Finally got around to posting some new material; this time, I've updated the Tools section with some other utilities that I wrote a while back but never released.
The first one is HybridMaker, a Perl script that creates a wordlist based on commonly used derivations of a user-supplied wordlist, resulting in a much more targeted and efficient approach to brute forcing.
The second tool is E107Bruter, a Perl based bruteforcer that I originally wrote for websites that used an E107 CMS login page, but it can easily be modified for most any other form-based login (just edit lines 71 and 72). It utilizes WWW:Mechanize, so it's not incredibly fast, but it's also a lot more flexible (ie, uses Java to 'click' on a button and properly handles cookies, etc).
The last item is simply a wordlist that contains approximately 250 of the most commonly used passwords. I don't claim any credit for creating it. It works especially well with the two tools listed above.
Remember, use of these programs is permitted for legal purposes only - ie, educational purposes or targets you have permission to test. Hope you find them useful - if you have success/failure with them or have any ideas for improvement, just leave a comment below.
Post a Comment