Breacher

A script to find admin login pages and EAR vulnerabilities.

Features

• Multi-threading on demand
• Big path list (482 paths)
• Supports php, asp and html extensions
• Checks for potential EAR vulnerabilities
• Checks for robots.txt
• Support for custom patterns

Download

git clone https://github.com/UltimateHackers/Breacher.git

Usages

• Check all paths with php extension
  python breacher -u example.com –type php
• Check all paths with php extension with threads
  python breacher -u example.com –type php –fast
• Check all paths without threads
  python breacher -u example.com
• Adding a custom path. For example, if you want all paths to start with /data (example.com/data/…) you can do this:
  python breacher -u example.com –path /data

Note: When you specify an extension using –type option, Breacher includes paths of that extension as well as paths with no extensions like /admin/login

Demo

https://www.youtube.com/watch?v=BEpt5JmcWPk

Source: https://github.com/UltimateHackers/Breacher