README
¶
BruteSprayX
Created by: Shane Young/@t1d3nio && Jacob Robles/@shellfail
Inspired by: Leon Johnson/@sho-luv
Description
BruteSprayx is a golang version of the original BruteSpray. Without needing to rely on other tools this version will be extensible to bruteforce many different services and is way faster than it's Python counterpart. Currently BruteSprayX takes Nmap GNMAP/XML output, newline separated JSON, Nexpose XML Export output, Nessus .nessus exports, and lists. It will bruteforce supported servics found in those files. This tool is for research purposes and not intended for illegal use.
Installation
To Build:
go build -o brutesprayx main.go
Usage
If using Nmap, scan with -oG nmap.gnmap or -oX nmap.xml.
If using Nexpose, export the template XML Export.
If using Nessus, export your .nessus file.
Command: brutesprayx -h
Command: brutesprayx -f nmap.gnmap -u userlist -p passlist
Command: brutesprayx -f nmap.xml -u userlist -p passlist
Command: brutesprayx -H ssh://127.0.0.1:22 -u userlist -p passlist
Examples
Using Custom Wordlists:
brutesprayx -f nmap.gnmap -u /usr/share/wordlist/user.txt -p /usr/share/wordlist/pass.txt -t 5
Brute-Forcing Specific Services:
brutesprayx -f nmap.gnmap -u admin -p password -s ftp,ssh,telnet -t 5
Specific Credentials:
brutesprayx -f nmap.gnmap -u admin -p password -t 5
Use Nmap XML Output
brutesprayx -f nmap.xml -u admin -p password -t 5
Use JSON Output
brutesprayx -f out.json -u admin -p password -t 5
Bruteforce a CIDR range
brutesprayx -H ssh://10.1.1.0/24:22 -t 1000
Supported Services
- ssh
- ftp
- telnet
- mssql
- postgresql
- imap
- pop3
- smbnt
- smtp
- snmp
- mysql
- vmauthd
- vnc
Services in Progress
- rdp
- asterisk
Data Specs
{"host":"127.0.0.1","port":"3306","service":"mysql"}
{"host":"127.0.0.10","port":"3306","service":"mysql"}
If using Nexpose, export the template XML Export.
If using Nessus, export your .nessus file.
List example
ssh:127.0.0.1:22
ftp:127.0.0.1:21
Star History
Documentation
¶
There is no documentation for this package.
Source Files
Directories