Security Testing for brute force attacks on login page



  • I want to perform testing for brute force attacks on login page of a website. I am new to security testing and I think i can test this by multiple failed login attempts. I wrote the below code to test this but i am not sure which test tool would be good to use and how can i perform this testing on the tool. Could someone please suggest me the tool and educate how would this test can be done by using same tool?

        List<Long> attempts = loginFails.get(login);
    if (attempts != null) {
        synchronized(attempts) {
            if (attempts.size() == ATTEMPTS_TO_FREEZE 
                && attempts.peek() > System.currentTimeMillis() - TimeUnit.MINUTES.toMillis(TIME_FRAME_IN_MINUTES)) 
        }
    }
    


  • Below url has provided the definition of Brute Force Attack as well as tools which help to perform such testing:

    https://resources.infosecinstitute.com/popular-tools-for-brute-force-attacks/#gref



Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2