BruteSpray v1.5 – Brute-Forcing Services with Medusa

BruteSpray takes nmap GNMAP/XML output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap.
Changelog v1.5
- added interactive mode
Supported Services
- ssh
- ftp
- telnet
- vnc
- mssql
- mysql
- postgresql
- rsh
- imap
- nntp
- pcanywhere
- pop3
- rexec
- rlogin
- smbnt
- smtp
- svn
- vmauthd
Usage Examples:
Using Custom Wordlists:
python brutespray.py --file nmap.gnmap -U /usr/share/wordlist/user.txt -P /usr/share/wordlist/pass.txt --threads 5 --hosts 5
Brute-Forcing Specific Services:
python brutespray.py --file nmap.gnmap --service ftp,ssh,telnet --threads 5 --hosts 5
More information: here
[button size=large style=round color=red align=none url=https://github.com/x90skysn3k/brutespray]Download BruteSpray v1.5[/button]
Thanks to Shane Young for sharing this tool with us.