Friday, June 5, 2020

Brutality: A Fuzzer For Any GET Entries

Brutalitys' Features
  • Multi-threading on demand.
  • Fuzzing, bruteforcing GET params.
  • Find admin panels.
  • Colored output.
  • Hide results by return code, word numbers.
  • Proxy support.
  • Big wordlist.
Screenshots:

Brutality's Installtion

How to use Brutality?

Examples:
   Use default wordlist with 5 threads (-t 5) and hide 404 messages (–e 404) to fuzz the given URL (http://192.168.1.1/FUZZ):
python brutality.py -u 'http://192.168.1.1/FUZZ' -t 5 -e 404

   Use common_pass.txt wordlist (-f ./wordlist/common_pass.txt), remove response with 6969 length (-r 6969) and proxy at 127.0.0.1:8080 (-p http://127.0.0.1:8080) to fuzz the given URL (http://192.168.1.1/brute.php?username=admin&password=FUZZ&submit=submit#):
python brutality.py -u 'http://192.168.1.1/brute.php?username=admin&password=FUZZ&submit=submit#' -f ./wordlist/common_pass.txt -r 6969 -p http://127.0.0.1:8080

ToDo List:
  • Smooth output.
  • Export file report.
  • Modularization.

Read more


  1. Hacking Simulator
  2. Pentest Reporting Tool
  3. Hacker Kevin Mitnick
  4. Hacking Ethics
  5. Pentest Example Report
  6. Hacking Resources
  7. Pentest Blog
  8. Hacker Language
  9. Pentester Academy
  10. Hacking Process
  11. Pentest As A Service
  12. Hacking Resources
  13. How To Pentest A Network
  14. Hacking Tutorials
  15. Hacking The Art Of Exploitation
  16. Pentest Network
  17. Pentest Firewall

No comments: