-
Updated
Jan 20, 2021 - Python
pentest
Here are 619 public repositories matching this topic...
-
Updated
Jan 21, 2021
-
Updated
Oct 19, 2020
-
Updated
Jan 20, 2021 - Shell
-
Updated
Jan 20, 2021 - PowerShell
-
Updated
Jan 22, 2021
I've tested on my own profile, and stefanofinding's profile, but nothing came up. I'm using the tags FindUserProfilesSlow, ShowUserProfilesSlow, FindUserProfilesSpecial
on the web interface.
Selected "hackerone" on advanced options. No google API, no proxy, and default user-agent string.
I tested it beforehand with my github profile a
-
Updated
Jan 21, 2021 - Ruby
-
Updated
Jul 19, 2020 - Shell
-
Updated
Jan 11, 2021 - Python
-
Updated
Aug 30, 2020
-
Updated
Jan 16, 2021 - C#
so if the password is correct it accepts it .... and if it's wrong it says the entered password is wrong .. and asks for the password again .. just like what the real sites do :)
-
Updated
Aug 19, 2020 - JavaScript
-
Updated
Jan 18, 2021 - Ruby
-
Updated
Jun 22, 2020 - C
-
Updated
Jan 14, 2021 - Python
-
Updated
Jan 6, 2021 - Python
-
Updated
Jan 13, 2021
-
Updated
Jan 8, 2021 - Python
-
Updated
Jan 21, 2021 - Jupyter Notebook
-
Updated
Dec 16, 2020 - JavaScript
-
Updated
Jan 5, 2021 - Java
-
Updated
Jan 2, 2021
Improve this page
Add a description, image, and links to the pentest topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the pentest topic, visit your repo's landing page and select "manage topics."
Hi All,
So I'm trying to use hydra to bruteforce a login on a system that uses custom http headers to receive the username and password. Hydra does not seem to be doing substitution of ^USER^ and ^PASS^ when used as HTTP headers. If I issue issuing a call to hydra like this:
hydra "http-post://0.0.0.0:8000/:H=username\:^USER^:H=password\:^PASS^" -l admin -p admin
I see the following r