It has been a while when I played with pf tables.
AFAIK pf keeps the contents of tables in memory. But according the
pfctl man page you can show/display the contents of a table with
pfctl -t bruteforce -T show
So if you redirect that output to file with something like
pfctl -t bruteforce -T show >bruteforce.txt you have those addresses in a file.
How to use that file for a next reload of the pf.conf rules is well explained in the pf users guide and pfctl man page.
For permissions I would start with the same as "/etc/pf.conf" : rw for root, nothing for group and world.