Python automation of the following write up on an elabFTW account lockout bypass and login brute force that affects versions before 4.1.0.
Both scripts can be used against Proving Grounds Practice lab named Source, which is running a vulnerable version of elabFTW - a free and open source electronic lab notebook.
The account login requires an email address so a valid domain of any potential user needs to be known before brute forcing user names.
Once a valid account is found put that into the login brute force script.