BRUTEFORCE – WHAT FOR WHAT

BRUTE FORCING

 

Image result for brute force

I will create in depth tutorials for all of these in the future but for now:

aircrack-ng for WEP and WPA/2 PSK

reaver for WPS

wpscan for WordPress logins (If there is a plugin preventing user enumeration you still have a good chance if you try manually using /?author=(int try 0-15)

Hydra or Ncrack for ssh/ftp/rdp/vnc/telnet

Hydra for BasicAuth or simple POST/GET forms

Burpsuite for POST/GET forms – this is more of the standard now

Hashcat for hashes

Also you can get creative with a bash script with masscan/ncrack to brute whatever service on whatever subnet

loading...

Be the first to comment

Leave a Reply

Your email address will not be published.


*