This Python script takes nmap GNMAP/XML output, newline separated JSON, Nexpose `XML Export` output or Nessus `.nessus` exports and automatically brute-forces services with default credentials using Medusa.

BruteSpray can even find non-standard ports by using the -sV inside Nmap.