table of contents
other versions
- trixie 1.8.1-2
- testing 1.8.1-2
- unstable 1.8.1-2
- experimental 1.8.1-3
| BRUTESPRAY(8) | System Manager's Manual | BRUTESPRAY(8) |
NAME¶
brutespray - Python bruteforce tool
SYNOPSIS¶
brutespray [Usage]: brutespray [-h] -f FILE [-o OUTPUT] [-s SERVICE] [-t THREADS] [-T HOSTS] [-U USERLIST] [-P PASSLIST] [-u USERNAME] [-p PASSWORD] [-c] [-i] [-C HOST:USERNAME:PASSWORD] [-v LEVEL] [-w LEVEL].
DESCRIPTION¶
BruteSpray takes nmap GNMAP/JSON/XML output and automatically brute-forces services with default credentials using Medusa.
BruteSpray can even find non-standard ports by using the -sV inside Nmap.
- -f FILE, --file FILE
GNMAP, JSON or XML file to parse - -o OUTPUT, --output OUTPUT
Directory containing successful attempts - -s SERVICE, --service SERVICE
Specify service to attack - -t THREADS, --threads THREADS
Number of medusa threads - -T HOSTS, --hosts HOSTS
Number of hosts to test concurrently - -U USERLIST, --userlist USERLIST
Reference a custom username file - -P PASSLIST, --passlist PASSLIST
Reference a custom password file - -u USERNAME, --username USERNAME
Specify a single username - -p PASSWORD, --password PASSWORD
Specify a single password - -c, --continuous
Keep brute-forcing after success - -C HOST:USERNAME:PASSWORD, --combo HOST:USERNAME:PASSWORD
Specify a combo input (host:username:password) - -i, --interactive
Interactive mode - -v LEVEL, --verbose LEVEL
Verbose output from medusa. Can be set from 0 to 6 (default to 5) - -w LEVEL, --debug LEVEL
Debug error output from medusa. Can be set from 0 to 10 (default to 5)
Commands:
- brutespray -h
- brutespray --file nmap.gnmap
- brutespray --file nmap.xml
- brutespray --file nmap.xml -i
EXAMPLES¶
- Nmap network scanning example:
-
nmap -sS -sV 192.168.0.0/24 -vv -n -oA mynetwork - Using Custom Wordlists:
-
brutespray --file mynetwork.gnmap -U /usr/share/brutespray/wordlist/user.txt -P /usr/share/brutespray/wordlist/pass.txt --threads 5 --hosts 5 - Brute-Forcing Specific Services:
-
brutespray --file mynetwork.gnmap --service ftp,ssh,telnet --threads 5 --hosts 5 - Specific Credentials:
-
brutespray --file mynetwork.gnmap -u admin -p password --threads 5 --hosts 5 - Continue After Success:
-
brutespray --file mynetwork.gnmap --threads 5 --hosts 5 -c - Use Nmap XML Output:
-
brutespray --file mynetwork.xml --threads 5 --hosts 5 - Interactive Mode:
-
brutespray --file mynetwork.xml -i
SEE ALSO¶
- On github https://github.com/x90skysn3k/brutespray
- nmap(1)
MANPAGE AUTHOR¶
Stephane Neveu stefneveu@gmail.com
| June 2025 |