norobb · norobb · Feb 17, 2026 · Feb 17, 2026 · Feb 17, 2026 · Feb 17, 2026
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,27 @@
+
+name: CI
+
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+
+jobs:
+  build-and-test:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v3
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Build and start services
+        run: docker compose up -d --build
+
+      - name: Run tests
+        run: docker compose run --rm test
+
+      - name: Shut down services
+        run: docker compose down
diff --git a/.github/workflows/docker-compose.yml b/.github/workflows/docker-compose.yml
diff --git a/AGENT.md b/AGENT.md
@@ -8,7 +8,7 @@
 
 ## Architecture
 - **FastAPI Backend (`server.py`):** Manages WebSocket connections from both the web UI and RAT clients. Uses JWT for secure UI authentication and features a robust, asynchronous architecture. Handles command forwarding and client state management.
-- **Python Client (`client.py`):** Connects to the server via WebSocket, registers itself by sending a structured JSON `info` message, and then awaits commands. Includes modules for screen streaming (base64), file operations, and system information gathering. Features persistence on Windows and a keylogger.
+- **Python Client (`client.py`):** Connects to the server via WebSocket, registers itself by sending a structured JSON `info` message, and then awaits commands. Includes modules for screen streaming (base64), file operations, and system information gathering. Features cross-platform persistence (Windows, macOS, Linux) and a keylogger.
 - **Web UI (`index.html`):** A responsive, single-page application built with Tailwind CSS and vanilla JavaScript. Provides a full control panel for interacting with connected clients, viewing live media streams, and monitoring server status. It is optimized for both desktop and mobile use.
 - **Authentication:** JWT for the web UI, ensuring that only authenticated users can connect to the WebSocket and access the control panel. Includes brute-force protection.
 

diff --git a/Dockerfile b/Dockerfile
@@ -1,20 +1,26 @@
 # --- Stage 1: Build / Dependencies ---
-FROM python:3.10-slim as builder
+FROM python:3.10 AS builder
 
-WORKDIR /app
-
-# Create a non-root user
+# Create a non-root user for building
 RUN useradd --create-home appuser
+USER appuser
 WORKDIR /home/appuser
 
 # Copy only requirements to leverage Docker cache
 COPY requirements.txt .
 
-# Install dependencies
-RUN pip install --no-cache-dir -r requirements.txt
+# Install dependencies to the user's local directory
+# This ensures we can build C extensions like evdev
+RUN pip install --user --no-cache-dir -r requirements.txt
 
 # --- Stage 2: Final Image ---
-FROM python:3.10-slim as final
+FROM python:3.10-slim AS final
+
+# Install runtime dependencies for OpenCV and other modules
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    libgl1 \
+    libglib2.0-0 \
+    && rm -rf /var/lib/apt/lists/*
 
 # Create and switch to a non-root user
 RUN useradd --create-home appuser
@@ -34,4 +40,4 @@ ENV PATH=/home/appuser/.local/bin:$PATH
 EXPOSE 8000
 
 # Command to start the server
-CMD ["uvicorn", "server:app", "--host", "0.0.0.0", "--port", "8000"]
+CMD ["uvicorn", "server:app", "--host", "0.0.0.0", "--port", "8000"]
diff --git a/Dockerfile.client b/Dockerfile.client
@@ -1,21 +1,32 @@
-
 # --- Stage 1: Build / Dependencies ---
-FROM python:3.10-slim as builder
-
-WORKDIR /app
+FROM python:3.10 AS builder
 
-# Create a non-root user
+# Create a non-root user for building
 RUN useradd --create-home appuser
+USER appuser
 WORKDIR /home/appuser
 
 # Copy only requirements to leverage Docker cache
 COPY requirements.txt .
 
-# Install dependencies
-RUN pip install --no-cache-dir -r requirements.txt
+# Install dependencies to the user's local directory
+RUN pip install --user --no-cache-dir -r requirements.txt
 
 # --- Stage 2: Final Image ---
-FROM python:3.10-slim as final
+FROM python:3.10-slim AS final
+
+# Install runtime dependencies for OpenCV, X11, and other modules
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    libgl1 \
+    libglib2.0-0 \
+    libx11-6 \
+    libxtst6 \
+    libxi6 \
+    libxext6 \
+    libxrender1 \
+    libice6 \
+    libsm6 \
+    && rm -rf /var/lib/apt/lists/*
 
 # Create and switch to a non-root user
 RUN useradd --create-home appuser

diff --git a/Dockerfile.test b/Dockerfile.test
@@ -1,6 +1,18 @@
+# Use a full python image for tests to ensure all build dependencies and headers are available
+FROM python:3.10
 
-# Use the same base image as the application
-FROM python:3.10-slim
+# Install runtime dependencies for OpenCV, X11, etc.
+RUN apt-get update && apt-get install -y --no-install-recommends \
+    libgl1 \
+    libglib2.0-0 \
+    libx11-6 \
+    libxtst6 \
+    libxi6 \
+    libxext6 \
+    libxrender1 \
+    libice6 \
+    libsm6 \
+    && rm -rf /var/lib/apt/lists/*
 
 WORKDIR /app
 

diff --git a/README.md b/README.md
@@ -16,7 +16,7 @@ This project is a cross-platform Remote Administration Tool (RAT) written in Pyt
   - Process Manager (list, kill)
   - System Information
   - Keylogger
-  - Persistence
+  - Persistence (Windows, macOS, Linux)
 
 ## Project Structure