Home / BruteSpray / Linux / Nmap / Python / Scan / BruteSpray - Brute-Forcing from Nmap output (Automatically attempts default creds on found services)

BruteSpray - Brute-Forcing from Nmap output (Automatically attempts default creds on found services)

| Post sponsored by FaradaySEC | Multiuser Pentest Environment

BruteSpray takes nmap GNMAP output and automatically brute-forces services with default credentials using Medusa. BruteSpray can even find non-standard ports by using the -sV inside Nmap.

Usage
First do an nmap scan with '-oA nmap.gnmap'.
Command: python brutespray.py -h
Example: python brutespray.py --file nmap.gnmap --services all --threads 3 --hosts 5

Supported Services
  • ssh
  • ftp
  • telnet
  • vnc
  • mssql
  • mysql
  • postgresql
  • rsh
  • imap
  • nntp
  • pcanywhere
  • pop3
  • rexec
  • rlogin
  • smbnt
  • smtp
  • snmp
  • svn
  • vmauthd

BruteSpray - Brute-Forcing from Nmap output (Automatically attempts default creds on found services) BruteSpray - Brute-Forcing from Nmap output (Automatically attempts default creds on found services) Reviewed by Zion3R on 11:13 AM Rating: 5