loading
loading
Scanners
A multi-purpose brute forcer with a modular design and flexible usage.
overview
patator is a brute forcer built around modules, one per protocol or service, so a single engine tests credentials over SSH, FTP, HTTP, MySQL, and more. You choose a module, supply host, username, and password sets, and patator walks the combinations while you control concurrency, timing, and how responses are filtered.
Its value is precision over raw speed. Instead of printing every attempt, you tell patator which responses to ignore, so failed-login noise collapses and only the results worth reading remain. Payload sets iterate as a full cartesian product or in lockstep, and start and stop offsets let you resume a long run where it left off. Each pass ends with a Hits/Done/Skip/Fail/Size summary that reports how many candidates were kept, tried, and planned.
On Trickest, patator takes host, username, and password files and writes a file and a folder of results. Wire it in as the credential-testing stage after host and service discovery, scoped to the protocol its module targets and paced to stay inside the target's tolerance.
source github.com/lanjelot/patator
use cases
Select the module for the service, then feed username and password files to test logins across SSH, FTP, HTTP, MySQL, and more with one engine.
Set a condition on the response so patator drops attempts that match a failure pattern and reports only the ones that look like a valid login.
Iterate payload sets as a cartesian product or in lockstep, set --threads, and add a --rate-limit to stay within a target's tolerance.
Set --start to an offset in the combined payload space to pick up a long brute-force run where it stopped instead of restarting from zero.
reference
| Name | Type | Flag | Description |
|---|---|---|---|
| module | STRING | · | Module name selecting the protocol or service to test (ssh_login, ftp_login, http_fuzz, mysql_login). |
| hosts | FILE | · | List of host:port targets. |
| users | FILE | · | Usernames to test. |
| passwords | FILE | · | Passwords to test. |
| threads | STRING | --threads | Number of threads (default 10). |
| rate-limit | STRING | --rate-limit | Wait N seconds between each attempt (default 0). |
| ignore-regex | STRING | · | Do not report responses that match this regex. |
| start | STRING | --start | Start from offset N in the product of all payload sets. |
Showing key inputs. patator exposes 16 inputs in total.
| Name | Type | Flag | Description |
|---|---|---|---|
| yes | BOOLEAN | -y | automatically answer yes for all questions |
| stop | STRING | --stop | stop at offset N |
| debug | BOOLEAN | --debug | enable debug messages |
| hosts | FILE | · | list of host:port targets |
| start | STRING | --start | start from offset N in the product of all payload sets |
| users | FILE | · | usernames to test |
| groups | STRING | --groups | iterate over payload sets simultaneously (pitchfork) instead of the cartesian product; default is '0,1..n' |
| module | STRING | · | module name |
| threads | STRING | --threads | number of threads (default is 10) |
| timeout | STRING | --timeout | wait N seconds for a response before retrying payload (default is 0) |
| passwords | FILE | · | passwords to test |
| rate-limit | STRING | --rate-limit | wait N seconds between each attempt (default is 0) |
| max-retries | STRING | --max-retries | skip payload after N retries (default is 4) (-1 for unlimited) |
| ignore-regex | STRING | · | do not report responses that match this regex |
| auto-progress | STRING | --auto-progress | automatically display progress every N seconds |
| condition-delimiter | STRING | -X | delimiter string in conditions (default is ',') |
example
# SSH login brute force, drop failed attempts, paced at 1spatator ssh_login host=198.51.100.10 user=FILE0 password=FILE1 0=users.txt 1=passwords.txt --threads 5 --rate-limit 1 -x ignore:mesg='Authentication failed'17:42:03 patator INFO - Starting Patator v1.0 (https://github.com/lanjelot/patator)17:42:03 patator INFO - code size time | candidate | num | mesg17:42:03 patator INFO - -----------------------------------------------------------------17:42:05 patator INFO - 1 22 0.031 | root:root | 3 | Authentication failed.17:42:06 patator INFO - 1 22 0.028 | admin:admin | 11 | Authentication failed.17:42:08 patator INFO - 0 40 0.412 | deploy:s3cret2026 | 27 | SSH-2.0-OpenSSH_8.917:42:11 patator INFO - Hits/Done/Skip/Fail/Size: 1/40/0/0/4017:42:11 patator INFO - Time: 0h 0m 8s.guidance
Reach for patator when you need flexible, multi-protocol credential brute forcing with precise response filtering. It tests known services, so run it after host and port discovery. For HTTP and network logins specifically, hydra and medusa are close siblings.
Fast parallel login cracker across many protocols. patator adds modular response filtering and payload control.
Another parallel brute forcer. patator's regex filtering makes separating hits from noise easier.
Multi-protocol enumeration and spraying. patator is the focused brute-force engine with per-module precision.
faq
related
Find reflected XSS during recon by checking payload reflection.
Fast and customizable subdomain wordlist generator using patterns.
Scans software bills of materials for security vulnerabilities.
Find broken links, missing images, and other dead references within your HTML.
A command-line scanner that finds exposed services, files, and folders through the web root.
A CMS detection and exploitation suite.
A host list and username and password files feed patator, which brute forces the service and writes the valid credentials as a queryable output.
Facts on this page come from the live Trickest tool library.