Brosec is an open source terminal based tool to help all the security professionals generate the right payloads and commands. It can show you all the most popular commands you can use for information gathering, Linux, Windows, web and utilize payloads.
Let’s clone the repository, first.
git clone https://github.com/gabemarshall/Brosec.git
After that install the missing dependencies.
apt-get install npm npm install
Now, you are good to go.
To run brosec, execute the script inside the folder.
cd Brosec/ ./bros
As you can see below, the interface is easy to use, you just need to type the right option.
Let’s dig it a little. So, for example let’s say I have an exploit written in perl and I want to embed my own reverse payload. I type ‘5‘, and go to the reverse shell category to see all the examples.
In another example, I’ve successfully exploited a Linux target and want to perform a Privilege Escalation attack. I type ‘2‘ and then go to the ‘Privesc‘ tab. I see some useful commands I can run against the target.
Brosec also has it’s own modules to choose between http ot ftp server. You can also encode various payloads, which it might be helpful to bypass basic security.