├── template
├── LICENSE
├── README.md
└── brutelist.py


/template:
--------------------------------------------------------------------------------
 1 | 123{}
 2 | {}1234
 3 | {}TheKing
 4 | {}123
 5 | Master{}
 6 | Shadow{}
 7 | ilove{}
 8 | ILove{}
 9 | Ilove{}
10 | Love{}
11 | MyLove{}
12 | mylove{}
13 | myLove{}
14 | Instagram{}
15 | instagram{}
16 | Facebook{}
17 | facebook{}
18 | {}instagram
19 | {}Instagram
20 | {}facebook
21 | {}Facebook
22 | 123{}123
23 | {}
24 | Diamond{}
25 | {}Diamond
26 | abc{}
27 | {}abc
28 | {}99
29 | {}98
30 | {}69
31 | {}68
32 | {}66
33 | {}73
34 | {}72
35 | {}00
36 | {}01
37 | {}998
38 | {}997
39 | {}767
40 | {}898
41 | Black{}
42 | black{}
43 | Mr{}
44 | mr{}
45 | hack{}
46 | NobodyLove{}
47 | nobodylove{}
48 | {}666
49 | $${}$$
50 | @@{}@@
51 | &&{}&&
52 | %%{}%%
53 | ££{}££
54 | root{}
55 | {}root
56 | admin{}
57 | {}admin
58 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2019 Caleb Gucciardi
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Brutelist
 2 | 
 3 | Brutelist is a simple python script designed to automate the creation of seed-based dictionary attack files (sensitive information collected during a CTF or penetration test)
 4 | 
 5 | 
 6 | ## Installation
 7 | To run brutelist you will need Python 3.7 or later.
 8 | Simply clone the repository:
 9 | ```bash
10 | git clone https://github.com/calebgucciardi/brutelist.git
11 | cd brutelist/
12 | python3 brutelist.py --help
13 | ```
14 | 
15 | ## Getting Started
16 | To use brutelist you will need a `template file` and a `seed list`
17 | 
18 | #### Seed List
19 | Brutelist is designed to be a useful tool during a CTF. Often names and sensitive information are collected that can lead to passwords to move on to the next step.
20 | The brutelist seed list is simply a file (or list passed as an argument) of this information.
21 | 
22 | #### Template file
23 | The template file is used to add common patterns to each seed list item, for example it is common for a password to be a name + 123, so in our template file we will have an entry like this: `{}123` where `{}` will be replaced by each seed list entry  
24 | 
25 | #### Example
26 | ```bash
27 | python3 brutelist.py -t template -o dictionary_output -l admin foo bar
28 | ```
29 | 


--------------------------------------------------------------------------------
/brutelist.py:
--------------------------------------------------------------------------------
 1 | #
 2 | #                         TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT                
 3 | #                         TTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTTT                 
 4 | #                                               TTTT                                  
 5 | #   BBBBBBBBB       RRRRRRRRRR    UU       UU   TTTT    EEEEEEEEEE       
 6 | #   BB      B       RR       R    UU       UU   TTTT   EEEE                
 7 | #   BB      B       RR       R    UU       UU   TTTT   EEE                
 8 | #   BB      B       RRRRRRRRRR    UU       UU   TTTT   EEEEEEEEE         
 9 | #   BBBBBBBBBBBBB   RR   R R      UU       UU   TTTT   EEEEEEEEE         
10 | #   BB          B   RR    R R     UU       UU   TTTT   EEE                
11 | #   BB          B   RR     R R    UU       UU   TTTT   EEEE                
12 | #   BBBBBBBBBBBBB   RR      R R   UUUUUUUUUUU   TTTT    EEEEEEEEEE         
13 | # 
14 | 
15 | import argparse
16 | 
17 | 
18 | def main() -> None:
19 |     parser = argparse.ArgumentParser()
20 |     group = parser.add_mutually_exclusive_group(required=True)
21 | 
22 |     parser.add_argument('-t','--template',dest='template',default='template',help='Template file path')
23 |     parser.add_argument('-o','--output',dest='output',default='password_list', help='Output file path')
24 |     group.add_argument('-s','--seed',dest='seed', help='Seed file path')
25 |     group.add_argument('-l','--list',dest='list', type=str,nargs='+', help='List of seeds')
26 |     
27 |     args = parser.parse_args()
28 | 
29 |     seed_list = []
30 |     if args.seed is not None:
31 |         with open(args.seed,'r') as seed_file:
32 |             seed_list = [line.strip('\n\t') for line in seed_file]
33 |     else:
34 |         seed_list = args.list
35 | 
36 |     with open(args.template,'r') as template_file:
37 |         with open(args.output,'w') as output_file:
38 |             for line in template_file:
39 |                 for seed in seed_list:
40 |                     output_file.write(line.format(seed))
41 | 
42 | 
43 | 
44 | 
45 | 
46 | if __name__ == '__main__':
47 |     main()


--------------------------------------------------------------------------------