GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → intrd → nozzlr

intrd / nozzlr

Licence: other
Nozzlr is a bruteforce framework, trully modular and script-friendly

Programming Languages

python
139335 projects - #7 most used programming language

Labels

bruteforceinfosecpentesting

Projects that are alternatives of or similar to nozzlr

Goaltdns
A permutation generation tool written in golang
Stars: ✭ 119 (+98.33%)
Mutual labels:  bruteforce, infosec
Routersploit
Exploitation Framework for Embedded Devices
Stars: ✭ 9,866 (+16343.33%)
Mutual labels:  bruteforce, infosec
Papaya
NoSQL Injection Tool to bypass login forms & extract usernames/passwords using regular expressions.
Stars: ✭ 22 (-63.33%)
Mutual labels:  bruteforce
haiti
🔑 Hash type identifier (CLI & lib)
Stars: ✭ 287 (+378.33%)
Mutual labels:  infosec
Astra
Astra is a tool to find URLs and secrets inside a webpage/files
Stars: ✭ 187 (+211.67%)
Mutual labels:  infosec
ComPP
Company Passwords Profiler (aka ComPP) helps making a bruteforce wordlist for a targeted company.
Stars: ✭ 44 (-26.67%)
Mutual labels:  bruteforce
bitforce
A tools brute force BTC
Stars: ✭ 24 (-60%)
Mutual labels:  bruteforce
rawsec-cybersecurity-inventory
An inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.
Stars: ✭ 153 (+155%)
Mutual labels:  infosec
smbaudit
Perform various SMB-related attacks, particularly useful for testing large Active Directory environments.
Stars: ✭ 31 (-48.33%)
Mutual labels:  bruteforce
honeyku
A Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).
Stars: ✭ 56 (-6.67%)
Mutual labels:  infosec
instabrute
Instagram Brute Forcer
Stars: ✭ 135 (+125%)
Mutual labels:  bruteforce
password-list
Password lists with top passwords to optimize bruteforce attacks
Stars: ✭ 174 (+190%)
Mutual labels:  bruteforce
fame modules
Community modules for FAME
Stars: ✭ 55 (-8.33%)
Mutual labels:  infosec
adalanche
Active Directory ACL Visualizer and Explorer - who's really Domain Admin?
Stars: ✭ 862 (+1336.67%)
Mutual labels:  infosec
goverview
goverview - Get an overview of the list of URLs
Stars: ✭ 93 (+55%)
Mutual labels:  infosec
Argos
This script will automatically set up an OSINT workstation starting from a Ubuntu OS.
Stars: ✭ 73 (+21.67%)
Mutual labels:  infosec
intro-to-security-for-developers
An introduction to security for developers.
Stars: ✭ 28 (-53.33%)
Mutual labels:  infosec
TIWAP
Totally Insecure Web Application Project (TIWAP)
Stars: ✭ 137 (+128.33%)
Mutual labels:  infosec
Python-Keylogger
Python Tutorial - || Advanced Keylogger || Code Walk-through || Hacking/Info-Sec ||
Stars: ✭ 55 (-8.33%)
Mutual labels:  infosec
termux-snippets
An integrated tool and a collection of snippets which helps in the various aspects of the terminal.
Stars: ✭ 28 (-53.33%)
Mutual labels:  infosec
View All Similar Projects ➔

Nozzlr v1.1

Rawsec's CyberSecurity Inventory

Nozzlr is a multithread bruteforcer, trully modular and script-friendly - author: [email protected] & github collaborators

The other bruteforce tools are amazing, but the hardcoded parameters make it painful to script over complex tasks. Nozzlr comes to solve this problem. All your task parameters/engine is managed directly in the task template(a python script).

nozzlr

usage: nozzlr taskmodule wordlists threads [--offset] [--resume_each] [--quiet] [--repeats] [--help]

positional arguments:
  taskmodule            Task template filepath
  wordlists             Wordlist paths(space separated, 2 max)
  threads               The number of threads

optional arguments:
  -h, --help            show this help message and exit
  --offset [OFFSET]     >= 0 start from wordlist linenumber
  --resume_each [RESUME_EACH]
                        100 = default, save session every 1k tries
  --quiet [QUIET]       Supress most of program output (saves CPU)
  --repeats [REPEATS]   Loops the same wordlists N times, default=1

Just copy one of this templates below to your working directory and customize to your needs.  

default task templates:
  templates/args_bruteforce.py : Commandline arguments bruteforcer (PoC: breaking ccrypt .cpt encrypted file)
  templates/args_bruteforce.py : Commandline arguments bruteforcer (PoC: recovering SSH RSA private keys passphrase)
  templates/args_gpgbruteforce.py : Commandline arguments bruteforcer (PoC: breaking GpG .gpg encrypted files)
  templates/args_charbruteforce.py : Commandline arguments bruteforcer (PoC: char by char looping the same wordlist)
  templates/stdin_bruteforce.py : STDIN - pipe inside commandline tools (PoC: bruteforcing LUKS)
  templates/ftp_bruteforce.py : RAW FTP (PoC: proFTPd, but works w/ any other server)
  templates/http_bruteforce.py : HTTP POST (PoC: bruteforcing pastd.com private notes)
  templates/ssh_bruteforce.py : SSH login (PoC: openSSH bruteforce)
  ...more at templates/

This is a proof-of-concept tool, any actions and or activities is solely your responsibility. 
The misuse of this tool can result in criminal charges brought against the persons in question. 
The authors and collaborators will not be held responsible in the event any criminal charges 
be brought against any individuals misusing this tool to break the law.

Yes! your tasktemplates/contributions are welcome :)

INSTALL

cd ~/ && git clone http://github.com/intrd/nozzlr appz/nozzlr && cd appz/nozzlr \
&& wget -O libs/int_netcat.py https://gist.github.com/intrd/00a39c83f752acf81775bfa9721e745a/raw/ \
&& sudo ln -s $PWD/nozzlr.py /usr/bin/nozzlr

USAGE

Copy selected task xxx_bruteforce.py from /samples to your working directory, edit, and run:

nozzlr templates/ssh_bruteforce.py wordlists/unix_users.txt wordlists/unix_passwords.txt 1

UPDATE

cd ~/appz/nozzlr && git fetch --all && git reset --hard origin/1.1  \
&& wget -O libs/int_netcat.py https://gist.github.com/intrd/00a39c83f752acf81775bfa9721e745a/raw/

CHANGELIST

v1.1
  - added SSH Passphrase - RSA private keys bruteforcer
  - added Asterisk Call Management bruteforcer (port 5038)  
  - added Wordpress bruteforce
  - fixed gpg template
  - added breaking ccrypt .cpt encrypted file
  - added char by char looping the same wordlist
  - now processing multiple wordlists
Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].