Breacher
A script to find admin login pages and EAR vulnerabilites.
Features
- Multi-threading on demand
- Big path list (482 paths)
- Supports php, asp and html extensions
- Checks for potential EAR vulnerabilites
- Checks for robots.txt
- Support for custom patns
Usages
- Check all paths with php extension
python breacher -u example.com --type php
- Check all paths with php extension with threads
python breacher -u example.com --type php --fast
- Check all paths without threads
python breacher -u example.com
- Adding a custom path. For example if you want all paths to start with /data (example.com/data/...) you can do this:
python breacher -u example.com --path /data
Note: When you specify an extension using --type option, Breacher includes paths of that extension as well as paths with no extensions like /admin/login