Bruteforce Lists
A password bruteforce attack is an attempt to gain unauthorized access to a system or network using a password-cracking technique.
With a bruteforce list, you can find whether our web applications are vulnerable to bruteforce attacks by performing bruteforce tests while scanning. You can configure password bruteforce lists to test passwords during scans.
The Bruteforce Lists tab under Configuration manages all the brutefroce lists to which you have access.
The tab displays the bruteforce list name, number of username and password entries, owner of the bruteforce list, and the tags added to bruteforce lists.
From the Bruteforce Lists tab, you can:
A) Create a new bruteforce list by using the New List button. For details, see Create Bruteforce List.
B) Search for bruteforce lists using QQL (Qualys Query Language) queries. For details, see Search Tokens for Bruteforce Lists.
C) Use filters in the left pane to search for bruteforce lists by quick filters and tags added to the bruteforce list.
D) Use Quick Actions to perform the following actions on an individual bruteforce list:
- Add Comment to Bruteforce List
E) Use the Actions menu to take the following actions on multiple bruteforce lists:
- Add Comment to Bruteforce List
F) Use the Search Actions menu to view the recent searches, save search queries added in the search box and manage saved searches.