Brutus

Overview

Brutus is a modern, multi-protocol authentication testing tool built in pure Go, designed to efficiently validate credentials across diverse network services. It addresses a critical gap in offensive security tooling by providing robust authentication testing capabilities for databases, SSH, SMB, and over 20 other network services, beyond just HTTP.

As a single binary with zero external dependencies, Brutus integrates seamlessly with tools like fingerprintx and naabu for automated service discovery, allowing security professionals to rapidly identify and test authentication vectors across entire network ranges.

Key Features

• Zero Dependencies: Single binary, cross-platform (Linux, Windows, macOS) with no complex compilation issues.
• 23+ Protocols: Supports SSH, MySQL, PostgreSQL, MSSQL, Redis, SMB, LDAP, WinRM, SNMP, HTTP Basic Auth, and many more.
• Pipeline Integration: Native support for fingerprintx and naabu workflows, enabling direct piping of discovered services into credential testing.
• Embedded Bad Keys: Includes a built-in collection of known insecure SSH keys (e.g., Vagrant, F5, ExaGrid) for automatic testing.
• Go Library: Can be imported directly into custom Go security automation tools.
• Production Ready: Features like rate limiting, connection pooling, and comprehensive error handling.

Why Brutus?

Brutus serves as a modern alternative to traditional tools like THC Hydra, which often come with significant friction due to complex dependency chains and platform-specific issues. Brutus offers:

• True Zero-Dependency Deployment: Simply download and run, eliminating libssh-dev or libmysqlclient-dev compilation headaches.
• Native Pipeline Integration: Streamlined workflows with JSON output, making it easy to integrate into existing reconnaissance pipelines.
• Embedded Intelligence: Automatically tests known vulnerable SSH keys, enhancing efficiency.
• Library-First Design: Facilitates building custom automation directly within Go applications.

Use Cases

• Penetration Testing: Validate discovered credentials, test password reuse, and identify default credentials on new infrastructure.
• Red Team Operations: Rapidly validate credentials post-password dumps or phishing, and identify lateral movement opportunities.
• Private Key Spraying: Test compromised private keys across the network to find additional access points.
• Web Admin Panel Testing: Discover HTTP services with Basic Auth and test for default credentials on admin interfaces.
• Security Validation: Audit default credentials on newly deployed services and validate password policy enforcement.