Joomlabrute is a simple credential brute forcer against the popular Joomla Web CMS.
Thanks to the power of the Ruby language, it was easy to do and, as well, can be easily modified to support other platforms.
Typical use:
./joomlabruter.rb <url> -u userlist.txt -w wordlist.txt -P <proxy>:<port>
It is intended for authorized Web Application Pen Testing only.
It aims to show how easy it is to drive a brute force attack, stressing out the importance of using strong passwords and of not exposing administration interfaces publicly.
Use either source IP address filtering, IPSEC VPN, SSL client verification or 2-factor authentication.
joomlabruter_v0.1 (22/06/2014)