myBFF: a Brute Force Framework
myBFF is a web application brute force framework. Point the framework at a file containing usernames, a host, and give it a password. The framework will determine what type of web application is in...
Tagged: Brute Force
cheetah | brute force webshell password tool
Cheetah is a dictionary-based brute force password webshell tool, running as fast as a cheetah hunt for prey. Cheetah’s working principle is that it can submit a large number of detection passwords based on...
hashcat v4.1.0 release | Added support to crack more Algorithms & Fix bug & Improvements
hashcat is the world’s fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms. hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux,...
Metasploitable3: SSH Bruteforce & get Remote Shell
Description The SSH server on the remote host accepts a publicly known static SSH private key for authentication. A remote attacker can log in to this host using this publicly known private key. Solution...
Brute Force Router Password using BurpSuite
Burp suite has always been used to burst a variety of forms used to submit the login authentication, today I am going guide you how to use the Burp Suite to brute force HTTP...
lyncsmash: locate and attack Lync/Skype for Business
lyncsmash a collection of tools to enumerate and attack self-hosted Skype for Business and Microsoft Lync installations Note: these tools will not work with Skype/Lync installations hosted at Microsoft. Download git clone https://github.com/nyxgeek/lyncsmash.git scripts lyncsmash.py...
0d1n v2.5 releases, Web security tool to make fuzzing at HTTP
0d1n Web security tool to make fuzzing at HTTP 0d1n is an Open Source web application bruteforcer and Fuzzer, its objective is to automate exhaustive tests to search anomalies. At another point view, this...
joffrey: stupid MQTT brute forcer
What is MQTT? MQTT stands for MQ Telemetry Transport. It is a publish/subscribe, extremely simple and lightweight messaging protocol, designed for constrained devices and low-bandwidth, high-latency or unreliable networks. The design principles are to...
hydra v8.7-dev released: Enhancements, bugfixes
THC-Hydra is a very fast (multi-threaded) network logon cracker which supports many different services: afp, cisco, cisco-enable, cvs, firebird, ftp, http-get, http-head, http-proxy, https-get, https-head, https-form-get, https-form-post, icq, imap, imap-ntlm, ldap2, ldap3, mssql, mysql,...
[How to] Create a password dictionary
Password dictionary is mainly used in conjunction with password cracking software, the password dictionary includes many people habitually set the password. This can improve the password crack software password cracking success rate and hit rate,...
