Breacher: An advanced multithreaded admin panel finder
Breacher
A script to find admin login pages and EAR vulnerabilities.
Features
- Multi-threading on demand
- Big path list (482 paths)
- Supports php, asp and html extensions
- Checks for potential EAR vulnerabilities
- Checks for robots.txt
- Support for custom patterns
Download
git clone https://github.com/UltimateHackers/Breacher.git
Usages
- Check all paths with php extension
python breacher -u example.com –type php - Check all paths with php extension with threads
python breacher -u example.com –type php –fast - Check all paths without threads
python breacher -u example.com - Adding a custom path. For example, if you want all paths to start with /data (example.com/data/…) you can do this:
python breacher -u example.com –path /data
Note: When you specify an extension using –type option, Breacher includes paths of that extension as well as paths with no extensions like /admin/login
Demo
https://www.youtube.com/watch?v=BEpt5JmcWPk