9 responses to “Brute Force Attack With Burp

  1. Robin

    December 21, 2012 at 10:39 am

    Why are you leaving the login field as a variable but then using a static value in it? May as well remove it from the list.

  2. Yuval

    December 21, 2012 at 6:27 pm

    What’s new in this attack?!

  3. netbiosX

    December 21, 2012 at 6:34 pm

    There is nothing new in this attack Yuval.It is just a demonstration of how you can use Burp to perform this type of attack.

  4. Manoj Singh

    December 24, 2012 at 6:21 am

    The Payload for Brute force can be SQL injection vectors in username and Password with Cluster Bomb.

  5. LethalDuck

    December 28, 2012 at 10:07 pm

    Couldn’t you just use THC-Hydra?
    No bloated GUI is needed then.

    • Robin

      January 13, 2013 at 9:56 pm

      Burp is much better and a lot more powerful, I wouldn’t bother with anything else

  6. LethalDuck

    December 28, 2012 at 10:10 pm

  7. Sally

    January 13, 2013 at 1:56 pm

    I see a software at . Interestingly they provide an API to stop brute force attacks on Microsoft.NET, PHP and Java. I tried and working…


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: