XRAT is an XSS Shell to be used for educational purposes and the lulz. For those familiar with the BEEF Project, or the Browser Exploitation Framework, it is very similar, in that we are utilizing some sort of xss vulnerability to open up a connection with this command and control server. XRAT is intended to be an easy to deploy tool, that can be hosted across the Google App Engine service.
This is just an initial push of what I've hacked together over a weekend. Over the coming weeks there will be a lot of refactoring and cleaning up the code to make it approachable and maintainable by others