# Install authoscope with Homebrew, Nix, pacman

Scriptable network authentication cracker. Version 0.8.1 via Homebrew; verified from local package data.

## Install

```sh
sudo av install brew:authoscope
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install authoscope
```

  Evidence: local Homebrew formula metadata

### Linux

- Nix (92%):

```sh
nix profile install nixpkgs#authoscope
```

  Evidence: nixpkgs package indexes: pkgs/by-name/au/authoscope/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1

- pacman (92%):

```sh
sudo pacman -S authoscope
```

  Evidence: Arch Linux sync databases: authoscope from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz

## Package facts

- **Package key:** brew:authoscope
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/authoscope>
- **Version:** 0.8.1
- **Source summary:** Scriptable network authentication cracker
- **Homepage:** <https://github.com/kpcyrd/authoscope>
- **Repository:** <https://github.com/kpcyrd/authoscope>
- **Upstream docs:** <https://authoscope.readthedocs.io/en/latest>
- **License:** GPL-3.0-or-later
- **Source archive:** <https://github.com/kpcyrd/authoscope/archive/refs/tags/v0.8.1.tar.gz>
- **Generated:** 2026-07-09T07:20:21+00:00

## Executables

- authoscope (cli)
- badtouch (cli)
- authoscope (alias)
- badtouch (alias)

## Build dependencies

- pkgconf
- rust

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux

## Freshness

- Page generated: 2026-07-09
- Package-manager version: 0.8.1
- Local data: ok
- Upstream repository: https://github.com/kpcyrd/authoscope
- Upstream latest detected: v0.8.1 (current)
- info: No package-manager update timestamp was available.
## Project history and usage

authoscope is a Rust security CLI for scriptable network authentication testing. Its niche is custom-service credential testing: rather than hardcoding protocols like older cracking tools, it embeds Lua scripts that define a `verify(user, password)` function while the runtime handles concurrency, progress, and reporting.

### Project history

The upstream repository was created in March 2018. The README explicitly positions authoscope against established tools such as Ncrack, Hydra, and Medusa, arguing that custom web applications still force testers to write one-off scripts.

The project originally shipped a `badtouch` binary; release notes for v0.8.0 in May 2021 renamed the tool to `authoscope` while keeping the old binary temporarily. Version 0.8.1 in March 2022 updated dependencies for OpenSSL 3 build compatibility.

### Adoption history

Official installation docs mention Arch Linux packaging and Homebrew on macOS, with source installation through Rust/Cargo. The Homebrew formula packages 0.8.1 from the official GitHub tag, and the input package-manager facts also list Nix and pacman packaging.

The project has a smaller, security-specialist footprint rather than broad mainstream adoption. Its value comes from being packaged as a ready-made CLI for authorized testing workflows that otherwise devolve into bespoke Python scripts.

### How it is used

authoscope supports dictionary attacks, credential confirmation, username enumeration, and one-shot script debugging. Scripts are written in Lua and can use helper functions for HTTP sessions, HTML selection, sockets, LDAP, MySQL, hashing, HMAC, encoding, sleeps, and external command execution.

The documented config file is `~/.config/authoscope.toml`, used for defaults such as a global user agent and file-descriptor limits. Credentials are normally supplied as user/password lists, combo files, or command arguments rather than being stored in a fixed credentials file.

### Why package nerds care

authoscope is package-nerd interesting because it is a security tool with a language-runtime split: Rust for the engine, Lua for target-specific probes, and OS packages for delivery.

It also shows how naming history leaks into packaging. The old `badtouch` binary remains visible in the Homebrew input executables, while the current project name and docs are authoscope.

### Timeline

- 2018: Public GitHub repository created.
- 2018: ReadTheDocs build metadata and repository metadata place the initial public documentation era in 2018.
- 2021: v0.8.0 renamed `badtouch` to `authoscope`.
- 2022: v0.8.1 updated dependencies for OpenSSL 3 build compatibility.

### Related projects

- The README compares authoscope with Ncrack, Hydra, and Medusa. Its scripting model overlaps conceptually with one-off Python requests scripts, but provides a packaged concurrent runtime.

### Sources

- <https://api.github.com/repos/kpcyrd/authoscope>
- <https://authoscope.readthedocs.io/en/latest/config.html>
- <https://authoscope.readthedocs.io/en/latest/usage.html>
- <https://formulae.brew.sh/api/formula/authoscope.json>
- <https://github.com/kpcyrd/authoscope#readme>
- <https://github.com/kpcyrd/authoscope/releases>
- source_facts.package-manager


## Security Notes

broad file, network, media, or database tool signal.

- **Geiger risk:** blue / medium
- broad file, network, media, or database tool signal


## Configuration and credential file locations

These source-backed paths show where this package keeps local settings or durable credentials. Automic Vault can use them as review targets for secret scanning, migration, and command approval.


## Configuration files

- Unix: ~/.config/authoscope.toml
## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** authoscope
- **Version Scheme:** 0
- **Revision:** 0
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** stable

## Other Package-Manager Records

- Nix - authoscope: normalized package name match | nixpkgs package indexes: pkgs/by-name/au/authoscope/package.nix from https://api.github.com/repos/NixOS/nixpkgs/git/trees/master?recursive=1
- pacman - authoscope - 0.8.1-3: normalized package name match | Arch Linux sync databases: authoscope from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz | Scriptable network authentication cracker | https://github.com/kpcyrd/authoscope


## Related links

- [Source-control packages](https://www.automicvault.com/pkg/source-control-tools/) - Belongs to a source-control command family.
- [Secret-risk packages](https://www.automicvault.com/pkg/secret-risk-packages/) - Has protected-tool coverage, approval-gate, or non-low Geiger security signals.
- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [pkgconf](https://www.automicvault.com/pkg/brew/pkgconf/) - Build dependency declared by Homebrew.
- [rust](https://www.automicvault.com/pkg/brew/rust/) - Build dependency declared by Homebrew.
- [cyrus-sasl](https://www.automicvault.com/pkg/brew/cyrus-sasl/) - Shares av.db curated category or tags: authentication, cli, security.
- [google-authenticator-libpam](https://www.automicvault.com/pkg/brew/google-authenticator-libpam/) - Shares av.db curated category or tags: authentication, cli, security.
- [krb5](https://www.automicvault.com/pkg/brew/krb5/) - Shares av.db curated category or tags: authentication, cli, security.
- [linux-pam](https://www.automicvault.com/pkg/brew/linux-pam/) - Shares av.db curated category or tags: authentication, cli, security.
- [ncrack](https://www.automicvault.com/pkg/brew/ncrack/) - Shares av.db curated category or tags: authentication, cli, security.
- [oath-toolkit](https://www.automicvault.com/pkg/brew/oath-toolkit/) - Shares av.db curated category or tags: authentication, cli, security.
- [oauth2_proxy](https://www.automicvault.com/pkg/brew/oauth2-proxy/) - Shares av.db curated category or tags: authentication, cli, security.
- [opensaml](https://www.automicvault.com/pkg/brew/opensaml/) - Shares av.db curated category or tags: authentication, cli, security.
- [hydra](https://www.automicvault.com/pkg/brew/hydra/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, cracker, network, security.

## Combined YAML source

View the package source record on GitHub. [combined/authoscope.yml](https://github.com/automic-vault/db/blob/main/combined/authoscope.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated configuration and credential file locations
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- external package-manager database matches
- cross-ecosystem install command graph
