Medusa 1.1 Release

From: jmk (jmk@foofus.net)
Date: Mon May 01 2006 - 14:44:55 EDT


Fellow Pen-testers:

Version 1.1 of Medusa is now available for public download.

What is Medusa? Medusa is a speedy, massively parallel, modular, login
brute-forcer for network services created by the geeks at Foofus.net. It
currently has modules for the following services: CVS, FTP, HTTP, IMAP,
MS-SQL, MySQL, NCP (NetWare), PcAnywhere, POP3, PostgreSQL, rexec,
rlogin, rsh, SMB, SMTP (VRFY), SNMP, SSHv2, SVN, Telnet, VmAuthd, VNC,
and a generic wrapper module.

While Medusa was designed to serve the same purpose as THC-Hydra, there
are several significant differences. For a brief comparison, see:

http://www.foofus.net/jmk/medusa/medusa-compare.html

This release adds several new modules, additional OS support, and fixes
numerous bugs. A somewhat detailed report is available here:

http://www.foofus.net/jmk/medusa/ChangeLog

Finally, the main documentation and actual files are located here:

http://www.foofus.net/jmk/medusa/medusa.html
http://www.foofus.net/jmk/tools/medusa-1.1.tar.gz

Medusa was developed on Gentoo Linux and FreeBSD. Some limited testing
has been done on other platforms. If people wish to contribute patches
to fix portability issues, I'd be happy to accept them. There are
probably lots of bugs which have yet to surface. Please let me know if
you encounter issues, fix a bug or just find the application useful.

Enjoy,
Joe

-- 
jmk <jmk@foofus.net>
Foofus Networks
------------------------------------------------------------------------------
This List Sponsored by: Cenzic
Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------


This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:54 EDT