About BruteSpray: BruteSpray takes nmap GNMAP/XML output or newline seperated JSONS and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the
-sV
inside Nmap.BruteSpay's Installation
With Debian users, the only thing you need to do is this command:
sudo apt install brutespray
For Arch Linux user, you must install Medusa first:
sudo pacman -S medusa
And then, enter these commands to install BruteSpray:
Supported Services: ssh, ftp, telnet, vnc, mssql, mysql, postgresql, rsh, imap, nntpp, canywhere, pop3, rexec, rlogin, smbnt, smtp, svn, vmauthdv, snmp.
How to use BruteSpray?
First do an Nmap scan with
-oG nmap.gnmap
or -oX nmap.xml
.Command:
python3 brutespray.py -h
Command:
python3 brutespray.py --file nmap.gnmap
Command:
python3 brutesrpay.py --file nmap.xml
Command:
python3 brutespray.py --file nmap.xml -i
You can watch more details here:
Examples
Using Custom Wordlists:
python3 brutespray.py --file nmap.gnmap -U /usr/share/wordlist/user.txt -P /usr/share/wordlist/pass.txt --threads 5 --hosts 5
Brute-Forcing Specific Services:
python3 brutespray.py --file nmap.gnmap --service ftp,ssh,telnet --threads 5 --hosts 5
Specific Credentials:
python3 brutespray.py --file nmap.gnmap -u admin -p password --threads 5 --hosts 5
Continue After Success:
python3 brutespray.py --file nmap.gnmap --threads 5 --hosts 5 -c
Use Nmap XML Output:
python3 brutespray.py --file nmap.xml --threads 5 --hosts 5
Use JSON Output:
python3 brutespray.py --file out.json --threads 5 --hosts 5
Interactive Mode:
python3 brutespray.py --file nmap.xml -i
Data Specs
{"host":"127.0.0.1","port":"3306","service":"mysql"}
{"host":"127.0.0.10","port":"3306","service":"mysql"}
...
Changelog: Changelog notes are available at CHANGELOG.md.
You might like these similar tools:
- BruteDum: Brute Force attacks SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Hydra, Medusa and Ncrack
- FTPBruter: A FTP Server Brute forcing tool written in Python 3
- Blazy - Crack Website Logins in seconds with Bruteforce attacks
- SocialBox: A Bruteforce Attack Framework for Social Networks
- Ncrack: An High-speed Open-source Network cracking tool
- Medusa: A Speedy, Parallel And Modular Login Brute-forcing Tool
Related links
- Best Hacking Tools 2019
- Hacking Tools For Kali Linux
- Hacker Tools Linux
- Black Hat Hacker Tools
- Hack Apps
- Pentest Tools Website
- Pentest Tools For Mac
- Hack Tools Online
- Hacking Tools For Beginners
- Github Hacking Tools
- Wifi Hacker Tools For Windows
- Hacker
- Hacker Tools For Windows
- How To Install Pentest Tools In Ubuntu
- Hacking Tools For Pc
- Hacking Tools
- Pentest Tools Url Fuzzer
- World No 1 Hacker Software
- Blackhat Hacker Tools
No comments:
Post a Comment