Introducing Brute-XMLRPC: A Multi-Threaded WordPress Brute Force Tool 🛠️
#wordpress#cybersecurity#programming#opensource
Trix Cyrus

Trix Cyrus @trixsec

About: Cybersecurity/Gray Hat/Programming -/-/-/- Doing Paid Promotion on My Profile

Location:
Your System
Joined:
Sep 21, 2024

Introducing Brute-XMLRPC: A Multi-Threaded WordPress Brute Force Tool 🛠️

Publish Date: Jan 21
7 0

Author: Trix Cyrus

[Try My],Waymap Pentesting tool
[Follow] TrixSec Github
[Join] TrixSec Telegram

Hey Devs! 👋

I'm excited to share my latest project, Brute-XMLRPC, a powerful Python tool designed to automate brute force attacks on WordPress sites via the xmlrpc.php endpoint. Whether you're a penetration tester or exploring web security, this tool will help you uncover vulnerabilities with ease.

Key Features:

  • Multi-Threaded Attacks: Speed up your brute force attempts with parallel threads.
  • IP Spoofing: Enhance anonymity with randomly generated IPs (X-Forwarded-For, X-Real-IP).
  • Custom Headers: Mimics real browser requests to evade detection.
  • User Enumeration: Fetch user info through the WordPress JSON API.
  • Progress Tracker: Monitor brute force attempts in real-time.

Installation

Get started by cloning the repo and installing dependencies:

git clone https://github.com/TrixSec/Brute-XMLRPC.git
cd Brute-XMLRPC
Enter fullscreen mode Exit fullscreen mode

Usage

Run the tool with:

python brutexmlrpc.py
Enter fullscreen mode Exit fullscreen mode

Follow the interactive prompts to configure your attack. Provide your target URL, usernames, passwords, and the desired number of threads.

Important:

Brute-XMLRPC is intended for educational and ethical testing purposes only. Always obtain proper authorization before running tests on any site.

Check out the project on GitHub and feel free to contribute or give feedback. Happy hacking! 🚀

~Trixsec

Comments 0 total

    Add comment