nuclei-templates/http/exposed-panels/c2/brute-ratel-c4.yaml

id: brute-ratel-c4

info:
  name: Brute Ratel C4 - Detect
  author: pussycat0x
  severity: info
  description: |
    Brute Ratel C4 (BRc4) is a legit red-teaming tool designed from the ground up with evasion capabilities in mind, but in the wrong hands can cause significant damage. Learn how to protect your organization with our Brute Ratel C4 Spotlight.
  reference:
    - https://bruteratel.com/
  metadata:
    verified: "true"
    max-request: 1
    shodan-query: http.html_hash:-1957161625
  tags: c2,bruteratel,c4,panel

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers-condition: and
    matchers:
      - type: dsl
        dsl:
          - "contains(body, '404 file not found')"
          - "(\"1a279f5df4103743b823ec2a6a08436fdf63fe30\" == sha1(body))"
        condition: and
# digest: 4a0a00473045022100cd5cd2330b7e2d4096dbe45a8b705242bfb468b852259e14afc4d7068a444f150220237c96a8d367ae034fc8fd5e37492345eab15c7f3366a51e019a768450c75acc:922c64590222798bb761d5b6d8e72950
Brute Ratel C4 - Detect 2023-06-14 07:14:22 +00:00			`id: brute-ratel-c4`

			`info:`
			`name: Brute Ratel C4 - Detect`
			`author: pussycat0x`
			`severity: info`
			`description: \|`
			`Brute Ratel C4 (BRc4) is a legit red-teaming tool designed from the ground up with evasion capabilities in mind, but in the wrong hands can cause significant damage. Learn how to protect your organization with our Brute Ratel C4 Spotlight.`
			`reference:`
			`- https://bruteratel.com/`
			`metadata:`
TemplateMan Update [Fri Jun 7 10:04:28 UTC 2024] :robot: 2024-06-07 10:04:29 +00:00			`verified: "true"`
TemplateMan Update [Wed Jun 21 21:03:53 UTC 2023] :robot: 2023-06-21 21:03:53 +00:00			`max-request: 1`
Brute Ratel C4 - Detect 2023-06-14 07:14:22 +00:00			`shodan-query: http.html_hash:-1957161625`
add panel tag to http/exposed-panels/ templates 2023-06-30 22:49:09 +00:00			`tags: c2,bruteratel,c4,panel`
Brute Ratel C4 - Detect 2023-06-14 07:14:22 +00:00
			`http:`
			`- method: GET`
			`path:`
			`- "{{BaseURL}}"`

			`matchers-condition: and`
			`matchers:`
			`- type: dsl`
			`dsl:`
			`- "contains(body, '404 file not found')"`
			`- "(\"1a279f5df4103743b823ec2a6a08436fdf63fe30\" == sha1(body))"`
fix tags 2023-06-14 07:30:20 +00:00			`condition: and`
Auto Template Signing [Sat Jun 8 16:02:16 UTC 2024] :robot: 2024-06-08 16:02:17 +00:00			`# digest: 4a0a00473045022100cd5cd2330b7e2d4096dbe45a8b705242bfb468b852259e14afc4d7068a444f150220237c96a8d367ae034fc8fd5e37492345eab15c7f3366a51e019a768450c75acc:922c64590222798bb761d5b6d8e72950`