Popularity
7.2
Growing
Activity
8.1
Declining
557
31
147

Description

A Cross Platform Remote Administration tool written in Go using Tor as its transport mechanism currently supporting Windows, Linux, MacOS clients.

Programming language: Go
License: The Unlicense
Tags: Security     Networking     Go    

ToRat alternatives and similar packages

Based on the "Security" category.
Alternatively, view ToRat alternatives based on common mentions on social networks and blogs.

Do you think we are missing an alternative of ToRat or a related project?

Add another 'Security' Package

README

License CircleCI Go Report Card Docker Cloud Build Status

A Cross Platform Remote Administration tool written in Go using Tor as its transport mechanism currently supporting Windows, Linux, MacOS clients.

DISCLAIMER

USE FOR EDUCATIONAL PURPOSES ONLY

Wiki

How to use ToRat Docker Image

Preview

Client Commands

Command Status Info
cd Working change the working directory of the client
ls Working list the content of the working directory of the client
shred Working delete files/ directories unrecoverable
screen Working take a Screenshot of the client
cat Working view Textfiles from the client including .docx, .rtf, .pdf, .odt
alias Working give the client a custom alias
down Working download a file from the client
up Working upload a file to the client
speedtest Working speedtest a client's internet connection
hardware Working collects a variety of hardware specs from the client
netscan Working scans a clients entire network for online devices and open ports
gomap Working scan a local ip on a clients network for open ports and services
escape Working escape a command and run it in a native shell on the client
reconnect Not Working tell the client to reconnect
help Working lists possible commands with usage info
exit Working background current session and return to main shell

Server Commands

Command Status Info
select Working select client to interact with
list Working list all connected clients
alias Working select client to give an alias
cd Working change the working directory of the server
help Working lists possible commands with usage info
exit Working exit the server

Current Features

Architecture

  • RPC (Remote procedure Call) based communication for easy addition of new functionality
  • Automatic upx leads to client binaries of ~6MB with embedded Tor
  • sqlite via gorm for storing information about the clients
  • client is obfuscated via garble

Server Shell

  • Cross Platform reverse shell (Windows, Linux, Mac OS)
  • Supports multiple connections
  • Welcome Banner
  • Colored Output
  • Tab-Completion of:

    • Commands
    • Files/ Directories in the working directory of the server
  • Unique persistent ID for every client

    • give a client an Alias
    • all Downloads from client get saved to ./$ID/$filename

Persistence

  • Windows:

    • [ ] Multiple User Account Control Bypasses (Privilege escalation)
    • [ ] Multiple Persistence methods (User, Admin)
  • Linux:

    • [ ] Multiple Persistence methods (User, Admin)

Tor

  • Fully embedded Tor within go

  • the ToRAT_client communicates over TLS encrypted RPC proxied through Tor with the ToRat_server (hidden service)

    • [x] anonymity of client and server
    • [x] end-to-end encryption
  • optional transport without Tor e.g. Use Tor2Web, a DNS Hostname or public/ local IP

    • [x] smaller binary ~3MB upx'ed
    • [ ] anonymity of client and server

Upcoming Features

Contribution

All contributions are welcome you don't need to be an expert in Go to contribute.

Credits


*Note that all licence references and agreements mentioned in the ToRat README section above are relevant to that project's source code only.