Skip to content
/ Mz-Brute Public

MarzbanBrute is a multi-threaded brute-force tool for testing login panels using a list of username-password combinations. It can handle thousands of concurrent attempts and logs valid credentials to a file.

5 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

itzk4sra/Mz-Brute

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
Mz-Brute.go
Mz-Brute.go
 
 
README.md
README.md
 
 
builder.bat
builder.bat
 
 
go.mod
go.mod
 
 

Repository files navigation

🚀 MarzbanBrute v0.2

MarzbanBrute is a high-performance, multi-threaded brute-force tool for testing login panels using a custom list of username-password combinations. It is designed for penetration testing and allows you to launch thousands of concurrent attempts to find valid credentials quickly and efficiently.

✨ Features

  • 🔥 Super-fast Concurrent Brute Force: Supports up to 64,000 concurrent threads.
  • 📄 Custom Combo Lists: Easily load username-password pairs from a file.
  • 📊 Real-time Statistics: Displays checks per second (CPS), valid credentials, failed attempts, and active thread count.
  • 💾 Logs Cracked Credentials: Saves valid login details to cracked.txt for future use.

⚡ Quick Start

1. Clone the Repository:

git clone https://github.com/yourusername/marzbanbrute.git
cd marzbanbrute

2. Compile and Run:

go run main.go combo.txt <port>

combo.txt: A file containing username:password pairs for brute-force attempts. : The port of the target web panel.

Example:

go run main.go combo.txt 8000

This command starts the brute force on port 8000 using combinations from combo.txt

🔧 Advanced Usage:

Customizing Your Combo List

Prepare your combo list file in the following format:

user1:password1
user2:password2
...

Make sure the file is saved as combo.txt or another filename of your choice.

Running in High Concurrency Mode

MarzbanBrute supports up to 64,000 concurrent threads. To efficiently use this feature, ensure your machine has the necessary resources (CPU, memory) to handle high concurrency without bottlenecks.

Real-time Statistics

The program logs detailed statistics every second, showing:

📈 CPS (Checks per second): How many login attempts are made every second. ✅ Valid: The number of valid login credentials found. ❌ Fails: Number of failed attempts. 🧵 RunningThreads: The number of currently active brute-force threads.

Valid Credentials Logging

Successfully cracked credentials are stored in the cracked.txt file, in the format:

<target-ip>:<username>:<password>

This allows easy reference and usage for further testing.

Thread Management

By default, MarzbanBrute uses MaxThreads (set to 64,000) for handling concurrency. If you reach the limit, the program will wait for threads to complete before starting new ones. This keeps the system from being overloaded.

🚨 Disclaimer

This tool is intended for legal and authorized penetration testing only. Unauthorized use of this tool on systems you do not own or have explicit permission to test is illegal and unethical. Use responsibly!

👩‍💻 Authors

  • Mh-ProDev – Development
  • ItzK4sra – Development, Contributions

About

MarzbanBrute is a multi-threaded brute-force tool for testing login panels using a list of username-password combinations. It can handle thousands of concurrent attempts and logs valid credentials to a file.

Resources

Readme
Activity

Stars

5 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages