Brutal Toolkit

~Brutal Codename Reaper~

Created By Screetsec –

Made by the folks @Screetsec codename Reaper is a full fledged toolkit like some exploit kits this comes with features like creating a Reverse TCP injection using PowerShell or even getting credentials using MimiKatz. There are many other features included and we will go over the installation and use as well. Here you can see something mentioned about Teensy which is like a rubber ducky for those who don’t know what that is yeah tell me about it I had to google it years ago myself. It is very robust and dangerous as it easily sneaks onto the system without the need for HID attacks. Check page for complete description as there is much more to explain about the toolkit as it has many features available to security personnel.

<Click Window for GitHub link>




Installing on Kali of course works usually the best as most Security guys are using it along with Parrot Sec or some other Linux distro. First you have to like many tools written in Shell is change the permissions after you first run git clone . Once you complete that then type chmod +x ./Brutal and you in there and will be able to now execute the script.

<Click Window for GitHub link>

~The Fun Part Test driving it~

To execute the script make sure you are of course in the same directory and type ./Brutal and the menu will pop up as you can see in the image. Next I choose number 1 for using it to inject a payload into a PowerShell script. This was very easy as the developer used similar techniques used to automate the process by just prompting you > to enter just the information needed at the time. This helps as usually like with msfvenom you will need a lengthy command with a million parameters and can easily go south. Here you enter the details one step at a time which is a great feature many new tools have.


~Creating mah Payload~

So here you can see straight forward and beautiful I type ifconfig in another command window and get my local IP address and choose any port. Be cautious of this as a System Admin one thing I looked for was those common ports we use like 8080 or 4444 anything mainstream with Metasploit or Burp. These set off alarms for me it will surely do that for anyone other well infomed security professional. After that you will need to select your payload type and it then creates a PowerShell script with a Payload encoded into it to hide the commands so only the system knows what to do with the scrambled data.


~Final Output for Payload and PowerShell Script~

Just testing the one I was able to within minutes create a well respected script and payload to attack a Windows system. There many other options and recommend this tool as a very aggressive toolkit to test your Windows or even it can create a Payload to add a user or even enable RDP remotely. This is a great tool and good luck and happy bug hunting out there stay safe!

Leave a Reply

Your email address will not be published. Required fields are marked *