RSYaba

RSYaba is tool to run brute force attacks against various services in a similar way to Hydra and Medusa. I started writing it as I found both had troubles with HTTP and getting SSH to work was fiddly so I though why not write my own.

It is written in Ruby so modifying the scripts is a lot simpler than having to change C/C++ code then recompile. All the modules so far are based on standard Ruby gems so they handle all the protocol stuff which means there is a nice level of abstraction for the actual attack framework.

While writing the HTTP module I added a feature that is missing in all the other HTTP bruteforcers I've tried, the ability to handle authentication that relies on a cookie already being set and, even stricter, forms that use unique tokens to prevent brute force attacks.

For more details, and to download, visit the RandomStorm site.

Project Categories

Support The Site

I don't get paid for any of the projects on this site so if you'd like to support my work please use the link below when buying from Amazon and I will receive a small commission on all purchases.