First, let me state that I did not create this tool.  Honestly, I don't even know how I stumbled across it because I wasn't even looking for anything of the sort.  I just happened to come across it and it seemed interesting so I decided to fire it up.  It's basically a multi site brute force tool that covers Wordpress, Joomla, Drupal, OpenCart, and Magento.  If the goal is just to brute force the site, this is much easier than Hydra or the specific tools like WPScan.  In advance of running the tools, you need to create a text file which contains the URLs and then you can fire it up as follows:

    When the tool launches, you're presented with this menu:

    You pick your option and it goes to work:

    Above was a test against WordPress but I wanted to see if it worked as well with Joomla:

    Indeed, it did.  I also wanted to test the "Auto" function:

    Flawless, like the other two runs.  Despite being a couple of years old, it still works well with current installations of Joomla and WordPress. 

    © 2020 sevenlayers.com