Skip to main content

Making bruteforce wordlists smarter, not harder

Project description

BruteSleuth

GitHub Version PyPI GPL3 License Package build status

This program uses string formatting to give a list of strings related to an original string based off regex

Table of Contents

How to install BruteSleuth

With the way that the project is set up, there are multiple ways to install BruteSleuth. The main way to install it is through pip, but it can be installed on Debian, Arch, and RHEL.

Pip

to install the project from anywhere, the command is simply:

python -m pip install BruteSleuth

or

pip install BruteSleuth

If you are deciding to use the manual wheel from the releases page, you can always install it directly with pip as well

pip install ./BruteSleuth-1.4.0-py3-none-any.whl

Debian

In the releases, there should be a .deb file for debian users. It is not bound to any particular distro. The only special difference with it is that it requires the OS to recognize a version of Python 3, which most Distro's already have installed. You can install the deb file with either of these two commands.

sudo apt install ./python3-brutesleuth_1.4.0-1_all.deb

or with

sudo dpkg -i python3-brutesleuth_1.4.0-1_all.deb

RHEL

For you fedora/RHEL users, I also provided an RPM file that can be used with dnf. You can install it with:

sudo rpm -i BruteSleuth-1.4.0-1.noarch.rpm

or

sudo dnf localinstall BruteSleuth-1.4.0-1.noarch.rpm

or

sudo yum localinstall BruteSleuth-1.4.0-1.noarch.rpm

Arch

I include a PKGBUILD file in the root of the repo that can be used to install the package (written by me, so you know that the source is trustworthy.) To install the package, either clone the repo or just download the PKGBUILD file then run the usual commands that you would to install the package.

makepkg -si

Or if you don't want to build it yourself (which I get), I also include a .pkg.tar.zst file that you can use directly with pacman.

pacman -U python-brutesleuth-git-1.4.0.r0.?-1-any.pkg.tar.zst

Source

For those of you wanting to be a little bit adventurous out there or want to directly install a modified version of this library, you can easily directly install the package by going into the cloned folder and running:

python setup.py install

What is BruteSleuth

BruteSleuth is a smart Bruteforce engine. What this means is that it can take a pattern string and output every combination that fits within that pattern into a wordlist. There are tools that can make every permutation of a character for a given length to be used in a wordlist, but what makes BruteSleuth smarter is that you as the user can decide what positions a character can be and what spots are constants. This means that the number of words that will be used for your wordlist go down the more information that you know, making it a smart Bruteforcer.

Why use BruteSleuth

Story time: I first created this tool to be used in the National Cyber League (NCL) to be used in one of their Capture The Flags (CTFs). I specifically made this tool for the hash cracking section. One of the sections is always to find the flag that the hash represents. The flag would always be SKY, 4 letters, then 4 digits as such: SKY-KVjW-1830, but then there was another section where all the hashes were a developers name, an animal, then 2 digits. I could make a wordlist by making a python script that generates each combination. The SKY flags would require at least 2 nested for loops to get every combo, and the developer hashes would require at least 3 nested for loops. Plus the script wasnt easily modifiable to go from one to the other. After doing to many hash cracking challenges where I have to make a new python script to make my wordlist, I started to get fed up with it and decided that I would make a python script to rule them all. Since then, I have been using this script to make all of my custom wordlists. [/story]

Why would you want to use BruteSleuth? Because making a custom python script every time that you have a unique wordlist is obnoxious. Why do that when you could use this tool to do all the forloops for you in the background. If you understand how f-strings work, then you can make any custom wordlist that your heart desires. You can even use full words in your combinations if you wanted.

For those of you who are looking at this and asking: How is this better than hash masks? For those who do not know, some BruteForce tools, such as John the Ripper and Hashcat both provide a ruleset to make smart patterns for BruteForcing. The way that this tool is better than these options is that it isn't. Even if the pattern ruleset is far superior to hashcat or johns, nothing will beat the unison. When hashcat uses a mask, the mask gets directly turned into a hash and compared. With this tool, you would have to first output the wordlist to a file (which could go into the GB in size), then use that file as input for hashcat. For memory and storage sake, hashcat/john is 100% the way to go, but there is still a good reason to use this tool for bruteforcing. There are far more bruteforcing tools besides hashcat and john, and most do not support a masking feature. Bruteforcing tools such as Medusa, Ncrack, aircrack-ng, and hydra (kinda) do not have a way to make a passwordlist based off a pattern or a hash mask. Since there will always be tools like these that will only accept a file with password lines on each line, it is a solid option to be able to convert your mask consistently to a wordlist that can be used by any tool that is designed for some form of bruteforcing. In addition to this, BruteSleuth can even take a pattern string and convert it into a hash mask for you in case you dont know how to program one yourself (though it is 100% worth it to learn).

Another reason to use this tool for those masochistic enough to still want a python script for their wordlist generation is that all the major functions used in making any permutation wordlist can be used in your own scripts. I heavily document every function that I write (seriously, roughly 2/3 of every file is comments or doc strings). These include everything from the custom classes used to permutate combinations, to a proper iter_product function that properly products every iter without using all the memory (itertools, eat your heart out), to the functions that convert a pattern string into an iter class with every password available. All that and more by simply adding this to your project:

import brutesleuth

Contributing

see CONTRIBUTING.md

Links

[1] https://docs.python.org/3.4/library/string.html#format-string-syntax

Authoring

This program was built by Nicholas Cottrell (Rad10Logic) April 4th, 2020

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

BruteSleuth-1.4.3.tar.gz (30.1 kB view details)

Uploaded Source

Built Distribution

BruteSleuth-1.4.3-py3-none-any.whl (25.9 kB view details)

Uploaded Python 3

File details

Details for the file BruteSleuth-1.4.3.tar.gz.

File metadata

  • Download URL: BruteSleuth-1.4.3.tar.gz
  • Upload date:
  • Size: 30.1 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.8.0 pkginfo/1.8.2 readme-renderer/32.0 requests/2.27.1 requests-toolbelt/0.9.1 urllib3/1.26.8 tqdm/4.62.3 importlib-metadata/4.11.1 keyring/23.5.0 rfc3986/2.0.0 colorama/0.4.4 CPython/3.9.10

File hashes

Hashes for BruteSleuth-1.4.3.tar.gz
Algorithm Hash digest
SHA256 c7d37082bbf339d70aa14f357c1fe86b242f6f351026fd0f7c8ce41268508670
MD5 0874e904699f0f34f7cb6c5d494518a5
BLAKE2b-256 04748a43002849bc23fac6576967e5bb0e87127ba10747c94dbde732880ac0e1

See more details on using hashes here.

File details

Details for the file BruteSleuth-1.4.3-py3-none-any.whl.

File metadata

  • Download URL: BruteSleuth-1.4.3-py3-none-any.whl
  • Upload date:
  • Size: 25.9 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/3.8.0 pkginfo/1.8.2 readme-renderer/32.0 requests/2.27.1 requests-toolbelt/0.9.1 urllib3/1.26.8 tqdm/4.62.3 importlib-metadata/4.11.1 keyring/23.5.0 rfc3986/2.0.0 colorama/0.4.4 CPython/3.9.10

File hashes

Hashes for BruteSleuth-1.4.3-py3-none-any.whl
Algorithm Hash digest
SHA256 491a1e4bf39ca6535cbe58831308ecd45d3ce3922c9ab6a5a7a1070c3431466f
MD5 e03ccabd70721232450bba1e52b60f11
BLAKE2b-256 97fb3f1b017805b900165d36b046706f336b510b8b94d5b871195464cfb9c4ff

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page