The code in this repository is designed to generate payload lists for authentication vulnerability testing. It helps simulate scenarios where, for example, an attacker might evade IP-blocking mechanisms by logging into their own account periodically, thus preventing failed login attempt limitations from being reached. This Python script allows users to create customized lists of usernames and passwords for such testing, including an alternating username list option to simulate controlled periodic logins by an attacker.
The script allows the creation of usernames or passwords lists, or an alternating username list with an attacker-controlled username at specified intervals. The lists are saved into separate files depending on the chosen type.
- Selection of Type: The user chooses between generating a list of usernames (enter
0
), passwords (enter1
), or an alternating username list with attacker-controlled username (enter2
). - Frequency Input: If option
2
is selected, the user must enter the frequency of the attacker-controlled username in the list. - Validation of Input: The user is prompted for the number of unique items in the list, and input is validated to ensure it is a number.
- Item Input: The user enters the required usernames, passwords, or alternating usernames with an attacker-controlled username.
- Repetition: The list is repeated in the output file as many times as specified.
- File Output: The repeated list is written to a text file, with the filename dependent on the type selected.
- Clone the repository:
git clone https://github.com/Ella-Bakshi/AuthVulnPayloadGenerator.git
- Navigate to the cloned directory.
- Run the script using Python 3:
python3 auth_list_creator.py
This project is licensed under the MIT License - see the LICENSE.md file for details.