Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Consider Developing Legba as a Library #58

Closed
lanjelot opened this issue Nov 22, 2024 · 2 comments
Closed

Consider Developing Legba as a Library #58

lanjelot opened this issue Nov 22, 2024 · 2 comments

Comments

@lanjelot
Copy link

Hi,

Congratulations on Legba, this looks like an excellent project and a worthy replacement for Patator/Hydra/Medusa/etc.! As the author of Patator, I wanted to share a reflection from my experience that might be helpful as you develop Legba further.

One thing I wish I had done early on with Patator was to design it as a library from the start, rather than exclusively as a command-line tool. While having a robust CLI is great for most use cases, I found that there are often edge cases or scenarios where it would have been super useful to integrate the functionality programmatically into custom scripts or applications.

By structuring Legba as a library, you could:

  • Expose reusable APIs for different attack modules, allowing developers to build their own clients or automate edge cases.
  • Retain the same CLI functionality for direct usage, making it flexible for different user needs.

I think a password attack library that offers both programmatic flexibility and CLI ease-of-use would fill a significant gap in the tooling space.

I would love to re-write Patator as a library but i'm afraid i've moved on and lack time and motivation, at least for now :)

Looking forward to seeing how Legba evolves!

Cheers :)

@evilsocket
Copy link
Owner

Hi @lanjelot and thank you!

I've had the same thinking for a while, but then I settled on the fact that if there's a use case that the CLI doesn't cover, I'd rather improve the CLI experience to support it. I also implemented a REST API here https://github.com/evilsocket/legba/blob/main/src/api/mod.rs which essentially makes it into a library / service already.

Do you have any specific use case in mind that woulnd't be possible with the current capabilities?

@evilsocket
Copy link
Owner

Released v0.10.0 with the REST API and documented it. IMO this approach is way better than a library as it exposes Legba's functionalities to any language. I'll close this issue but please let me know if there are use cases that won't work with this approach and I'll try to extend it!

Thanks again for your feedback

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants