Parat - Python based Remote Administration Tool(RAT)

  •        29

Parat is NOT for real attacks. It simply designed for educational purposes only and so is not responsible for any abusive/offensive uses. Copy and paste on your terminal: git clone https://github.com/micle-fm/Parat && cd Parat && python main.py Note: it may need to install python -m easy_install pypiwin32 on some targets.

https://github.com/micle-fm/Parat

Tags
Implementation
License
Platform

   




Related Projects

EggShell - iOS/macOS/Linux Remote Administration Tool

  •    Objective-C

EggShell is a post exploitation surveillance tool written in Python. It gives you a command line session with extra functionality between you and a target machine. EggShell gives you the power and convenience of uploading/downloading files, tab completion, taking pictures, location tracking, shell command execution, persistence, escalating privileges, password retrieval, and much more. This is project is a proof of concept, intended for use on machines you own. Eggshell payloads are executed on the target machine. The payload first sends over instructions for getting and sending back device details to our server and then chooses the appropriate executable to establish a secure remote control session.

EvilOSX - An evil RAT (Remote Administration Tool) for macOS / OS X.

  •    Python

Warning: Because payloads are created unique to the target system (automatically by the server), the server must be running when any bot connects for the first time. For more information on SemVer, please visit https://semver.org/.

QuasarRAT - Remote Administration Tool for Windows

  •    CSharp

Quasar is a fast and light-weight remote administration tool coded in C#. Providing high stability and an easy-to-use user interface, Quasar is the perfect remote administration solution for you. Open the project in Visual Studio 2017+ and click build. See below which build configuration to choose.

Lilith - Lilith, The Open Source C++ Remote Administration Tool (RAT)

  •    C++

Lilith is a console-based ultra light-weight RAT developed in C++. It features a straight-forward set of commands that allows for near complete control of a machine. The modularity and expandability of this RAT are what it's been built on. That's how it manages to stay very compact, light-weight and fast. You can download other utilities like password recovery or keylogging tools via Powershell scripts (link to some useful scripts will follow soon) and then execute them as if they were running on your own machine. Afterwards you're able to upload the results (also with a ps script) or evaluate them on the spot (via the type command) in cmd.


Fabric - Simple, Pythonic remote execution and deployment

  •    Python

Fabric is a Python (2.5-2.7) library and command-line tool for streamlining the use of SSH for application deployment or systems administration tasks. It provides a basic suite of operations for executing local or remote shell commands (normally or via sudo) and uploading/downloading files, as well as auxiliary functionality such as prompting the running user for input, or aborting execution.

flightplan - Run sequences of shell commands against local and remote hosts.

  •    Javascript

Run sequences of shell commands against local and remote hosts. Flightplan is a node.js library for streamlining application deployment or systems administration tasks.

RemoteRecon - Remote Recon and Collection

  •    PowerShell

RemoteRecon provides the ability to execute post-exploitation capabilities against a remote host, without having to expose your complete toolkit/agent. Often times as operator's we need to compromise a host, just so we can keylog or screenshot (or some other miniscule task) against a person/host of interest. Why should you have to push over beacon, empire, innuendo, meterpreter, or a custom RAT to the target? This increases the footprint that you have in the target environment, exposes functionality in your agent, and most likely your C2 infrastructure. An alternative would be to deploy a secondary agent to targets of interest and collect intelligence. Then store this data for retrieval at your discretion. If these compromised endpoints are discovered by IR teams, you lose those endpoints and the information you've collected, but nothing more. Below is a visual representation of how I imagine an adversary would utilize this. RemoteRecon utilizes the registry for data storage, with WMI as an internal C2 channel. All commands are executed in a asynchronous, push and pull manner. Meaning that you will send commands via the powershell controller and then retrieve the results of that command via the registry. All results will be displayed in the local console.

Ani-Shell

  •    PHP

Ani-Shell is a PHP remote shell, basically used for remote access and security pen testing. Ani-Shell provides a robust and a basic interface to access the file system, do some networking tweaks and even test your server for some common security vulnerabilities. The developer has tried to follow a coding standard which makes the code a little clean and easier to understand, Note: How you use this shell is exactly on you, and author pays no responsibility for what you use it for and what ma

rtty - Access your terminals from anywhere via the web(在任何地方通过web访问您的终端)

  •    C

It is composed of a client and a server. The client is written in pure C. The server is written in go language and the front-end interface is written in iview & Vue. You can access your terminals from anywhere via the web. Differentiate your different terminals by device ID(If the ID is not set, the MAC address of your device is used).

RAT - Remote Assistance Tool

  •    Java

RAT (Remote Assistance Tool) is a Java Application designed for end user support and remote desktop control based on VNC. It is useable through nat devices and firewalls by connecting the communication end partners through a proxy server.

rmate - Remote TextMate 2 implemented as shell script

  •    Shell

TextMate 2 adds a nice feature, where it is possible to edit files on a remote server using a helper script. The original helper script provided with TM2 is implemented in ruby. Here is my attempt to replace this ruby script with a shell script, because in some cases a ruby installation might just be too much overhead for just editing remote files. A bash with compiled support for "/dev/tcp" is required. This is not the case on some older linux distributions, like Ubuntu 9.x.

HERCULES - HERCULES is a special payload generator that can bypass antivirus softwares.

  •    Go

HERCULES is a customizable payload generator that can bypass antivirus software. WARNING: Don't change the location of the HERCULES folder.

EternalTerminal - Re-Connectable secure remote shell

  •    C++

Eternal Terminal is a remote shell that automatically reconnects without interrupting the session. Website: https://mistertea.github.io/EternalTerminal/.

mRemoteNG - Remote Connections Manager

  •    Visual

mRemoteNG is the next generation of mRemote, a full-featured, multi-tab remote connections manager. It allows you to store all your remote connections in a simple yet powerful interface. Currently these protocols are supported:RDP, (Remote Desktop), VNC (Virtual Network Computing), ICA (Independent Computing Architecture), SSH (Secure Shell), Telnet (TELecommunication NETwork), HTTP/S (Hypertext Transfer Protocol), Rlogin (Rlogin), Raw Socket Connections.

clustershell - Scalable cluster administration Python framework — Manage node sets, node groups and execute commands on cluster nodes in parallel

  •    Python

ClusterShell is an event-driven open source Python library, designed to run local or distant commands in parallel on server farms or on large Linux clusters. It will take care of common issues encountered on HPC clusters, such as operating on groups of nodes, running distributed commands using optimized execution algorithms, as well as gathering results and merging identical outputs, or retrieving return codes. ClusterShell takes advantage of existing remote shell facilities already installed on your systems, like SSH. ClusterShell's primary goal is to improve the administration of high- performance clusters by providing a lightweight but scalable Python API for developers. It also provides clush, clubak and cluset/nodeset, convenient command-line tools that allow traditional shell scripts to benefit from some of the library features.

Matahari reverse HTTP shell

  •    Python

A reverse HTTP shell to execute commands on remote machines behind firewalls. Once you run the script on the target machine, it periodically polls its designated server for commands to execute. Traffic traverses firewall as outgoing GET/POST requests.

ShellPop - Pop shells like a master.

  •    Python

Shellpop is all about popping shells. With this tool you can generate easy and sophisticated reverse or bind shell commands to help you during penetration tests. Python 2.7 is required.

MySQL Administration Tools

  •    Perl

The MyCAT project is an open-source toolset for managing MySQL/Linux servers, currently composed of tools that: monitor replication, monitor and rotate binary logs, and allow remote shell access to arbitrary groups of servers.

mainframer - Tool for remote builds. Sync project to remote machine, execute command, sync back.

  •    Shell

Tool that allows you to move build process from a local machine to a remote one.Remote machine ought to be much faster than a laptop. With mainframer you can free up your local machine for better things — like editing source code in your IDE without lags and freezes, being able to actually use your computer when the build is happening.