Breacher - An advanced multithreaded admin panel finder | HACK4NET

A script to find admin login pages and EAR vulnerabilites.

Features

Multi-threading on demand
Big path list (798 paths)
Supports php, asp and html extensions
Checks for potential EAR vulnerabilites
Checks for robots.txt
Support for custom patns

Usages

Check all paths with php extension

python breacher -u example.com --type php

Check all paths with php extension with threads

python breacher -u example.com --type php --fast

Check all paths without threads

python breacher -u example.com

Adding a custom path. For example if you want all paths to start with /data (example.com/data/...) you can do this:

python breacher -u example.com --path /data

Note: When you specify an extension using --type option, Breacher includes paths of that extension as well as paths with no extensions like /admin/login

Video Demo

Github Project