Shreder is a powerful multi-threaded SSH protocol password brute-force tool.
Features
- Very fast password guessing, just one password in
0.1second. - Optimized for big password lists, Shreder tries 1000 passwords in
1minute and40seconds. - Simple CLI and API usage.
Installation
pip3 install git+https://github.com/EntySec/Shreder
Basic Usage
To use Shreder just type shreder in your terminal.
usage: shreder [-h] [-p PORT] [-u USERNAME] [-l LIST] target
Shreder is a powerful multi-threaded SSH protocol password bruteforce tool.
positional arguments:
target
optional arguments:
-h, –help show this help message and exit
-p PORT, –port PORT SSH port.
-u USERNAME, –username USERNAME
SSH username.
-l LIST, –list LIST Passwords list.
Examples
Brute-forcing single target
Let’s brute-force my device just for fun.
shreder 192.168.2.109 -u mobile -l passwords.txt
API Usage
Shreder also has their own Python API that can be invoked by importing Shreder to your code.
from shreder import Shreder
Basic functions
There are all Shreder basic functions that can be used to brute-force single target.
connect(host, port, username, password)– Connect single target by given address.brute(host, port, username, dictionary)– Brute-force single target by given address.
Examples
Brute-forcing single target
from shreder import Shreder
shreder = Shreder()
password = shreder.brute(192.168.2.109, 22, ‘mobile’, ‘passwords.txt’)
print(password)
