• Pydantic models have been integrated for enhanced input validation/management.
• Multiple bugs in Bruteloops.db_manager have been corrected:
  • Multi-character credential delimiters are now supported
  • There was a bug that interfered with insertion of individual username/password values, which has been corrected.
• Breakers have been introduced
  • Allows for better handling of exceptions over time.

Correcting import error and adding tests.

Significant enhancements accompany this release:

New Functionality

Prioritization

• Specific username and password values can be "prioritized", i.e. guessed before others, to place emphasis on high-value targets.

Username Deactivation

• If a username is found to be invalid during an attack, it can be "deactivated" -- removing it from additional guesses.
• The username is still maintained in the database to ensure that it is not put back into the line of fire due to subsequent imports to the database.

Blackout Window

• A window of time where no guesses should occur can now be configured.
• This allows operators to configure attacks to occur during set testing hours, such as 17:00:00-09:00:00.
• Only a single blackout period can be set currently.

Timezone Support

• Specific timezones can now be applied.
• This assists in situations where the target environment resides in a distinct timezone and an operator would like to ensure that timing configurations like a blackout window aren't botched by mistake.
• Warning: Do not change timezones between attacks. Logic to shift between zones has not been implemented.

Schema/SQL Query Enhancements

Faster Imports

• I'm bad at SQL.
• Forced myself to sit down and look at queries to make imports more efficient.
• Imports of large files consisting of 25,000 values now occurs quickly.
• Drawing associations between large imports such as the one described above now happens within seconds instead of minutes.

Faster Queries

• Additional database tables have been implemented in an effort to speed up queries.
• In reality, nearly all queries have been restructured to conform to the latest SQLAlchemy stuffs.

BruteLoops can now:

• Disable usernames from further attack
  • Useful when a username is found to be invalid
• Determine if an authentication attempt failed
  • Allows for additional guesses to be applied

Logging has also been refined.

I'm garbage at GitHub, but the code appears stable.