Breacher: An advanced multithreaded admin panel finder

by do son ·

Breacher

A script to find admin login pages and EAR vulnerabilities.

Features

  • Multi-threading on demand
  • Big path list (482 paths)
  • Supports php, asp and html extensions
  • Checks for potential EAR vulnerabilities
  • Checks for robots.txt
  • Support for custom patterns

Download

git clone https://github.com/UltimateHackers/Breacher.git

Usages

  • Check all paths with php extension
    python breacher -u example.com –type php
  • Check all paths with php extension with threads
    python breacher -u example.com –type php –fast
  • Check all paths without threads
    python breacher -u example.com
  • Adding a custom path. For example, if you want all paths to start with /data (example.com/data/…) you can do this:
    python breacher -u example.com –path /data

Note: When you specify an extension using –type option, Breacher includes paths of that extension as well as paths with no extensions like /admin/login

Demo

https://www.youtube.com/watch?v=BEpt5JmcWPk

Source: https://github.com/UltimateHackers/Breacher