macOS
brew install authoscopelocal Homebrew formula metadata
brew
Scriptable network authentication cracker. Version 0.8.1 via Homebrew; verified from local package data.
install
brew install authoscopelocal Homebrew formula metadata
nix profile install nixpkgs#authoscopenixpkgs package indexes · pkgs/by-name/au/authoscope/package.nix · source: api.github.com
sudo pacman -S authoscopeArch Linux sync databases · authoscope · source: geo.mirror.pkgbuild.com
overview
Scriptable network authentication cracker
history
authoscope is a Rust security CLI for scriptable network authentication testing. Its niche is custom-service credential testing: rather than hardcoding protocols like older cracking tools, it embeds Lua scripts that define a `verify(user, password)` function while the runtime handles concurrency, progress, and reporting.
The upstream repository was created in March 2018. The README explicitly positions authoscope against established tools such as Ncrack, Hydra, and Medusa, arguing that custom web applications still force testers to write one-off scripts.
The project originally shipped a `badtouch` binary; release notes for v0.8.0 in May 2021 renamed the tool to `authoscope` while keeping the old binary temporarily. Version 0.8.1 in March 2022 updated dependencies for OpenSSL 3 build compatibility.
Official installation docs mention Arch Linux packaging and Homebrew on macOS, with source installation through Rust/Cargo. The Homebrew formula packages 0.8.1 from the official GitHub tag, and the input package-manager facts also list Nix and pacman packaging.
The project has a smaller, security-specialist footprint rather than broad mainstream adoption. Its value comes from being packaged as a ready-made CLI for authorized testing workflows that otherwise devolve into bespoke Python scripts.
authoscope supports dictionary attacks, credential confirmation, username enumeration, and one-shot script debugging. Scripts are written in Lua and can use helper functions for HTTP sessions, HTML selection, sockets, LDAP, MySQL, hashing, HMAC, encoding, sleeps, and external command execution.
The documented config file is `~/.config/authoscope.toml`, used for defaults such as a global user agent and file-descriptor limits. Credentials are normally supplied as user/password lists, combo files, or command arguments rather than being stored in a fixed credentials file.
authoscope is package-nerd interesting because it is a security tool with a language-runtime split: Rust for the engine, Lua for target-specific probes, and OS packages for delivery.
It also shows how naming history leaks into packaging. The old `badtouch` binary remains visible in the Homebrew input executables, while the current project name and docs are authoscope.
security posture
broad file, network, media, or database tool signal.
blue risk · medium confidence · tool
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
local files
These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.
Config paths the tool may read or write during local use.
~/.config/authoscope.tomlexecutables
| Command | Kind | Exposure | Note |
|---|---|---|---|
authoscope | cli | global executable | |
badtouch | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/kpcyrd/authoscope
install metadata
| Package key | brew:authoscope |
|---|---|
| Version | 0.8.1 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/authoscope |
| Homepage | https://github.com/kpcyrd/authoscope |
| Repository | https://github.com/kpcyrd/authoscope |
| Upstream docs | https://authoscope.readthedocs.io/en/latest |
| License | GPL-3.0-or-later |
| Source archive | https://github.com/kpcyrd/authoscope/archive/refs/tags/v0.8.1.tar.gz |
| Build dependencies | pkgconf, rust |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | authoscope |
| Version Scheme | 0 |
| Revision | 0 |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
authoscope
nix profile install nixpkgs#authoscopeauthoscope 0.8.1-3
Scriptable network authentication cracker
https://github.com/kpcyrd/authoscope
sudo pacman -S authoscopesource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.