Brute Ratel C4 [1.4.5]

[pinkman]

Brute Ratel is a pentest tool, a post-exploitation framework. It allows you to deploy (badgers) on remote hosts that connect to the attacker's control server to receive commands or transmit the results of already launched commands to operators.

The tool is focused on evading detection by EDR and antivirus solutions, almost all security products do not detect malware in it.

Features:

Opening accounts. For this, you can use LDAP queries, the commands "net group "Domain Admins" /domain" and "net user /domain".
Using web protocols. For C2 communication, you can use HTTPS and DNS over HTTPS.
Using the Windows command line shell. You can use cmd.exe to execute commands.
Masking. For example, Brute Ratel C4 can use Microsoft Word icons to hide malicious LNK files.
Calling and dynamically resolving hashed APIs.
Create Windows system services. They can be created to execute commands.
Launch via opening malicious documents. Brute Ratel C4 can be launched when the user opens malicious documents.
Call NtDelayExecution to pause execution.
download:

To view the content, you need to Sign In or Register.

 

[Mohavwhbs]

+

 

[csxexeerx]

thanks

 

[HqComboSpace]

!

 

[bzfnatlwg]

123

 

[phamhuu1]

best

 

[plilyuds]

!

 

[cloudwalk]

123

 

[ReaperRefs]

+

 

[kibidzi]

Brute Ratel is a pentest tool, a post-exploitation framework. It allows you to deploy (badgers) on remote hosts that connect to the attacker's control server to receive commands or transmit the results of already launched commands to operators.

The tool is focused on evading detection by EDR and antivirus solutions, almost all security products do not detect malware in it.

Features:

Opening accounts. For this, you can use LDAP queries, the commands "net group "Domain Admins" /domain" and "net user /domain".
Using web protocols. For C2 communication, you can use HTTPS and DNS over HTTPS.
Using the Windows command line shell. You can use cmd.exe to execute commands.
Masking. For example, Brute Ratel C4 can use Microsoft Word icons to hide malicious LNK files.
Calling and dynamically resolving hashed APIs.
Create Windows system services. They can be created to execute commands.
Launch via opening malicious documents. Brute Ratel C4 can be launched when the user opens malicious documents.
Call NtDelayExecution to pause execution.
download: *** Hidden text: cannot be quoted. ***

 

[Brythan]

hm

 

[Anurikaaq]

thanks

 

[CYBER_CLD]

thanks

 

[20mg]

ok

 

[CRIME]

great

 

[asssaaam]

Brute Ratel is a pentest tool, a post-exploitation framework. It allows you to deploy (badgers) on remote hosts that connect to the attacker's control server to receive commands or transmit the results of already launched commands to operators.

The tool is focused on evading detection by EDR and antivirus solutions, almost all security products do not detect malware in it.

Features:

Opening accounts. For this, you can use LDAP queries, the commands "net group "Domain Admins" /domain" and "net user /domain".
Using web protocols. For C2 communication, you can use HTTPS and DNS over HTTPS.
Using the Windows command line shell. You can use cmd.exe to execute commands.
Masking. For example, Brute Ratel C4 can use Microsoft Word icons to hide malicious LNK files.
Calling and dynamically resolving hashed APIs.
Create Windows system services. They can be created to execute commands.
Launch via opening malicious documents. Brute Ratel C4 can be launched when the user opens malicious documents.
Call NtDelayExecution to pause execution.
download: *** Hidden text: cannot be quoted. ***

ss

 

[JackAsian]

q

 

[hitare144]

ty

 

[crtona]

good