Tag: Dictionary Attack

Hello! Pentesters, this article is about a brute-forcing tool Hydra. Hydra is one of the favourite tools of security researchers and consultants. Being an excellent tool to perform brute force attacks, it provides various other options which can make your attack more intense and easier to gain unauthorised access to the system remotely. In this […]

Hi Pentesters! Let’s learn about a different tool Medusa, which is intended to be a speedy, parallel and modular, login brute forcer. The goal of the tool is to support as many services which allow remote authentication as possible. We can consider the following items to be some of the key features of the application. […]

Hi, Pentesters! In this article, we are going to focus on the Kali Linux tool “Cewl” which will basically help you to create a wordlist. Let’s explore this tool and learn about what all other options this tool provides. Table of Contents Introduction to Cewl Default Procedure Store this wordlist in a file Generating a […]

In this article, we will be exploring the topic of network authentication using Ncrack. Security professionals depend on Ncrack while auditing their clients. The tool is very simple, yet robust in what it offers a penetration tester. It was designed to help the companies in securing their networks by analysis all their hosts and networking devices […]

In this article, we will demonstrate how to identify and exploit SNMP services using various tools, each suited for different scenarios, from quick brute-force attempts to large-scale automated attacks. MITRE ATT&CK Techniques: T1110.001 – Brute Force: Password Guessing T1046 – Network Service Scanning T1078 – Valid Accounts Table of Contents Introduction Enumeration Nmap Scan for […]

MSSQL brute-force attacks are a frequent initial access tactic during internal assessments and red team ops. Microsoft SQL Server—commonly exposed on TCP port 1433—often holds sensitive data and privileges, making it a high value target. When SQL authentication is enabled, attackers may exploit weak credentials using tools like Hydra, Metasploit, or Nmap NSE. This guide […]

In this article, we will learn how to gain control over our victim’s PC through 5900 Port use for VNC service. There are various ways to do it and let take time and learn all those because different circumstances call for a different measure. Table of Contents Hydra X-Hydra Medusa Ncrack Patator Metasploit  Let’s starts!! […]

This article covers how to identify and brute force PostgreSQL logins using common tools, from quick single host tests to automated multi host attacks during internal assessments. MITRE ATT&CK Techniques T1110.001 – Brute Force: Password Guessing T1046 – Network Service Scanning T1078 – Valid Accounts Table of Contents Introduction Enumeration Scan for Open PostgreSQL Port with Nmap Brute-Force […]

In this article, we will learn to get control over our victim’s system through MYSQL service that runs on port 3306. There are multiple ways to do it. Let us take a moment to learn all those because various circumstances call for the different-different measure. Table of Content Medusa Ncrack Hydra xHydra Metasploit Medusa Medusa […]

We live in the digital era, and in the world of technology, everything is password protected. There are many ways to crack the password such as social engineering, try and error method, etc. but the three only two most successful methods of password cracking i.e. Dictionary attack and Brute force. Both of them has there […]