What is Password Spraying Attack | Brute Force Attack

What is Password Spraying Attack?

Password spraying attack is known as brute force attack. There is nothing wrong if I said brute force attack is basically a dictionary attack. In spraying attack, hacker use a word list for a particular account to get the original password. Spraying attack can be performed on any social media account, even you can hack any Instagram account using Brute force attack or spraying attack.

There are some questions comes in mind about brute force attack. Can we access someone social media account without alerting our victim, and can we do something else with password spraying attack?

Brute force is not only use for social media hacking. We can apply this attack on various things like android lock security and crack any file. But before we go in deep, I want to mention one thing, there are two types of brute force attack. One is target base attack and second is random attack.

What is Password Spraying Attack

Target base attack

In this attack, hacker collect information about the victim and make a powerful word list to perform this attack. This information has been collected from the victim's social media accounts etc. Check this how to make password list in termux.

In this, attack hacker collect very close information about the victim. Rule is very simple, much information increase the chance to get hacked into victim's account. This information includes the date of birth, wife name, GF name, Pet name etc.

Random attack 

In this attack, hacker choose any random group to perform this attack. Even hacker don't have any idea which account will be hacked at the end of attack. In this attack, hacker decide common base password list to perform this attack. This list is also available on the internet by named rockyforyou.txt.

This common base password list include most famous and most used passwords. For example, iloveyou, 123456, 786786, 098765. You can download this type of list from the internet. People ask me why you're always telling about advance phishing tools. So I think phishing is the most powerful attack.

In phishing attack, we can hack someone account 100%. But on other hand in Password Spraying attack, less chance to hack someone account and this attack is also time-consuming. Most brute force tools take many times to apply hundreds of passwords on one account.

But in phishing attack, we can easily hack WhatsApp account by just sending a link to your victim and convince it to open and submit information on it. But only for you, I have one working Brute force tool for you. You just have to download termux app from f-droid and use these commands to install this tool in termux.


  • apt update
  • apt upgrade
  • pkg install git
  • pkg install python python2
  • git clone https://github.com/FR13ND8/BRUTEFORCEnew
  • ls
  • pip install requests
  • pip2 install requests
  • pip2 install mechanize
  • cd BRUTEFORCEnew
  • chmod +x *
  • sh new.sh

Brute Force Attack

Using the above commands, you can install this tool and use custom wordlist to crack any Facebook account. You can create your own word list by using cupp tool in termux. This tool can be used on both Kali Linux and termux. Use it where you want, and this password spraying attack tool is best for you. You can use this advance tool for IP address tracking in termux. 

If you don't know, how to use this tool practically. Then I have practical video for you. I always make practical video for my subscribers. Click on the below button to watch this video.

Post a Comment (0)
Previous Post Next Post