Skip to content
/ EducationalRAT Public

Starting Code for my How to Write Malware 101 Class. This is a Proof of Concept of a C# RAT (Remote Access Trojan) made by Sean Pierce (@secure_sean) to demonstrate to defenders the ease, speed, development goals, and characteristics of common malware. This is for educational use only.

22 stars 5 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

securesean/EducationalRAT

BranchesTags

Repository files navigation

RattyMcRatFace

This is a Proof of Concept of a C# RAT (Remote Access Trojan) made by Sean Pierce (@secure_sean) for the How to Write Malware 101 class to demonstrate to defenders the ease, speed, development goals, and characteristics of common malware. Download the class development VM here: rebrand.ly/writemalware

Easy for an Attacker to Change:

  • Hash
  • PDB String
  • Compile Time
  • File Details

Less Easy for an Attacker to Change:

  • File Size
  • Domains

Harder for an Attacker to Change:

  • Features
  • Functionality
  • Network Traffic
  • ImpHash

When hunting for malware Search for:

  • Small Executable files - scripts, stagers, downloaders, etc.
  • Freshly compiled and installed executables
  • Common persistence, malicious/administration functionality

About

Starting Code for my How to Write Malware 101 Class. This is a Proof of Concept of a C# RAT (Remote Access Trojan) made by Sean Pierce (@secure_sean) to demonstrate to defenders the ease, speed, development goals, and characteristics of common malware. This is for educational use only.

Resources

Readme
Activity

Stars

22 stars

Watchers

2 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages