Breacher - An advanced multithreaded admin panel finder

A script to find admin login pages and EAR vulnerabilites.

Features

  •  Multi-threading on demand
  •  Big path list (798 paths)
  •  Supports php, asp and html extensions
  •  Checks for potential EAR vulnerabilites
  •  Checks for robots.txt
  •  Support for custom patns

Usages

  • Check all paths with php extension
python breacher -u example.com --type php
  • Check all paths with php extension with threads
python breacher -u example.com --type php --fast
  • Check all paths without threads
python breacher -u example.com
  • Adding a custom path. For example if you want all paths to start with /data (example.com/data/...) you can do this:
python breacher -u example.com --path /data
Note: When you specify an extension using --type option, Breacher includes paths of that extension as well as paths with no extensions like /admin/login

Video Demo

Breacher
Powered by Blogger.