The brute
NSE library (http://nmap.org/nsedoc/lib/brute.html) was developed to unify coding styles and save time when creating scripts for brute-force password-auditing. This library is fully featured and automatically parallelizes the login operations performed by the scripts. It supports different execution modes that change the iteration order used by the engine when reading lists of usernames and passwords. The brute
library can handle incomplete login attempts and re-add failed username-password combinations to the queue. It also works with the creds
library to handle and store user credentials found during scans so that other scripts can benefit from them. Overall, it's a very complete library offering a solid base from which to develop brute-force password-auditing scripts.
The brute
NSE library defines the following classes:
Account
Engine
Options
Error
The names of these classes by themselves should describe their purpose, so let's jump into some implementation...