You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
One of the many Taipan addOn, allows to execute an HTTP of Web Form authentication bruteforcing. In this page we will see how to customize this process.
This AddOn allows to execute an HTTP or Web Form authentication bruteforcing. In order to do so it verify the response code (in case of HTTP bruteforcing) or use a custom heuristic in order to identify if the page returned an authenticated content or not (in case of Web Form authentication).
Under the folder _Data\AddOnStorage\Web Form Bruteforcer AddOn_ you will find three XML files (the file format is self explanatory):
***Combinations.xml** contains the combination of user/password to use. This is useful to test for default account
***Usernames.xml** contaions the list of username to bruteforce. It is suggested to not include a long list, since for each username the entire password list is used in order to bruteforce it
***Passwords.xml** contains the password to use in order to bruteforce all usernames
