Skip to content
/ AuthTimer Public

A simple python utility for enummerating user accounts using a timing attack

License

Apache-2.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tr4nc3/AuthTimer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 
timing.py
timing.py
 
 

Repository files navigation

AuthTimer

Description

Many webapps don't perform authentication in constant-time operations which can result in a timing difference for authentication between valid and invalid user accounts. This can be used to enumerate valid and invalid usernames. This script tests the authentication pages for such issues.

About

A simple python utility for enummerating user accounts using a timing attack

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages