reddit hackernews mail facebook facebook linkedin
gorgo

gorgo

The vertasile multi-threaded password sprayer built on the shoulders of giants.

Gorgo is a fast and option-rich password sprayer for traditional network protocols. Gorgo multi-threads Medusa to distribute spraying in a way that Medusa cannot do out of the box.

For example, Gorgo can generate username:password permutations ahead of time so that you can adjust the order by hand if needed.

There are often times when you want to be very specific about what combinations you want to try. You may want to treat host types differently also. For example, you may only want to only try a few usernames for windows accounts, because of lockouts, whereas you might try more on Unix-like services such as SSH.

By outputting the combinations into a CSV file, you can go in by hand and remove and tweak the file before running the scan. It also allows you to distribute it to an array of distributed workers - such as through axiom.