NiX Brute Forcer is a tool that uses brute force in parallel to log into a system without having authentication credentials beforehand. This tool is intended to demonstrate the importance of choosing strong passwords.

The goal of NiX is to support a variety of services that allow remote authentication such as: MySQL, SSH, FTP, IMAP. It is based on NiX Proxy Checker.

CURRENT FEATURES:

- Basic Authorization & FORM support in both standard and HTTPS (SSL) mode
- HTTP/SOCKS 4 and 5 proxy support
- FORM auto-detection & Manual FORM input configuration.
- It is multi-threaded
- Wordlist shuffling via macros
- Auto-removal of dead or unreliable proxy and when site protection mechanism blocks the proxy
- Integrated proxy randomization to defeat certain protection mechanisms
- With Success and Failure Keys results are 99% accurate
- Advanced coding and timeout settings makes it outperform any other brute forcer

TODO:

MySQL, SSH, FTP and IMAP support.

Changelog

  • Fixed headers in non-SSL FORM mode when using a SQUID proxy.
  • Improved site and proxy protection mechanism detection (various content
    filters etc.)
  • If we receive a cookie from the site in BASIC AUTH mode, consider it
    as a possible “HIT” regardless of a reply or success and failure keys.
  • Added a “days left information” to the estimated time left function.
  • The default configuration file has now a better examples.
Download NiX Brute Forcer
Download Post in PDF Save Post as PDF