BruteSpray: A Brute-forcer From Nmap Output And Automatically Attempts Default Creds On Found Services

About BruteSpray: BruteSpray takes nmap GNMAP/XML output or newline seperated JSONS and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap.

BruteSpay's Installation

   With Debian users, the only thing you need to do is this command:
sudo apt install brutespray

   For Arch Linux user, you must install Medusa first: sudo pacman -S medusa

   And then, enter these commands to install BruteSpray:

Supported Services: ssh, ftp, telnet, vnc, mssql, mysql, postgresql, rsh, imap, nntpp, canywhere, pop3, rexec, rlogin, smbnt, smtp, svn, vmauthdv, snmp.

How to use BruteSpray?

   First do an Nmap scan with -oG nmap.gnmap or -oX nmap.xml.
   Command: python3 brutespray.py -h
   Command: python3 brutespray.py --file nmap.gnmap
   Command: python3 brutesrpay.py --file nmap.xml
   Command: python3 brutespray.py --file nmap.xml -i

   You can watch more details here:

Examples

   Using Custom Wordlists:
python3 brutespray.py --file nmap.gnmap -U /usr/share/wordlist/user.txt -P /usr/share/wordlist/pass.txt --threads 5 --hosts 5

   Brute-Forcing Specific Services:
python3 brutespray.py --file nmap.gnmap --service ftp,ssh,telnet --threads 5 --hosts 5

   Specific Credentials:
python3 brutespray.py --file nmap.gnmap -u admin -p password --threads 5 --hosts 5

   Continue After Success:
python3 brutespray.py --file nmap.gnmap --threads 5 --hosts 5 -c

   Use Nmap XML Output:
python3 brutespray.py --file nmap.xml --threads 5 --hosts 5

   Use JSON Output:
python3 brutespray.py --file out.json --threads 5 --hosts 5

   Interactive Mode: python3 brutespray.py --file nmap.xml -i

Data Specs
{"host":"127.0.0.1","port":"3306","service":"mysql"}
{"host":"127.0.0.10","port":"3306","service":"mysql"}
...

Changelog: Changelog notes are available at CHANGELOG.md.

You might like these similar tools:

• BruteDum: Brute Force attacks SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Hydra, Medusa and Ncrack
• FTPBruter: A FTP Server Brute forcing tool written in Python 3
• Blazy - Crack Website Logins in seconds with Bruteforce attacks
• SocialBox: A Bruteforce Attack Framework for Social Networks
• Ncrack: An High-speed Open-source Network cracking tool
• Medusa: A Speedy, Parallel And Modular Login Brute-forcing Tool

Download BruteSpray

More info

1. Pentest Tools
2. How To Install Pentest Tools In Ubuntu
3. Hack Tools Pc
4. Hacking Tools Windows
5. Pentest Tools For Mac
6. Free Pentest Tools For Windows
7. Pentest Tools Website Vulnerability
8. World No 1 Hacker Software
9. Pentest Tools For Mac
10. Pentest Tools Free
11. Hack Tools For Games
12. Pentest Tools Apk
13. Hacking Tools For Mac
14. Best Hacking Tools 2019
15. Wifi Hacker Tools For Windows
16. Hacker Tools Mac
17. Tools For Hacker
18. Pentest Tools Port Scanner
19. Pentest Tools For Android