Educational project for understanding mobile security vulnerabilities and remote administration mechanisms.
IMPORTANT - ETHICAL USE ONLY
This tool is for educational purposes only in controlled laboratory environments.
Do not use on devices you do not own or without explicit written consent.
Unauthorized access to devices is illegal in most countries.
This is a research-oriented Android Remote Administration Tool (RAT) designed to help security professionals and students understand:
- How remote access trojans operate on Android
- Permission models and sandboxing mechanisms
- Communication protocols between client and server
- Potential indicators of compromise (IoCs)
Original source: Based on research from L.R. Sanjeevi (2015), modified for educational purposes.
| Feature | Description |
|---|---|
| GPS location retrieval | Understanding location tracking mechanisms |
| File management | Study of remote file system access |
| SMS access | Analysis of message interception |
| Call logs | Understanding contact data access |
| Remote camera/microphone | Research on sensor permission models |
- Dynamic DNS service (No-IP or similar)
- Port forwarding capabilities (TCP/UDP)
- Android device for testing (your own)
- Configure dynamic DNS for your lab network
- Open required ports (research environment only)
- Generate APK with your lab configuration
- Install on your own test device
- Analyze behavior using security tools
WAN (Internet): For testing across different networks
LAN (Local): For isolated lab testing
This project is intended to help answer research questions like:
- What permissions does a RAT need to function?
- How can network traffic reveal malicious activity?
- What detection methods can identify this behavior?
This software is provided for educational research only.
- Do not distribute generated APKs
- Do not install on devices without authorization
- Do not use for malicious purposes
By using this software, you agree to comply with all applicable laws, including computer fraud and abuse statutes in your jurisdiction.
Based on research originally published at www.droidjack.net (2015).
This version has been modified for educational documentation purposes.
For research collaboration or security discussions, reach out via GitHub or LinkedIn.