How to bruteforce a login page? – Blazy

What is Blazy?

Blazy is a python script to bruteforce login pages. The script takes input from usernames.txt and passwords.txt and try every possible combination to find the correct authentication credentials. It can also check for login bypass via SQL injection and CSRF.

Common usernames and passwords can be downladed online. kali linux has a built in tool called CRUNCH which can generate every possible usernames and password according to your need. How to create custom wordlist using crunch? 



  1. Easy target selections
  2. Smart form and error detection
  3. CSRF and Clickjacking Scanner
  4. Cloudflare and WAF Detector
  5. 90% accurate results
  6. Checks for login bypass via SQL injection
  7. Multi-threading
  8. 100% accurate results
  9. Better form detection and compatibility



git clone
cd Blazy
pip install -r requirements.txt

Inside the downloaded folder you can see two files username and password, Replace it with your custom wordlist or common wordlist.

now in the terminal type:


now paste the url of your target login page. depending on the network speed and password strength, this may take quite a while.


 Any doubts or questions? Ask it on our new hackers Q and A forum
Ask a Question

susmith HCK

susmith HCK Author

I’m a computer enthusiast basically and i love to write blogs on tech issues and cyber security. I started penetration testing at the age of 16 and i would like to explore security vulnerabilities and latest tech news and wanna share with you. If you like all these stuffs add me on Facebook and Google plus.