diff --git a/CHANGELOG b/CHANGELOG
index b51c6ca74..9132df287 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -306,6 +306,14 @@ o [NSE] Added more than 100 new signatures to http-enum (many for
   known vulnerabilities). They are in the categories: general,
   attacks, cms, security, management and database [Paulino]
 
+o [NSE] Moved our brute force authentication cracking scripts
+  (*-brute) from the "auth" category into a new "brute"
+  category. Nmap's brute force capabilities have grown tremendously!
+  You can see all 32 of them at
+  http://nmap.org/nsedoc/categories/brute.html.  It isn't clear
+  whether dns-brute should be in the brute category, so for now it
+  isn't. [Fyodor]
+
 o [NSE] Updated account status text in brute force password discovery 
   scripts in an effort to make the reporting more consistent across
   all scripts.  This will have an impact on any code that parses these
diff --git a/docs/scripting.xml b/docs/scripting.xml
index 923130663..cf9525d82 100644
--- a/docs/scripting.xml
+++ b/docs/scripting.xml
@@ -231,6 +231,7 @@ Black Hat Briefings in 2010.</para>
     Currently defined categories are
     <literal>auth</literal>,
     <literal>broadcast</literal>,
+    <literal>brute</literal>,
     <literal>default</literal>.
     <literal>discovery</literal>,
     <literal>dos</literal>,
@@ -252,8 +253,7 @@ Black Hat Briefings in 2010.</para>
             <option>auth</option>
           </term>
           <listitem>
-            <para>These scripts try to determine authentication credentials
-            on the target system, often through a brute-force attack.  Examples include <literal>snmp-brute</literal>, <literal>http-auth</literal>, and <literal>ftp-anon</literal>.</para>
+            <para>These scripts deal with authentication credentials (or bypassing them) on the target system.  Examples include <literal>x11-access</literal>, <literal>ftp-anon</literal>, and <literal>oracle-enum-users</literal>.  Scripts which use brute force attacks to determine credentials are placed in the <literal>brute</literal> category instead.</para>
           </listitem>
         </varlistentry>
 
@@ -272,6 +272,16 @@ Black Hat Briefings in 2010.</para>
           </listitem>
         </varlistentry>
 
+        <varlistentry>
+          <term>
+            <indexterm><primary sortas="brute script category">&ldquo;<literal>brute</literal>&rdquo; script category</primary></indexterm>
+            <option>brute</option>
+          </term>
+          <listitem>
+            <para>These scripts use brute force attacks to guess authentication credentials of a remote server.  Nmap contains scripts for brute forcing dozens of protocols, including <literal>http-brute</literal>, <literal>oracle-brute</literal>, <literal>snmp-brute</literal>, etc.</para>
+          </listitem>
+        </varlistentry>
+
         <varlistentry>
           <term>
             <indexterm><primary sortas="default script category">&ldquo;<literal>default</literal>&rdquo; script category</primary></indexterm>
diff --git a/scripts/afp-brute.nse b/scripts/afp-brute.nse
index a1f09a6ca..480577ddb 100644
--- a/scripts/afp-brute.nse
+++ b/scripts/afp-brute.nse
@@ -26,7 +26,7 @@ Performs password guessing against Apple Filing Protocol (AFP).
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require 'shortport'
 require 'stdnse'
diff --git a/scripts/backorifice-brute.nse b/scripts/backorifice-brute.nse
index 36f21608e..6dc0b5d48 100644
--- a/scripts/backorifice-brute.nse
+++ b/scripts/backorifice-brute.nse
@@ -34,7 +34,7 @@ the script against).
 
 author = "Gorjan Petrovski"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require("nmap")
 require("bin")
diff --git a/scripts/cvs-brute-repository.nse b/scripts/cvs-brute-repository.nse
index 16c3b3bd4..e137df6a9 100644
--- a/scripts/cvs-brute-repository.nse
+++ b/scripts/cvs-brute-repository.nse
@@ -27,7 +27,7 @@ With knowledge of the correct repository name, usernames and passwords can be gu
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require 'cvs'
 require 'brute'
diff --git a/scripts/cvs-brute.nse b/scripts/cvs-brute.nse
index 12bab4966..e8eeb174c 100644
--- a/scripts/cvs-brute.nse
+++ b/scripts/cvs-brute.nse
@@ -27,7 +27,7 @@ Performs brute force password auditing against CVS pserver authentication.
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 dependencies = {"cvs-brute-repository"}
 
 require 'cvs'
diff --git a/scripts/domcon-brute.nse b/scripts/domcon-brute.nse
index ab07f6131..d3e354a3b 100644
--- a/scripts/domcon-brute.nse
+++ b/scripts/domcon-brute.nse
@@ -25,7 +25,7 @@ Performs brute force password auditing against the Lotus Domino Console.
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require 'shortport'
 require 'brute'
diff --git a/scripts/dpap-brute.nse b/scripts/dpap-brute.nse
index 464f0057c..71ded40bd 100644
--- a/scripts/dpap-brute.nse
+++ b/scripts/dpap-brute.nse
@@ -22,7 +22,7 @@ Performs brute force password auditing against an iPhoto Library.
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require("base64")
 require("shortport")
diff --git a/scripts/drda-brute.nse b/scripts/drda-brute.nse
index 8e21c75b5..c868b4a15 100644
--- a/scripts/drda-brute.nse
+++ b/scripts/drda-brute.nse
@@ -18,7 +18,7 @@ Performs password guessing against databases supporting the IBM DB2 protocol suc
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories={"intrusive", "auth"}
+categories={"intrusive", "brute"}
 
 require "stdnse"
 require "shortport"
diff --git a/scripts/ftp-brute.nse b/scripts/ftp-brute.nse
index 96d572af5..15c4f5213 100644
--- a/scripts/ftp-brute.nse
+++ b/scripts/ftp-brute.nse
@@ -28,7 +28,7 @@ author = "Diman Todorov, Vlatko Kosturjak, Ron Bowes"
 
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
 
-categories = {"auth", "intrusive"}
+categories = {"brute", "intrusive"}
 
 require "shortport"
 require "stdnse"
diff --git a/scripts/http-brute.nse b/scripts/http-brute.nse
index 6bd51d706..c80011527 100644
--- a/scripts/http-brute.nse
+++ b/scripts/http-brute.nse
@@ -35,7 +35,7 @@ Performs brute force password auditing against http basic authentication.
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require 'shortport'
 require 'http'
diff --git a/scripts/http-form-brute.nse b/scripts/http-form-brute.nse
index 6dbacb110..0b0f5721f 100644
--- a/scripts/http-form-brute.nse
+++ b/scripts/http-form-brute.nse
@@ -67,7 +67,7 @@ Performs brute force password auditing against http form-based authentication.
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require 'shortport'
 require 'http'
diff --git a/scripts/http-joomla-brute.nse b/scripts/http-joomla-brute.nse
index fad9d1fe1..1c4a4e38b 100644
--- a/scripts/http-joomla-brute.nse
+++ b/scripts/http-joomla-brute.nse
@@ -48,7 +48,7 @@ Joomla's default uri and form names:
 
 author = "Paulino Calderon"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require 'shortport'
 require 'http'
diff --git a/scripts/http-wordpress-brute.nse b/scripts/http-wordpress-brute.nse
index 0da913287..b602b36a6 100644
--- a/scripts/http-wordpress-brute.nse
+++ b/scripts/http-wordpress-brute.nse
@@ -47,7 +47,7 @@ Wordpress default uri and form names:
 
 author = "Paulino Calderon"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require 'shortport'
 require 'http'
diff --git a/scripts/informix-brute.nse b/scripts/informix-brute.nse
index 20c4550ab..937b136f1 100644
--- a/scripts/informix-brute.nse
+++ b/scripts/informix-brute.nse
@@ -28,7 +28,7 @@ Performs brute force password auditing against IBM Informix Dynamic Server.
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require 'shortport'
 require 'brute'
diff --git a/scripts/iscsi-brute.nse b/scripts/iscsi-brute.nse
index c8d23f5a0..fa27cc377 100644
--- a/scripts/iscsi-brute.nse
+++ b/scripts/iscsi-brute.nse
@@ -23,7 +23,7 @@ require 'creds'
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 portrule = shortport.portnumber(3260, "tcp", {"open", "open|filtered"})
 
diff --git a/scripts/ldap-brute.nse b/scripts/ldap-brute.nse
index 94e97ab8d..0b7f71ed2 100644
--- a/scripts/ldap-brute.nse
+++ b/scripts/ldap-brute.nse
@@ -69,7 +69,7 @@ This script uses some AD-specific support and optimizations:
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require 'shortport'
 require 'stdnse'
diff --git a/scripts/ms-sql-brute.nse b/scripts/ms-sql-brute.nse
index 629e67a1d..585823054 100644
--- a/scripts/ms-sql-brute.nse
+++ b/scripts/ms-sql-brute.nse
@@ -66,7 +66,7 @@ be disabled using the <code>mssql.scanned-ports-only</code> script argument.
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"auth", "intrusive"}
+categories = {"brute", "intrusive"}
 
 dependencies = {"ms-sql-discover", "ms-sql-empty-password"}
 
diff --git a/scripts/mysql-brute.nse b/scripts/mysql-brute.nse
index 07f3d2dfa..f54af4a85 100644
--- a/scripts/mysql-brute.nse
+++ b/scripts/mysql-brute.nse
@@ -11,7 +11,7 @@ Performs password guessing against MySQL
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require 'shortport'
 require 'stdnse'
diff --git a/scripts/netbus-brute.nse b/scripts/netbus-brute.nse
index 960dcc652..31b20e191 100644
--- a/scripts/netbus-brute.nse
+++ b/scripts/netbus-brute.nse
@@ -12,7 +12,7 @@ Performs brute force password auditing against the Netbus backdoor ("remote admi
 
 author = "Toni Ruottu"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"auth", "intrusive"}
+categories = {"brute", "intrusive"}
 
 require("nmap")
 require("stdnse")
diff --git a/scripts/nping-brute.nse b/scripts/nping-brute.nse
index ceedde199..38ad03542 100644
--- a/scripts/nping-brute.nse
+++ b/scripts/nping-brute.nse
@@ -19,7 +19,7 @@ documentation.
 
 author = "Toni Ruottu"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"auth", "intrusive"}
+categories = {"brute", "intrusive"}
 
 require("bin")
 require("nmap")
diff --git a/scripts/omp2-brute.nse b/scripts/omp2-brute.nse
index d3381feb3..16a0e0402 100644
--- a/scripts/omp2-brute.nse
+++ b/scripts/omp2-brute.nse
@@ -16,7 +16,7 @@ Performs brute force password auditing against the OpenVAS manager using OMPv2.
 
 author = "Henri Doreau"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"auth", "intrusive"}
+categories = {"brute", "intrusive"}
 
 require("omp2")
 require("nmap")
diff --git a/scripts/oracle-brute.nse b/scripts/oracle-brute.nse
index 1b4331cad..8d6522103 100644
--- a/scripts/oracle-brute.nse
+++ b/scripts/oracle-brute.nse
@@ -53,7 +53,7 @@ result in a large number of accounts being locked out on the database server.
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require 'shortport'
 require 'brute'
diff --git a/scripts/oracle-sid-brute.nse b/scripts/oracle-sid-brute.nse
index aef57c519..f0eb25853 100644
--- a/scripts/oracle-sid-brute.nse
+++ b/scripts/oracle-sid-brute.nse
@@ -30,7 +30,7 @@ author, Alexander Kornbrust (http://seclists.org/nmap-dev/2009/q4/645).
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require 'comm'
 require 'datafiles'
diff --git a/scripts/pgsql-brute.nse b/scripts/pgsql-brute.nse
index 3a58c1973..a577124dd 100644
--- a/scripts/pgsql-brute.nse
+++ b/scripts/pgsql-brute.nse
@@ -24,7 +24,7 @@ Performs password guessing against PostgreSQL.
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require 'shortport'
 require 'stdnse'
diff --git a/scripts/pop3-brute.nse b/scripts/pop3-brute.nse
index 452e9eb56..634fd1bd5 100644
--- a/scripts/pop3-brute.nse
+++ b/scripts/pop3-brute.nse
@@ -15,7 +15,7 @@ Tries to log into a POP3 account by guessing usernames and passwords.
 author = "Philip Pickering"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
 
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require 'pop3'
 require 'shortport'
diff --git a/scripts/script.db b/scripts/script.db
index f7af9ed4a..133ef7405 100644
--- a/scripts/script.db
+++ b/scripts/script.db
@@ -1,5 +1,5 @@
 Entry { filename = "address-info.nse", categories = { "default", "safe", } }
-Entry { filename = "afp-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "afp-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "afp-ls.nse", categories = { "discovery", "safe", } }
 Entry { filename = "afp-path-vuln.nse", categories = { "exploit", "intrusive", "vuln", } }
 Entry { filename = "afp-serverinfo.nse", categories = { "default", "discovery", "safe", } }
@@ -7,7 +7,7 @@ Entry { filename = "afp-showmount.nse", categories = { "discovery", "safe", } }
 Entry { filename = "asn-query.nse", categories = { "discovery", "external", "safe", } }
 Entry { filename = "auth-owners.nse", categories = { "default", "safe", } }
 Entry { filename = "auth-spoof.nse", categories = { "malware", "safe", } }
-Entry { filename = "backorifice-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "backorifice-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "backorifice-info.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "banner.nse", categories = { "discovery", "safe", } }
 Entry { filename = "bittorrent-discovery.nse", categories = { "discovery", "safe", } }
@@ -31,8 +31,8 @@ Entry { filename = "citrix-enum-servers.nse", categories = { "discovery", "safe"
 Entry { filename = "couchdb-databases.nse", categories = { "discovery", "safe", } }
 Entry { filename = "couchdb-stats.nse", categories = { "discovery", "safe", } }
 Entry { filename = "creds-summary.nse", categories = { "auth", "default", "safe", } }
-Entry { filename = "cvs-brute-repository.nse", categories = { "auth", "intrusive", } }
-Entry { filename = "cvs-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "cvs-brute-repository.nse", categories = { "brute", "intrusive", } }
+Entry { filename = "cvs-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "daap-get-library.nse", categories = { "discovery", "safe", } }
 Entry { filename = "daytime.nse", categories = { "discovery", "safe", } }
 Entry { filename = "db2-das-info.nse", categories = { "discovery", "safe", "version", } }
@@ -48,18 +48,18 @@ Entry { filename = "dns-recursion.nse", categories = { "default", "safe", } }
 Entry { filename = "dns-service-discovery.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "dns-update.nse", categories = { "discovery", "safe", } }
 Entry { filename = "dns-zone-transfer.nse", categories = { "discovery", "intrusive", } }
-Entry { filename = "domcon-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "domcon-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "domcon-cmd.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "domino-enum-users.nse", categories = { "auth", "intrusive", } }
-Entry { filename = "dpap-brute.nse", categories = { "auth", "intrusive", } }
-Entry { filename = "drda-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "dpap-brute.nse", categories = { "brute", "intrusive", } }
+Entry { filename = "drda-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "drda-info.nse", categories = { "discovery", "safe", "version", } }
 Entry { filename = "epmd-info.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "finger.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "firewalk.nse", categories = { "discovery", "safe", } }
 Entry { filename = "ftp-anon.nse", categories = { "auth", "default", "safe", } }
 Entry { filename = "ftp-bounce.nse", categories = { "default", "safe", } }
-Entry { filename = "ftp-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "ftp-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "ftp-libopie.nse", categories = { "intrusive", "vuln", } }
 Entry { filename = "ftp-proftpd-backdoor.nse", categories = { "exploit", "intrusive", "malware", "vuln", } }
 Entry { filename = "ftp-vsftpd-backdoor.nse", categories = { "exploit", "intrusive", "malware", "vuln", } }
@@ -73,18 +73,18 @@ Entry { filename = "http-auth.nse", categories = { "auth", "default", "safe", }
 Entry { filename = "http-awstatstotals-exec.nse", categories = { "exploit", "intrusive", "vuln", } }
 Entry { filename = "http-axis2-dir-traversal.nse", categories = { "exploit", "intrusive", "vuln", } }
 Entry { filename = "http-barracuda-dir-traversal.nse", categories = { "auth", "exploit", "intrusive", } }
-Entry { filename = "http-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "http-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "http-cakephp-version.nse", categories = { "discovery", "safe", } }
 Entry { filename = "http-date.nse", categories = { "discovery", "safe", } }
 Entry { filename = "http-default-accounts.nse", categories = { "auth", "discovery", "safe", } }
 Entry { filename = "http-domino-enum-passwords.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "http-enum.nse", categories = { "discovery", "intrusive", "vuln", } }
 Entry { filename = "http-favicon.nse", categories = { "default", "discovery", "safe", } }
-Entry { filename = "http-form-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "http-form-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "http-google-malware.nse", categories = { "discovery", "external", "malware", "safe", } }
 Entry { filename = "http-headers.nse", categories = { "discovery", "safe", } }
 Entry { filename = "http-iis-webdav-vuln.nse", categories = { "intrusive", "vuln", } }
-Entry { filename = "http-joomla-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "http-joomla-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "http-litespeed-sourcecode-download.nse", categories = { "exploit", "intrusive", "vuln", } }
 Entry { filename = "http-majordomo2-dir-traversal.nse", categories = { "exploit", "intrusive", "vuln", } }
 Entry { filename = "http-malware-host.nse", categories = { "malware", "safe", } }
@@ -100,13 +100,13 @@ Entry { filename = "http-vhosts.nse", categories = { "discovery", "intrusive", }
 Entry { filename = "http-vmware-path-vuln.nse", categories = { "safe", "vuln", } }
 Entry { filename = "http-vuln-cve2011-3192.nse", categories = { "safe", "vuln", } }
 Entry { filename = "http-waf-detect.nse", categories = { "discovery", "intrusive", } }
-Entry { filename = "http-wordpress-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "http-wordpress-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "http-wordpress-enum.nse", categories = { "auth", "discovery", "intrusive", "vuln", } }
 Entry { filename = "http-wordpress-plugins.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "iax2-version.nse", categories = { "version", } }
 Entry { filename = "imap-brute.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "imap-capabilities.nse", categories = { "default", "safe", } }
-Entry { filename = "informix-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "informix-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "informix-query.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "informix-tables.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "ip-geolocation-geobytes.nse", categories = { "discovery", "external", "safe", } }
@@ -116,10 +116,10 @@ Entry { filename = "ip-geolocation-maxmind.nse", categories = { "discovery", "ex
 Entry { filename = "ipidseq.nse", categories = { "discovery", "safe", } }
 Entry { filename = "irc-info.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "irc-unrealircd-backdoor.nse", categories = { "exploit", "intrusive", "malware", "vuln", } }
-Entry { filename = "iscsi-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "iscsi-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "iscsi-info.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "jdwp-version.nse", categories = { "version", } }
-Entry { filename = "ldap-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "ldap-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "ldap-novell-getpass.nse", categories = { "discovery", "safe", } }
 Entry { filename = "ldap-rootdse.nse", categories = { "discovery", "safe", } }
 Entry { filename = "ldap-search.nse", categories = { "discovery", "safe", } }
@@ -128,7 +128,7 @@ Entry { filename = "lltd-discovery.nse", categories = { "discovery", "safe", } }
 Entry { filename = "modbus-discover.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "mongodb-databases.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "mongodb-info.nse", categories = { "default", "discovery", "safe", } }
-Entry { filename = "ms-sql-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "ms-sql-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "ms-sql-config.nse", categories = { "discovery", "safe", } }
 Entry { filename = "ms-sql-empty-password.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "ms-sql-hasdbaccess.nse", categories = { "auth", "discovery", "safe", } }
@@ -137,7 +137,7 @@ Entry { filename = "ms-sql-query.nse", categories = { "discovery", "safe", } }
 Entry { filename = "ms-sql-tables.nse", categories = { "discovery", "safe", } }
 Entry { filename = "ms-sql-xp-cmdshell.nse", categories = { "intrusive", } }
 Entry { filename = "mysql-audit.nse", categories = { "discovery", "safe", } }
-Entry { filename = "mysql-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "mysql-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "mysql-databases.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "mysql-empty-password.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "mysql-info.nse", categories = { "default", "discovery", "safe", } }
@@ -148,27 +148,27 @@ Entry { filename = "nbstat.nse", categories = { "default", "discovery", "safe",
 Entry { filename = "ncp-enum-users.nse", categories = { "discovery", "safe", } }
 Entry { filename = "ncp-serverinfo.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "netbus-auth-bypass.nse", categories = { "auth", "safe", "vuln", } }
-Entry { filename = "netbus-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "netbus-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "netbus-info.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "netbus-version.nse", categories = { "version", } }
 Entry { filename = "nfs-ls.nse", categories = { "discovery", "safe", } }
 Entry { filename = "nfs-showmount.nse", categories = { "discovery", "safe", } }
 Entry { filename = "nfs-statfs.nse", categories = { "discovery", "safe", } }
-Entry { filename = "nping-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "nping-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "nrpe-enum.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "ntp-info.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "ntp-monlist.nse", categories = { "discovery", "intrusive", } }
-Entry { filename = "omp2-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "omp2-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "omp2-enum-targets.nse", categories = { "discovery", "safe", } }
-Entry { filename = "oracle-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "oracle-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "oracle-enum-users.nse", categories = { "auth", "intrusive", } }
-Entry { filename = "oracle-sid-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "oracle-sid-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "ovs-agent-version.nse", categories = { "version", } }
 Entry { filename = "p2p-conficker.nse", categories = { "default", "safe", } }
 Entry { filename = "path-mtu.nse", categories = { "discovery", "safe", } }
-Entry { filename = "pgsql-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "pgsql-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "pjl-ready-message.nse", categories = { "intrusive", } }
-Entry { filename = "pop3-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "pop3-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "pop3-capabilities.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "pptp-version.nse", categories = { "version", } }
 Entry { filename = "qscan.nse", categories = { "discovery", "safe", } }
@@ -179,10 +179,10 @@ Entry { filename = "resolveall.nse", categories = { "discovery", "safe", } }
 Entry { filename = "rmi-dumpregistry.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "rpcinfo.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "servicetags.nse", categories = { "default", "discovery", "safe", } }
-Entry { filename = "sip-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "sip-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "sip-enum-users.nse", categories = { "auth", "intrusive", } }
 Entry { filename = "skypev2-version.nse", categories = { "version", } }
-Entry { filename = "smb-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "smb-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "smb-check-vulns.nse", categories = { "dos", "exploit", "intrusive", "vuln", } }
 Entry { filename = "smb-enum-domains.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "smb-enum-groups.nse", categories = { "discovery", "intrusive", } }
@@ -198,7 +198,7 @@ Entry { filename = "smb-security-mode.nse", categories = { "default", "discovery
 Entry { filename = "smb-server-stats.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "smb-system-info.nse", categories = { "discovery", "intrusive", } }
 Entry { filename = "smbv2-enabled.nse", categories = { "default", "safe", } }
-Entry { filename = "smtp-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "smtp-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "smtp-commands.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "smtp-enum-users.nse", categories = { "discovery", "external", "intrusive", } }
 Entry { filename = "smtp-open-relay.nse", categories = { "discovery", "external", "intrusive", } }
@@ -207,7 +207,7 @@ Entry { filename = "smtp-vuln-cve2010-4344.nse", categories = { "exploit", "intr
 Entry { filename = "smtp-vuln-cve2011-1720.nse", categories = { "intrusive", "vuln", } }
 Entry { filename = "smtp-vuln-cve2011-1764.nse", categories = { "intrusive", "vuln", } }
 Entry { filename = "sniffer-detect.nse", categories = { "discovery", "intrusive", } }
-Entry { filename = "snmp-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "snmp-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "snmp-interfaces.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "snmp-ios-config.nse", categories = { "intrusive", } }
 Entry { filename = "snmp-netstat.nse", categories = { "default", "discovery", "safe", } }
@@ -228,19 +228,19 @@ Entry { filename = "ssl-google-cert-catalog.nse", categories = { "discovery", "e
 Entry { filename = "ssl-known-key.nse", categories = { "discovery", "safe", "vuln", } }
 Entry { filename = "sslv2.nse", categories = { "default", "safe", } }
 Entry { filename = "stuxnet-detect.nse", categories = { "discovery", "intrusive", } }
-Entry { filename = "svn-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "svn-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "targets-ipv6-multicast-echo.nse", categories = { "broadcast", "discovery", } }
 Entry { filename = "targets-ipv6-multicast-invalid-dst.nse", categories = { "broadcast", "discovery", } }
 Entry { filename = "targets-ipv6-multicast-slaac.nse", categories = { "broadcast", "discovery", } }
 Entry { filename = "targets-sniffer.nse", categories = { "broadcast", "discovery", "safe", } }
 Entry { filename = "targets-traceroute.nse", categories = { "discovery", "safe", } }
-Entry { filename = "telnet-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "telnet-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "upnp-info.nse", categories = { "default", "discovery", "safe", } }
-Entry { filename = "vnc-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "vnc-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "vnc-info.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "wdb-version.nse", categories = { "default", "discovery", "version", "vuln", } }
 Entry { filename = "whois.nse", categories = { "discovery", "external", "safe", } }
 Entry { filename = "wsdd-discover.nse", categories = { "default", "discovery", "safe", } }
 Entry { filename = "x11-access.nse", categories = { "auth", "default", "safe", } }
-Entry { filename = "xmpp-brute.nse", categories = { "auth", "intrusive", } }
+Entry { filename = "xmpp-brute.nse", categories = { "brute", "intrusive", } }
 Entry { filename = "xmpp-info.nse", categories = { "default", "discovery", "safe", "version", } }
diff --git a/scripts/sip-brute.nse b/scripts/sip-brute.nse
index 504ef823e..661a2811b 100755
--- a/scripts/sip-brute.nse
+++ b/scripts/sip-brute.nse
@@ -19,7 +19,7 @@ Performs brute force password auditing against Session Initiation Protocol (SIP
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require "shortport"
 require "sip"
diff --git a/scripts/smb-brute.nse b/scripts/smb-brute.nse
index dd67c02d5..1cb08ed70 100644
--- a/scripts/smb-brute.nse
+++ b/scripts/smb-brute.nse
@@ -96,7 +96,7 @@ determined with a fairly efficient bruteforce. For example, if the actual passwo
 author = "Ron Bowes"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
 
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require 'msrpc'
 require 'smb'
diff --git a/scripts/smtp-brute.nse b/scripts/smtp-brute.nse
index ddce2d58f..a35677c29 100644
--- a/scripts/smtp-brute.nse
+++ b/scripts/smtp-brute.nse
@@ -30,7 +30,7 @@ require 'smtp'
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"auth", "intrusive"}
+categories = {"brute", "intrusive"}
 
 portrule = shortport.port_or_service({ 25, 465, 587 },
                 { "smtp", "smtps", "submission" })
diff --git a/scripts/snmp-brute.nse b/scripts/snmp-brute.nse
index 4a19b16d5..65e9c0aa8 100644
--- a/scripts/snmp-brute.nse
+++ b/scripts/snmp-brute.nse
@@ -39,7 +39,7 @@ author = "Philip Pickering, Gorjan Petrovski, Patrik Karlsson"
 
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
 
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require "shortport"
 require "snmp"
diff --git a/scripts/svn-brute.nse b/scripts/svn-brute.nse
index 72851dfd8..2552a3dec 100644
--- a/scripts/svn-brute.nse
+++ b/scripts/svn-brute.nse
@@ -36,7 +36,7 @@ require 'creds'
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 portrule = shortport.port_or_service(3690, "svnserve", "tcp", "open")
 
diff --git a/scripts/telnet-brute.nse b/scripts/telnet-brute.nse
index 8f88ce01c..331b9404f 100644
--- a/scripts/telnet-brute.nse
+++ b/scripts/telnet-brute.nse
@@ -4,7 +4,7 @@ Tries to get Telnet login credentials by guessing usernames and passwords.
 
 author = "Eddie Bell, Ron Bowes"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {'auth', 'intrusive'}
+categories = {'brute', 'intrusive'}
 
 ---
 -- @output
diff --git a/scripts/vnc-brute.nse b/scripts/vnc-brute.nse
index df06eacef..b4d5bfcd1 100644
--- a/scripts/vnc-brute.nse
+++ b/scripts/vnc-brute.nse
@@ -27,7 +27,7 @@ Performs brute force password auditing against VNC servers.
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"intrusive", "auth"}
+categories = {"intrusive", "brute"}
 
 require 'shortport'
 require 'brute'
diff --git a/scripts/xmpp-brute.nse b/scripts/xmpp-brute.nse
index 895ffc069..e114d07d7 100644
--- a/scripts/xmpp-brute.nse
+++ b/scripts/xmpp-brute.nse
@@ -31,7 +31,7 @@ require 'xmpp'
 
 author = "Patrik Karlsson"
 license = "Same as Nmap--See http://nmap.org/book/man-legal.html"
-categories = {"auth", "intrusive"}
+categories = {"brute", "intrusive"}
 
 portrule = shortport.port_or_service(5222, {"jabber", "xmpp-client"})