Home    scripts    invad3r olct

Invad3r (Online Login Cracking Tool)

Disclaimer: This tool was designed to test and improve your OWN login applications. I, the owner of this website, will not be held resposnible for any and all potential issues you might encounter using it, legal or otherwise. Use it carefully and at your own responsibility.

Before you go and download it, please read this article where the functionality is explained, basically what it does and what it cannot do with live examples. Invad3r features 2 options to potentially extract the password for the desired user from the login application. First is dictionary attack and the second is brute-force attack with the option of randomly choosing the alphabet and the range of the length of passwords. Additionally, there is also an option to generate your own highly customised dictionary lists.

Package summary:

Note that to effectively test your app, you'll need to modify the config.py file(to change the HTML input names for the login form) and may also need to reconfigure the bruteforce.py and dictionary.py files to adjust the tool to your needs. To launch the tool, navigate to the folder where the files are extracted and run(considering you are on Linux or Mac):


python3 invader.py

It needs python 3.4 or above version of python so make sure that's the case whether you are running Linux, Mac or Windows.

Download:

File: invad3r_olct.zip
Licence: MIT
Last update: 12.1.2018

Checksum(SHA256):


a85d1e506eb77fe1418f181c931d8640b717147aca967ea71114b09f334782c2

Here is a version of the same tool to test login apps using csrf middleware protection:

File: invad3r_django_mode.zip
Licence: MIT
Last update: 12.1.2018

Checksum(SHA256):


8924da40603ac2b12e2f8e40770ee9bf0d1e446de08d6f64f43e5841e338758e