BruteSpray v1.5 – Brute-Forcing Services with Medusa

BruteSpray takes nmap GNMAP/XML output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap.

Changelog v1.5

added interactive mode

Supported Services

ssh
ftp
telnet
vnc
mssql
mysql
postgresql
rsh
imap
nntp
pcanywhere
pop3
rexec
rlogin
smbnt
smtp
svn
vmauthd

Usage Examples:

Using Custom Wordlists:

python brutespray.py --file nmap.gnmap -U /usr/share/wordlist/user.txt -P /usr/share/wordlist/pass.txt --threads 5 --hosts 5

Brute-Forcing Specific Services:

python brutespray.py --file nmap.gnmap --service ftp,ssh,telnet --threads 5 --hosts 5

More information: here

[button size=large style=round color=red align=none url=https://github.com/x90skysn3k/brutespray]Download BruteSpray v1.5[/button]

Thanks to Shane Young for sharing this tool with us.

MaxiSoler

www.artssec.com @maxisoler

BruteSpray v1.5 – Brute-Forcing Services with Medusa

Changelog v1.5

Supported Services

Usage Examples:

MaxiSoler

Strengthening Security: ToolsWatch Welcomes Dr. Magda Lilia Chelly and Vivek Ramachandran to Black Hat Arsenal’s Board of Review

GISEC Armory Edition 1 Dubai 2024 – Call For Tools is Open

Black Hat Arsenal 2024 Next Stop Singapore !

ToolsWatch introducing Armory at Gisec 2024 in Dubai: A New Arena for Cybersecurity Open Source Tools Announced

Unveiling the Awesome Lineup for Black Hat MEA Arsenal 2023 in Riyadh, KSA

Announcing the First Black Hat / ToolsWatch SecTor Toronto 2023 Arsenal Tools and Their Impact on the Community

Copyright

Latest posts