A Bruteforce list includes sets of user names and passwords to be tested for a web application for bruteforce attack during scanning.
To create a new bruteforce list, click New List, and follow the simple steps:
1) Add basic details. See Brutefoce List - Basic Information.
2) Add list of user names and associated passwords. See Bruteforce List - Password List.
3) Add comments to be associated with the bruteforce list. See Bruteforce List - Comments.
4) Review the settings defined and create the bruteforce list. See Bruteforce List - Review and Confirm.
Once a bruteforce list is created, you can add the bruteforce list to the option profile in the Option Profile scan parameters. See Option Profile - Scan Parameters.
When the option profile is used during scanning, the list of user name and passwords defined in the bruteforce list are used to test bruteforce attack for a web application.
User roles and permissions determine whether users have WAS Configuration Permissions; there are individual permissions for creating, editing and deleting bruteforce lists and the other WAS configurations. For details, check Configuration permissions.