Menu
Menu

    LIVE Classes

    Software Development
    Software Development New

    MongoDB & IIT-M Pravartak certified

    AI & Machine Learning
    AI & Machine Learning New

    Intel & IIT-M Pravartak Certified

    Data Science
    Data Science

    IIT-M Pravartak certified

    Full Stack Development
    Full Stack Development

    IIT-M Pravartak certified

    UI/UX Design
    UI/UX Design

    HCL GUVI certified

    Mechanical CAD
    Mechanical CAD

    Autodesk & IITM Pravartak Certified

    Courses

    Free Courses

    Free Courses

    Paid Courses

    Paid Courses

    Combo Courses

    Combo Courses

    Practice

    CodeKata

    CodeKata

    Sharpen your coding skills, prepare for interviews

    WebKata

    WebKata

    Build basic frontend & backend development skills

    SQLKata

    SQLKata

    Master SQL concepts in relational database management

    Debugging

    Debugging

    A series of programs curated by Industry Experts

    IDE - Online Compiler

    IDE - Online Compiler

    Run & test your code in any programming language

    Resources

    Free Resources

    Free Resources

    Referral

    Referral

    Success Stories

    Success Stories

    Blogs

    Blogs

    Learn Hub

    Learn Hub

    Get The App

    Get The App

    Rewards

    Rewards

    Become an Affiliate

    Become an Affiliate

    Leaderboard

    Leaderboard

    What's New?
    Resume Builder

    Resume Builder

    Our Products

    HackerKID

    HackerKID

    Coding classes platform for K-12 children

    GUVI For Corporates

    GUVI For Corporates

    Meet your Hiring & Training Needs

    Placement Preparation

    Placement Preparation

    Ace Up your Aptitude

    Studytonight

    Studytonight

    Free Programming Resources

Still Confused?WhatsApp

Welcome to HCL GUVI

Welcome Img

Hey there! Welcome to HCL GUVI—Grab Your Vernacular Imprint—where tech learning is easy, fun, and curated specially for you. Incubated by IIT Madras & IIM Ahmedabad in 2014 and now part of HCL Group, we're making quality tech education accessible to all.

Join 3M+ learners breaking barriers and upskilling for a brighter future. We're here to guide you every step of the way! 🚀

LIVE Classes

Live Class Img

Zen Classes are HCL GUVI's most refined and flagship product—live, expert-led tech programs for beginners and pros. With IITM Pravartak affiliations, master Full-Stack, Data Science, DevOps, UI/UX, and more in multiple languages!

Explore More

Courses

Courses Img

Looking for flexibility? HCL GUVI's 200+ self-paced courses let you learn anytime, anywhere! From free lessons to IIT-M & Autodesk-certified programs, gain in-demand skills in your preferred language.

Explore More

Practice Platforms

Practice Platform Img

Enhance your coding skills with HCL GUVI's Practice Platforms—interactive, structured, and designed to help you master programming effortlessly.

CodeKata:

A structured coding practice platform with 1500+ coding problems designed by industry experts. Ideal for beginners and professionals preparing for tech interviews with real-world coding challenges.

Try Now >

WebKata:

An interactive platform to master HTML, CSS, JavaScript, and Bootstrap with a live coding environment. Perfect for hands-on web development practice without any setup.

Try Now >

SQLKata:

A practice ground for mastering SQL queries used in real-world applications. Write, optimize, and refine your queries to build strong database skills.

Try Now >

Debugging:

Hone your bug-fixing skills with real-world debugging challenges in Python, C++, JavaScript, and Golang. More languages coming soon!

Try Now >

IDE:

A free online compiler supporting 20+ programming languages with auto-complete, debugging, and AI-powered code generation—all in the cloud!

Try Now >

Leaderboard

LeaderBoard Img

Climb the leaderboard as you earn Geekoins by learning and practicing! The top scorers get featured, making learning competitive and rewarding. Keep going—you could be next!

Explore More

Rewards

Rewards Img

Earn Geekoins by watching videos and practicing problems, then redeem them for exciting rewards. The more you engage, the more you win!

Explore More

Referral

Referral Img

Love learning with HCL GUVI? Share it with friends! Invite them using your unique link or code and unlock exciting rewards—Amazon vouchers, iPhones, and more. A Win-Win.

Explore More

Profile

Profile Img

Your HCL GUVI profile is your digital portfolio! Track progress, showcase skills, add projects, and build a resume. Keep it updated—opportunities await!

Explore More

That's It! You Are Ready!

Finish Img

You're all set to dive into your learning journey with HCL GUVI. Explore, upskill, and make each step count—exciting possibilities awaits!

Thank you for Reaching us out

Our team will reach you out
within the next 24 hours.

Explore all Programs

Brute Force Techniques in Golang

How to create password brute force wordlist generator tool in Golang?

While trying to penetrate a web application, we often see passwords are a barrier to the sensitive information of a user or an organization. Now we need to bypass passwords somehow. So, there are mainly two approaches for us: either find a vulnerability in webapp authrising or guess (Brute Force) the right password.

How to start make a Golang program?

Let's use some mathematics that we learnt in high school. Recall permutation and combination (P&C), here we have a list of characters and we have to choose some of them (=passwordLength) with every possible method (combination). Also for every method (combination) we can arrange those characters in many unique ways.

> If we use this approach and use google we can find itertools module to make our work easy.

1. Start by creating a file **main.go** and import the required Golang packages:

  • fmt - To print passwords.
  • strconv - strings manipulation functions
  • strings - To manipulate UTF-8 encoded strings.
  • github.com/ernestosuarez/itertools - .permutation and combination of characters list
package main

import    (
    // To print passwords.
    "fmt"
    
    // strings manipulation functions
    "strings"

    // convert string types to int types
    "strconv"


    // permutation and combination of charactersList
    "github.com/ernestosuarez/itertools"
)

2. Declare variables in Golang

Now, we can declare required variables in the main() function.

  • passwordLenth - length of generated password.
  • characters - character to compose the password.
func main()  {


    // The password length
    passwordLength := "1,2,4"

    // character to compose the password
    characters := "abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()+-./"


}

3. String manipulation in Golang

Here, both variables are supposed to be an array.

  • passwordLengthList - split it into an array from every ',' character.
  • charactersList - Use characters string to create an array of all characters.
func main()  {


    // The password length
    passwordLength := "1,2,4"

    // character to compose the password
    characters := "abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()+-./"


    // Split comma separated password length into slice.
    passwordLengthList := strings.Split(passwordLength, ",")
    
    // Splits a string into a list of strings.
    charactersList := strings.Split(characters, "")


}

4. Create **for** loop in Golang

To generate passwords for all lengths in the array passwordLengthList, we need to use a for loop.

func main()  {


    // The password length
    passwordLength := "1,2,4"

    // character to compose the password
    characters := "abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()+-./"


    // Split comma separated password length into slice.
    passwordLengthList := strings.Split(passwordLength, ",")
    
    // Splits a string into a list of strings.
    charactersList := strings.Split(characters, "")


    // run permations for every password length.
    for _, passLen := range passwordLengthList {
    

        // convert integer strings to int.
        passLenInt, err := strconv.Atoi(passLen)
        
        // If an error is nil panic.
        if err != nil {
            panic(err)
        }
        
    }
}

5. Permutation and Combination in Golang

itertools provides a function that takes an array and length integer to calculate all different password strings that could be generated by these character arrays.

Take a look at this example use of itertools for reference.

func main()  {

    iterable := []string{"1", "2", "3", "4"}

    for v := range PermutationsStr(iterable, 3) {
        fmt.Println(v)
    }

}

6. Create brute force list generator in Golang

Let's use every piece to solve this puzzle to get a working program.

package main

import    (
    // To print passwords.
    "fmt"
    
    // strings manipulation functions
    "strings"

    // convert string types to int types
    "strconv"

    
    // permutation and combination of charactersList
    "github.com/ernestosuarez/itertools"
)


func main()  {


    // The password length
    passwordLength := "1,2,4"

    // character to compose the password
    characters := "abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()+-./"


    // Split comma separated password length into slice.
    passwordLengthList := strings.Split(passwordLength, ",")
    
    // Splits a string into a list of strings.
    charactersList := strings.Split(characters, "")


    // run permations for every password length.
    for _, passLen := range passwordLengthList {
    

        // convert integer strings to int.
        passLenInt, err := strconv.Atoi(passLen)
        
        // If an error is nil panic.
        if err != nil {
            panic(err)
        }


        // Prints a list of permutations of the characters.
        for v := range itertools.PermutationsStr(charactersList, passLenInt) {
            
            // Prints a string by joining all elements of the list.
            fmt.Println(strings.Join(v, ""))

        }
        
    }
}

Conclusion

In this tutorial we made a Golang program to generate a brute force wordlist with specific characters and length used.

Share

You can share this topic with your family and friends on Social Media.

Share in

Go Language Tutorial

L
Lukesh

Go Language Tutorial

MODULE 1 : Go Basics
lessonGo Introduction
lessonLogging in Golang
lessonTime Package in Golang
lessonFunctions in Golang
lessonString literals in Golang
lessonError handling in Golang
lessonGo Features
lessonGo Installation
lessonHello World Program in Go
lessonComments in Go
lessonGo Language Keywords
lessonGo Data Types
lessonGo Variables
lessonGo Constants
lessonType Conversion in Go
lessonPackages in Go
lessonGo Operators
lessonIf-Else Statement in Go
lessonLoops in Go
lessonBreak statement in Go
lessonContinue Statement in Go
lessonGo Switch Statements
MODULE 2 : Intermediate Go
lessonConcurrency in Go
lessonArrays in Go
lessonSlices in Go
lessonStrings in Go
lessonMaps in GoLang
lessonStructs in Golang
MODULE 3 : Golang for Hackers
lessonWhy is Golang Good for Security?
lessonExtracting HTML Comments in Go
lessonGolang Brute Force
lessonFetch Archived URLs in Golang
MODULE 4 : How To
lessonEncoding/Decoding in Golang
lessonGenerate Barcode with Golang
lessonRemove Temporary Files in Golang
lessonInstall/Setup Golang locally
lessonExtract Regular Expression in Go language
lessonCreate a Web Application with Go

Go Language Tutorial

MODULE 1 : Go Basics
lessonGo Introduction
lessonLogging in Golang
lessonTime Package in Golang
lessonFunctions in Golang
lessonString literals in Golang
lessonError handling in Golang
lessonGo Features
lessonGo Installation
lessonHello World Program in Go
lessonComments in Go
lessonGo Language Keywords
lessonGo Data Types
lessonGo Variables
lessonGo Constants
lessonType Conversion in Go
lessonPackages in Go
lessonGo Operators
lessonIf-Else Statement in Go
lessonLoops in Go
lessonBreak statement in Go
lessonContinue Statement in Go
lessonGo Switch Statements
MODULE 2 : Intermediate Go
lessonConcurrency in Go
lessonArrays in Go
lessonSlices in Go
lessonStrings in Go
lessonMaps in GoLang
lessonStructs in Golang
MODULE 3 : Golang for Hackers
lessonWhy is Golang Good for Security?
lessonExtracting HTML Comments in Go
lessonGolang Brute Force
lessonFetch Archived URLs in Golang
MODULE 4 : How To
lessonEncoding/Decoding in Golang
lessonGenerate Barcode with Golang
lessonRemove Temporary Files in Golang
lessonInstall/Setup Golang locally
lessonExtract Regular Expression in Go language
lessonCreate a Web Application with Go

ZEN CLASS

LIVE CLASS

Popular Courses

Self-Paced Courses

Practice Platforms

Community

Products

Resources

Company

ZEN CLASS

LIVE CLASS

Popular Courses

Self-Paced Courses

Practice Platforms

Community

Products

Resources

Company

app store
play store
Refer & Earn

HCL GUVI (Grab Your Vernacular Imprint) Geek Network Private Limited is a leading online learning and skills development company, incubated by IIT Madras and IIM Ahmedabad.

Established in 2014 and acquired by the HCL Group in 2022, HCL GUVI is dedicated to providing effective and high-quality learning and skilling programs that transcend language barriers in technology education. HCL GUVI today is trusted by over 3 million learners and 2000+ corporate partners.

app storeplay store
Refer & Earn

HCL GUVI (Grab Your Vernacular Imprint) Geek Network Private Limited is a leading online learning and skills development company, incubated by IIT Madras and IIM Ahmedabad.

Established in 2014 and acquired by the HCL Group in 2022, HCL GUVI is dedicated to providing effective and high-quality learning and skilling programs that transcend language barriers in technology education. HCL GUVI today is trusted by over 3 million learners and 2000+ corporate partners.

app storeplay storeRefer & Earn
Terms and ConditionsPrivacy Policy

HCL GUVI Geeks Network Pvt. Ltd.

Terms and ConditionsPrivacy Policy

HCL GUVI Geeks Network Pvt. Ltd.

Gift IconUnlock Your Exclusive Rewards!

You have exclusive rewards which you can unlock by earning Geekoins. Explore your rewards now!

Explore Rewards