{"id":20847290,"url":"https://github.com/jsmoreira02/forcecannon","last_synced_at":"2025-10-10T15:47:12.357Z","repository":{"id":169208947,"uuid":"603654110","full_name":"Jsmoreira02/ForceCannon","owner":"Jsmoreira02","description":"\"Force Cannon\" is a brute force tool made in ruby, that performs attacks on login forms using the POST method without robust filters or protections.","archived":false,"fork":false,"pushed_at":"2023-12-25T17:01:44.000Z","size":45,"stargazers_count":4,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-03-12T11:49:08.981Z","etag":null,"topics":["bruteforce","cybersecurity","hacking-tool","pentest-scripts","ruby","scripting-language","web-attacks"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Jsmoreira02.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2023-02-19T06:55:55.000Z","updated_at":"2025-03-10T04:39:11.000Z","dependencies_parsed_at":"2023-12-25T17:35:44.884Z","dependency_job_id":"80da7128-7da2-4fc5-9149-9fe98fb6dc5e","html_url":"https://github.com/Jsmoreira02/ForceCannon","commit_stats":null,"previous_names":["joaopedromoreira02/joaopedromoreira02","joaopedromoreira02/bruteforce_web","joaopedromoreira02/bruteforce-login-page","j0hnth3kn1ght/bruteforce-login-page","jsmoreira02/forcecannon"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Jsmoreira02/ForceCannon","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Jsmoreira02%2FForceCannon","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Jsmoreira02%2FForceCannon/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Jsmoreira02%2FForceCannon/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Jsmoreira02%2FForceCannon/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Jsmoreira02","download_url":"https://codeload.github.com/Jsmoreira02/ForceCannon/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Jsmoreira02%2FForceCannon/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279004570,"owners_count":26083736,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-10T02:00:06.843Z","response_time":62,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bruteforce","cybersecurity","hacking-tool","pentest-scripts","ruby","scripting-language","web-attacks"],"created_at":"2024-11-18T02:19:33.949Z","updated_at":"2025-10-10T15:47:12.326Z","avatar_url":"https://github.com/Jsmoreira02.png","language":"Ruby","readme":"\u003cdiv align=\"center\"\u003e\n\n  ![Screenshot_20230727_083857](https://github.com/JoaoPedroMoreira02/BruteForce_Web/assets/103542430/f87863dc-2283-43f6-be8e-4985256b0bdc)\n  \n  \u003cimg src=\"https://img.shields.io/badge/Language%20-Ruby-darkred.svg\" style=\"max-width: 100%;\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/Tool%20-BruteForce Login Page-darkblue.svg\" style=\"max-width: 100%;\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/OS%20-Linux-yellow.svg\" style=\"max-width: 100%;\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/Hacking and CTF tool%20-teste?style=flat-square\" style=\"max-width: 100%;\"\u003e  \n  \u003cimg src=\"https://img.shields.io/badge/Type%20-Script-brown.svg\" style=\"max-width: 100%;\"\u003e\n\n\u003c/div\u003e\n\n# Bruteforce Login Page [ForceCannon]\n\nThis is a script made in ruby to attack login forms on web pages by brute force method with wordlists. It tests both the combination of passwords and usernames with the selected wordlist.\n\n\n```bash\n  git clone https://github.com/Jsmoreira02/BruteForce-Login-Page.git\n```\n\n## Launch the Attack\n\n```./ForceCannon.rb -t http://test-vuln -u admin123 -P rockyou.txt -e The username or password provided is incorrect```\n\n![ezgif com-video-to-gif-converter](https://github.com/Jsmoreira02/ForceCannon/assets/103542430/ec9b174f-6911-4413-b225-b8140aa5c500)\n\n\n## Modes\n\n- **Automatic --\u003e** It was built to be as efficient as possible, however it is not a 100% efficient method and if you are having problems finding the credentials during the attack, please consider using the manual mode.\n\n- **Manual --\u003e** Just enter the username and password attribute and let it roll, this mode is 100% reliable.\n\n\n## How it works (Detailed)\n\nThe script works with the `name` attribute of the HTML element contained within the `\u003cform\u003e` tag. The user will use this to enter the `username` and `password` values and submit the data request for authentication.\n\nUsing a good wordlist (dictionary) of possible passwords or usernames, the script will continuously insert in the username or password attribute with the items in the list until it finds the right match and the authentication request is approved.\n\nFor this to occur correctly, the user must enter the identifier(value) of the `name` attribute of the username and password field in the program, and the target URL must contain the value of the `action` attribute of the `\u003cform\u003e` tag, which tells where to send the form-data when the form is submitted and insert the `error message` that the application returns when the credentials are incorrect, so that it is given as success if the error message is no longer in the body of the page after the request.\n\n```bash\n\u003cform action=\"/action_page.php\" method=\"get\"\u003e\n  Username \u003cinput type=\"text\" id=\"name\" name=\"nameValue\"\u003e\u003cbr\u003e\u003cbr\u003e\n  Password \u003cinput type=\"password\" id=\"pass\" name=\"passValue\"\u003e\u003cbr\u003e\u003cbr\u003e\n  Log-in \u003cinput type=\"submit\" value=\"Submit\"\u003e\n\u003c/form\u003e\n```\n\n\n![Screenshot_20230728_074024](https://github.com/JoaoPedroMoreira02/BruteForce-Login-Page/assets/103542430/ac3f4494-c883-4c32-8433-58044b25b2c8)\n\n\n# Warning:    \n\u003e I am not responsible for any illegal use or damage caused by this tool. It was written for fun, not evil and is intended to raise awareness about cybersecurity\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjsmoreira02%2Fforcecannon","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fjsmoreira02%2Fforcecannon","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fjsmoreira02%2Fforcecannon/lists"}