Joomlabrute is a simple credential brute forcer against the popular Joomla Web CMS.
It is intended for authorized Web Application Pen Testing only.
It aims to show how easy it is to drive a bruteforce attack and to stress out (again) the need of using strong passwords and, even better, not exposing administration interfaces publicly.
Use either source IP address filtering, IPSEC VPN, SSL client verification, 2-factor authentication, etc.).
- Should work with any Ruby framework on any platform (./joomlabruter.rb)
- Tested successfuly against Joomla version 3 (latest at this time) This script would be updated if I happened to work against other versions. . Your feedback is warmly welcomed.