macOS
brew install legbalocal Homebrew formula metadata
brew
Multiprotocol credentials bruteforcer/password sprayer and enumerator. Version 1.3.0 via Homebrew; verified 2026-06-22.
install
brew install legbalocal Homebrew formula metadata
nix profile install nixpkgs#legbanixpkgs package indexes · pkgs/by-name/le/legba/package.nix · source: api.github.com
sudo pacman -S legbaArch Linux sync databases · legba · source: geo.mirror.pkgbuild.com
overview
Multiprotocol credentials bruteforcer/password sprayer and enumerator
history
Legba is Simone Margaritelli's Rust credential-testing CLI for authorized security work: a multi-protocol bruteforcer, password sprayer, and enumerator built around Tokio concurrency.
The author presented Legba on 2023-11-02 as a project that began as Rust and Tokio practice and quickly became a replacement candidate for older credential attack tools such as THC-Hydra, Medusa, Patator, and related utilities. The official README and docs kept that framing: Rust, async execution, many protocol plugins, resumable sessions, rate controls, YAML recipes, a REST API, and an MCP server.
Legba's adoption trail is mostly security-tool packaging rather than mainstream application development. Official materials show precompiled releases, Docker distribution, Homebrew installation through the author's tap, and later broader package-manager exposure through Homebrew, Nix, Arch packaging, and similar channels.
The CLI is used for authorized credential auditing across services such as SMB, SSH, HTTP forms, databases, LDAP, Kerberos, MQTT, and other supported plugins. The docs emphasize rate limiting, delays, jitter, session save/restore, recipes, and legal authorization, which are the practical controls that separate testing workflows from reckless brute forcing.
Legba is notable to package nerds as an example of security tooling moving from C and Python heritage into single-binary Rust distribution. The interesting packaging angle is not just speed; it is a no-native-dependency binary shipped through releases, Docker, cargo, and OS package managers while carrying a large protocol surface.
security posture
No matching local secret-handling manifest was found for legba. Nucleus package metadata is still published here so future coverage has a stable package URL.
Before unattended agent use, check whether the tool reads plaintext credentials, writes remote state, publishes artifacts, or shells out to plugins.
executables
| Command | Kind | Exposure | Note |
|---|---|---|---|
legba | cli | global executable |
freshness
These signals separate page generation age, package-manager activity, and upstream release comparison. Version lag is warned only when an evidence URL and comparable versions are present.
https://github.com/evilsocket/legba
install metadata
| Package key | brew:legba |
|---|---|
| Version | 1.3.0 |
| Package manager | Homebrew |
| Package manager page | https://formulae.brew.sh/formula/legba |
| Homepage | https://legba.evilsocket.net/ |
| Repository | https://github.com/evilsocket/legba |
| Upstream docs | https://github.com/evilsocket/legba#readme |
| License | AGPL-3.0-only |
| Source archive | https://github.com/evilsocket/legba/archive/refs/tags/1.3.0.tar.gz |
| Last updated | 2026-06-22T14:05:10-07:00 |
| Pulse | updated |
| Dependencies | openssl@3, samba |
| Build dependencies | cmake, pkgconf, rust |
| Bottle | available (on arm64_linux, arm64_sequoia, arm64_sonoma, arm64_tahoe, sonoma, x86_64_linux) |
| Homebrew post-install | not defined |
| Service | none declared |
registry facts
| Source Database | Homebrew formula API |
|---|---|
| Tap | homebrew/core |
| Full Name | legba |
| Version Scheme | 0 |
| Revision | 0 |
| Head Version | HEAD |
| Bottle Stable Root URL | https://ghcr.io/v2/homebrew/core |
| Deprecated | no |
| Disabled | no |
| Keg Only | no |
| URL Keys |
|
source database matches
Matches are pulled from external package-manager indexes and kept separate from local Automic Vault package links.
legba
nix profile install nixpkgs#legbalegba 1.3.0-1
A multiprotocol credentials bruteforcer / password sprayer and enumerator
https://github.com/evilsocket/legba
sudo pacman -S legbasource trail
This page is generated by av-web from the private package SQLite artifact built by scripts/generate-pkg-sqlite.py.
View the package source record on GitHub.