HTTP/HTTPS Bruteforcing Using a List of IPs and Hostnames with Metasploit
Today, I wrote some automation to make it easier to setup and perform HTTP bruteforcing using a list of IPs and hostnames with Metasploit. Metasploit has several auxiliary modules that make it easy to perform various types of bruteforce based attacks. For example, we can easy bruteforce all HTTP BASIC AUTH systems by using the http_login module.