Skip to content

HTTPBrute

Jump to bottom
knavesec edited this page Mar 17, 2021 · 4 revisions

Plugin Overview

This module allows for HTTP Basic, Digest, and NTLM authentication brute-forcing. This module has not been tested to the fullest, if there are bugs please submit an issue/PR.

Unique Command Line Options

This module adds two new plugin args: --url and --auth. The HTTP auth flag sets the method of authentication basic, digest and ntlm.

Throttle Notes

Throttle settings may depend on a per-application basis. Use at your own discretion.

Example Command

credmaster.py <usual arguments> -m HTTPBrute --url https://example.com/endpoint/to/test --auth basic/digest/ntlm

Overview

Home

Installation

Usage

Config File

Notifications

Fireprox Utilities

Plugins

Overview

OWA

EWS

ADFS

O365

O365Enum

MSOL

MSGraph

AZVault

AzureSSO

HTTPBrute

HTTPPost

Okta

FortinetVPN

GmailEnum

PingFed

Misc

Development

Weekday Warrior

Throttle Evasion

Anonymity

Credits

Clone this wiki locally