.\" generated with Ronn/v0.7.3
.\" http://github.com/rtomayko/ronn/tree/0.7.3
.
.TH "BRUTESPRAY" "8" "January 2019" "" ""
.
.SH "NAME"
\fBbrutespray\fR \- Python bruteforce tool
.
.SH "SYNOPSIS"
\fBbrutespray\fR [Usage]: brutespray [\-h] \-f FILE [\-o OUTPUT] [\-s SERVICE] [\-t THREADS] [\-T HOSTS] [\-U USERLIST] [\-P PASSLIST] [\-u USERNAME] [\-p PASSWORD] [\-c] [\-i]\.
.
.SH "DESCRIPTION"
BruteSpray takes nmap GNMAP/XML output and automatically brute\-forces services
.
.br
with default credentials using Medusa\. BruteSpray can even find non\-standard ports by using the \-sV inside Nmap\.
.
.IP "\(bu" 4
\fB\-f\fR FILE, \fB\-\-file\fR FILE
.
.br
GNMAP or XML file to parse
.
.IP "\(bu" 4
\fB\-o\fR OUTPUT, \fB\-\-output\fR OUTPUT
.
.br
Directory containing successful attempts
.
.IP "\(bu" 4
\fB\-s\fR SERVICE, \fB\-\-service\fR SERVICE
.
.br
Specify service to attack
.
.IP "\(bu" 4
\fB\-t\fR THREADS, \fB\-\-threads\fR THREADS
.
.br
Number of medusa threads
.
.IP "\(bu" 4
\fB\-T\fR HOSTS, \fB\-\-hosts\fR HOSTS
.
.br
Number of hosts to test concurrently
.
.IP "\(bu" 4
\fB\-U\fR USERLIST, \fB\-\-userlist\fR USERLIST
.
.br
Reference a custom username file
.
.IP "\(bu" 4
\fB\-P\fR PASSLIST, \fB\-\-passlist\fR PASSLIST
.
.br
Reference a custom password file
.
.IP "\(bu" 4
\fB\-u\fR USERNAME, \fB\-\-username\fR USERNAME
.
.br
Specify a single username
.
.IP "\(bu" 4
\fB\-p\fR PASSWORD, \fB\-\-password\fR PASSWORD
.
.br
Specify a single password
.
.IP "\(bu" 4
\fB\-c\fR, \fB\-\-continuous\fR
.
.br
Keep brute\-forcing after success
.
.IP "\(bu" 4
\fB\-i\fR, \fB\-\-interactive\fR
.
.br
Interactive mode
.
.IP "" 0
.
.P
Commands:
.
.IP "\(bu" 4
brutespray \-h
.
.IP "\(bu" 4
brutespray \-\-file nmap\.gnmap
.
.IP "\(bu" 4
brutespray \-\-file nmap\.xml
.
.IP "\(bu" 4
brutespray \-\-file nmap\.xml \-i
.
.IP "" 0
.
.SH "EXAMPLES"
.
.TP
Nmap network scanning example:
.
.br
nmap \-sS \-sV 192\.168\.0\.0/24 \-vv \-n \-oA mynetwork

.
.TP
Using Custom Wordlists:
.
.br
brutespray \-\-file mynetwork\.gnmap \-U /usr/share/brutespray/wordlist/user\.txt \-P /usr/share/brutespray/wordlist/pass\.txt \-\-threads 5 \-\-hosts 5

.
.TP
Brute\-Forcing Specific Services:
.
.br
brutespray \-\-file mynetwork\.gnmap \-\-service ftp,ssh,telnet \-\-threads 5 \-\-hosts 5

.
.TP
Specific Credentials:
.
.br
brutespray \-\-file mynetwork\.gnmap \-u admin \-p password \-\-threads 5 \-\-hosts 5

.
.TP
Continue After Success:
.
.br
brutespray \-\-file mynetwork\.gnmap \-\-threads 5 \-\-hosts 5 \-c

.
.TP
Use Nmap XML Output:
.
.br
brutespray \-\-file mynetwork\.xml \-\-threads 5 \-\-hosts 5

.
.TP
Interactive Mode:
.
.br
brutespray \-\-file mynetwork\.xml \-i

.
.SH "SEE ALSO"
.
.IP "\(bu" 4
On github \fIhttps://github\.com/x90skysn3k/brutespray\fR
.
.IP "\(bu" 4
nmap(1)
.
.IP "" 0
.
.SH "MANPAGE AUTHOR"
Stephane Neveu \fIstefneveu@gmail\.com\fR