If you don’t know, Brutus is one of the fastest, most flexible remote password crackers you can get your hands on – it’s also free. It is available for Windows 9x, NT and 2000, there is no UN*X version available although it is a possibility at some point in the future. Brutus was first made publicly available in October 1998 and since that time there have been at least 70,000 downloads and over 175,000 visitors to this page. Development continues so new releases will be available in the near future.
Brutus was written originally to help me check routers etc. for default and common passwords.
Brutus version AET2 is the current release and includes the following authentication types :
- HTTP (Basic Authentication)
- HTTP (HTML Form/CGI)
Other types such as IMAP, NNTP, NetBus etc are freely downloadable from this site and simply imported into your copy of Brutus. You can create your own types or use other peoples.
The current release includes the following functionality :
- Multi-stage authentication engine
- 60 simultaneous target connections
- No username, single username and multiple username modes
- Password list, combo (user/password) list and configurable brute force modes
- Highly customisable authentication sequences
- Load and resume position
- Import and Export custom authentication types as BAD files seamlessly
- SOCKS proxy support for all authentication types
- User and password list generation and manipulation functionality
- HTML Form interpretation for HTML Form/CGI authentication types
- Error handling and recovery capability inc. resume after crash/failure.
You can download it here: