Witnessing first-hand the process of cracking the password of an account can be ethically helpful.
In ethical hacking, brute-forcing is not about breaking into systems you don't want. Instead, it's a controlled testing method used to:
- Evaluate password strength within an organization
- Assess system resilience against large-scale automated login attempts.
- Raise awareness of how vulnerable weak or reused credentials can be.
On the other hand, unethical hackers(black hat hackers) may use this knowledge to break into unauthorized accounts.
⚠⚠⚠ I strongly discourage the use of this knowledge to break into unauthorized systems. You may be held responsible for your unauthorized actions
⚠⚠⚠ I strongly discourage the use of this knowledge to break into unauthorized systems. You may be held responsible for your unauthorized actions
TUTORIAL(Using browser extension on Windows, Linux, Android, etc.)
I would demonstrate how I break into my Facebook account back after I lost access to the password and the recovery email.
1. On my desktop Chrome browser, I added ForceX brute-forcing tool to my extensions. On Android, you can use Quetta browser or Kiwi browser
2. After downloading the ForceX and the browser(Chrome on desktop, or Quetta on Android), tap on the three-dot icon to open the menu, click on 'Extensions'.
Enable developer mode, then drag the ForceX file you downloaded into the browser On Android, tap on add(Plus icon) and select the ForceX file you downloaded.
3. In my scenario, I was cracking my Facebook password, so I headed to https://facebook.com. Then I launched the ForceX tool by clicking on the three-dot button > Extentions, ForceX will be available.
4. Type in the username or email or mobile number you used to register your account.
5. The default REGEX field can crack about billions of password. Advanced users can adjust it better to suite their needs.
I was very sure that my forgotten password contains letters and numbers only, no special character, so I adjusted the REGEX field to suite it. It really helped me because it won't waste time assuming my password contained special characters, that makes it focus more on letters+numbers.
👉👉👉Click on this button to learn and use REGE X like a pro
I was very sure that my forgotten password contains letters and numbers only, no special character, so I adjusted the REGEX field to suite it. It really helped me because it won't waste time assuming my password contained special characters, that makes it focus more on letters+numbers.
👉👉👉Click on this button to learn and use REGE X like a pro
6. Paste your authentication token for ForceX. You can generate Auth token on this page within seconds
7. Start the tool and be patient while it cracks the password.
The tool uses advanced techniques to bypass anti-bruteforce security measures, so it may take time, but what is sure is that it will successfully crack the password if you can allow it more time.
The tool uses advanced techniques to bypass anti-bruteforce security measures, so it may take time, but what is sure is that it will successfully crack the password if you can allow it more time.
Note: This Brute-force tool currently works on sites that allows you to submit email and password together. Use the command-line version of ForceX if you are trying to crack password of multi-step login systems like Google or Paypal sign in page. (Thus, sites that allows you to submit email first, before submitting Password)