Return to forum
Eagle Monitor RAT Reborn | Open Source & Modern Remote Access Tool
by - Thursday, January 1, 1970 at 12:00 AM
BreachForums User
Member
Posts: 0
Threads: 0
Joined: N/A
Reputation: 0

#1
November 23, 2022 at 6:03 AM
Eagle Monitor RAT Reborn | Open Source & Modern Remote Access Tool


Fast, lightweight & easily customizable remote access tool written in C# coded from scratch.

Server features

  • Passwords recovery
  • History recovery
  • Autofill recovery
  • Keywords recovery
  • Remote Powershell
  • Remove CMD
  • Remote camera viewer (+ save pictures)
  • Remote microphone (auto-saved)
  • Remote desktop control (+ save pictures)
  • Remote keyboard
  • Remote mouse
  • Remote chat
  • Remote DotNet Code Execution (VB + C#)
  • Process manager
  • Kill process (native techniques)
  • Suspend process (native techniques)
  • Resume process (native techniques)
  • ShellCode injection (NtWriteVirtualMemory + NtCreateThreadEx)
  • ShellCode injection (NtMapViewOfSection + NtCreateThreadEx)
  • Shutdown system
  • Reboot system
  • Suspend system
  • Hibernate system
  • Log out user
  • BSOD
  • Lock workstation
  • Offline keylogger (automatically saved)
  • Realtime keylogger (automatically saved)
  • Managed pe execution (current process)
  • Unmanaged pe execution (current process)
  • Managed dll execution (current process)
  • Unmanaged dll execution (current process)
  • Shellcode execution (current process)
  • Blur screen locker
  • Audio up
  • Audio down
  • Hide + show taskbar
  • Hide + show desktop icons
  • Set wallpaper
  • File manager
  • Delete file
  • Download file
  • Rename file
  • Upload file
  • Get information (CPU, hardware, system)
  • Shortcuts (download, desktop, and documents paths)
  • Logs (automatically saved)


Client Features

  • Anti-Debug (will cause BSOD if debugged)
  • AMSI patching
  • ETW patching
  • Randomize PE from PEB


External depencencies

  • GunaUI
  • dnlib
  • Newtonsoft.Json
  • NAudio


Notes

  • All saved stuff (logs, passwords...) are saved in csv format except offline keylogger
  • All external DLLs used are in folder "DLLs + Package"
  • This remote access tool can also be used as stealer & payloads loader.
  • Build the project in "release mode" only (change x64 bit for Server)
  • Under license (AGPL)


Technical information

  • Communication encrypted with RSM encryption (https://bhf.im/threads/438711/)
  • Packets compressed with QuickLZ (http://www.quicklz.com/download.html)
  • Automation tasks saved with binary format
  • Settings saved in JSON format
  • Server .NET 4.8
  • Client .NET 4.5
  • Tested on freshly installed W10 & W11 VM


Inspirations

  • Webcam plugins: AsyncRat
  • Keylogger (modded) : AsyncRat
  • Unmanaged pe and dlls : schellingb
  • Remote mouse & keyboard : Quasar
  • Remote CMD & Powershell : Quasar


Download Me

Virus Total:  VirusTotal - URL - b33fb75f1347176881ea0d3105fb562e84f628b82f82cad002211588dab5e371

the creator and all those associated with the development and production of this program are not responsible for any actions and or damages caused by this software. You bear full responsibility for your actions and acknowledge that this software was created for educational purposes only. This software's intended purpose is NOT to be used maliciously, or on any system that you do not own or have explicit permission to operate and use this program on. By using this software, you automatically agree to the above.
Reply
Member
Member
Posts: 22
Threads: 0
Joined: N/A
Reputation: 0

#2
November 26, 2022 at 3:34 PM
Thanks m8!
Reply


 Users viewing this thread: Eagle Monitor RAT Reborn | Open Source & Modern Remote Access Tool: No users currently viewing.