I found a doozie here ladies and gentlemen, with a little python script called BruteDum. It utilizes Hydra, Medusa and Ncrack to bruteforce various network protocols such as SSH, FTP, Telnet, PostgreSQL, RDP and VNC. Pair this tool with your favorite enumeration tool and you have yourself a very powerful penetration testing tool, Or not.
I had alot of issues with this tool when I started researching it. Mostly because everything on GitHub was deleted or wrong and the dev just ghosted. Not a big deal if you know what to look for and I was actually able to get this tool up and running on my WSL installation of Kali linux
While this tool looks like it would be great to add to your hacking arsenal, have fun trying to get it to work. Al of the walkthroughs have been removed, the install script has a typo so try not to follow that. All attachments, links and screenshots have been removed and the dev is unresponsive. So I took matters into my own hands for the purpose of this article.
git clone https://github.com/RockNRolla/BruteDum
After tweaking the brutedum script a little I was able to get the script installed on my machine. My advice is copy the code from GitHub and make the changes needed. You can import a new module and have a proxy added if need be. After running the command I came up with this:
Then was able to run an nmap scan on the target with not many results- something that can also be changed in the script if you know how. After the nmap scan i was asked to choose a protocol to attack. I created a wordlist and stuck it in the same directory, but the program could not find a path to execute. If you know the username and have a password list your in luck.
This tool is great for some unfinished work. Definitely a lot of changes need to be made but once you play around with it for a few days you can actually get a decent working tool, also you can add other nmap modules fairly easy so that’s a plus. But the fact that I had to do all that work drops this tool rating to a 1 out of 5 bunnies.
Want to learn more about ethical hacking?
We have a networking hacking course that is of a similar level to OSCP, get an exclusive discount here
Help support LHN by buying a T-shirt or a mug?
Check out our selection here
Do you know of another GitHub related hacking tool?
Get in touch with us via the contact form if you would like us to look at any other GitHub ethical hacking tools.