BFG is a simple modular framework to perform brute-force attacks. It uses the BruteLoops library for the brute force and database management logic.
- SQLite Datastore
- Authentication data/requests are maintained in an SQLite database.
- Query capabilities enable granular timing configurations.
- Facilitates safe, resumable attacks.
- Database management tools are embedded in BFG via BruteLoops
- Run
bfg cli manage-db --help
.
- Run
- BruteLoops Capabilities
- Resumable attacks that do not repeat previous guesses.
- Simultaneous support for password spraying and credential stuffing.
- Parallel guessing.
- Lockout avoidance via two layers of jitter configurations.
- User/password prioritization.
- Universal protocol/application capabilities.
- Granular logging:
- Lockouts happen. It's part of life.
- BruteLoops provides a log record for each guess, along with timestamp.
- Allows operators to reconstruct a timeline of events if things go bad.
- Modular Framework
- Simple class-based modules provide reusable arguments/components.
- YAML Attack/Database Profiles
- YAML files can be used to supply configuration values to BFG.
- Avoids complex command line flags.
A compose file is available for this project. See this document for more information.
Only Linux is supported at the moment, however a Docker implementation will soon follow.
pip3 install bl-bfg
Then confirm installation:
bfg --help
See the docs directory for additional documentation:
Below are the attack modules currently in BFG.
Most people will be interested in http.o365_graph
as it can be used to attack
login.microsoftonline.com
.
http.accellion_ftp Accellion FTP HTTP interface login module
http.adfs Active Directory Federated Services
http.basic_digest Generic HTTP basic digest auth
http.basic_ntlm Generic HTTP basic NTLM authentication
http.global_protect Global Protect web interface
http.lync Brute force Microsoft Lync.
http.mattermost Mattermost login web interface
http.netwrix Netwrix web login
http.o365_graph Office365 Graph API
http.okta Okta JSON API
http.owa2010 OWA 2010 web interface
http.owa2016 OWA 2016 web interface
http.sap_webdynpro SAP Netweaver Webdynpro, ver. 7.3007.20120613105137.0000
smb.smb Target a single SMB server
testing.fake Fake authentication module for training/testing