All about the remote administration tools
.
├── README.md
├── attachment
│ ├── bin
│ │ └── README.md
│ └── src
│ └── README.md
└── content
├── meterpreter
│ └── mian.md
├── poisonivy
│ ├── main.md
│ └── ...
└── ...
- attachment/bin 目录用于存放收集的远程控制样本
- attachment/src 目录用于存放收集的远程控制源码
- content 目录用于存放相关的说明文章
- 关于ShellCode的若干前置知识
- PoisonIvy ShellCode 简析
- PoisonIvy 逆向初步
- PoisonIvy PeDiy
- Meterpreter 工作方式简析
- 剥离Msf与Meterpreter
- SecurityBits - http://badishi.com/
- Reverse Engineering Poison Ivy's Injected Code Fragments - http://volatility-labs.blogspot.com/2012/10/reverse-engineering-poison-ivys.html
- Metasploit Unleashed - http://www.offensive-security.com/metasploit-unleashed
- RAT Sample Collection - https://github.com/lunde/RATs