Patator – Multi Purpose Brute Forcing Tool

Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage. Basically the author got tired of using MedusaHydrancrackmetasploit auxiliary modules, nmap NSE scripts and the like because:

  • They either do not work or are not reliable (false negatives several times in the past)
  • They are slow (not multi-threaded or not testing multiple passwords within the same TCP connection)
  • They lack very useful features that are easy to code in python (eg. interactive runtime)
Basically you should give Patator a try once you get disappointed by Medusa, Hydra or other brute-force tools and are about to code your own small script because Patator will allow you to:
  • Not write the same code over and over
  • Run multi-threaded
  • Benefit for useful features such as the interactive runtime commands, response logging, etc.
Currently it supports the following modules:
  • ftp_login : Brute-force FTP
  • ssh_login : Brute-force SSH
  • telnet_login : Brute-force Telnet
  • smtp_login : Brute-force SMTP
  • smtp_vrfy : Enumerate valid users using the SMTP VRFY command
  • smtp_rcpt : Enumerate valid users using the SMTP RCPT TO command
  • http_fuzz : Brute-force HTTP/HTTPS
  • pop_passd : Brute-force poppassd (not POP3)
  • ldap_login : Brute-force LDAP
  • smb_login : Brute-force SMB
  • mssql_login : Brute-force MSSQL
  • oracle_login : Brute-force Oracle
  • mysql_login : Brute-force MySQL
  • pgsql_login : Brute-force PostgreSQL
  • vnc_login : Brute-force VNC
  • dns_forward : Forward lookup subdomains
  • dns_reverse : Reverse lookup subnets
  • snmp_login : Brute-force SNMPv1/2 and SNMPv3
  • unzip_pass : Brute-force the password of encrypted ZIP files
  • keystore_pass : Brute-force the password of Java keystore files
The name “Patator” comes from this tv interview clip – patator
Patator is NOT script-kiddie friendly, please read the README inside before reporting/complaining/asking me how to use this tool..
You can download Patator v0.3 here:
Or read more here .