Patator Finest THC-Hydra Alternate Attacking Tool

Posted by Suraj Singh on January 09, 2019 · 3 mins read
Hello readers,

Today, I am going to write about, Finest Alternate Tool of THC Hydra, Known as Patator. So, Today I will write about what, why and how to install it.

So, let's Quickly Start Q/N

Q 1. What is Patator?

Ans. Patator is a Python Script, That Can Perform Brute force attacks Over Remote protocols. Patator is more easy and bugs free compared to hydra.

As Their Github Repo Statement : Patator was written out of frustration from using Hydra, Medusa, Ncrack, Metasploit modules and Nmap NSE scripts for password guessing attacks. I opted for a different approach in order to not create yet another brute-forcing tool and avoid repeating the same shortcomings. Patator is a multi-threaded tool written in Python, that strives to be more reliable and flexible than his fellow predecessors.

Currently, Supported Protocols
    * ftp_login      : Brute-force FTP
    * ssh_login : Brute-force SSH
    * telnet_login : Brute-force Telnet
    * smtp_login : Brute-force SMTP
    * smtp_vrfy : Enumerate valid users using the SMTP VRFY command
    * smtp_rcpt : Enumerate valid users using the SMTP RCPT TO command
    * finger_lookup : Enumerate valid users using Finger
    * http_fuzz : Brute-force HTTP/HTTPS
    * rdp_gateway : Brute-force RDP Gateway
    * ajp_fuzz : Brute-force AJP
    * pop_login : Brute-force POP
    * pop_passd : Brute-force poppassd (not POP3)
    * imap_login : Brute-force IMAP
    * ldap_login : Brute-force LDAP
    * smb_login : Brute-force SMB
    * smb_lookupsid : Brute-force SMB SID-lookup
    * rlogin_login : Brute-force rlogin
    * vmauthd_login : Brute-force VMware Authentication Daemon
    * mssql_login : Brute-force MSSQL
    * oracle_login : Brute-force Oracle
    * mysql_login : Brute-force MySQL
    * mysql_query : Brute-force MySQL queries
    * rdp_login : Brute-force RDP (NLA)
    * pgsql_login : Brute-force PostgreSQL
    * vnc_login : Brute-force VNC
    * dns_forward : Brute-force DNS
    * dns_reverse : Brute-force DNS (reverse lookup subnets)
    * ike_enum : Enumerate IKE transforms
    * snmp_login : Brute-force SNMPv1/2 and SNMPv3
    * unzip_pass : Brute-force the password of encrypted ZIP files
    * keystore_pass : Brute-force the password of Java keystore files
    * sqlcipher_pass : Brute-force the password of SQLCipher-encrypted databases
    * umbraco_crack : Crack Umbraco HMAC-SHA1 password hashes
      Official Github Repo Check Here

      Q How To Install it?

      git clone
      cd patator
      sudo python install