Did any body has in-depth knowledge of how to test BRUTE-FORCE attack?
Can some one help in providing few real world scenarios.
For example, testing GMAIL login page for Brut-Force attack.
Suggestions for learning Security Testing / Hacking / Penetration Testing,
1. http://owasp.com/ - Open Source Web Application Security Project
2. http://bangalorehackers.com/ - Community for Security Testers / Hackers / Penetration Testers and newbie(s)
3. http://hackthissite.org/ - There are exercises which you need to finish and go to the next level. Thereby, you are learning and you are performing the test as well which could be one of the better source for learning
4. Read books on Hacking, learn about Social Engineering Attacks and more
Please refer the URL : https://www.owasp.org/index.php/Testing_for_Brute_Force_(OWASP-AT-004)
May it will help you
Use ascii per mutative brute force attacks using John the password ripper or you can use Acunetix's Authentication module,but incase of acunetix you have to create the customized text file of passwords.
Revert me back at email@example.com
I am very late to reply to my post. I would like to thank each and every one for their valuable information.
I have already visited OWSAP to get an idea about how to test. And I will be going through other valuable information.
I will be interested to gain more information on 5. Check for session hijacking (How to use a cookie and do an attack on the system)
I will keep posting about my learning's and findings. Please keep sharing your idea.