Mass Bruter - Mass bruteforce network protocols

Simple personal script to quickly mass bruteforce common services in a large scale of network.
It will check for default credentials on ftp, ssh, mysql, mssql...etc.
This was made for authorized red team penetration testing purpose only.

How it works

  1. Use masscan(faster than nmap) to find alive hosts with common ports from network segment.
  2. Parse ips and ports from masscan result.
  3. Craft and run hydra commands to automatically bruteforce supported network services on devices.


  • Kali linux or any preferred linux distribution
  • Python 3.10+
# Clone the repo
git clone
cd mass-bruter

# Install required tools for the script
apt update && apt install seclists masscan hydra

How To Use

Private ip range :

Save masscan results under ./result/masscan/, with the format masscan_<name>.<ext>

Ex: masscan_192.168.0.0-16.txt

Example command:

masscan -p 3306,1433,21,22,23,445,3389,5900,6379,27017,5432,5984,11211,9200,1521 | tee ./result/masscan/masscan_test.txt

Example Resume Command:

masscan --resume paused.conf | tee -a ./result/masscan/masscan_test.txt

Command Options

└─# python3
Usage:  [OPTIONS]

  Mass Bruteforce Script

  -q, --quick           Quick mode (Only brute telnet, ssh, ftp , mysql,
                        mssql, postgres, oracle)
  -a, --all             Brute all services(Very Slow)
  -s, --show            Show result with successful login
  -f, --file-path PATH  The directory or file that contains masscan result
                        [default: ./result/masscan/]
  --help                Show this message and exit.

Quick Bruteforce Example:

python3 -q -f ~/masscan_script.txt

Fetch cracked credentials:

python3 -s


  •  Migrate with dpl4hydra
  •  Optimize the code and functions
  •  MultiProcessing

Any contributions are welcomed!

Download Mass Bruter

Next Post Previous Post
No Comment
Add Comment
comment url