Search the Community

What is RDP? For this attack we’ll use a tool called “crowbar” that gonna help us to brute force the credentials of the target machine. What is Crowbar? We can Download the tool right here [Hidden Content]

[hide][Hidden Content]]

About BirDuster is a Python based knockoff of the original DirBuster. BirDuster is a multi threaded Python application designed to brute force directories and files names on web/application servers. Often is the case now of what looks like a web server in a state of default installation is actually not, and has pages and applications hidden within. [hide][Hidden Content]]

Async DNS Brute A Python 3.5+ tool that uses asyncio to brute force domain names asynchronously. Speed It’s fast. Benchmarks on small VPS hosts put around 100k DNS resolutions at 1.5-2mins. An amazon M3 box was used to make 1 mil requests in just over 3 minutes. Your mileage may vary. It’s probably best to avoid using Google’s resolvers if you’re purely interested in speed. DISCLAIMER Your ISP’s and home router’s DNS servers probably suck. Stick to a VPS with fast resolvers (or set up your own) if you’re after speed. WARNING This tool is capable of sending LARGE amounts of DNS traffic. I am not responsible if you DoS someone’s DNS servers. Changelog v0.3.3 output bug fixes [hide][Hidden Content]]

Cerbrutus Modular brute force tool written in Python, for very fast password spraying SSH, and FTP and in the near future other network services. COMING SOON: SMB, HTTP(s) POST, HTTP(s) GET, HTTP BASIC AUTH Thanks to @0dayctf, Rondons, Enigma, and 001 for testing and contributing [hide][Hidden Content]]

BruteX is a shell script and automates the process of analyzing one or many targets. BruteX include Nmap,Hydra & DNS enum. Nmap scan opens ports and defines running on the target server service. Thereafter, start Bruteforce FTP, SSH, and other services using the Hydra, and so on. Automatically brute force all services running on a target: Open Ports Usernames Passwords Changelog v2.3 Updated default credentials for Rasberry Pi/Kali [hide][Hidden Content]]

About WpCrack is a tool used to force login into the WordPress CMS web application and is built in the Python programming language Features Very fast login Use of HTTP proxies Multithreading or Multiprocessor [hide][Hidden Content]]

Bruter19 Advanced Brute Force Attack Tool. This tool has been developed for "ethical hacking course" students don't use it for illegal purposes. ADDED FEATURES IN V2.0 The Tool Supports Turkish Language Now The Tool Is Able To Generate Personalized Wordlist Now The Tool Is A Bit Faster Now FIXED BUGS IN V2.0 The tool was finding the wrong password in the long wordlists. It is fixed, the user is able to use long wordlists now. The tool was finding the wrong password every time you press ctrl+c. That issue is fixed now. The tool was failing when you inputed the wordlist path incorrectly. That issue is fixed now. Anonsurf was failing in the long wordlists. Now torghost is used in the tool. That issue is fixed now. [hide][Hidden Content]]

[Hidden Content]

Brute Force Attack on Facebook Accounts Note: EMAIL = ID = PHONE [HIDE][Hidden Content]]

Enumdb is a brute force and post exploitation tool for MySQL and MSSQL databases. When provided a list of usernames and/or passwords, it will cycle through each targeted host looking for valid credentials. By default, enumdb will use newly discovered credentials to search for sensitive information in the host’s databases via keyword searches on the table or column names. This information can then be extracted and reported to a .csv or .xlsx output file. See the Usage and All Options sections for more detailed usage and examples. The latest version, enumdb v2.0, has been adapted for larger environments: Keyword searches can now be conducted on table or column names to identify sensitive information. These terms can be customized at the top of enumdb.py. Threading has been added to expedite brute forcing and enumeration on larger networks. Enumdb no longer generates reports by default. Reporting (csv/xlsx) must be defined in the command line arguments. When extracting data for reports, users can now define a limit on the number of rows selected. The default value of 100, can be modified at the top of enumdb.py. Enumdb’s output formatting has been modified to provide more concise feedback when enumerating large amounts of data. Changelog v2.1 Reformat code structure [HIDE][Hidden Content]]

Dirstalk Dirstalk is a multi-threaded application designed to brute force paths on web servers. The tool contains functionalities similar to the ones offered by dirbuster and dirb. Changelog v1.3.2 1072117 Adding flag to skip SSL certificate check 10f7a63 Adding flag to specify dictionary fetch timeout separately [HIDE][Hidden Content]]

WiFi Bruteforcer - Fsecurify WARNING: This project is still under development and by installing the app may desconfigure the Wi-Fi settings of your Android OS, a system restore may be necessary to fix it. Android application to brute force WiFi passwords without requiring a rooted device. [HIDE][Hidden Content]]

Dirstalk is a multi-threaded application designed to brute force paths on web servers. The tool contains functionalities similar to the ones offered by dirbuster and dirb. [HIDE][Hidden Content]]

Craft CMS versions up to 3.1.7 are missing rate limiting on password validations. View the full article

Brute_Force install : pip install proxylist pip install mechanize Usage: BruteForce Gmail Attack python3 Brute_Force.py -g [email protected] -l File_list python3 Brute_Force.py -g [email protected] -p Password_Single BruteForce Hotmail Attack python3 Brute_Force.py -t [email protected] -l File_list python3 Brute_Force.py -t [email protected] -p Password_Single BruteForce Twitter Attack python3 Brute_Force.py -T Account_Twitter -l File_list python3 Brute_Force.py -T Account_Twitter -l File_list -X proxy-list.txt BruteForce Facebook Attack python3 Brute_Force.py -f Account_facebook -l File_list python3 Brute_Force.py -f Account_facebook -l File_list -X proxy-list.txt BruteForce Netflix Attack يفضل تشغيل VPN Start On Vpn python3 Brute_Force.py -n Account_Netflix -l File_list python3 Brute_Force.py -n Account_Netflix -l File_list -X proxy-list.txt وترقبووو المزيد [Hidden Content]

Brutex is a shell based open source tool to make your work faster. It combines the power of Nmap, Hydra and DNSenum. This tool will automatically run an nmap scan to your target and then it will brute force all the open services for you, such as FTP, SSH and more using Hydra. BruteX ABOUT: Automatically brute force all services running on a target Open ports Usernames Passwords INSTALL: ./install.sh USAGE: brutex target <port> DOCKER: docker build -t brutex . docker run -it brutex target <port> DEMO VIDEO: Download: [HIDE][Hidden Content]]

SSH, FTP, Telnet, PostgreSQL, RDP, VNC With Hydra, Medusa And Ncrack BruteDum is a SSH, FTP, Telnet, PostgreSQL, RDP, VNC brute forcing tool with Hydra, Medusa and Ncrack. BruteDum can work with aany Linux distros if they have Python 3. Features of BruteDum SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Hydra (recommended) SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Medusa SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Ncrack Scan victim's ports with Nmap [HIDE][Hidden Content]]

Introduction Bully is a new implementation of the WPS (Wifi Protected Setup) brute force attack. It’s almost identical as other already existing WPS brute force attack tools, but Bully represents an improved version of Reaver and includes a few advantages. You can take a look at Brute Force Attack Against WPS – Reaver, to see its features and compare them to the Bully. WPS (Wifi Protected Setup) WPS was introduced in 2006, and the goal of the protocol is to allow home users who know little of wireless security to set up Wi-Fi Protected Access, as well as making it easy to add new devices to an existing network without entering long passphrases. In December 2011 a flaw was revealed that affects wireless routers with the WPS feature. That flaw allows a remote attacker to recover the WPS PIN in a few hours with a brute-force attack and, with the WPS PIN, the network’s WPA/WPA2 pre-shared key [HIDE][Hidden Content]]

Only captures if its Premium or not, just trying out OpenBullet [HIDE][Hidden Content]]

python facebom.py -t [email protected] -w wlist.txt -p 35.236.37.121 [Hidden Content]

1.2.1 Version Add new feature faster scan 100x thread Add new feature RDP service Added brutte-force service RDP [HIDE][Hidden Content]] Pass: level23hacktools.com [Hidden Content]

[HIDE][Hidden Content]] w3brute is an open source penetration testing tool that automates attacks directly to the website's login page. w3brute is also supported for carrying out brute force attacks on all websites. Features Scanner: w3brute has a scanner feature that serves to support the bruteforce attack process. this is a list of available scanners: automatically detects target authentication type. admin page scanner. SQL injection scanner vulnerability. Attack Method: w3brute can attack using various methods of attack. this is a list of available attack methods: SQL injection bypass authentication mixed credentials (username + SQL injection queries) Support: multiple target google dorking a list of supported web interface types to attack: web shell HTTP 401 UNAUTHORIZED (Basic and Digest) create file results brute force attack. supported file format type: CSV (default) HTML SQLITE3 custom credentials (username, password, domain) (supported zip file) custom HTTP requests (User-Agent, timeout, etc) and much more...

Hatch Hatch is a brute force tool that is used to brute force most websites Update! v.1.3 added arg support yay How to use (text) 1). Find a website with a login page 2). Inspect element to find the Selector of the username form 3). Do the same for the password field 4). The the login form 5). When Asked put in the username to brute force 6). Watch it go! How to use (Video) [Hidden Content] [HIDE][Hidden Content]]