We had originally mentioned about Bruter in our old post here. Since then, it’s author worawita has worked hard and brought to us – Bruter version 1.0!
“Bruter is a parallel network login brute-forcer on Win32. This tool is intended to demonstrate the importance of choosing strong passwords. The goal of Bruter is to support a variety of services that allow remote authentication.”
The official change log reads these changes:
- Re-licensed to new-BSD license
- Added proxy support (CONNECT, SOCKS4, SOCKS5)
- Allowed more delimiter in combo file
- Added password length filtered in combo and dictionary mode
- Fixed miscellaneous bugs
- Updated openssl library to 0.9.8n
SMB:
- Implemented authentication instead of using Windows API (faster and more options)
- Support LM, NTLM, LMv2, NTLMv2 authentication
HTTP (Basic):
- Used http keep-alive
- Accepted URL in option dialog
HTTP (Form):
- Used http keep-alive
- Fixed cookie detection in option dialog
- Used different cookie for each thread (also automatically update cookie while testing)
You can download the source code of Bruter version 1.0 and the compiled version as well here.
Searches leading to this post:
bruter
Tagged as: Bruteforce, Bruter, FTP bruteforce, HTTP bruteforce, IMAP bruteforce, MS-SQL bruteforce
When you think of a brute force, you always think of Hydra, Brutus, etc. There is a newer, somewhat unknown tool – Bruter. We had mentioned about this tool, at its time of release, our now defunct blog – Meta-Human.Net.
Bruter is a Windows 32 application which can help you check for the strength of your passwords. It supports three types of password cracking mode:
- Dictionary: This mode will use a wordlist.
- Append user: This mode will use words from a file. Each word will then be appended to the testing username and then use it as a password.
- Brute force: This mode will try every possible password. You can select a character set for brute forcing from ‘Option‘. Also you can defined the minimum and maximum password length for brute forcing.
It supports the following protocols to be tested:
- FTP
- HTTP (Basic)
- HTTP (Form)
- IMAP
- MSSQL
- MySQL
- POP3
- SMB-NT
- SMTP
- SNMP
- SSH2
- Telnet
It has been tested to work on Windows 2000 & Windows XP. All it needs is OpenSSL. You can download the source code of this application and the compiled version as well here.
Searches leading to this post:
tutorial bruter
Tagged as: Bruteforce, Bruter, FTP bruteforce, HTTP bruteforce, IMAP bruteforce, MS-SQL bruteforce
N-STALKER is a Web Application Security solutions supports of all the well known web applications.
Founded upon the patent-pending technology of Component-oriented Web Application Security Scanning, N-Stalker Free Edition allows for a quick assessment of Web Applications under the secure development life cycle (SDLC) perspective of deployment phase:
Deployment Phase: Server and 3rd-party packages vulnerabilities introduced by the infrastructure
N-Stalker checks for all major web vulnerability includin;
18,000 signaturesWeb Server security checkBackup security checkCross-site Scripting (reduced analysis)N-Stalker is regularly updated for signatures. Tools included:
N-Stalker Web Proxy
N-Stalker HTTP Brute Force
N-Stalker Web Server Discovery
N-Stalker Encoder Tool
N-Stalker GHDB Tool
N-Stalker HTTP Load Tester
Download N-Stalker Here
Related External Links
Tagged as: HTTP bruteforce, N-STALKER, Web Application Scanner, web security, Windows
