A powerful WordPress XMLRPC brute force tool featuring password variation support and system multicall functionality.
Enables both single-target locking and mass-target attack modes for efficient testing.
Run the installer executable to get started:
xmlrpc_brutefoce_installer.exe
This tool is intended solely for ethical security testing and research purposes. Unauthorized use on websites you do not own or have explicit permission to test is illegal and unethical.
Use responsibly — I am not responsible for any misuse of this tool.
Password variation brute force attempts
Utilizes WordPress XMLRPC multicall for optimized request batching
Single-target mode with lockout prevention
Mass target mode for bulk testing multiple WordPress sites
If this project helps you, consider supporting development by buying me a coffee:
