In this post, you will learn how to bypass Captcha security on Login page using Turbo Intruder.
Requirement:-
Learn Burpsuite basics from here:- https://www.youtube.com/watch?v=G3hpAeoZ4ek https://www.youtube.com/watch?v=Z08oqrV9wqs
Take 100 passwords from here https://github.com/danielmiessler/SecLists/blob/master/Passwords/Common-Credentials/10-million-password-list-top-1000.txt
Install Turbo Intruder plugin by following this - https://www.youtube.com/watch?v=zpFv2gN6vYc
Steps:-
1. Go to login page -> enter any credentials -> Complete Captcha challenge
2. Send the request to Turbo Intruder
3. Copy this script and past it in turbo intruder https://github.com/PortSwigger/turbo-intruder/blob/master/resources/examples/basic.py
4. Replace wordlist with your passwords and add "%s" in password parameter
5. Change the "concurrentConnections=50" and "requestPerConnection=1"

Upper part of code means, this is going to send 50 requests in 1 connection. So you can increase it till 100 as per your passwords wordlists.
6. Start the attack. If its really vulnerable, then you will see some difference in the Words, Length or Status code.
example:-

So this is how you can test any captcha protected login page for bruteforce vulnerability with this technique. Sometimes this vulnerability is out of scope on bug bounty programs, so read policy before reporting.