BruteX – Automatically BruteForce Running Services

BruteX is an automated tool to run brute force against all services running on a target. there is a large list of wordlist to gain remote access to service. the tool will start by scanning remote system searching for open ports.

Once the port and service is identified it will start to run username and passwords.

BruteX - Automatically BruteForce Running Services
BruteX – Automatically BruteForce Running Services

Some of the included wordlist are:

  • ftp default userpass combination
  • ftp_defpass this list have the default passwords
  • ftp_defusr this list have the default users
  • mssql-default-userpass
  • mysql-default-userpass
  • namelist
  • oracle default userpass
  • pop defpass
  • postgres default userpass
  • SMTP defpass
  • SNMP defpass
  • SQL defpass
  • SSH defpass
  • TelNet defpass
  • Tomcat defpass
  • Windows defpass
  • xmpp defpass

This tool will be useful when pentester wants to get access to a blackbox where there is no information about the target. Nmap scan at the beginning will get some information about the targeted asset.

You can read more and download this tool over here: https://github.com/1N3/BruteX

Share