Web Login Brute Forcer — written in Rust
______ _ __ __
/ ____/___ _____________ | | / /__ / /_
/ /_ / __ \/ ___/ ___/ _ \ | | /| / / _ \/ __ \
/ __/ / /_/ / / / /__/ __/ | |/ |/ / __/ /_/ /
/_/ \____/_/ \___/\___/ |__/|__/\___/_.___/
Web Login Brute Forcer | by buda-sys
forceweb is a brute force tool for web login forms. It tests passwords from a wordlist against any HTTP/HTTPS endpoint using POST form authentication, detecting success based on a configurable failure string.
Requirements: Rust installed.
git clone https://github.com/buda-sys/forceweb
cd forceweb
cargo build --releaseBinary will be at target/release/forceweb.
./forceweb -u <URL> -U <user> -w <wordlist> -f <fail_text> [options]| Flag | Long | Default | Description |
|---|---|---|---|
-u |
--url |
required | Target login endpoint URL |
-U |
--usuario |
required | Username to attack |
-w |
--wordlist |
required | Path to password wordlist file |
-f |
--fail |
required | Text present in the response when login fails |
-p |
--param_user |
username |
HTML field name for the username |
-P |
--param_pass |
password |
HTML field name for the password |
./forceweb \
-u http://target.local/login \
-U admin \
-w /usr/share/wordlists/rockyou.txt \
-f "Invalid username or password" \
-p username \
-P password╔══════════════════════════════════════╗
║ PASSWORD FOUND ║
╚══════════════════════════════════════╝
[+] URL: http://target.local/login
[+] User: admin
[+] Password: letmein123
forceweb sends POST requests to the target endpoint with each password from the wordlist. It detects success by checking whether the HTTP response does not contain the string specified in --fail.
wordlist → POST /login → response contains --fail? → no: password found ✓
→ yes: try next password
This tool is intended for ethical pentesting and controlled environments (CTFs, labs, systems you own). Only use it against systems you have explicit permission to test. The author is not responsible for any misuse.
MIT License — Copyright (c) 2026 buda-sys
Permission is granted to use, copy, modify and distribute this software freely, as long as the original author credit is maintained.
See the LICENSE file for details.
buda-sys — built with Rust 🦀