lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 13 Nov 2010 16:31:44 -0500 (EST) From: rdsears@....edu To: "nix@...roxylists.com" <nix@...roxylists.com> Cc: "full-disclosure@...ts.grok.org.uk" <full-disclosure@...ts.grok.org.uk> Subject: Re: NiX - Linux Brute Forcer (the beast) has been released!]] In all fairness I do use proxychains for all of my proxy randomization and all that kind of stuff if I need it. That way it's consistent regardless of what I throw at it, even tools without random proxy chaining like nmap and hydra. Good job coding it though, I can't imagine that was easy. Ryan On Nov 13, 2010, at 3:36 PM, nix@...roxylists.com wrote: >> Le vendredi 12 novembre 2010 à 21:47 +0200, nix@...roxylists.com a >> écrit : >>> Where is for example FORM auto-detection for those >>> other tools? Where is SOCKS4 proxy support? Where is proxy >>> randomization? >>> Where is logic to drop dead proxies? Where is logic for >>> fake-detection? >> >> Then, you should have started by that, it is that simple. >> We are all busy and you can't expect anyone to even have a look on your >> tool or link if you don't highlight how different it is from others or >> why you did it. >> >> As far as I am concerned, these features may be nice, but I don't need >> them and will stick to Medusa for the brute force tests I run from time >> to time (ie not often, a few times a year at most). >> But, to make it clear, it is just my personal opinion, I am not saying >> that your tool is not interesting or useless. >> >> > > I just gave a test-run for Hydra against my own site and noticed: > > It does support only single proxy, any site that has even a bit protection > will defeat it. NiX does support HTTP/SOCKS4/SOCKS5 (as much as you have > working proxies) with randomization etc. This is significant advantage > over any other tool. > > I have worked 1.5 months constantly on NiX, after i have had a little > break. I will implement support for other major protocols which is now > really easy after having otherwise working engine. > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists