Tomcter – Bruteforce Apache Tomcat Manager Login



Tomcter is a python tool developed to bruteforce Apache Tomcat manager login with Apache Tomcat default credentials.

Installing / Getting started

A quick guide of how to install and use Tomcter.

1. Clone the repository with: git clone
2. Install the libraries with: pip3 install -r requirements.txt
3. Insert your targets urls on src/core/data/urls.txt file (ex:
4. Run Tomcter with: python3


If you want to use Tomcter in a Docker container, follow this commands:

1. Clone the repository - git clone
2. Build the image - sudo docker build -t tomcter:latest .
3. Run container - sudo docker run tomcter:latest


  • Python 3 installed on your machine.
  • Install the libraries with pip3 install -r requirements.txt


  • Fast bruteforce
  • Low RAM and CPU usage
  • Open-Source


  •  Improve Tomcat detection
  •  Improve code


A quick guide of how to contribute with the project.

1. Create a fork from Tomcter repository
2. Clone the repository with git clone
3. Type cd tomcter/
4. Create a branch and make your changes
5. Commit and make a git push
6. Open a pull request


  • The developer is not responsible for any malicious use of this tool.