To arouse interest in the auction, the hackers released samples of programs they said could break into popular firewall software made by companies including Cisco Systems Inc, Juniper Networks Inc and Fortinet Inc.
The companies did not respond to request for comment, nor did the NSA.
Writing in imperfect English, the Shadow Brokers promised in postings on a Tumblr blog that the auctioned material would contain "cyber weapons" developed by the Equation Group, a hacking group that cyber-security experts widely believe to be an arm of the NSA.
The Shadow Brokers said the programs they will auction will be "better than Stuxnet," a malicious computer worm widely attributed to the United States and Israel that sabotaged Iran's nuclear programme.
Reuters could not contact the Shadow Brokers or verify their assertions. Some experts who looked at the samples posted on Tumblr said they included programs that had previously been described and therefore were unlikely to cause major damage.
"The data [released so far] appears to be relatively old; some of the programs have already been known for years," said researcher Claudio Guarnieri, and are unlikely "to cause any significant operational damage."
Still, they appeared to be genuine tools that might work if flaws have not been addressed. After examining the code released Monday, Matt Suiche, founder of UAE-based security startup Comae Technologies, concluded they looked like "could be used."
Other security experts warned the posting could prove to be a hoax. The group said interested parties had to send funds in advance of winning the auction via Bitcoin currency and would not get their money back if they lost.
The auction will end at an unspecified time, Shadow Brokers said, encouraging bidders to "keep bidding until we announce winner."
© Thomson Reuters 2016