Skip to content

Bruter is an OSINT tooling, an experiment to build a reconnaissance simple app to have fun 🕵️‍♂️

License

Notifications You must be signed in to change notification settings

CyberRoute/bruter

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

go build golangci-lint Go Report Card

Bruter

Bruter is a simple app that was built as an experiment while learning Go. It is indeed very much inspired by Xray git (but hey not copied ;)). The tooling can be used to test webservers and validate webservers configurations, but not just!

What does it do?

  • It grabs HostInfo data from Shodan APIs, so you will need a Token to try this out
  • It collects banners for various services FTP, SSH, MYSQL, IRC, SMTP
  • It collects HTTP headers
  • It collects WHOIS query information
  • It brute force directories on WebServers and reports results (200)
  • It provides info from crt.sh about SSL certificates
  • It supports custom wordlists
  • It produces a Web UI for presentation

Usage

   Usage of /tmp/go-build3838391229/b001/exe/concurrency:
  -address string
    	IP address to bind the web UI server to. (default "127.0.0.1")
  -dictionary string
    	File to use for enumeration. (default "db/apache-list")
  -domain string
    	domain to scan
  -extension string
    	File extension. (default "js")
  -shodan string
    	shodan API key
  -verbose
    	Verbosity
  -workers int
    	Default is 0, if workers is less than or equal than zero, it will be auto scaled to the number of logical CPUs usable by the current process.

Running in Docker

docker build -t bruter .
docker run --rm -it -p 8080:8080 bruter -domain example.com -shodan [shodanapikey] -verbose

Example

go run cmd/bruter/* -domain example.com -shodan [SHODANTOKEN] -verbose
12:41PM INF Scanning IP 93.184.216.34 OK
12:41PM INF UI running on http://127.0.0.1:8080/
12:41PM INF http://example.com/.htaccess.bak => 404 Not Found
12:41PM INF http://example.com/httpd/logs/access_log => 404 Not Found
12:41PM INF http://example.com/logs/error.log => 404 Not Found
12:41PM INF http://example.com/cgi => 404 Not Found
12:41PM INF http://example.com/apache/logs/access_log => 404 Not Found
12:41PM INF http://example.com/apache/logs/access.log => 404 Not Found
12:41PM INF http://example.com/logs/access.log => 404 Not Found
12:41PM INF http://example.com/logs/error_log => 404 Not Found
12:41PM INF http://example.com/httpd/logs/error.log => 404 Not Found
12:41PM INF http://example.com/logs/access.log => 404 Not Found
12:41PM INF http://example.com/cgi-bin => 404 Not Found
12:41PM INF http://example.com/httpd/logs/error_log => 404 Not Found
12:41PM INF http://example.com/.web => 404 Not Found
12:41PM INF http://example.com/httpd/logs/access.log => 404 Not Found
12:41PM INF http://example.com/.meta => 404 Not Found
12:41PM INF http://example.com/apache/logs/error.log => 404 Not Found
12:41PM INF http://example.com/apache/logs/error_log => 404 Not Found   

Example of the Web UI

Contribute

Fork the repo and send PRs

make all

Cleaning up
rm -rf build
Running tests...
go test ./... -v -cover -race
?   	github.com/CyberRoute/bruter/cmd/bruter	[no test files]
?   	github.com/CyberRoute/bruter/pkg/config	[no test files]
?   	github.com/CyberRoute/bruter/pkg/grabber	[no test files]
?   	github.com/CyberRoute/bruter/pkg/handlers	[no test files]
?   	github.com/CyberRoute/bruter/pkg/models	[no test files]
?   	github.com/CyberRoute/bruter/pkg/render	[no test files]
?   	github.com/CyberRoute/bruter/pkg/shodan	[no test files]
=== RUN   TestUrlJoin
--- PASS: TestUrlJoin (0.00s)
=== RUN   TestAuth
{"level":"info","time":"2023-03-10T14:25:36+01:00","message":"http://127.0.0.1:36983/ => 200 OK"}
{"level":"info","time":"2023-03-10T14:25:36+01:00","message":"http://127.0.0.1:44337/ => 403 Forbidden"}
{"level":"info","time":"2023-03-10T14:25:36+01:00","message":"http://127.0.0.1:45357/ => 500 Internal Server Error"}
--- PASS: TestAuth (0.01s)
PASS
	github.com/CyberRoute/bruter/pkg/fuzzer	coverage: 71.0% of statements
ok  	github.com/CyberRoute/bruter/pkg/fuzzer	0.044s	coverage: 71.0% of statements
=== RUN   TestResolveByName
=== RUN   TestResolveByName/valid_domain
=== RUN   TestResolveByName/invalid_domain
--- PASS: TestResolveByName (0.14s)
    --- PASS: TestResolveByName/valid_domain (0.00s)
    --- PASS: TestResolveByName/invalid_domain (0.13s)
PASS
	github.com/CyberRoute/bruter/pkg/network	coverage: 26.7% of statements
ok  	github.com/CyberRoute/bruter/pkg/network	0.165s	coverage: 26.7% of statements
Running lint...
go list ./... | golangci-lint run 
Formatting...
gofmt -s -w .
Building...
go build -o build/bruter cmd/bruter/*.go

License

Bruter is developed by Alessandro Bresciani with some help from various projects and released with GPL license.

Acknowledgments

DB file has been borrowed from dirsearch