BruteSpray

Published by root on

BruteSpray

Brute-Forcing from Nmap output

(Automatically attempts default creds on found services)

BruteSpray takes nmap GNMAP output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap.

Usage
First do an nmap scan with ‘-oA nmap.gnmap’.
Command: python brutespray.py -h
Example: python brutespray.py –file nmap.gnmap –services all –threads 3 –hosts 5

Supported Services

  • ssh
  • ftp
  • telnet
  • vnc
  • mssql
  • mysql
  • postgresql
  • rsh
  • imap
  • nntp
  • pcanywhere
  • pop3
  • rexec
  • rlogin
  • smbnt
  • smtp
  • snmp
  • svn
  • vmauthd

Download

Loading

Categories: Tools
Tags:

Related Posts

Tools Category
Tools

PuTTY 0.71 Released

SSH Client Updated To Fix a Large Number of Security Vulnerabilities The free and open-source SSH client updated with the fix for a number of Security Vulnerabilities including the one in RSA key exchange and Read more…

Tools Category
Tools

MITMsmtp v0.0.2 released

Evil SMTP Server for pentesting SMTP clients MITMsmtp MITMsmtp is an Evil SMTP Server for pentesting SMTP clients to catch login credentials and mails sent over plain or SSL/TLS encrypted connections. The idea is to Read more…

Tools Category
Tools

conjur v1.4.0 releases

Secures secrets used by privileged users and machine identities Conjur provides secrets management and machine identity for modern infrastructure: Machine Authorization Markup Language (“MAML”), a role-based access policy language to define system components & their Read more…