Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/x90skysn3k/brutespray
Bruteforcing from various scanner output - Automatically attempts default creds on found services.
https://github.com/x90skysn3k/brutespray
Last synced: about 1 month ago
JSON representation
Bruteforcing from various scanner output - Automatically attempts default creds on found services.
- Host: GitHub
- URL: https://github.com/x90skysn3k/brutespray
- Owner: x90skysn3k
- License: mit
- Created: 2017-04-05T17:05:10.000Z (over 7 years ago)
- Default Branch: main
- Last Pushed: 2024-09-12T13:17:11.000Z (3 months ago)
- Last Synced: 2024-09-13T01:14:46.842Z (3 months ago)
- Language: Go
- Homepage:
- Size: 13.7 MB
- Stars: 1,990
- Watchers: 80
- Forks: 378
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- Funding: .github/FUNDING.yml
- License: LICENSE
Awesome Lists containing this project
- awesome-termux-hacking - brutespray - Brute-Forcing from Nmap output - Automatically attempts default creds on found services..[![->](https://img.shields.io/github/stars/x90skysn3k/brutespray.svg?style=social&label=Star&maxAge=2592000)](https://github.com/x90skysn3k/brutespray/stargazers/) (Uncategorized / Uncategorized)
- awesome-hacking-lists - x90skysn3k/brutespray - Bruteforcing from various scanner output - Automatically attempts default creds on found services. (Go)
README
# BruteSpray
![Version](https://img.shields.io/badge/Version-2.2.4-red)[![goreleaser](https://github.com/x90skysn3k/brutespray/actions/workflows/release.yml/badge.svg)](https://github.com/x90skysn3k/brutespray/actions/workflows/release.yml)[![Go Report Card](https://goreportcard.com/badge/github.com/x90skysn3k/brutespray)](https://goreportcard.com/report/github.com/x90skysn3k/brutespray)
Created by: Shane Young/@t1d3nio && Jacob Robles/@shellfail
Inspired by: Leon Johnson/@sho-luv
# Description
Brutespray has been re-written in Golang, eliminating the requirement for additional tools. This enhanced version is more extensive and operates at a significantly faster pace than its Python counterpart. As of now, Brutespray accepts input from Nmap's GNMAP/XML output, newline-separated JSON files, Nexpose's XML Export feature, Nessus exports in .nessus format, and various lists. Its intended purpose is for educational and ethical hacking research only; do not use it for illegal activities.# Installation
[Release Binaries](https://github.com/x90skysn3k/brutespray/releases)
To Build:
```go build -o brutespray main.go```
# Usage
If using Nmap, scan with `-oA nmap_out`.
If using Nexpose, export the template `XML Export`.If using Nessus, export your `.nessus` file.
Command: ```brutespray -h```
Command: ```brutespray -f nmap.gnmap -u userlist -p passlist```
Command: ```brutespray -f nmap.xml -u userlist -p passlist```
Command: ```brutespray -H ssh://127.0.0.1:22 -u userlist -p passlist```
Command: ```brutespray -H ssh://127.0.0.1 -C root:root```
# Examples
#### Using Custom Wordlists:
```brutespray -f nmap.gnmap -u /usr/share/wordlist/user.txt -p /usr/share/wordlist/pass.txt -t 5 ```
#### Brute-Forcing Specific Services:
```brutespray -f nmap.gnmap -u admin -p password -s ftp,ssh,telnet -t 5 ```
#### Specific Credentials:
```brutespray -f nmap.gnmap -u admin -p password -t 5 ```#### Use Nmap XML Output
```brutespray -f nmap.xml -u admin -p password -t 5 ```
#### Use JSON Output
```brutespray -f out.json -u admin -p password -t 5 ```
#### Bruteforce a CIDR range
```brutespray -H ssh://10.1.1.0/24:22 -t 1000```
#### Print Found Services
```brutespray -f nessus.nessus -P -q```
# Supported Services
* ssh
* ftp
* telnet
* mssql
* postgresql
* imap
* pop3
* smbnt
* smtp
* snmp
* mysql
* vmauthd
* vnc
* mongodb
* nntp
* asterisk
* teamspeak
* oracle
* xmpp
* rdp# Services in Beta
* asterisk
* nntp
* oracle
* xmpp
* rdp (currently local domain is supported)Feel free to open an issue if these work, or if you have any issues
# Services in Progress
* rdp - the issue is no one has written a good library for NLA
# Data Specs
```json
{"host":"127.0.0.1","port":"3306","service":"mysql"}
{"host":"127.0.0.10","port":"3306","service":"mysql"}
```
If using Nexpose, export the template `XML Export`.If using Nessus, export your `.nessus` file.
List example
```
ssh:127.0.0.1:22
ftp:127.0.0.1:21
...
```
Combo wordlist example
```
user:pass
user1:pass1
user2:pass2
user3:pass
user4:pass1
...
```# Planned Features
* Add domain option for RDP, SMB
* Ability to set proxy
* Ability to select interface
* More modules
* Better connection handling# Star History
[![Star History Chart](https://api.star-history.com/svg?repos=x90skysn3k/brutespray&type=Date)](https://star-history.com/#x90skysn3k/brutespray&Date)