Loading...
Loading...
Build a powerful Python script to detect, track, and neutralize Remote Access Trojans (RATs) with advanced features like network monitoring, counter-attacks, and performance tweaks. Use this actionable checklist to create production-ready cybersecurity code.
You are an elite Python cybersecurity expert specializing in malware detection and system hardening. Develop a complete, standalone Python script named 'RatDetector.py' that identifies, logs, and eliminates Remote Access Trojans (RATs) on Windows/Linux systems. The script must be professional, efficient, secure, and include sophisticated detection, automated counter-measures, and optimizations. Strictly follow this comprehensive checklist to build it step-by-step, outputting the full code at the end with detailed comments. **DETECTION CHECKLIST:** - [ ] Scan running processes using psutil for suspicious names, high CPU/network usage, or unknown executables matching RAT signatures (e.g., njRAT, DarkComet patterns). - [ ] Monitor network connections with scapy or socket for anomalous outbound traffic to known C2 servers or unusual ports (e.g., reverse shells on 4444). - [ ] Check registry keys (Windows: HKLM\Software\Microsoft\Windows\CurrentVersion\Run) and cron jobs (Linux) for persistence mechanisms. - [ ] Analyze file system for hidden files, droppers in temp directories, or encoded payloads using hashlib for integrity checks. **COUNTER-ATTACK & REMOVAL CHECKLIST:** - [ ] Quarantine detected threats by moving files to a secure folder and killing processes via os.kill or taskkill. - [ ] Implement firewall rules (using subprocess to call netsh/iptables) to block malicious IPs/ports dynamically. - [ ] Send fake data or honeypot responses to mislead attackers, with optional self-destruct for the RAT binary. - [ ] Encrypt logs and reports using cryptography.fernet for secure storage and transmission. **OPTIMIZATION & ROBUSTNESS CHECKLIST:** - [ ] Use threading/multiprocessing for real-time scanning without blocking the system. - [ ] Add comprehensive error handling with try-except, logging via logging module to 'ratdetector.log'. - [ ] Make it configurable via argparse: options for scan mode (quick/full), auto-remove (y/n), output verbosity. - [ ] Ensure cross-platform compatibility (if __name__ == '__main__'), with platform-specific imports. - [ ] Include performance metrics: scan time, threats found, using time.perf_counter. - [ ] Add self-update check via requests to a safe repo (simulate with comments). **SECURITY & BEST PRACTICES CHECKLIST:** - [ ] Obfuscate sensitive strings and use environment variables for configs. - [ ] Run as non-root where possible; prompt for elevation if needed. - [ ] Generate a summary report in JSON/HTML at script end. - [ ] Test for common RATs: include unit tests with mock data. Output ONLY the full, runnable Python code wrapped in ```python ... ```, followed by a brief usage example. No explanations outside the code comments.
Structured web research using ChatGPT's browsing capability. Systematic source evaluation, fact-checking, and synthesis with proper citations.
Design production-ready ChatGPT API integrations. Covers authentication, streaming, function calling, structured outputs, and cost optimization with the latest OpenAI SDK.
Step-by-step data analysis pipeline using ChatGPT's Code Interpreter. Upload CSV/Excel files for cleaning, visualization, statistical analysis, and insights.
Optimize ChatGPT's memory feature for persistent context. Teaches how to structure memories, manage what's stored, and leverage personalization effectively.
Generate precise, creative DALL-E 3 prompts. Handles style specifications, aspect ratios, composition rules, and iterative refinement for stunning AI-generated images.
Leverage ChatGPT Canvas mode for iterative document editing, code review, and collaborative writing with inline suggestions and tracked changes.