NiX Brute Forcer is a tool that uses brute force in parallel to log into a system without having authentication credentials beforehand. This tool is intended to demonstrate the importance of choosing strong passwords. NiX supports a variety of services that allow remote authentication, such as HTTP(S) BASIC/FORM, MySQL, SSH, and FTP. It is based on NiX Proxy Checker.
|Tags||brute force Security|
|Licenses||Freeware for non commercial use|
|Implementation||C zsh PHP|
Release Notes: Headers were fixed in non-SSL FORM mode when using a SQUID proxy. Site and proxy protection mechanism detection was improved. If a cookie is received from the site in BASIC AUTH mode, it is now considered a possible "HIT", regardless of a reply or success and failure keys. A "days left information" was added to the estimated time left function. The default configuration file now has better examples.
Release Notes: Cookie handling in FORM mode when using a SOCKS proxy was fixed. The tool now proceeds accordingly if FORM does not redirect at all after a "HIT" or if in some cases redirect detection failed. Debug mode was improved.
Release Notes: FORM auto-detection has been improved. FORM MODE redirection handling after a "HIT" has been improved. Proxy content filtering detection has been improved in a fake engine, which will cause fewer fakes regardless of the mode used if there was no success key defined. HTTPS (SSL) brute mode has been improved.
Release Notes: The "Client cannot resolve the hostname" SOCKS5 feature was reverted, because a majority of public SOCKS5 proxies are unreliable. Hostnames are now only resolved once.