extracting-config-from-agent-tesla-rat
mukul975/Anthropic-Cybersecurity-Skills
This script is designed for malware analysis, specifically targeting .NET-based Remote Access Trojans (RATs) like Agent Tesla. It automatically extracts embedded and obfuscated configuration data, including SMTP credentials, FTP endpoints, Telegram tokens, and C2 webhooks. It utilizes advanced techniques such as regex pattern matching, Base64 decoding, and simulating XOR/SHA256 decryption to reveal critical threat intelligence for security research.
