- Project Working Title
- Project Contributors
- Project Outline
- Installation
- Requirements
- Gallery
- Disclaimer
Safeguarding Virtual Machines during Scammer Takedowns: Modelling an Authorized Remote Desktop Application RAT Malware with Wireshark-based IP Identification
- Ryan I.
- Jarrad M. (Project Supervisor)
This project aims to investigate and develop effective measures to enhance virtual machine (VM) security by manipulating the IP address in a Remote Access Trojan (RAT) during scammer takedown operations.
In this context, the victim (Client) voluntarily grants the scammer (Server) access to their machine, while a victim-controlled RAT is covertly deployed. The active participation of the victim enables them to modify the RAT’s IP address to match that of the scammer, facilitating the identification and subsequent takedown of the scammer.
Additionally, this research project will explore the methodologies employed by popular YouTuber and Software Engineer, Jim Browning, who specialises in scammer takedowns using manipulation and social engineering attacks, including spoofing techniques by posing as someone who understand little about IT to get the scammer to download their files. The project aims to evaluate Browning’s techniques and gain a deeper understanding of how they can be applied to enhance scammer takedown operations and overall VM security.
Install requisite dependencies using pip.
pip -r requirements.txtRun DolosRAT server.
python dolos_server- CTkToolTip == 0.8
- CTkToolTip == 0.8
- customtkinter == 5.2.0
- dill == 0.3.7
- Pillow == 9.5.0
- Pillow == 10.0.0
- pyshark == 0.6
- scapy == 2.5.0
DolosRAT is intended for research purposes only.