Automating Credential Stuffing
Updates the credential stuffing code to test multiple different username and password combinations against the login page.
Introduction to automatic credential stuffing
Credential stuffing is a common attack technique because it is an easily automated attack vector. A fully automated credential-stuffing attack requires three things:
A means of submitting login credentials to the target system
The ability to tell whether or not a login attempt succeeded
A list of usernames and passwords to try on the site
We’ve implemented the first two items on this ...