{"id":19307426,"url":"https://github.com/codexlynx/brutemq","last_synced_at":"2025-04-22T12:36:36.743Z","repository":{"id":40582744,"uuid":"152996889","full_name":"codexlynx/brutemq","owner":"codexlynx","description":":skull: An exotic service bruteforce tool.","archived":false,"fork":false,"pushed_at":"2025-04-12T16:19:57.000Z","size":47,"stargazers_count":12,"open_issues_count":0,"forks_count":3,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-04-12T16:44:51.311Z","etag":null,"topics":["amqp","brute-force","etcd","hacking","message-broker","rabbitmq","red-team","vault"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/codexlynx.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2018-10-14T16:51:57.000Z","updated_at":"2025-04-12T16:20:00.000Z","dependencies_parsed_at":"2022-08-27T02:49:24.779Z","dependency_job_id":null,"html_url":"https://github.com/codexlynx/brutemq","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codexlynx%2Fbrutemq","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codexlynx%2Fbrutemq/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codexlynx%2Fbrutemq/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/codexlynx%2Fbrutemq/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/codexlynx","download_url":"https://codeload.github.com/codexlynx/brutemq/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250242091,"owners_count":21398065,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["amqp","brute-force","etcd","hacking","message-broker","rabbitmq","red-team","vault"],"created_at":"2024-11-10T00:10:54.732Z","updated_at":"2025-04-22T12:36:36.719Z","avatar_url":"https://github.com/codexlynx.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"## BruteMQ / An exotic service bruteforce tool\n[![](https://github.com/codexlynx/brutemq/workflows/CI/badge.svg)](https://github.com/codexlynx/brutemq/actions) [![AUR](https://img.shields.io/github/license/codexlynx/brutemq)](LICENSE) [![](https://goreportcard.com/badge/github.com/codexlynx/brutemq)](https://goreportcard.com/report/github.com/codexlynx/brutemq)\n\nServices supported:\n\n* HashiCorp Vault Userpass\n* etcd v3\n* AMQP PLAIN SASL\n\n### History:\nBrutemq was a tool initially designed to brute force rabbitmq (amqp) queue messaging services. \nAfter implementing the first working version, new needs arose and etcd and HashiCorp Vault Userpass services were added.\n\n### Run:\n\nYou can compile the binary or run via OCI image.\n\n#### Compile:\n* Requirements:\n    * A version of __Docker__ with __BuildKit__ support.\n    * GNU __make__ utility.\n\n* Procedure:\n    * Run: `make`.\n    * Check the correct creation of `dist` directory.\n\n#### OCI Image:\n\n\u003e $ docker run --net=host ghcr.io/codexlynx/brutemq:latest\n\nAdd to your shell profile:\n```\nfunction brutemq {\n    docker run --net=host ghcr.io/codexlynx/brutemq:latest $@\n}\n```\nOr\n```\nalias brutemq='docker run --net=host ghcr.io/codexlynx/brutemq:latest'\n```\n\nFor more details click [here](https://github.com/codexlynx/brutemq/pkgs/container/brutemq).\n\n### Webhook:\nSet `WEBHOOK_URL` environment variable to send an http webhook request when the password is discovered.\n\n### Kubernetes:\nYou can launch brutemq on a Kubernetes cluster for various reasons, either because you can't set up port-forwarding and \nwant to attack an endpoint on one of the cluster's internal networks (lack of permissions in RBAC or other limitations) \nor simply because you want to manage the workload on your own cluster. Check the `deployments` directory and set the \n[manifest](deployments/kubernetes_job.yaml) to your needs.\n\n### Usage:\n\n```\nbrutemq - An exotic service bruteforce tool\n\nUsage:\n  brutemq [command]\n\nAvailable Commands:\n  amqp        Bruteforce AMQP PLAIN SASL service endpoint\n  completion  Generate the autocompletion script for the specified shell\n  etcd        Bruteforce etcdv3 service endpoint\n  help        Help about any command\n  vault       Bruteforce HashiCorp Vault Userpass auth\n\nFlags:\n  -d, --dictionary string   dictionary file path\n  -h, --help                help for brutemq\n  -t, --threads int         threads number (default 100)\n\nUse \"brutemq [command] --help\" for more information about a command.\n```\n\n#### Example:\n\n\u003e $ brutemq amqp -d passwords.txt -u admin -e localhost:5672/ -t 500\n\n### Citations and Acknowledgments\n\nThis project has been cited in the following scholarly article:\n\n(2025) [Signature-Based Security Analysis and Detection of IoT Threats in Advanced Message Queuing Protocol](https://www.researchgate.net/publication/389061257_Signature-Based_Security_Analysis_and_Detection_of_IoT_Threats_in_Advanced_Message_Queuing_Protocol).\n\n\u003e Mohammad Emran Hashimyar, Mahdi Aiash, Ali Khoshkholghi and Giacomo Nalli. __Middlesex University, London__\n```bibtex\n@article{article,\n  author = {Hashimyar, Mohammad and Aiash, Mahdi and Khoshkholghi, Ali and Nalli, Giacomo},\n  year = {2025},\n  month = {02},\n  pages = {5},\n  title = {Signature-Based Security Analysis and Detection of IoT Threats in Advanced Message Queuing Protocol},\n  volume = {5},\n  journal = {Network},\n  doi = {10.3390/network5010005}\n}\n```\n\nWe appreciate the citation and use of this project.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcodexlynx%2Fbrutemq","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcodexlynx%2Fbrutemq","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcodexlynx%2Fbrutemq/lists"}