Brute Ratel C4 Blogs

Keep yourself updated with the latest tactics and techniques using Brute Ratel C4.

  • Release v0.7 - The Pain of Tsukuyomi

    Release

    Brute Ratel v0.7.0 (Tsukuyomi) is now available for download and provides a major update towards in-memory evasion and addition of open source tooling. This release also contains addition and conversion of several public BOFs to internal functions of Brute Ratel so that users won’t have to depend on public BOFs which might not necessarily be stable. This also helps to avoid VirtualAlloc API call for BOF allocation altogether which is an added cherry on the top. I have listed the technical details of the release below, however a detailed list on the features and bug fixes can be found in the release notes.

  • Release v0.6 - Resurrection

    Release

    Brute Ratel v0.6.0 (Resurrection) is now available for download and provides a major update towards the x86 architecture support and various in-memory execution features. This release contains a major rewrite of a portion of the backend which provides better stability, at the same time allowing to make feature additions easier for future releases. I have listed the technical details of the release below, however a detailed list on the features and bug fixes can be found in the release notes.

  • Release v0.5 - Syndicate

    Release

    Brute Ratel v0.5.0 (Syndicate) is now available for download and provides a major update towards several features and the user interface of Brute Ratel. Commander comes with a new user interface providing a much more granular information on the metadata of the C4 features which can be seen in the figure below.

  • Update v0.4.2 - Chaos Theory

    Release

    This is a minor update to Brute Ratel C4 v0.4.1 (Chaos Theory) which was released a few days back. This update brings a minor feature release and a few UI bug fixes on Commander. The next major release will be focusing on Credential Harvesting. So, I decided to add the process mitigation policy feature as a minor update along with some bug fixes before I move to the next major release.

  • Release v0.4.1 - Chaos Theory

    Release

    Brute Ratel C4 v0.4.1 (Chaos Theory) is now available for download and provides a major update towards process injection, memory allocation, thread execution and Adversary Simulations. Multiple other commands for discovery and lateral movement and graphical changes for ease of use have also been added to the Badger and the Commander UI.

  • Release v0.3 - Pivots, Rotations and Payloads

    Release

    Brute Ratel C4 v0.3 (Vendetta) is now available for download and provides a major update towards lateral movement and payload generation capabilities. We have officially started providing trial licenses of 7 days now which wasn’t possible earlier due to the way the licensing system was programmed.

  • Release v0.2 - Big Things Have Small Beginnings

    Release

    Brute Ratel C4 v0.2 (Prometheus) is now available for download and provides a major update towards process injections and adversary simulations. Along with this release, we have started providing access to an Active Directory trial lab to test the features of injection and pivoting of BRC4 over the test environment.