Hacking Tools

Powershell-RAT | A Backdoor Tool to Extract Data via Gmail

Powershell-RAT is a Python and Powershell script tool that has been made to help a pen tester during red team engagements to backdoor Windows machines. It tracks user activity using screen capture and sends the information to an attacker as an e-mail attachment. The tool is FUD as of Black Hat 2019, you can find the presentation slides HERE.


This tool requires Python3 and a windows machine
1 – Go to Github Repository

2 – Download as ZIP
3 – Extract Here

4 – Content of the file

5 – Before running the script change those values with your newly created Gmail Account details in Mail.ps1
$username $password
and $msg.From and $msg.To.Add with throwaway Gmail addresses


1 – Open CMD with admin privileges and navigate the Powershell-RAT Folder
For me, it will look like this

2 – Execute the script

3 – Let’s try HailMary for a quick Backdoor option
Write: “8” to choose Hail Mary

4 – After Choosing "8" You will get something like this

5 – We can open task schedulers in Windows to check the task created

As we can see the backdoor is successfully executed in the victim machine

What Bunny Rating Does it Get?


– Stealthy
– Easy to Use
– Many useful options

– Requires “Allowing Gmail for a less secure app ” In order to work
– Needs more Features

To Top

Pin It on Pinterest

Share This