Remote access software, legitimate tools for illicit purposes
Λογισμικά απομακρυσμένης πρόσβασης, νόμιμα εργαλεία για παράνομη χρήση
View/
Keywords
Remote Access Software (RAS) ; Remote Monitoring and Management (RMM) ; Digital forensics ; Incident response ; AnyDesk ; TeamViewer ; Forensic artifacts ; Cybersecurity ; RatFinder toolAbstract
As technology continues to advance, remote access software is becoming increasingly popular
among I.T. administrators, thanks to its ability to provide quick and convenient support. However,
despite its benefits, such software does not come without its drawbacks, as it is frequently exploited
by malicious actors to gain unauthorized access to corporate networks, posing a significant
security threat.
By exploiting legitimate tools, either through vulnerabilities or by using stolen, default, or guessed
credentials, attackers can conceal their malicious activities, making them more difficult to detect
and flag as suspicious (Leyden 2024).
This thesis presents a forensic tool designed to assist forensic investigators in the analysis of
remote access software activity, with the focus on AnyDesk and TeamViewer. The tool parses
relevant log and configuration files, generating structured reports, enabling examiners to identify
suspicious traffic and patterns, thus supporting incident response in cases where such software
has been misused.
The source code of the RatFinder tool is available at: https://github.com/NickZagotsis/Rat-Finder
Department
Σχολή Τεχνολογιών Πληροφορικής και Επικοινωνιών. Τμήμα ΠληροφορικήςNumber of pages
48Language
EnglishCollections
Except where otherwise noted, this item's license is described as
Αναφορά Δημιουργού - Μη Εμπορική Χρήση - Παρόμοια Διανομή 3.0 Ελλάδα
Αναφορά Δημιουργού - Μη Εμπορική Χρήση - Παρόμοια Διανομή 3.0 Ελλάδα