
Created by: Shane Young/@t1d3nio && Jacob Robles/@shellfail
Inspired by: Leon Johnson/@sho-luv
Brutespray has been re-written in Golang, eliminating the requirement for additional tools. This enhanced version is more extensive and operates at a significantly faster pace than its Python counterpart. As of now, Brutespray accepts input from Nmap's GNMAP/XML output, newline-separated JSON files, Nexpose's XML Export feature, Nessus exports in .nessus format, and various lists. Its intended purpose is for educational and ethical hacking research only; do not use it for illegal activities.
Release Binaries
To Build:
go build -o brutespray main.go
If using Nmap, scan with -oA nmap_out
If using Nexpose, export the template XML Export
If using Nessus, export your .nessus
Command: brutespray -h
Command: brutespray -f nmap.gnmap -u userlist -p passlist
Command: brutespray -f nmap.xml -u userlist -p passlist
Command: brutespray -H ssh:// -u userlist -p passlist
Command: brutespray -H ssh:// -C root:root
Using Custom Wordlists:
brutespray -f nmap.gnmap -u /usr/share/wordlist/user.txt -p /usr/share/wordlist/pass.txt -t 5
Brute-Forcing Specific Services:
brutespray -f nmap.gnmap -u admin -p password -s ftp,ssh,telnet -t 5
Specific Credentials:
brutespray -f nmap.gnmap -u admin -p password -t 5
Use Nmap XML Output
brutespray -f nmap.xml -u admin -p password -t 5
Use JSON Output
brutespray -f out.json -u admin -p password -t 5
Bruteforce a CIDR range
brutespray -H ssh:// -t 1000
Print Found Services
brutespray -f nessus.nessus -P -q
Supported Services
- ssh
- ftp
- telnet
- mssql
- postgresql
- imap
- pop3
- smbnt
- smtp
- snmp
- mysql
- vmauthd
- vnc
- mongodb
- nntp
- asterisk
- teamspeak
- oracle
- xmpp
- rdp
Services in Beta
- asterisk
- nntp
- oracle
- xmpp
- rdp (currently local domain is supported)
Feel free to open an issue if these work, or if you have any issues
Services in Progress
- rdp - the issue is no one has written a good library for NLA
Data Specs
If using Nexpose, export the template XML Export
If using Nessus, export your .nessus
List example
Combo wordlist example
Planned Features
- Add domain option for RDP, SMB
- Ability to set proxy
- Ability to select interface
- More modules
- Better connection handling
Star History