Building a Custom Remote Access Trojan (RAT)

0x12 Dark Development

This course is all about getting hands-on with the the inner workings of advanced malware, specifically Remote Access Trojans, or RATs. You’ll learn how they’re built, how they work behind the scenes, and how they avoid detection.

We’ll start with the basics: what makes up a RAT, how they’re structured, and examples from the real world. Then we’ll dive into building your own, step by step. You’ll implement features like process listing, file hiding, keylogging, and remote desktop stealing. You’ll also explore advanced evasion techniques like NTDLL unhooking, time stomping, and rootkit behavior.

Each lesson mixes theory with code so you understand both the “why” and the “how.” You’ll build working proof-of-concepts along the way and finish the course with a solid grasp of how real-world malware operates and how defenders can spot it.

Whether you’re into red teaming, malware research, or just curious about the mechanics of stealthy software, this course will give you the tools and insight to level up your skills.

We accept PayPal, Credit Card and Cryptocurrency, for this last option send a email to s12deff@gmail.com

RAT GitHub Repository

https://github.com/s12cybersecurity/lokirat

The course is focused on malware development. While the repository includes a web dashboard (LokiWebViewer) built with Angular, web development fundamentals are not covered, as this is part of a Malware Development Academy. The web interface is provided for completeness, not as a teaching topic.

Target audiences

Malware Developers
Cybersecurity Enthusiasts
Red Teamers
Blue Teamers

Requirements

C++
Basic Malware Knowndelge

Curriculum

4 Sections
31 Lessons
Lifetime

Expand all sectionsCollapse all sections

FAQs

Who is this course for?

This course is for security researchers, red team professionals, and curious developers who want to understand how advanced malware like Remote Access Trojans (RATs) are built and operate

Do I need to know how to code?

Yes, a basic to intermediate understanding of programming (especially in C/C++) is highly recommended.

Will this teach me how to hack or perform illegal activities?

No. This course is strictly educational and intended for ethical research, red teaming, and defensive security purposes.

What tools or software do I need?

You’ll need a Windows-based virtual machine, a code editor (like Visual Studio), and basic debugging tools.

Will there be source code included?

Yes, you’ll have access to code examples, templates, and exercises to help you build and understand each module.

What if I get stuck?

You’ll have access to detailed explanations and walkthroughs. If you’re taking this on a platform with community support or instructor Q&A, feel free to ask questions there as well.

How can I pay for the course?

You can pay with a credit card or PayPal through the standard checkout process. If you prefer to pay with cryptocurrency, just send an email to s12deff@gmail.com and you’ll receive the instructions to complete your crypto payment.

Instructor

s12offsec

374 Students

4 Courses

Featured Review

This course was a game-changer for me. It breaks down complex malware concepts into clear, hands-on lessons. I built my own fully functional RAT while learning real evasion tactics like NTDLL unhooking and rootkit behavior. Perfect for anyone serious about red teaming or malware dev.

$29.99$24.99

Student:

62 Students

Lesson:

31 Lessons

Duration: Lifetime

Quiz:

0 Quizzes

Level: All levels