RATs in our Honeypot We caught a hacker in our honeynet trying to download his "tools" into one of our honeypots. We decided to look into it and study the tools he is using. We started by tracing where his "toolkit" was located.
The "toolkit" consisted of different flavors of malware: - Remote Administration Tools (RAT) and Backdoors(IRC) - Password Stealers - File Infectors - Network tools (scanners) - various Spywares Full analysis and malware samples: http://www.philippinehoneynet.org/data.php
