- They either do not work or are not reliable (false negatives several times in the past)
- They are slow (not multi-threaded or not testing multiple passwords within the same TCP connection)
- They lack very useful features that are easy to code in python (eg. interactive runtime)
- Not write the same code over and over
- Run multi-threaded
- Benefit for useful features such as the interactive runtime commands, response logging, etc.
- ftp_login : Brute-force FTP
- ssh_login : Brute-force SSH
- telnet_login : Brute-force Telnet
- smtp_login : Brute-force SMTP
- smtp_vrfy : Enumerate valid users using the SMTP VRFY command
- smtp_rcpt : Enumerate valid users using the SMTP RCPT TO command
- http_fuzz : Brute-force HTTP/HTTPS
- pop_passd : Brute-force poppassd (not POP3)
- ldap_login : Brute-force LDAP
- smb_login : Brute-force SMB
- mssql_login : Brute-force MSSQL
- oracle_login : Brute-force Oracle
- mysql_login : Brute-force MySQL
- pgsql_login : Brute-force PostgreSQL
- vnc_login : Brute-force VNC
- dns_forward : Forward lookup subdomains
- dns_reverse : Reverse lookup subnets
- snmp_login : Brute-force SNMPv1/2 and SNMPv3
- unzip_pass : Brute-force the password of encrypted ZIP files
- keystore_pass : Brute-force the password of Java keystore files
Patator is NOT script-kiddie friendly, please read the README inside patator.py before reporting/complaining/asking me how to use this tool..
You can download Patator v0.3 here:
patator_v0.3.py
for more detail read more here.
from Darknet.org