-
Notifications
You must be signed in to change notification settings - Fork 126
HTTPBrute
knavesec edited this page Mar 17, 2021
·
4 revisions
This module allows for HTTP Basic, Digest, and NTLM authentication brute-forcing. This module has not been tested to the fullest, if there are bugs please submit an issue/PR.
This module adds two new plugin args: --url
and --auth
. The HTTP auth flag sets the method of authentication basic, digest and ntlm.
Throttle settings may depend on a per-application basis. Use at your own discretion.
credmaster.py <usual arguments> -m HTTPBrute --url https://example.com/endpoint/to/test --auth basic/digest/ntlm