UserEnum

Web Application UserEnum

Code available:

https://github.com/sxthomas/UserEnum

Summary

This tool makes multiple login attempts with a known bad username followed by multiple login attempts with a a list of usernames. Some web applications check for the presence of a user account before checking the password. This leads to a noticeable time delta between attempts with a good username verses a bad username.