Sniper(狙击手模式)
仅使用单个字典,依次替换每个字段 例如 字典:a,b,c,d,e 请求地址:GET //vulnerabilities/brute/?username=louise&password=a
#暴力请求方式 GET //vulnerabilities/brute/?username=a&password=a GET //vulnerabilities/brute/?username=b&password=a GET //vulnerabilities/brute/?username=c&password=a GET //vulnerabilities/brute/?username=d&password=a GET //vulnerabilities/brute/?username=e&password=a GET //vulnerabilities/brute/?username=louise&password=a GET //vulnerabilities/brute/?username=louise&password=b GET //vulnerabilities/brute/?username=louise&password=c GET //vulnerabilities/brute/?username=louise&password=d GET //vulnerabilities/brute/?username=louise&password=e
Battering Ram(攻城锤模式)
仅使用单个字典,同时替换每个字段 例如 字典:a,b,c,d,e 请求地址:GET //vulnerabilities/brute/?username=louise&password=a
#暴力请求方式 GET //vulnerabilities/brute/?username=a&password=a GET //vulnerabilities/brute/?username=b&password=b GET //vulnerabilities/brute/?username=c&password=c GET //vulnerabilities/brute/?username=d&password=d GET //vulnerabilities/brute/?username=e&password=e
Pitchfork(草叉模式)
使用和变量一样多的字典,字典的密码数需要相等,user字典和pass字典一一对应 例如 字典: username: a,b,c,d,e password:1,2,3,4,5 请求地址:GET //vulnerabilities/brute/?username=louise&password=a
#暴力请求方式 GET //vulnerabilities/brute/?username=a&password=a GET //vulnerabilities/brute/?username=b&password=b GET //vulnerabilities/brute/?username=c&password=c GET //vulnerabilities/brute/?username=d&password=d GET //vulnerabilities/brute/?username=e&password=e
Cluster Bomb(集束炸弹模式)
集束炸弹模式会对payload组进行笛卡尔积 例如 字典: username: a,b password:1,2 请求地址:GET //vulnerabilities/brute/?username=louise&password=a
#暴力请求方式 GET //vulnerabilities/brute/?username=a&password=1 GET //vulnerabilities/brute/?username=a&password=2 GET //vulnerabilities/brute/?username=b&password=1 GET //vulnerabilities/brute/?username=b&password=2