Skip to content

1ndahous3/br3k

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

39 Commits
.cargo
.cargo
 
 
.github/workflows
.github/workflows
 
 
cli
cli
 
 
deps
deps
 
 
dll
dll
 
 
docs
docs
 
 
lib
lib
 
 
scripts
scripts
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
Cargo.toml
Cargo.toml
 
 
README.md
README.md
 
 

Repository files navigation

br3k

br3k is a mini-framework for Windows pentesting, designed to implement non-standard scenarios and combine interesting methods.

It provides many options to vary the pentest flow: selecting different strategies, choosing the system API backend, and configuring dispatch for specific low-level functions. Some features are documented in core notes.

The repository includes many well-known pentest techniques (process injection, payload delivery between targets) and other scripts (see scripts notes).

Usage Notice

Use this project only for authorized, non-malicious education, research, and testing.

Usage

The tool consists of two parts:

  1. Core: an .exe/.dll binary with low-level Windows code and a built-in Python interpreter. At runtime it provides the br3k Python module.
  2. Scripts: Python scripts that use the br3k module API to implement concrete techniques and test scenarios.

Notes

br3k is not Frida

br3k is similar in spirit to Frida: both are scriptable, process-oriented, and useful for research workflows where a high-level script drives low-level native operations. Both projects allow the operator to inject payloads or scripts into different targets, trace their internals, play with process code and shellcode, and use script primitives to implement complex test scenarios.

Frida is a broad, mature, cross-platform instrumentation framework, whereas br3k is a narrower Windows-focused research framework. br3k is more internals-heavy and more oriented toward experimenting with less common primitives, keeping many low-level choices visible: strategies to open a process, read/write process memory, use different low-level API variants, and so on.

Also, everybody loves Python more than JavaScript :)

Why Rust

Originally prototyped in C/C++, this project was later rewritten in Rust because:

  • Cargo provides many libraries, avoiding git submodules or copying header-only helpers.
  • build.rs allows flexible code generation and custom build logic without CMake hacks and external scripts.
  • RustPython allows easy embedding of a Python VM, unlike CPython, which is extremely hard to statically compile with frozen stdlib modules.
  • Rust reflection simplifies generating code for various structs.

The project uses unsafe code extensively, so Rust is chosen for convenience and tooling rather than memory safety.

Acknowledgments

About

We have pentest framework at home.

Resources

Readme
Activity

Stars

11 stars

Watchers

2 watching

Forks

2 forks
Report repository

Releases 2

v0.501.0 Latest
May 17, 2026
+ 1 release

Contributors

Languages