Login Forms

Default Credentials

If you know the underlying platform, you may be able to find default credentials tied to that platform. Places you may want to look are: official documentation, installation instructions or walkthroughs, google.

Credential Guessing

By using any information you have gained about the target already you can potentially guess your way in. This is not as likely but it is still something worth considering.

Common Password Attacks

Other common password attacks are valuable here. Attacks such as, brute force, password spraying, credential stuffing are all possible ways to break through login forms. Burp Suite's Intruder or Zap's Fuzz plugins can help with this. Hydra is another good tool as well.