targets Tibetan Exile Government
2019.02 [securityartwork] Case study: “Imminent RATs” (I)
2019.02 [talosintelligence] ExileRAT shares C2 with LuckyCat, targets Tibet
2019.01 [myonlinesecurity] Fake Autec Power purchase Order delivers Nanocore RAT
2019.01 [angelalonso] Fudcrypt: the service to crypt Java RAT through VBS scripts and Houdini malware
2019.01 [yoroi] The Story of Manuel’s Java RAT
2019.01 [0x00sec] RATs question. Long break
2019.01 [aliyun] 使用MS Word文档传播.Net RAT恶意软件
2019.01 [tencent] 腾讯电脑管家：“大灰狼”远控木马伪装成“会所会员资料”传播
2019.01 [4hou] 使用MS Word文档传播.Net RAT恶意软件
2019.01 [0x00sec] VPS or a VPN for a RAT?
2019.01 [talosintelligence] What we learned by unpacking a recent wave of Imminent RAT infections using AMP
2019.01 [fortinet] .Net RAT Malware Being Spread by MS Word Documents
2019.01 [4hou] TA505将新的ServHelper Backdoor和FlawedGrace RAT添加到其军火库中
2019.01 [myonlinesecurity] Nanocore RAT via fake order emails
2019.01 [UltraHacks] Ozone RAT C++ | Hidden VNC [TUTORIAL VIDEO] | Ultra Hacks
2019.01 [malware] 2019-01-04 - MALSPAM PUSHES NANOCORE RAT
2019.01 [tencent] 疑似Gorgon组织使用Azorult远控木马针对中国外贸行业的定向攻击活动
2019.01 [jhalderm] Absolute Pwnage: Security Risks of Remote Administration Tools
2018.12 [Kaspersky] Attacks on industrial enterprises using remote administration tools
2018.12 [ironcastle] AR18-352A: Quasar Open-Source Remote Administration Tool
2018.12 [360] Flash 0day + Hacking Team远控：利用最新Flash 0day漏洞的攻击活动与关联分析
2018.12 [freebuf] Flash 0day+Hacking Team远控：利用最新Flash 0day漏洞的攻击活动与关联分析
2018.11 [myonlinesecurity] More Fake DHL invoices delivering Remcos RAT via office XML files
2018.11 [trendmicro] 由AutoIt编译的蠕虫, 利用可移动介质传播, 投递无文件版的njRAT远控
2018.11 [myonlinesecurity] Fake Payment Receipt delivers Nanocore RAT malware
2018.11 [UltraHacks] Warzone RAT C++ | Hidden VNC [PROMOTION VIDEO]| Ultra Hacks
2018.11 [proofpoint] tRat: 多个垃圾邮件行动中传播的新型模块化远控
2018.11 [trendmicro] 使用机器学习对Gh0st远控变种恶意网络数据流进行归类
2018.10 [DEFCONConference] DEF CON 26 CAR HACKING VILLAGE - Dan Regalado - Meet Salinas, 1st SMS commanded Car Infotainment RAT
2018.10 [cybrary] “I smell a rat!” – AhMyth, not a Myth
2018.10 [welivesecurity] LuminosityLink RAT pack leader jailed 30 months in the US
2018.10 [cofense] H-Worm and jRAT Malware: Two RATs are Better than One
2018.10 [UltraHacks] XenaRAT [BETA] Tutorial
2018.10 [360] 远控木马盗用网易官方签名
2018.10 [Fig] Boatskip Movement: Standard Strat vs Guano Walk
2018.10 [ncsc] RATs, Mimikatz and other domestic pests
2018.10 [infosecinstitute] Interview with RaT, the High Council President of SOLDIERX
2018.10 [securityledger] Episode 114: Complexity at Root of Facebook Breach and LoJax is a RAT You Can’t Kill
2018.10 [sophos] IP EXPO Europe 2018: Sophos experts talk AI, privacy vs security, and RATs
2018.09 [malwarebytes] Buggy implementation of CVE-2018-8373 vulnerability used to deliver Quasar RAT
2018.09 [kaspersky] Threats posed by using RATs in ICS
2018.09 [kaspersky] Industrial networks in need of RAT control
2018.09 [securelist] Threats posed by using RATs in ICS
2018.09 [myonlinesecurity] Fake Purchase Order email delivers Remcos RAT
2018.09 [UltraHacks] How to setup DarkCometRAT 5.3.1 + Portforward
2018.08 [freebuf] Hero RAT：一种基于Telegram的Android恶意软件
2018.08 [UltraHacks] Remcos RAT Tutorial | Remote Administration Tool | Ultra Hacks
2018.08 [Sebdraven] Lammers, stealers and RATs: same technics like Formbook malware to install JRAT and HawkEye…
2018.08 [4hou] 垃圾邮件活动滥用SettingContent-ms传播FlawedAmmyy RAT
2018.08 [alienvault] Off-the-shelf RATs Targeting Pakistan
2018.07 [k7computing] Weaponized.IQY: A Quest to Deliver the FlawedAmmyy RAT
2018.07 [trendmicro] Spam Campaign Abusing SettingContent-ms Found Dropping Same FlawedAmmy RAT Distributed by Necurs
2018.07 [k7computing] Weaponized.IQY: A Quest to Deliver the FlawedAmmyy RAT
2018.07 [proofpoint] Parasite HTTP RAT cooks up a stew of stealthy tricks
2018.07 [proofpoint] TA505 Abusing SettingContent-ms within PDF files to Distribute FlawedAmmyy RAT
2018.07 [welivesecurity] Vermin one of three RATs used to spy on Ukrainian government institutions
2018.07 [myonlinesecurity] Fake DHL “Alert! Shipment Notification” delivers Remcos RAT
2018.07 [360] 针对一个远控木马Gh0st RAT样本的初始化分析
2018.07 [pentesttoolz] EvilOSX – Evil Remote Administration Tool (RAT) for macOS/OS X – Kali Linux 2018.2
2018.06 [heimdalsecurity] Security Alert: New Spam Campaign Delivers Flawed Ammyy RAT to Infect Victims’ Computers
2018.06 [hispasec] HeroRat, otro RAT para Android que utiliza Telegram como C&C
2018.06 [welivesecurity] HeroRAT: 基于Telegram的Android远控, 使用Xamarin框架编写
2018.06 [n0where] Pure python post-exploitation RAT for macOS & OSX: EvilOSX
2018.05 [talosintelligence] NavRAT Uses US-North Korea Summit As Decoy For Attacks In South Korea
2018.05 [myonlinesecurity] Necurs delivering Flawed Ammy RAT via IQY Excel Web Query files
2018.05 [freebuf] 被黑的Drupal网站被用来挖矿，传播远控，发送诈骗邮件
2018.05 [freebuf] 解码Gh0st RAT变种中的网络数据
2018.05 [fortinet] Remcos远控变种利用CVE-2017-11882传播
2018.05 [freebuf] 神话传奇：一款通过卖号在微信群传播的远控木马
2018.04 [myonlinesecurity] Remcos RAT delivered by fake ” your workers are fighting” message
2018.04 [virusbulletin] GravityRAT malware takes your system's temperature
2018.04 [360] 神话传奇——通过卖号微信群传播的远控木马
2018.04 [talosintelligence] GravityRAT - The Two-Year Evolution Of An APT Targeting India
2018.04 [UltraHacks] WebMonitor RAT - NO PORTFORWARD NEEDED + FREE VPN NEW
2018.04 [4hou] 吃鸡辅助远控木马分析
2018.04 [freebuf] 吃鸡辅助远控木马分析
2018.04 [myonlinesecurity] Fake PAYMENT CONFIRMATION emails deliver Nanocore RAT
2018.04 [myonlinesecurity] Nanocore Rat delivered via fake order emails
2018.04 [myonlinesecurity] Remcos RAT delivered via fake CCICM international debt recovery service
2018.04 [360] 吃鸡辅助远控木马分析
2018.04 [pentesttoolz] Parat – Undetectable Python Payloads – Remote Administration Tool – Kali Linux 2018.1
2018.04 [trendmicro] 趋势科技研究人员监控到垃圾邮件传播跨平台远控Adwind, 同时捆绑了后门XTRAT和DUNIHI和Loki
2018.04 [4hou] 利用Digital Ocean构建远控基础设施
2018.04 [flashpoint] RAT Gone Rogue: Meet ARS VBS Loader
2018.04 [lookout] mAPT ViperRAT Found in Google Play
2018.04 [myonlinesecurity] Fake Payment recovery email spoofing CCICM international debt recovery service delivers Remcos rat via Microsoft Equation Editor Exploits
2018.04 [paloaltonetworks] Say “Cheese”: WebMonitor RAT Comes with C2-as-a-Servic
2018.04 [ensilo] enSilo Blocks New Variant of Adwind RAT
2018.04 [freebuf] DELPHI黑客编程（三）：简单远控原理实现
2018.04 [myonlinesecurity] Nanocore RAT delivered by fake order malspam
2018.04 [freebuf] 基于SYLK文件传播Orcus远控木马样本分析
2018.04 [tencent] 基于SYLK文件传播Orcus远控木马样本分析
2018.04 [UltraHacks] njRAT v0.7 | Tutorial | www.ultrahacks.org | Ultra Hacks
2018.04 [4hou] 对愈加流行的Qrypter RAT运作情况进行分析
2018.03 [4hou] 深入分析利用宏代码传播NetwiredRC和Quasar RAT的恶意RTF文档
2018.03 [UltraHacks] Spynote v5.8 Android RAT | Tutorial | www.ultrahacks.org | Ultra Hacks
2018.03 [trustwave] Crypter-as-a-Service Helps jRAT Fly Under The Radar
2018.03 [OALabs] Analyzing Adwind / JRAT Java Malware
2018.03 [broadanalysis] Guest Blog Post: njRat Analysis with Volatility
2018.03 [hispasec] TeleRAT, el troyano que utiliza la API de Telegram para exfiltrar información
2018.03 [tencent] 新型远控木马Remcos利用CVE-2017-11882漏洞进行实时攻击
2018.03 [360] 针对OS X上Coldroot RAT跨平台后门的详细分析
2018.03 [broadanalysis] EiTest campaign Hoefler Text Pop-up delivers NetSupport Manager RAT
2018.03 [applehelpwriter] defending against EvilOSX, a python RAT with a twist in its tail
2018.03 [broadanalysis] Fake Flash update leads to NetSupport RAT
2018.03 [broadanalysis] EiTest campaign Hoefler Text Pop-up delivers NetSupport Manager RAT
2018.03 [heimdalsecurity] Security Alert: Spam Campaign Spreads Adwind RAT variant, Targeting Computer Systems
2018.03 [ixiacom] RATs, Shovels and Servers
2018.03 [4hou] 高清无码！比鬼片还刺激！且听“诡娃”远控的这首惊魂曲
2018.03 [freebuf] 高清无码！比鬼片还刺激！且听“诡娃”远控的这首惊魂曲
2018.03 [360] 胆小者慎入！比鬼片还刺激！且听“诡娃”远控的这首惊魂曲
2018.03 [myonlinesecurity] Fake order spoofed from Finchers ltd Sankyo-Rubber delivers Remcos RAT via ACE attachments
2018.02 [talosintelligence] CannibalRAT targets Brazil
2018.02 [myonlinesecurity] Fake URGENT BANK DETAILS CONFIRMATION delivers Java Adwind Qrat Jrat
2018.02 [broadanalysis] Fake Flash update leads to NetSupport RAT
2018.02 [broadanalysis] EiTest campaign Hoefler Text Pop-up delivers NetSupport Manager RAT
2018.02 [myonlinesecurity] Fake DHL notification delivers some sort of Java RAT
2018.02 [myonlinesecurity] Fake TNT notification delivering Java Adwind Qrat Trojan
2018.02 [objective] Tearing Apart the Undetected (OSX)Coldroot RAT
2018.02 [trendmicro] New AndroRAT Exploits Dated Privilege Escalation Vulnerability, Allows Permanent Rooting
2018.02 [netskope] ShortJSRAT leverages cloud with scriptlets
2018.02 [paloaltonetworks] RAT Trapped? LuminosityLink Falls Foul of Vermin Eradicatio
2018.02 [rsa] Winds of Winter - MalSpam Delivers Adwind RAT 2-1-2018
2018.02 [360] 远控木马巧设“白加黑”陷阱：瞄准网店批发商牟取钱财
2018.02 [myonlinesecurity] Fake Swift Copy malspam via compromised sites delivering Java Adwind/ QRAT /JRAT Trojan
2018.01 [paloaltonetworks] VERMIN: Quasar RAT and Custom Malware Used I
2018.01 [broadanalysis] EiTest campaign Hoefler Text Pop-up delivers NetSupport Manager RAT
2018.01 [riskiq] Espionage Campaign Leverages Spear Phishing, RATs Against Turkish Defense Contractors
2018.01 [freebuf] NDAY漏洞CVE-2017-11882与0Day漏洞CVE-2018-0802漏洞组合传播远控木马的样本分析
2018.01 [broadanalysis] EiTest campaign Hoefler Text Pop-up delivers NetSupport Manager RAT
2018.01 [netskope] Git Your RATs Here!
2018.01 [redcanary] We Smell a RAT: Detecting a Remote Access Trojan That Snuck Past a User
2018.01 [rsa] Malspam delivers njRAT 1-11-2018
2018.01 [rsa] Malspam delivers BITTER RAT 01-07-2018
2018.01 [freebuf] 移动端C#病毒“东山再起”，利用知名应用通信实现远控隐私窃取
2017.12 [tencent] 通过CHM文件传播的Torchwood远控木马分析
2017.12 [avlsec] 移动端C#病毒“东山再起”，利用知名应用通信实现远控隐私窃取
2017.12 [angelalonso] Qrypter Java RAT using Tor
2017.12 [myonlinesecurity] Fake “Your UPS Invoice Is Ready” malspam delivers Java Adwind / Java JRAT Trojan
2017.12 [fortinet] Circle of the fraud: more information about Bitcoin Orcus RAT campaign
2017.12 [fortinet] Circle of the fraud: more information about Bitcoin Orcus RAT campaign
2017.12 [broadanalysis] Fake Flash Player update delivers Net Support RAT
2017.12 [netskope] TelegramRAT evades traditional defenses via the cloud
2017.12 [HackerSploit] QuasarRAT - The Best Windows RAT? - Remote Administration Tool for Windows
2017.12 [fortinet] A Peculiar Case of Orcus RAT Targeting Bitcoin Investors
2017.12 [TechnoHacker] RATs in a Nutshell
2017.12 [fortinet] Orcus 远控瞄准比特币投资者, 伪装成比特币交易机器人 Gunbot 进行传播
2017.12 [MalwareAnalysisForHedgehogs] Malware Analysis - ROKRAT Unpacking from Injected Shellcode
2017.11 [fortinet] A Deep Dive Analysis of the FALLCHILL Remote Administration Tool
2017.11 [paloaltonetworks] UBoatRAT Navigates
2017.11 [360] 基于TeamViewer的瞄准小公司的远控木马分析
2017.11 [talosintelligence] ROKRAT Reloaded
2017.11 [fortinet] A Deep Dive Analysis of the FALLCHILL Remote Administration Tool
2017.11 [buguroo] New banking malware in Brazil - XPCTRA RAT ANALYSIS
2017.11 [freebuf] 通过CHM文件传播的Torchwood远控木马分析
2017.11 [myonlinesecurity] Fake Product Enquiry malspam delivers Nanocore RAT
2017.11 [qq] 通过CHM文件传播的Torchwood远控木马分析
2017.11 [TechnicalMujeeb] A-RAt exploit Tool Remote Access Android using Termux App.
2017.11 [n0where] Free, Open-Source Remote Administration Tool for Windows: QuasarRAT
2017.11 [ironcastle] TA17-318A: HIDDEN COBRA – North Korean Remote Administration Tool: FALLCHILL
2017.11 [securityintelligence] 使用 AutoIt 脚本绕过 AV 检测的远控分析
2017.11 [NullByte] EvilOSX RAT - How to build a payload and start a server
2017.11 [TheHackerStuff] TheFatRat - Hacking Over WAN - Embedding Payload in Original Android APK - Without Port Forwarding
2017.11 [360] Powershell Empire 绕过AV实现远控
2017.10 [rsa] Malspam Delivers Revenge RAT October-2017
2017.10 [riskiq] New htpRAT Gives Complete Remote Control Capabilities to Chinese Threat Actors
2017.10 [lookout] JadeRAT mobile surveillanceware spikes in espionage activity
2017.10 [buguroo] RAT Protection for Banking Customers That Works
2017.10 [malwarebytes] 一个“正常的”Word 文档启动时自动下载恶意的 RTF 文件（利用 CVE-2017-8759），再由此 RTF 文件下载执行最终的 Payload
2017.10 [fortinet] PDF Phishing Leads to Nanocore RAT, Targets French Nationals
2017.10 [rsa] Malspam Delivers DarkComet RAT October-2017
2017.10 [fortinet] 内置 JavaScript 脚本的PDF 恶意文件，启动时通过 Google Drive 分享链接下载 HTA 文件，由 HTA 文件下载并执行 NanoCore 远控
2017.10 [TechnoHacker] Quasar RAT review
2017.10 [rsa] Malspam Delivers HWorm RAT October, 2017
2017.10 [rsa] MalSpam Delivers RAT SpyWare Quasar 9-27-2017
2017.09 [malwarebreakdown] Malvertising Leads to RIG EK and Drops Remcos RAT.
2017.09 [freebuf] 【评论更新“木马”作者回复】“大黄蜂”远控挖矿木马分析与溯源
2017.09 [intezer] Agent.BTZ/ComRAT 变种分析
2017.09 [UltraHacks] SilentBytes RAT 1.6.3c | Multi Administration Tool!
2017.09 [freebuf] 螳螂捕蝉黄雀在后，免费散播Cobian远控工具背后的秘密
2017.09 [4hou] “钓鱼”插件实战：看我如何让粗心开发者的编辑器自动变身远控
2017.09 [360] Stack overflow in PlugX RAT
2017.09 [trendmicro] 云平台 Autodesk® A360 被利用传播 Adwind, Remcos, Netwire RAT 等恶意软件
2017.09 [fortinet] 针对越南组织的 APT 攻击中使用的Rehashed 远控分析
2017.09 [TechnoHacker] Arcom RAT: Is It Worth $3000?
2017.08 [lookout] 安卓远控 xRAT
2017.08 [paloaltonetworks] Updated KHRAT Malware Used in Cambodi
2017.08 [JackkTutorials] How to make a HTTP RAT (#3)
2017.08 [myonlinesecurity] Angelika Rodriguez – [email protected] – Purchase Order malspam delivers nanocore RAT
2017.08 [freebuf] 远控木马上演白利用偷天神技：揭秘假破解工具背后的盗刷暗流
2017.08 [4hou] 远控木马上演白利用偷天神技：揭秘假破解工具背后的盗刷暗流
2017.08 [fortinet] A Quick Look at a New KONNI RAT Variant
2017.08 [cybereason] Cybereason creates 'vaccine' to stop Remcos RAT
2017.08 [n0where] Koadic C3 COM Command & Control – JScript RAT
2017.08 [cylance] Cylance vs. KONNI RAT
2017.08 [n0where] iOS macOS Remote Administration Tool: EggShell
2017.08 [intezer] New Variants of Agent.BTZ/ComRAT Found: The Threat That Hit The Pentagon In 2008 Still Evolving; Part 1/2
2017.08 [n0where] Android Remote Administration Tool: AhMyth
2017.08 [netskope] Adwind RAT employs new obfuscation techniques
2017.08 [rsa] Malspam delivers Xtreme RAT 8-1-2017
2017.07 [pentestmag] Stitch – a Python written cross platform RAT
2017.07 [skycure] Nasty backdoor OmniRAT is back, disguised as GhostCtrl on Android mobile devices
2017.07 [pentestingexperts] Hacking Android Smart Phone Using AhMyth Android RAT
2017.07 [myonlinesecurity] fake swift copy notification payment slip malspam with an ACE attachment delivers malware and a jrat Trojan
2017.07 [JackkTutorials] How to make a HTTP RAT (#2)
2017.07 [rsa] Recreating the Crime Scene - A JSRat Story
2017.07 [ringzerolabs] Bladabindi RAT
2017.07 [krebsonsecurity] Who is the GovRAT Author and Mirai Botmaster ‘Bestbuy’?
2017.07 [JackkTutorials] How to make a HTTP RAT (#1)
2017.06 [freebuf] 白利用的集大成者：新型远控木马上演移形换影大法
2017.06 [pediy] [原创]一个远控木马的行为分析
2017.06 [ColinHardy] JavaScript that drops a RAT - Reverse Engineer it like a pro
2017.06 [4hou] 白利用的集大成者：新型远控木马上演移形换影大法
2017.06 [360] 白利用的集大成者：新型远控木马上演移形换影大法
2017.06 [alienvault] A RAT that Tweets: New ROKRAT Malware Hides behind Twitter, Amazon, and Hulu Traffic
2017.06 [freebuf] Metasploit实验：制作免杀payload+对任意“外网”主机的远控
2017.06 [cylance] Cylance vs. FF-Rat Malware
2017.06 [cylance] Threat Spotlight: Breaking Down FF-Rat Malware
2017.06 [alienvault] Mac 平台首个 MaaS（恶意软件即服务）恶意软件 MacSpy 分析
2017.05 [TechnoHacker] How to check if you're infected with a RAT in 10 seconds
2017.05 [UltraHacks] How to setup LuminosityLink RAT with nVPN | PORTFORWARD FIX!!!
2017.05 [netskope] NanocoreRAT delivery via cloud storage apps shifts from .uue to .r11
2017.05 [umbrella] The Weather Report: Seamless Campaign, LuminosityLink RAT, and OG-Miner!
2017.05 [freebuf] 远控木马中的VIP：盗刷网购账户购买虚拟礼品卡
2017.05 [pediy] [原创]从0分析一款经典的感染型远控木马
2017.05 [4hou] 远控木马中的VIP：盗刷网购账户购买虚拟礼品卡
2017.05 [sec] 远控木马中的VIP：盗刷网购账户购买虚拟礼品卡
2017.05 [360] 远控木马中的VIP：盗刷网购账户购买虚拟礼品卡
2017.05 [UltraHacks] Imminent Monitor RAT setup & New update review 2017
2017.05 [TechnoHacker] How to spread your RAT
2017.05 [esecurityplanet] Shodan Partners with Recorded Future to Detect Botnets and RATs
2017.04 [alienvault] The Felismus RAT: Powerful Threat, Mysterious Purpose
2017.04 [freebuf] 当心，安卓远控（spynote）升级了……
2017.04 [paloaltonetworks] Cardinal RAT Active for Over
2017.04 [TechnoHacker] Netwire RAT Review
2017.04 [securelist] ATMitch: remote administration of ATMs
2017.03 [TechnoHacker] What's the difference between http botnets and RATs?
2017.03 [paloaltonetworks] Trochilus and New MoonWind RATs Used In Attack Against Thai Orga
2017.03 [Fig] AMQ Fireblight Strat (Miphas Grace + attack buff)
2017.03 [myonlinesecurity] Request for 1st new order proforma invoice malspam delivers LuminosityLink RAT
2017.03 [fireeye] WMImplant – A WMI Based Agentless Post-Exploitation RAT Developed in PowerShell
2017.03 [trendmicro] MajikPOS简介：PoS恶意软件和RAT的结合体。
2017.03 [4hou] Proton RAT利用0day漏洞升级新变种，最低1200美元可出售
2017.03 [freebuf] Adwind RAT针对企业攻击，目标超过100个国家和地区
2017.02 [UltraHacks] SilentBytes RAT [beta] Windows 10 || PROMOTION ||
2017.02 [UltraHacks] SilentBytes RAT Linux Ubuntu || PROMOTION ||
2017.02 [UltraHacks] SilentBytes RAT 1.1 [BETA] Mac OS X || PROMOTION ||
2017.02 [n0where] Open Source Cross Platform RAT: Pupy
2017.02 [fortinet] REMCOS: A New RAT In The Wild
2017.02 [n0where] Python Remote Administration Tool: Stitch
2017.02 [talosintelligence] Go RAT, Go! AthenaGo points “TorWords” Portugal
2017.02 [netskope] Decoys, RATs, and the Cloud: The growing trend
2017.01 [paloaltonetworks] Downeks and Quasar RAT Used in Recent Targeted Attacks Against Go
2017.01 [malwarebytes] Mobile Menace Monday: AndroRAT Evolved
2017.01 [malwarebytes] From a fake wallet to a Java RAT
2017.01 [codemetrix] Decrypting Adwind jRAT jBifrost trojan
2016.12 [TheHackerStuff] Kali Linux - TheFatRat - Creating an Undetectable Backdoor - Bypass all AntiVirus
2016.12 [thalesesecurity] Remote Administration: Value, Security and Convenience
2016.12 [TechnoHacker] How to remotely execute a RAT on someone's PC
2016.12 [cyber] The Kings In Your Castle Part 4 – Packers, Crypters and a Pack of RATs
2016.11 [] Linux远控分析
2016.11 [] Linux远控分析
2016.11 [f] A RAT For The US Presidential Elections
2016.11 [fidelissecurity] Down the H-W0rm Hole with Houdini's RAT
2016.10 [malwarebytes] Get your RAT on Pastebin
2016.10 [sentinelone] GovRAT is Not New
2016.10 [sans] Malspam delivers NanoCore RAT
2016.10 [UltraHacks] [$25] Imment Monitor RAT setup
2016.09 [freebuf] 远控盗号木马伪装成850Game作恶
2016.09 [jimwilbur] DroidJack – A Quick Look at an Android RAT
2016.09 [360] 远控盗号木马伪装成850Game作恶
2016.09 [countercept] Do you smell a rat?
2016.09 [countercept] Do you smell a rat?
2016.09 [freebuf] You dirty RAT：地下网络犯罪世界的“黑吃黑”
2016.09 [trustlook] Pokémon Go bundles with Malicious Remote Administration Tool DroidJack
2016.08 [fortinet] German Speakers Targeted by SPAM Leading to Ozone RAT
2016.08 [trustlook] Trustlook Discovers a Remote Administration Tool (RAT) Android Malware
2016.08 [id] XRat, Team, Corporacao
2016.08 [fortinet] JBifrost: Yet Another Incarnation of the Adwind RAT
2016.08 [radare] Retrieving configuration of a Remote Administration Tool (Malware) with radare2 statically
2016.08 [radare] Retrieving configuration of a Remote Administration Tool (Malware) with radare2 statically
2016.08 [deniable] Cracking Orcus RAT
2016.08 [deniable] Cracking Orcus RAT
2016.08 [deniable] Cracking Orcus RAT
2016.08 [MalwareAnalysisForHedgehogs] Malware Analysis - Unpacking njRAT Protected by Confuser v.1.9 and others
2016.07 [malwarenailed] Luminosity RAT - Re-purposed
2016.07 [360] 披合法外衣的远控木马——Game564深入分析
2016.07 [krebsonsecurity] Canadian Man Behind Popular ‘Orcus RAT’
2016.07 [fidelissecurity] Chasing Down RATs with Barncat
2016.07 [shaaguunz] Omnirat save us
2016.07 [heimdalsecurity] Security Alert: Adwind RAT Used in Targeted Attacks with Zero AV Detection
2016.07 [360] H-WORM：简单而活跃的远控木马
2016.06 [cybereason] Permission to Execute: The Incident of the Signed and Verified RAT
2016.06 [8090] 一款用于定向攻击的JavaScript远控木马分析
2016.06 [hackingarticles] HTTP RAT Tutorial for Beginners
2016.06 [cysinfo] Hunting and Decrypting Communications of Gh0st RAT in Memory
2016.06 [cysinfo] Hunting APT RAT 9002 In Memory Using Volatility Plugin
2016.06 [f] Qarallax RAT: Spying On US Visa Applicants
2016.06 [qq] 远控木马利用Windows系统文件漏洞展开攻击
2016.06 [] 运用最广的远控-TeamViewer被黑了
2016.06 [samvartaka] Dead RATs: Exploiting malware C2 servers
2016.05 [freebuf] 深度：远控木马Posion Ivy开始肆虐缅甸和其它亚洲国家
2016.05 [trendmicro] Lost Door RAT: Accessible, Customizable Attack Tool
2016.04 [paloaltonetworks] New Poison Ivy RAT Variant Targets Hong Kong Pro-Democracy
2016.04 [sentinelone] Teaching an old RAT new tricks
2016.04 [itsjack] RAT Threat Intelligence – A Very Simple Manual Technique
2016.03 [TechnoHacker] How to port forward for any program and how to setup a DNS for RATs
2016.03 [malwarebytes] Latest Steam Malware Shows Signs of RAT Activity
2016.03 [malwarebytes] This Steam Scam is a Rat Race
2016.03 [itsjack] Imminent Monitor 4 RAT Analysis – Further Into The RAT
2016.02 [hackingarticles] Hack Remote PC using Darkcomet RAT with Metasploit
2016.02 [TechnoHacker] How to setup Blackshades RAT [Voice Tutorial] [download link]
2016.02 [securelist] Expert: cross-platform Adwind RAT
2016.02 [TechnoHacker] How to get rid of a RAT [Very in depth]
2016.02 [paloaltonetworks] NanoCoreRAT Behind an Increase in Tax-Themed Phishin
2016.02 [kaspersky] The wind that smells like RAT: The story of Adwind MaaS
2016.02 [brindi] Advanced Techniques for Detecting RAT Screen Control
2016.02 [mindedsecurity] RAT WARS 2.0: Advanced Techniques for Detecting RAT Screen Control
2016.01 [fidelissecurity] Introducing Hi-Zor RAT
2016.01 [alienvault] Trochilus RAT: Invading your Sandbox
2016.01 [itsjack] Imminent Monitor 4 RAT Analysis – A Glance
2016.01 [freebuf] “暗影大盗”远控木马分析报告
2016.01 [] Linux远控分析
2016.01 [ensilo] Cyber-Security in 120 Secs: 0-days, and a new RAT targeting APJ
2016.01 [lallouslab] Honey, I want a 3 carat ring for our engagement…what a sham!
2016.01 [TechnoHacker] How to use all of Xtreme RAT's features
2016.01 [sensecy] Is There A New njRAT Out There?
2016.01 [freebuf] 一次对JSocket远控的分析
2015.12 [paloaltonetworks] BBSRAT Attacks Targeting Russian Organizations Linked to Roam
2015.11 [dynamoo] Malware spam: "Sales Invoice OP/I599241 For ANDSTRAT (NO.355) LTD" / "[email protected]"
2015.11 [360] “大灰狼”远控木马幕后真凶深入挖掘
2015.11 [TechnoHacker] How to setup DarkComet RAT [Voice Tutorial] [Download Link]
2015.11 [rsa] Detecting GlassRAT using Security Analytics and ECAT
2015.11 [alienvault] KilerRat: Taking over where Njrat remote access trojan left off
2015.11 [freebuf] BT天堂网站挂马事件后续：“大灰狼”远控木马分析及幕后真凶调查
2015.11 [360] “大灰狼”远控木马分析及幕后真凶调查
2015.11 [f] Halloween RAT: NanoCore Served Via PageFair Service
2015.10 [threatmetrix] How Contextual Fraud Prevention Can Turn Banks into RAT (Remote Access Trojan) Catchers
2015.10 [deepsec] DeepSec Talk: Got RATs? Enter Barn Cat (OSint)
2015.10 [360] 另类远控：木马借道商业级远控软件的隐藏运行实现
2015.10 [freebuf] 另类远控：木马借道商业级远控软件的隐藏运行实现
2015.10 [hackingarticles] Hack Android Devices using Omni RAT
2015.10 [hackingarticles] Hack Remote PC using Pupy – Remote Administration Tool
2015.09 [trustwave] Quaverse RAT: Remote-Access-as-a-Service
2015.09 [kaspersky] A layman’s dictionary: RAT
2015.08 [sentinelone] The 7 ‘Most Common’ RATS In Use Today
2015.08 [rsa] Detecting XtremeRAT variants using Security Analytics
2015.08 [paloaltonetworks] RTF Exploit Installs Italian RAT:
2015.08 [fortinet] The Curious Case Of The Document Exploiting An Unknown Vulnerability – Part 2: RATs, Hackers and Rihanna
2015.08 [duo] You Built a Better Mousetrap? They Built Better RATs
2015.08 [alienvault] FF-RAT Uses Stealth Tactics to Evade Endpoint Detection
2015.08 [virusbulletin] Paper: Life after the apocalypse for the Middle Eastern NJRat campaign
2015.08 [securityfuse] Omni RAT which can turn your android phone into a hacking machine
2015.07 [freebuf] 格盘也没用：Hacking Team使用UEFI BIOS Rootkit将远控长驻操作系统
2015.07 [freebuf] 揭秘：Hacking Team远控窃听程序（RCS）的全球热销之路
2015.07 [bromium] Government Grade Malware: a Look at HackingTeam’s RAT
2015.07 [talosintelligence] Ding! Your RAT has been delivered
2015.06 [guidancesoftware] The OPM Hack: I Smell a RAT
2015.05 [freebuf] 移花接木大法：新型“白利用”华晨远控木马分析
2015.05 [securelist] Grabit and the RATs
2015.05 [] 移花接木大法：新型“白利用”华晨远控木马分析
2015.05 [] 移花接木大法：新型“白利用”华晨远控木马分析
2015.04 [freebuf] 控制指令高达二十多种：远控木马Dendoroid.B分析报告
2015.04 [ensilo] NanoCore RAT: It’s Not 100% Original
2015.04 [freebuf] 恶意代码分析：台湾官方版英雄联盟LoL和流亡黯道PoE被植入远控工具PlugX
2015.03 [heimdalsecurity] Security Alert: Infamous DarkComet RAT Used In Spear Phishing Campaigns
2015.03 [b0n1] Remote administration trojan using Baidu Cloud Push service
2015.03 [b0n1] Remote administration trojan using Baidu Cloud Push service
2015.03 [freebuf] 剖析Smack技术远控木马
2015.03 [avlsec] Smack技术远控木马
2015.03 [] Smack技术远控木马工作分析文
2015.02 [mcafee] What is a Remote Administration Tool (RAT)?
2015.01 [] 移花接木大法：新型“白利用”华晨远控木马分析
2015.01 [trendmicro] New RATs Emerge from Leaked Njw0rm Source Code
2015.01 [] 远控木马Dendoroid.B分析报告
2014.12 [sans] Flushing out the Crypto Rats - Finding "Bad Encryption" on your Network
2014.11 [checkpoint] Mobile Security Weekly: Android mRATs, Paid Apps Hacked, Whatsapp Talks Privacy | Check Point Software Blog
2014.10 [freebuf] 针对VBS远控木马的技术分析
2014.10 [] VBS远控木马
2014.10 [] VBS远控木马
2014.10 [sans] CSAM: Scary ports and firewall remote administration
2014.10 [checkpoint] Mobile Security Weekly - Lacoon Discovers the Xsser mRAT | Check Point Software Blog
2014.10 [lookout] Just the facts: Xsser mRAT iOS malware
2014.09 [checkpoint] Lacoon Discovers Xsser mRAT, the First Advanced iOS Trojan
2014.09 [checkpoint] Chinese Android mRAT Spyware Targets Hong Kong Protest
2014.09 [qq] 新型白利用（暴风）远控木马分析
2014.09 [comodo] Warning! RATS Attacking Mobile Devices
2014.09 [comodo] Warning! RATS Attacking Mobile Devices
2014.08 [] 远控木马伪造通信协议一例
2014.08 [] 远控木马伪造通信协议一例
2014.08 [] 播放器暗藏远控木马 360独家提供查杀方案
2014.08 [cert] Android RAT malware spreading via torrents
2014.08 [rsa] Finding & Eradicating RATs
2014.08 [mcafee] Android App SandroRAT Targets Polish Banking Users via Phishing Email
2014.07 [bhconsulting] Advanced Fee Fraud Now Plagued By RATs
2014.07 [sans] Keeping the RATs out: the trap is sprung - Part 3
2014.07 [sans] Keeping the RATs out: **it happens - Part 2
2014.07 [sans] Keeping the RATs out: an exercise in building IOCs - Part 1
2014.06 [plcscan] Havex Rat又一个针对ICS/SCADA系统的恶意软件
2014.06 [trendmicro] PlugX RAT With “Time Bomb” Abuses Dropbox for Command-and-Control Settings
2014.05 [trendmicro] The Blackshades RAT – Entry-Level Cybercrime
2014.05 [malwarebytes] A RAT in Bird’s clothing
2014.05 [techhelplist] Contrat Commercant N: ... - Virus
2014.05 [myonlinesecurity] Contrat Commercant N: 9579514 – fake PDF malware
2014.05 [avlsec] 捆绑包形式远控木马分析报告
2014.05 [SECConsult] Missing Entity Authentication / Deactivation of Protection in AVG Remote Administration
2014.05 [SECConsult] Authentication Bypass / Missing Authentication in AVG Remote Administration
2014.04 [trendmicro] Old Java RAT Updates, Includes Litecoin Plugin
2014.04 [avlsec] Android短信指令远控木马Herta木马分析报告
2014.03 [trendmicro] Kunming Attack Leads to Gh0st RAT Variant
2014.02 [checkpoint] The Spy in Your Pocket, Part 1: An Overview of Mobile Remote Access Trojans (mRATs) | Check Point Software Blog
2014.01 [] 远控木马伪造通信协议一例
2014.01 [] 假冒淘宝远控木马
2014.01 [] VBS远控木马
2014.01 [] Oldboot鬼影又现，另一例山寨手机中运用云端远控技术的木马
2014.01 [] 播放器暗藏远控木马 360独家提供查杀方案
2014.01 [] 安卓远控木马黑色产业链渐成气候，谨防手机变“肉鸡”
2014.01 [] 国内首个利用JavaScript脚本远控木马的技术分析报告
2014.01 [rsa] Detecting njRAT in Your Environment
2013.12 [pediy] [原创]逆向笔记--某远控的隐藏技术
2013.11 [crowdstrike] Adwind RAT Rebranding
2013.11 [krebsonsecurity] CryptoLocker Crew Ratchets Up the Ransom
2013.10 [trendmicro] Dutch TorRAT Threat Actors Arrested
2013.09 [comodo] Super RATS? Comodo has Built a Better Mousetrap!
2013.09 [comodo] Super RATS? Comodo has Built a Better Mousetrap!
2013.08 [trendmicro] How to Check if Your Website is Part of the Stealrat Botnet
2013.07 [trendmicro] Compromised Sites Conceal StealRat Botnet Operations
2013.07 [talosintelligence] Androrat - Android Remote Access Tool
2013.06 [trendmicro] Targeted Attack in Taiwan Uses Infamous Gh0st RAT
2013.05 [mcafee] Travnet Botnet Controls Victims With Remote Admin Tool
2013.04 [webroot] A peek inside a (cracked) commercially available RAT (Remote Access Tool)
2013.04 [rapid7] Weekly Update: Minecraft RAT Attacks, PHP Shell Games, and MongoDB
2013.04 [quequero] McRat Malware Analysis – Part1
2013.04 [webroot] DIY Java-based RAT (Remote Access Tool) spotted in the wild
2013.02 [trendmicro] BKDR_RARSTONE: New RAT to Watch Out For
2012.11 [trendmicro] Tsunami Warning Leads to Arcom RAT
2012.11 [trendmicro] New Xtreme RAT Attacks US, Israel, and Other Foreign Governments
2012.11 [trendmicro] DaRK DDoSseR Leads to Gh0st RAT
2012.10 [forcepoint] Iranian Firefighters' Website Compromised to Serve VertexNet RAT
2012.10 [trendmicro] Xtreme RAT Targets Israeli Government
2012.09 [freebuf] 国外大牛人肉定向攻击远控PlugX开发者全过程分析
2012.09 [alienvault] Tracking down the author of the PlugX RAT
2012.08 [forcepoint] Nepalese government websites compromised to serve Zegost RAT
2012.08 [sans] Digital Forensics Case Leads: Multi-plat RAT, No US Cybersecurity bill, Dropbox drops a doozie, Volatility everywhere
2012.07 [freebuf] DarkComet RAT作者宣布项目停止开发
2012.07 [freebuf] 用Nmap脚本检测Poison Ivy Rat控制端
2012.07 [freebuf] [原创]PoisonIvy Rat 远程溢出实战
2012.06 [alienvault] New MaControl variant targeting Uyghur users, the Windows version using Gh0st RAT
2012.06 [alienvault] Capfire4 malware, RAT software and C&C service together
2012.06 [malwarebytes] You Dirty RAT! Part 2 – BlackShades NET
2012.06 [freebuf] [更新]一款强大的远控 – DarkComet RAT V5.3.1
2012.06 [malwarebytes] You dirty RAT! Part 1: DarkComet
2012.06 [malwarebytes] RATs of Unusual Sizes
2012.05 [welivesecurity] Malware RATs can steal your data and your money, your privacy too
2012.05 [forcepoint] The Amnesty International UK website was compromised to serve Gh0st RAT [Update]
2012.04 [toolswatch] DarkComet-RAT Remote Administration Tool v5.1.1 released
2012.03 [alienvault] MS Office exploit that targets MacOS X seen in the wild - delivers "Mac Control" RAT
2012.03 [trustwave] Dirty RAT Eats Nate's Banana
2011.09 [securitythinkingcap] RAT Hacking Evidence fresh from the source
2011.09 [trendmicro] Online Storage—A Godsend for Sentimental Pack Rats (like me)
2011.09 [hackerhurricane] (W)(I) Your GM OnStar enabled car will rat you out starting Dec 2011
2011.09 [hackingarticles] How to use Prorat Trojan
2011.08 [toolswatch] DarkComet-RAT (Remote Administration Tool) v4.0 Fix 1 available
2011.08 [microsoft] Weekly Roundup : Aug 12, 2011 : Dissecting a Shady Rat
2011.08 [bhconsulting] Operation Shady RAT Claims Widespread Espionage
2011.06 [publicintelligence] Improving Afghan Infrastructure: Hirat Cotton Textile Mill
2011.05 [krebsonsecurity] Something Old is New Again: Mac RATs, CrimePacks, Sunspots & ZeuS Leaks
2011.05 [mcafee] I Smell a RAT: Java Botnet Found in the Wild
2011.05 [toolswatch] DarkComet-RAT v3.3 available
2011.04 [pediy] [原创]解决远控重复上线的源码
2011.01 [toolswatch] (EXCLUSIVE) DarkComet-RAT updated to v3.0.1
2011.01 [cleanbytes] AdSocks RAT — about the new Java trojan computer viruses
2011.01 [toolswatch] EXCLUSIVE : DarkComet-RAT 3.0 released (Impressive RAT tool)
2010.09 [joshrendek] Just launched a starcraft video/strat site
2009.08 [g] WordPress <= 2.8.* Remote admin reset password
2008.10 [lightbluetouchpaper] Liberal Democrat leader visits our lab
2008.09 [sans] The Lab Rat - Testing Digital Forensics Tools and Gear
2008.01 [trendmicro] Will 2008 Really Be The ‘Year of The Rat’?
2007.03 [trendmicro] STRAT struts its stuff via Skype
2007.03 [pediy] [原创]Remote Administrator 2.2 服务器端去自效验+文件名效验
2007.01 [trendmicro] Strat Strikes Again!!!
2006.12 [trendmicro] Another Strat Attack
2006.11 [trendmicro] TROJ_STRAT Spams Again
2006.04 [pediy] [求助]Remote Administrator的算法
2005.06 [infosecblog] Rats!
2005.05 [securelist] Rugrat a year old

内容为系统自动导出, 有任何问题请提issue