Skip to content
Related Articles

Related Articles

Improve Article

Breacher – Tool To Find Admin Login Pages And EAR Vulnerabilites

  • Last Updated : 18 Jul, 2021

Breacher is a free and open-source tool available on GitHub.  Breacher is used as an information-gathering tool. This tool can be used to get information about our target(domain). We can target any domain using  Breacher. The interactive console provides a number of helpful features, such as command completion and contextual help. This tool is written in python, so you must have python installed in your Kali Linux to use this tool. 

Breacher is a python script to find admin login pages and EAR vulnerabilities. This tool uses different libraries, such as the Big path list (789 paths). Breacher tool supports PHP, asp JSP, and HTML extensions. Before scanning the web apps for the admin panel, it checks for robots.txt. This tool also supports custom paths and follows the technique of multi-threading on demand.

Uses and Features of Breacher :

  • Before scanning web apps. Breacher Checks for potential EAR vulnerabilities
  • Breacher Checks for robots.txt before scanning.
  • Breacher Support for custom paths to find admin panels
  • Breacher follows the technique of Multi-threading on demand
  • Breacher uses Big path list (798 paths)
  • Breacher Supports php, asp and html extensions.
  • Breacher is a python script to find admin login pages and EAR vulnerabilities
  • Breacher is an open source tool you can download the tool for free.
  • Breacher has interactive console provides a number of helpful features.

Installation of Breacher  :

Step 1: Open your kali linux operating system and install the tool using the following command.

git clone https://github.com/s0md3v/Breacher.git
cd Breacher



Step 2: Use the following command to list out the content of the tool and use the second command to run the tool.

ls
python breacher.py

The tool is running successfully now we will see some examples of using the tool.

Usages

Example 1: Use Breacher tool to check all paths without threads

python breacher.py -u <domain>

You can see that we are getting many admin panels in the website domain. Similarly, you can use the tool to scan your own website.

Example 2: Use the Breacher tool to check all paths with PHP extensions.

python breacher.py -u <website domain> --type php 

You can see that we are getting many admin panels in the website domain. Similarly, you can use the tool to scan your domain. It can even find the robots.txt file of the web application.

Example 3: Use the Breacher tool to check all paths with PHP extensions with threads.

python breacher -u <domain> --type php --fast

Example 4: Use the Breacher tool to add a custom path.

python breacher.py -u <domain>

My Personal Notes arrow_drop_up
Recommended Articles
Page :