Tools for brute-force attacks in Python
In this section, we will review the main tools we can find in the Python ecosystem to obtain information using brute-force attacks.
Obtaining subdomains by brute force
Aiodnsbrute (https://github.com/blark/aiodnsbrute) is a Python 3.5+ tool that uses asyncio module to brute-force domain names asynchronously. asyncio (https://docs.python.org/3.10/library/asyncio.html) is a library for writing concurrent code using the async
/await
syntax and is used to do asynchronous calls with Python.
There are two ways to install it; the first one consists of using a command that allows you to install it on the system:
$ pip install aiodnsbrute
The second one is downloading the source code from the GitHub repository and running the setup.py
file:
$ git clone https://github.com/blark/aiodnsbrute.git
$ cd aiodnsbrute
$ python setup.py install .
Once installed, we can see the various helper options with the following command:
...