Scan Network Services for Weak Credentials
Scan the identified network services on your attack surface for weak credentials
Category
Vulnerability Scanning
Inputs
Maximum number of requests to send per second per machine
Custom wordlist containing passwords for FTP authentication attempts
Custom wordlist containing usernames for FTP authentication attempts
Custom wordlist containing passwords for SSH authentication attempts
Custom wordlist containing usernames for SSH authentication attempts
Custom wordlist containing passwords for Microsoft SQL Server authentication attempts
Custom wordlist containing usernames for Microsoft SQL Server authentication attempts
Custom wordlist containing passwords for MySQL authentication attempts
Custom wordlist containing usernames for MySQL authentication attempts
JSONLines records of network service discovery details from the Fingerprint Network Services module
Custom wordlist containing passwords for PostgreSQL authentication attempts
Custom wordlist containing usernames for PostgreSQL authentication attempts
Outputs
findings
Scan Network Services for Weak Credentials
Description
Scan the identified network services on your attack surface for weak credentials. The currently supported protocol are:
- SSH
- FTP
- MySQL
- PostgreSQL
- Microsoft SQL Server
Features
- Supports various network protocols
- Offers customizable wordlists for using custom dictionaries and executing password spraying attacks.
- Can scan thousands of web servers simulataneously.
Inputs
Required
- port-details: JSONLines records of port or network service discovery details from the “Scan for Open Ports” or “Fingerprint Network Services” modules.
Optional
- rate-limit: Maximum number of requests to send per second per machine (default: 300)
Outputs
- findings: JSONLines records of finding details.
Changelog
- v1.0
- Initial release