Skip to content
Related Articles

Related Articles

Improve Article
Save Article
Like Article

Brutespray – Port Scanning and Automated Brute Force Tool

  • Last Updated : 23 Sep, 2021

Brute-Forcing is the technique of matching the credentials like Usernames, Passwords, OTPs for unauthenticated access to the target domain. The list of words are been tested against the target to get the exact credentials. All this process is done through automated tools. 

Brutespray is an automated tool that is used to perform brute-forcing for every possible way like Credentials Brute-Forcing, FTP brute-forcing, etc. The Brutespray tool is developed in the Python language which comes with tags-based usage and also interactive usage. After Scanning the target from Nmap the results are to be inputted to the tool for performing brute-forcing. This tool supports GNMAP/XML output file to Brute force Nmap open port services with default credentials using Medusa or Use your dictionary to gain access.

Note: Make Sure You have Python Installed on your System, as this is a python-based tool. Click to check the Installation process: Python Installation Steps on Linux

Installation of Brutespray Tool on Kali Linux OS

Step 1: Use the following command to install the tool in your Kali Linux operating system.

git clone https://github.com/x90skysn3k/brutespray.git

Brutespray – Port Scanning and Automated Brute Force Tool

Step 2: Now use the following command to move into the directory of the tool. You have to move in the directory in order to run the tool.

cd brutespray

Step 3: You are in the directory of the Brutespray. Now you have to install a dependency of the Brutespray using the following command.

sudo pip3 install -r requirements.txt

Brutespray – Port Scanning and Automated Brute Force Tool

Step 4: All the dependencies have been installed in your Kali Linux operating system. Now use the following command to run the tool and check the help section.

python3 brutespray.py -h

Brutespray – Port Scanning and Automated Brute Force Tool

Working with Brutespray Tool on Kali Linux OS

Example 1: Using Custom Wordlists

python3 brutespray.py –file results.gnmap -U user.txt -P pass.txt –threads 5 –hosts 5

In this example, we are using the custom word-lists to perform Brute-Forcing on the target domain.

Brutespray – Port Scanning and Automated Brute Force Tool

Example 2: Brute-Forcing Specific Services

python3 brutespray.py –file results.gnmap –service ftp,ssh,telnet –threads 5 –hosts 5

In this example, we are only going to perform brute-forcing on ftp,ssh and telnet service.

Brutespray – Port Scanning and Automated Brute Force Tool

Example 3: Specific Credentials/ Brute-Forcing Username and Password

python3 brutespray.py –file results.gnmap -u admin -p password –threads 5 –hosts 5

In this example, we will be brute-forcing with single or specified credentials.

Brutespray – Port Scanning and Automated Brute Force Tool

Example 4: Continue After Success

python3 brutespray.py –file results.gnmap –threads 5 –hosts 5 -c

In this example, we will be continuing over brute-forcing attack after success also.

Brutespray – Port Scanning and Automated Brute Force Tool

Example 5: Use Nmap XML Output

python3 brutespray.py --file results.xml --threads 5 --hosts 5

In this example, we will be using the XML file for scanning and brute-forcing.

Example 6: Brutespray Interactive Mode

python3 brutespray.py --file results.xml -i

In this example, we will be using the interactive mode of the tool Brutespray.

Brutespray – Port Scanning and Automated Brute Force ToolBrutespray – Port Scanning and Automated Brute Force Tool


My Personal Notes arrow_drop_up
Recommended Articles
Page :

Start Your Coding Journey Now!