iCloudBrutter is a simple python (3.x) script to perform basic bruteforce attack againts AppleID. Usage of iCloudBrutter for attacking targets without prior mutual consent is illegal. iCloudBrutter developer not responsible to any damage caused by iCloudBrutter. Installation $ git clone https://github.com/m4ll0k/iCloudBrutter.git $ cd iCloudBrutter $ pip3 install requests,urllib3,socks $ python3 icloud.py Download iCloudBrutter
How DUMB works Dumb works with a masked dumain for substitution. The dumain can have as many masks as you want as long as you pass the according wordlists, explain information security training experts. Bruteforcing subdumains: Using the mask DUMB.dumain.com and the following wordlists: www ftp backoffice Dumb will generate the following dumains for bruteforce: http://www.dumain.com. ftp.dumain.com. […]
Easy way to brute-force web directory. Operating Systems Tested: MacOSX Kali Linux Usage: python crawlbox.py [-h] [-v] [-w WORDLIST] url positional arguments: url specific target url, like domain.com optional arguments: -h, –help show this help message and exit -v, –version show program’s version number and exit -w WORDLIST specific path to wordlist file -d DELAY […]
This version of the application is written with Python programming language,which is used to crack the Restriction PassCode of iphone/ipad. Brute Force Get the Base64 key and salt from the backup file in Computer. Decode the Base64 key and salt. Try from 1 to 9999 to with the pbkdf2-hmac-sha1 hash with passlib (passlib moudle need […]
Red Login: SSH Brute-force Tools. Features: High speed and precision CLI ( Console based ) Run the arbitrary command after the attack is successful ( Default ‘Uname -a’ ) Telegram messanger support for sending reports via bot API Usage: Redlogin.exe (Optional) -telegram ==> List of targets ip list ==> List of usernames want to test ==> List of […]
Instabrute exploit module bruteforces usernames and password for any given account. Features Check username existence Check password for a given username Dependencies Mechanize CookieLib Simplejson OptParse Selenium Usage: usage: git clone https://github.com/chinoogawa/instaBrute cd instaBrute pip install selenium pip install Mechanize pip install Simplejson pip install OptParse pip install Mechanize python instabrute.py -h ( for Helper) […]
Blazy is a modern login page bruteforcer. Features Easy target selections Smart form and error detection CSRF and Clickjacking Scanner Cloudflare and WAF Detector 90% accurate results Checks for login bypass via SQL injection Multi-threading 100% accurate results Better form detection and compatibility Requirements Beautiful Soup Mechanize Usages Open your terminal and enter git clone […]
According to Kali, THC-Hydra Tool is a parallelized login cracker which supports numerous protocols to attack. It is very fast and flexible, and new modules are easy to add. This Tool makes it possible for researchers and security consultants to show how easy it would be to gain unauthorized access to a system remotely. It […]
WIBR is an android app that you can use to break into a password protected (weak) WiFi network. It is actually a brute forcer that allows you to perform a dictionary attack on the target. If you don’t know what is a dictionary attack, read this Wikipedia article: Dictionary_Attack Note: Turn on your WiFi before […]
A “determined” attacker has breached the email system of the UK Parliament over the weekend, according to a statement put out by the UK government on Sunday afternoon. The attack took place on Saturday and consisted of a brute-force attack that attempted to guess the passwords of email accounts belonging to various members of Parliament […]
A new Linux malware has been spotted in the wild by security researchers at Eset, and it is much more sophisticated than any of the previously known Linux based malware. The security researchers have named this malware as “Linux/Shishiga” which utilizes four different protocols according to Eset research team. The protocols used are Telnet, HTTP and […]
Brute-force (dictionary attack, jk) attack that supports multiple protocols and services http://ex0dus-0x.github.io Introduction brut3k1t is a server-side bruteforce module that supports dictionary attacks for several protocols. The current protocols that are complete and in support are: ssh ftp smtp XMPP instagram facebook There will be future implementations of different protocols and services (including Twitter, Facebook, […]
BruteXSS is a very speedy go-site Scripting Brute forcing tool which can brute force parameters. It lets in you to inject several payloads from a wordlist to that particular parameters and then check the selected web page for XSS vulnerabilities. in line with the builders, “BruteXSS is noticeably correct at doing its mission and there’s […]
WiFi Bruteforcer is an android application that bruteforces WiFi passwords using an android device. It does not require a rooted device and is very fast and reliable. The tool has been developed by Fsecurify. Usage: Turn on your wifi. Open the application and scan networks. Select any WEP/WPA2 network and a new screen will open. […]
BruteForcer is a client-server multithreaded application for bruteforcing RAR file passwords. Actually, this tool is not limited to the RAR files, it is just that the tool comes with a RAR archive plugin. If you have a suitable plugin, it will support any file you want. But unfortunately there are no such plugins, if you […]
Doona is a forked version of the Bruteforce Exploit Detection tool or simply BED. The Bruteforce Exploit Detection tool is designed to check for the daemons for potential buffer overflows, format the string bugs etc. In Australian , Doona means duvet. Doona adds a lot of new features and changes to the BED. If you […]
FTP MySQL MSSQ MongoDB Redis Telnet Elasticsearch PostgreSQL. Compatible Operating system: OSX Linux Windows Python 2.6+ How to run the command: python F-Scrack.py -h 192.168.1 [-p 21,80,3306] [-m 50] [-t 10] -h Supports ip(192.168.1.1), ip range (192.168.1) (192.168.1.1-192.168.1.254), ip list (ip.ini) , maximum 65535 ips per scan. -p Ports you want to scan, use comma […]
Auto_EAP.py is a script designed to perform automated brute-force authentication attacks against various types of EAP networks. These types of wireless networks provide an interface to facilitate password guessing of domain credentials as radius servers check authentication against Active Directory. Install: ./Auto_EAP.py -s HoneyPot -K WPA-EAP -E PEAP -U test.txt -p Summer2016 -i wlan0 Initialized… […]
If someone is determined enough to guess your password using brute force then you need to lock down Windows . Here’s how to lock down Windows following several failed login attempts. Complex passwords can be a pain to remember and prone to mistyping, but shorter passwords can be much easier to guess by brute force. What […]
Hackers are hiding hundreds or thousands of username/password combinations in one single XML-RPC request. WordPress sites are being abused once again and there is no surprise since the platform is the most popular CMS on the Internet, and the attack surface is literally enormous when compared to other website-building solutions. This time around, Sucuri’s security researchers […]