Hackers usually use software like RATs and keystroke loggers to hack victim's password. To get logs of victim while being offline, attacker uses a ftp server and if you have read my previous tutorials on sniffing then you might be already knowing that ftp protocol is susceptible to sniffing using this weakness of protocol you can hack a hacker using sniffer. So if anyhow you feel that you have been hacked using a RAT then get a sniffing tool like wireshark(my favorite) or Cain and Abel. Both are really powerful tools to analyze and retrieve information from packets.
So install a sniffer and start analyzing packets that are leaving your system. Please read previous my tutorials on wireshark and ARP poisoning to know how to sniff and analyze packets using wireshark and Cain and Abel. After analyzing packets you will get user-name and password of attacker's ftp server. Use that information to log-in into his/her ftp account do whatever you want and take revenge for planting RAT in your system. Like this you'll hack a hacker and tell him/her this time he/she has messed with a wrong guy.