brute-force-assistantlisted

# Brute Force Assistant A comprehensive skill for authorized security testing involving brute force attacks, password cracking, and credential assessment. ## ⚠️ Authorization Required **Always verify you have explicit written authorization before performing any brute force testing.** Unauthorized access attempts are illegal and unethical. ## When to Use This Skill Use this skill when: - Testing authentication systems in authorized penetration tests - Cracking password hashes obtained during security assessments - Generating custom wordlists for specific targets - Testing service credentials (SSH, FTP, databases, etc.) - Analyzing captured authentication hashes - Performing password policy validation ## Workflow Overview 1. **Gather intelligence** - Research target, find default credentials, collect information 2. **Generate wordlists** - Create custom dictionaries based on target context 3. **Select attack method** - Choose appropriate tool and technique for the service 4. **Execute test** - Run brute force with proper rate limiting and logging 5. **Document results** - Record findings for the security report ## Default Credential Research Start by checking for default credentials before attempting brute force: ### Key Resources - **DefaultCreds-cheat-sheet**: https://github.com/ihebski/DefaultCreds-cheat-sheet - **SecLists Default Passwords**: https://github.com/danielmiessler/SecLists/blob/master/Passwords/Default-Credentials/default-passwords.csv - **WordList-Com