Brosec is a terminal based reference utility designed to help us infosec bros and broettes with useful (yet sometimes complex) payloads and commands that are often used during work as infosec practitioners. An example of one of Brosec's most popular use cases is the ability to generate on the fly reverse shells (python, perl, powershell, etc) that get copied to the clipboard.
Assuming the user has already set up the required variables (see the Getting Started section of the wiki) a reverse shell using the awk command can be generated as easy as...
Or maybe you need to remotely invoke a Powershell script? A download cradle can be generated like so.
Need a quick web server? Forget python SimpleHTTPServer, bros has your back with
bros http when entered via the command line. An SSL server?
bros https has you covered.
A encoder/decoder utility designed with penetration testers in mind that often find the need to encode and decode various payloads.
Learn about these features and more on the Brosec wiki.
The preferred method of installation (in order to get all of the latest updates) is to clone the source and install the dependencies manualy (git clone && npm install).
However, a stable build can be quickly installed via the following instructions.
brew tap t94j0/security- Use t94j0's tap which contains the brosec formula
brew install brosec- Installs the brosec package
apt-get install npm build-essential g++ xsel Install dependencies
npm install -g n Install n (nodejs version manager)
npm config set registry http://registry.npmjs.org/
n latest Install latest version of nodejs
npm install -g Brosec - Install Brosec (may need sudo to symlink to /usr/local/bin)
npm install -g Brosec- Install Brosec
Want a free Brosec sticker?
Submit a pull request, create an issue, or just send feedback to email@example.com and I'll happily send you a sticker (supplies limited, free shipping to continental US only).
Otherwise you can order one from StickerMule
Brosec was heavily inspired by the Red Team Field Manual by Ben Clark. In addition, many payloads were referenced from other resources and deserve a shoutout.
Special thanks to @LuxCupitor