BruteSpray: A tool brute-forces services

BruteSpray takes nmap GNMAP/XML output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap.

Usage:

Using Custom Wordlists:

python brutespray.py --file nmap.gnmap -U /usr/share/wordlist/user.txt -P /usr/share/wordlist/pass.txt --threads 5 --hosts 5

Brute-Forcing Specific Services:

python brutespray.py --file nmap.gnmap --service ftp,ssh,telnet --threads 5 --hosts 5

Specific Credentials:

python brutespray.py --file nmap.gnmap -u admin -p password --threads 5 --hosts 5

Continue After Success:

python brutespray.py --file nmap.gnmap --threads 5 --hosts 5 -c

Use Nmap XML Output:

python brutespray.py --file nmap.xml --threads 5 --hosts 5

Interactive Mode:

python brutespray.py --file nmap.xml -i

Supported Services

1. ssh
2. ftp
3. telnet
4. vnc
5. mssql
6. mysql
7. postgresql
8. rsh
9. imap
10. nntp
11. pcanywhere
12. pop3
13. rexec
14. rlogin
15. smbnt
16. smtp
17. svn
18. vmauthd

2. 
   

Download Now