{"id":24628364,"url":"https://github.com/usethisname1419/httpftpssh_killer","last_synced_at":"2025-10-08T18:31:08.266Z","repository":{"id":197651081,"uuid":"699063684","full_name":"usethisname1419/HTTPFTPSSH_Killer","owner":"usethisname1419","description":"Advanced FTP/SSH/HTTP Bruteforce tool.","archived":false,"fork":false,"pushed_at":"2024-10-10T22:32:02.000Z","size":351,"stargazers_count":7,"open_issues_count":0,"forks_count":2,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-25T05:36:56.696Z","etag":null,"topics":["brute-force","brute-force-attacks","bruteforce","forms","ftp","ftp-br","ftp-bruteforce","hacking","hacking-tools","http","http-post-form","hydra","kali-linux","password-spraying","penetration-testing","spraying","ssh","ssh-br","ssh-bruteforce"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/usethisname1419.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"usethisname1419","patreon":null,"open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"otechie":null,"lfx_crowdfunding":null,"custom":null}},"created_at":"2023-10-01T20:04:09.000Z","updated_at":"2025-01-17T06:50:22.000Z","dependencies_parsed_at":"2025-01-25T05:36:58.414Z","dependency_job_id":null,"html_url":"https://github.com/usethisname1419/HTTPFTPSSH_Killer","commit_stats":null,"previous_names":["usethisname1419/ftpssh_killer","usethisname1419/httpftpssh_killer"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/usethisname1419%2FHTTPFTPSSH_Killer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/usethisname1419%2FHTTPFTPSSH_Killer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/usethisname1419%2FHTTPFTPSSH_Killer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/usethisname1419%2FHTTPFTPSSH_Killer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/usethisname1419","download_url":"https://codeload.github.com/usethisname1419/HTTPFTPSSH_Killer/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":235542252,"owners_count":19006821,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["brute-force","brute-force-attacks","bruteforce","forms","ftp","ftp-br","ftp-bruteforce","hacking","hacking-tools","http","http-post-form","hydra","kali-linux","password-spraying","penetration-testing","spraying","ssh","ssh-br","ssh-bruteforce"],"created_at":"2025-01-25T05:36:58.755Z","updated_at":"2025-10-08T18:31:08.261Z","avatar_url":"https://github.com/usethisname1419.png","language":"Python","funding_links":["https://github.com/sponsors/usethisname1419"],"categories":[],"sub_categories":[],"readme":"# HTTPFTPSSH_Killer\n\nIntroducing HFSK – your sophisticated brute-forcing tool tailored for HTTP, SSH and FTP services. Unlike conventional brute-forcing, HFSK emulates the \"password spraying\" approach by attempting three passwords per user. Once it exhausts the user list, it resumes by cycling through the next set of three passwords. This reduces the chance of lockouts and lost connections. \n\nKey Features:\n\n1. Target Selection: The tool grants users the flexibility to pick between HTTP(S), FTP and SSH services and choose port number for their attack. \n\n2. Password Options: Opt between using a predetermined wordlist or generating random passwords on-the-fly. If randomness entices you, HFSK can concoct passwords using `--rand 8 16` for passwords between 8 and 16 or specify any min and max length you desire.\n\n3. Different methods to determine success for HTTP(s) - `--status-code`, `--failure-content-length`, `--success-content-length`, `--failure-pattern`, `--success-pattern`\n\n4. Anonymization: Cover your tracks. With HFSK, you can route your traffic through Tor or select from a personalized list of proxies.\n\n5. Support random user-agents \n\n6. Detailed Reporting: Stay informed. Post-attack, HFSK provides a concise report detailing the duration of the attack and the number of attempts made.\n\n7. Resume your attack from last known state.\n\n8. Pause function to set when to pause and how long --pause 3 1 [pauses every 3 minutes for 1 minute]\n\n9. Verbosity levels 1 and 2 for detailed messages\n\n10. Force new session creation with --sessions\n\n11. Load CSRF token `--csrf`\n\n12. Add common preffixes/suffixes to password attempts `--suffix` `--prefix`\n\n\nHFSK is designed to reduce the chance of lockouts \n\n\n\n## Disclaimer\n\n**Brute-forcing against any system without explicit permission is illegal and unethical. Always have proper authorization before conducting any testing. Use this tool responsibly and ethically.**\n\n## Installation\n\n1. Clone this repository:\n\n`git clone https://github.com/usethisname1419/HTTPFTPSSH_Killer.git`\n\n`cd HTTPFTPSSH_Killer`\n\n\n3. Install the required libraries:\n\n`pip install -r requirements.txt`\n\n4. Install HFSKv6.py\n\n`chmod +x install.sh`\n\n`./install.sh`\n\nYou can now call HFSKv6 from command line by typing \"HFSK\"\n\n## Options\n\n-sv --service\n\n--ip\n\n--tor\n\n-px --proxies\n\n-w --wordlist\n\n-r --rand\n\n-i --iterations\n\n-u --users\n\n--http-post\n\n--failure-content-length\n\n--success-content-length\n\n--failure-pattern\n\n--success-pattern\n\n--status-code\n\n-ra --random-agent\n\n--verbose\n\n--resume\n\n-ps --pause\n\n-ss --sessions\n\n--suffix\n\n--prefix\n\n--csrf\n\nHFSKv7\n\n--fast-mode = Run all interations at same time using threading (experimental)\n\n\n## Usage\n\n`HFSK --service [ftp/ssh/http][Port} -w [path_to_wordlist] --users [path_to_user_list] --ip [target_ip_address]`\n\nHTTP-POST-FORM ATTACK: \n\n```HFSK --service http -w --ip [url/(endpoint)] http-post [pass=^PASS^S\u0026users=^USERS^] failure/success-content-length [int] success/failure-pattern [str]```\n\n\nExample:\n`HFSK --service ssh 2222 -w /usr/share/wordlists/rockyou.txt --users users.txt --ip 172.16.1.83 --tor`\n\nSupports services on any port. `--service http 8080`\n\nSupports single user `-u` and user list `--users`\n\nTo use random passwords use the flag `-r` or `--rand` Enter min length and max length of random passwords ` -r 6 8` for passwords between 6 and 8 chars\n\nYou can load proxies from a list using the `--proxies` flag. \n\nYou can also use the `--tor` flag to route your requests through Tor.\n\nYou can change the number of iterations for each attack block with the flag `-i` or `--iter` for number of tries per user name.\n\nHttp/Https attack supports random user-agents `--random-agent`\n\nCheck HTTP(S) success with content-length, status-codes, response-patterns `--status code`, `--failure/success-conten-length`, `--failure/success-pattern`\n\nAdd suffix/prefix to password attempts `--suffix`, `--prefix`\n\nForce sessions `--sessions`\n\nUse CSRF token for HTTP(S) `--csrf` - `--http-post \"token=^CSRF^\u0026login=^USER^\u0026pwd=^PASS^\"`\n\nResume your attack from last known state `--resume`(Include the same args as last attack)\n\n\n\n## Support\n\nIf you found this tool useful, consider supporting its development!\n\n**Ethereum (ETH)**: `0xB139a7f6A2398fd4F50BbaC9970da8BE57E6F539`\n\n**Bitcoin (BTC)**: `bc1qtezfajhysn6dut07m60vtg0s33jy8tqcvjqqzk`\n\n---\n\nDesigned and maintained by Derek Johnston.\n\nI hope you find this tool useful and I encourage you to share this tool among friends and colleuges!\n\nFuture plans: i plan to make the suffix/prefix try every combo on each word before moving on to the next one. I also plan to create a fast mode where it uses as many threads as there is interations for a faster attack. please support.\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fusethisname1419%2Fhttpftpssh_killer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fusethisname1419%2Fhttpftpssh_killer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fusethisname1419%2Fhttpftpssh_killer/lists"}