EN
ENNA

Patator

GPL-2.0

๐Ÿ”‘ Password Attacks ยท Python

Patator is a multi-purpose brute forcer with a modular design and flexible usage. Unlike single-protocol tools, Patator supports attacking FTP, SSH, Telnet, SMTP, HTTP, POP, IMAP, LDAP, SMB, MSSQL, MySQL, PostgreSQL, Oracle, Cisco, VNC, SNMP, DNS, and many other protocols through dedicated modules. Each module exposes protocol-specific options while sharing a common interface for wordlists, threading, logging, and result filtering. Patator's key advantage is its flexible action/condition system - you define what constitutes a successful or failed attempt based on response codes, response content, timing, or any combination, rather than relying on hardcoded success patterns. This makes it adaptable to unusual authentication implementations. It also provides clean output formatting, automatic response-based filtering to reduce noise, and CSV logging for post-analysis.

3.9kstars
828forks
36issues
Updated 10mo ago
View on GitHub

Installation

apt (Debian/Ubuntu)

$ sudo apt install patator

pip

$ pip install patator

from source

$ git clone https://github.com/lanjelot/patator && cd patator && pip install -r requirements.txt

Use Cases

  • Brute forcing SSH, FTP, and SMB credentials with custom wordlists
  • Testing HTTP form-based authentication with flexible success/failure conditions
  • Attacking multiple protocol authentication services with a single tool
  • Password spraying across LDAP, MSSQL, and other enterprise services
  • Building custom brute force modules for non-standard authentication protocols

Tags

brute-forcemulti-protocolmodularsshhttpsmbftppentest

Details

Category
๐Ÿ”‘ Password Attacks
Language
Python
License
GPL-2.0
Platforms
๐Ÿงlinux

Links

GitHub Repository

github.com/lanjelot/patator

Releases

github.com/lanjelot/patator/releases

Issues

github.com/lanjelot/patator/issues

Sponsored

Your ad here

Reach security professionals and developers - ads@en-na.com

Alternatives & Comparisons

THC Hydra

C

Fast online password brute-forcer. Supports 50+ protocols including SSH, FTP, HTTP, SMB, MySQL.

Compare Patator vs THC Hydra

Medusa

C

Speedy, parallel, modular brute-forcer. Supports HTTP, MySQL, SMB, SSH, Telnet, and more.

Compare Patator vs Medusa

CrackMapExec

Python

Swiss army knife for pentesting Active Directory. SMB, LDAP, MSSQL, WinRM enumeration and exploitation.

Compare Patator vs CrackMapExec

More in Password Attacks

John the Ripper

C

Fast password cracker. Supports hundreds of hash types and ciphers. CPU and GPU modes.

hash-crackingbrute-forcewordlist

Hashcat

C

World's fastest password recovery tool. GPU-accelerated with support for 300+ hash types.

gpuhash-crackingrule-based

THC Hydra

C

Fast online password brute-forcer. Supports 50+ protocols including SSH, FTP, HTTP, SMB, MySQL.

brute-forceonlinemulti-protocol

Medusa

C

Speedy, parallel, modular brute-forcer. Supports HTTP, MySQL, SMB, SSH, Telnet, and more.

brute-forceparallelmodular

CeWL

Ruby

Custom wordlist generator. Spiders a target site and builds password lists from scraped words.

wordlistspidercustom

SecLists

Shell

The security tester's companion. Huge collection of wordlists - usernames, passwords, URLs, fuzzing payloads, shells.

wordlistsfuzzingpayloads