Cutting accounts down to scythe
by Chris John Riley, Penetration Tester at Cатсн²² (in)sесuяitу on Sep 28, 2012
- 5,467 views
BruCON 2012 (Lightning Talk) ...
BruCON 2012 (Lightning Talk)
Ghent, Belgium (27th Sept. 2012)
Cutting accounts down to scythe!
---------- Abstract: ----------
Scythe is a framework for user/account enumeration. It is designed to allow users to easily extend and add new modules as required for POC attacks during penetration tests.
The framework offers the ability to check a list of user accounts/email addresses against a given website to see which accounts are valid.
Advanced features include cookie and CSRF token support, as well as error detection and timeout/retry functions.
Currently in beta, available from gi
- Total Views
- Views on SlideShare
- Embed Views