All posts tagged "Brute Force"

• 

  1.8K

  Security Tools

  RmiTaste – Detect, Enumerate, Interact And Exploit RMI Services

    RmiTaste allows security professionals to detect, enumerate, interact and attack RMI services by calling remote methods with gadgets from ysoserial. It...

• 

  1.8K

  Exploitation Tools

  H2Csmuggler – HTTP Request Smuggling Over HTTP/2 Cleartext (H2C)

    h2cSmuggler smuggles HTTP traffic past insecure edge-server proxy_pass configurations by establishing HTTP/2 cleartext (h2c) communications with h2c-compatible back-end servers, allowing a...

• 

  3.3K

  Wireless Attacks

  Wacker – A WPA3 Dictionary Cracker

    A set of scripts to help perform an online dictionary attack against a WPA3 access point. Wacker leverages the wpa_supplicant control...

• 

  4.8K

  Wireless Attacks

  H4Rpy – Automated WPA/WPA2 PSK Attack Tool

    h4rpy is an automated WPA/WPA2 PSK attack tool, wrapper of aircrack-ng framework.h4rpy provides clean interface for automated cracking of WPA/WPA2 PSK...

• 

  2.2K

  Information Gathering

  SourceWolf – Crawler To Find Juicy Stuff In The Source Code!

    Tested environments: Windows, MAC, linux, and windows subsystem for linux (WSL) What can SourceWolf do? Crawl through responses to find hidden...

• 

  4.5K

  Information Gathering

  Urlbuster – Web Directory Fuzzer To Bruteforce Existing Or Hidden Files

    Powerful web directory fuzzer to locate existing and/or hidden files or directories. Similar to dirb or gobuster, but with a lot...

• 

  54

  Password Attacks

  Maskprocessor – Word Generator With A Configureable Charset

    High-Performance word generator with a per-position configureable charset Mask attack Try all combinations from a given keyspace just like in Brute-Force...

• 

  2.4K

  Password Attacks

  WordListGen – Python Word List Generator For Fuzzing And Brute Forcing

    Super Simple Python Word List Generator for Password Cracking (Hashcat)! I know what your are thinking. Why create another word list...

• 

  48

  News

  Hackers deface Roblox accounts with pro-Trump messages

  Roblox has over 100 million registered users but only a handful of accounts were compromised. As the US presidential election is nearby,...

• 

  305

  Information Gathering

  Rbuster – Yet Another Dirbuster

    yet another dirbuster Common Command line options -a <user agent string> – specify a user agent string to send in the...

• 

  217

  Exploitation Tools

  XMLRPC Bruteforcer – An XMLRPC Brute Forcer Targeting WordPress

    An XMLRPC brute forcer targeting WordPress written in Python 3. In the context of xmlrpc brute forcing, its faster than Hydra...

• 

  283

  Information Gathering

  Dirstalk – Modern Alternative To Dirbuster/Dirb

    Dirstalk is a multi threaded application designed to brute force paths on web servers. The tool contains functionalities similar to the...

• 

  498

  Information Gathering

  Gobuster – Directory/File, DNS And VHost Busting Tool Written In Go

    Gobuster is a tool used to brute-force: URIs (directories and files) in web sites. DNS subdomains (with wildcard support). Virtual Host...

• 

  92

  Geek

  Hacker gets $30,000 for reporting hack Instagram account flaw

  The flaw allowed anyone with knowledge of brute force attack to hack Instagram accounts without raising any suspicion. How to hack Instagram...

• 

  151

  Cyber Events

  The Pitfalls of Keeping Your Ports Wide Open

  Based on security assessment results, penetration testers often recommend hiding an enterprise network’s ports behind a whitelist. However, corporate IT teams don’t...

• 

  74

  Pentest

  IRCTC Website Flaw Allow Hackers to Access All Your Private Info & Cancelling Booked Tickets

  A new bug discovered in IRCTC website allows attackers to gain access to the lakhs of users private information and alter the...

• 

  85

  Password Attacks

  BruteX v1.9 – Automatically Brute Force All Services Running On A Target

  Automatically brute force all services running on a target Open ports Usernames Passwords INSTALL: ./install.sh USAGE: brutex target <port> DOCKER: docker build...

• 

  100

  Password Attacks

  W3Brute – Automatic Web Application Brute Force Attack Tool

  w3brute is an open source penetration testing tool that automates attacks directly to the website’s login page. w3brute is also supported for...

• 

  81

  Information Gathering

  theHarvester v3.0.3 – E-mails, Subdomains And Names Harvester (OSINT)

  theHarvester is a tool for gathering subdomain names, e-mail addresses, virtual hosts, open ports/ banners, and employee names from different public sources...

• 

  75

  Password Attacks

  SSH Auditor – The Best Way To Scan For Weak Ssh Passwords On Your Network

  The Best Way To Scan For Weak Ssh Passwords On Your Network Features ssh-auditor will automatically: Re-check all known hosts as new...

• 

  60

  Information Gathering

  HASSH – A Network Fingerprinting Standard Which Can Be Used To Identify Specific Client And Server SSH Implementations

  “HASSH” is a network fingerprinting standard which can be used to identify specific Client and Server SSH implementations. The fingerprints can be...