Introducing CS2BR pt. II – One tool to port them all

Introduction In the previous post of this series we showed why Brute Ratel C4 (BRC4) isn't able to execute most BOFs that use the de-facto BOF API standard by Cobalt Strike (CS): BRC4 implements their own BOF API which isn't compatible with the CS BOF API. Then we also outlined an approach to solve this … Continue reading Introducing CS2BR pt. II – One tool to port them all →

Introducing CS2BR pt. I – How we enabled Brute Ratel Badgers to run Cobalt Strike BOFs

If you know all about CS, BRC4 and BOFs you might want to skip this introduction and get right into the problem statement. You can also jump right to the solution. Introduction When we conduct Red Team assessments at NVISO, we employ a wide variety of proprietary and open source tools. One central component in … Continue reading Introducing CS2BR pt. I – How we enabled Brute Ratel Badgers to run Cobalt Strike BOFs →