Is there an open source and free software tool for scanning weak/default passwords in web servers?
-
To ensure you get the most out of your CIN membership and stay connected with the latest updates, we are asking all members to update their community profiles. Please take a few moments to log in and: • Complete all sections of your profile • Review your current information for accuracy • Enter an alternative email address if desired (CIN requires your valid business email address for your training organization). Keeping your profile up to date helps us better serve you, ensures your account is correctly linked with CompTIA’s CRM, streamlines processes, enhances communication, and guarantees you never miss out on valuable CIN opportunities. Thank you for taking this important step! step!
Scanning for weak/default passwords in web servers
- Thread starter Innocent V. Mulula
- Start date
Define "in web servers".
If you mean web applications, or HTML forms, or HTTP basic auth, then yes absolutely. Something like Hydra has existed for years. Configure the authentication, feed it a wordlist and let it rip. And it'll even work for different protocols.
If you mean web applications, or HTML forms, or HTTP basic auth, then yes absolutely. Something like Hydra has existed for years. Configure the authentication, feed it a wordlist and let it rip. And it'll even work for different protocols.
Great suggestion Tess! There are also a couple of different implementations of Hydra using Docker. That would be a great way to demo the use of containers.
https://hub.docker.com/r/linuxserver/hydra
and
GitHub - linuxserver/docker-nzbhydra2
Contribute to linuxserver/docker-nzbhydra2 development by creating an account on GitHub.
github.com