Just-Metadata - Tool that Gathers and Analyzes Metadata about IP Addresses

Just-Metadata is a tool that can be used to gather intelligence information passively about a large number of IP addresses, and attempt to extrapolate relationships that might not otherwise be seen. Just-Metadata has "gather" modules which are used to gather metadata about IPs loaded into the framework across multiple resources on the internet. Just-Metadata also has "analysis" modules. These are used to analyze the data loaded Just-Metadata and perform various operations that can identify potential relationships between the loaded systems.

Just-Metadata will allow you to quickly find the Top "X" number of states, cities, timezones, etc. that the loaded IP addresses are located in. It will allow you to search for IP addresses by country. You can search all IPs to find which ones are used in callbacks as identified by VirusTotal. Want to see if any IPs loaded have been documented as taking part of attacks via the Animus Project, Just-Metadata can do it.

Additionally, it is easy to create new analysis modules to let people find other relationships between IPs loaded based on the available data. New intel gathering modules can be easily added in just as easily!

Setup

Ideally, you should be able to run the setup script, and it will install everything you need.

For the Shodan information gathering module, YOU WILL NEED a Shodan API key. This costs like $9 bucks, come on now, it's worth it :).

Usage

As of now, Just metadata is designed to read in a single text file containing IPs, each on their own new line. Create this file from any source (C2 callback IPs, web server logs, etc.). Once you have this file, start Just-Metadata by calling it:

./Just-Metadata.py

Commands

help - Once in the framework, to see a listing of available commands and a description of what they do, type the "help" command.

load <filename> - The load command takes an extra parameter, the file name that you (the user) want Just-Metadata to load IP addresses from. This command will open, and load all IPs within the file to the framework.

Ex: load ipaddresses.txt

save - The save command can be used to save the current working state of Just-Metadata. This is helpful in multiple cases, such as after gathering information about IPs, and wanting to save the state off to disk to be able to work on them at a later point in time. Simply typing "save" will result in Just-Metadata saving the state to disk, and displaying the filename of the saved state.

import <statefile> - The import command can be used to load a previously saved Just-Metadata state into the framework. It will load all IPs that were saved, and all information gathered about the IP addresses. This command will require an extra parameter, the name of the state file that you want Just-Metadata to load.

Ex: import goodfile.state

list <module type> - The list command can be used to list the different types of modules loaded into Just-Metadata. This command will take an extra parameter, either "analysis" or "gather". Just-Metadata will display all mofules of the type that the user requests is listed.

Ex: list analysis

Ex: list gather

gather <gather module name> - The gather command tells Just-Metadata to run the module specified and gather information from that source. This can be used to gather geographical information, Virustotal, whois, and more. It's all based on the module. The data gathered will be stored within the framework in memory and can also be saved to disk with the "save" command.

Ex: gather geoinfo

Ex: gather virustotal

analyze <analysis module name> - The analyze command tells Metadata to run an analysis module against the data loaded into the framework. These modules can be used to find IP addresses that share the same SSH keys or SSL Public Key certificates, or certificate chains. They can also be used to find IP addresses used in the same callbacks by malicious executables.

ip_info <IP Address> - This command is used to dump all information about a specific IP address. This is currently being used after having run analysis modules. For example, after identifying IP addresses that share the same SSH keys, I can dump all information about those IPs. I will see if they have been used by malware, where they are located, etc.

export - The export command will have Just-Metadata dump all information that's been gathered about all IP addresses currently loaded into the framework to CSV.

Read more here.

Download Just-Metadata

Read More

Security CheatSheets - A collection of cheatsheets for various infosec tools and topics

These security cheatsheets are part of a project for the Ethical Hacking and Penetration Testing course offered at the University of Florida. Expanding on the default set of cheatsheets, the purpose of these cheatsheets are to aid penetration testers/CTF participants/security enthusiasts in remembering commands that are useful, but not frequently used. Most of the tools that will be covered have been included in our class and are available in Kali Linux.

Requirements

The only requirement to use these cheatsheets is for cheat to be installed.

How to Use

In order to use these cheatsheets, the cheatsheets in this repository need to go into ~/.cheat/ directory. After the files are moved into that directory, cheat ncat will display the ncat cheatsheet.

CheatSheets:

• aircrack-ng
• cewl
• cidr
• cookies
• dig
• fierce
• ftp
• http
• https-ssl-tls
• hydra
• john
• maltego
• markdown
• medusa
• metasploit
• mysql
• ncat
• nikto
• nping
• permissions
• php
• pivoting
• ps
• python
• ruby
• shadow
• shodan
• sqlmap
• tcpdump
• webservervulns
• wireless-encryptions
• wireshark

Download Security CheatSheets

Read More

Cheat - Create and view interactive cheatsheets on the command-line

cheat allows you to create and view interactive cheatsheets on the command-line. It was designed to help remind *nix system administrators of options for commands that they use frequently, but not frequently enough to remember.

cheat depends only on python and pip.

Example
The next time you're forced to disarm a nuclear weapon without consulting Google, you may run:

cheat tar

You will be presented with a cheatsheet resembling:

# To extract an uncompressed archive: 
tar -xvf /path/to/foo.tar

# To extract a .gz archive:
tar -xzvf /path/to/foo.tgz

# To create a .gz archive:
tar -czvf /path/to/foo.tgz /path/to/foo/

# To extract a .bz2 archive:
tar -xjvf /path/to/foo.tgz

# To create a .bz2 archive:
tar -cjvf /path/to/foo.tgz /path/to/foo/

To see what cheatsheets are availble, run cheat -l.
Note that, while cheat was designed primarily for *nix system administrators, it is agnostic as to what content it stores. If you would like to use cheatto store notes on your favorite cookie recipes, feel free.

Installing

Using pip

sudo pip install cheat

Using homebrew

brew install cheat

Manually
First install the required python dependencies with:

sudo pip install docopt pygments

Then, clone this repository, cd into it, and run:

sudo python setup.py install

Modifying Cheatsheets

The value of cheat is that it allows you to create your own cheatsheets - the defaults are meant to serve only as a starting point, and can and should be modified.

Cheatsheets are stored in the ~/.cheat/ directory, and are named on a per-keyphrase basis. In other words, the content for the tar cheatsheet lives in the ~/.cheat/tar file.

Provided that you have an EDITOR environment variable set, you may edit cheatsheets with:

cheat -e foo

If the 'foo' cheatsheet already exists, it will be opened for editing. Otherwise, it will be created automatically.

After you've customized your cheatsheets, I urge you to track ~/.cheat/ along with your dotfiles.

Download Cheat

Read More

VBS-Obfuscator - VBScript obfuscation to allow PenTesters bypass countermeasures

VBScript obfuscation to allow PenTesters bypass countermeasures.

Sample Script Output

C:\tools>python obfuscator.py test.vbs out.vbs
Char 109 -> 5505-5396
Char 115 -> 1113775/9685
Char 103 -> 540853/5251
Char 98 -> -2629+2727
Char 111 -> 291-180
Char 120 -> 826320/6886
Char 32 -> 118016/3688
Char 34 -> -2379+2413
Char 72 -> 2401-2329
Char 101 -> -1347+1448
Char 108 -> 759780/7035
Char 108 -> 5391-5283
Char 111 -> 743700/6700
Char 32 -> 7654-7622
Char 87 -> 636927/7321
Char 111 -> -46+157
Char 114 -> 7591-7477
Char 108 -> -9028+9136
Char 100 -> 285800/2858
Char 33 -> 5241-5208
Char 34 -> 7209-7175
Char 44 -> 234080/5320
Char 32 -> 104352/3261
Char 118 -> -3369+3487
Char 98 -> -7575+7673
Char 79 -> -9140+9219
Char 107 -> 4317-4210
Char 79 -> -5433+5512
Char 110 -> -1294+1404
Char 108 -> 6672-6564
Char 121 -> 1109-988
Char 32 -> 166080/5190
Char 43 -> 95675/2225
Char 32 -> 3156-3124
Char 118 -> -9572+9690
Char 98 -> -3093+3191
Char 73 -> 53947/739
Char 110 -> -2239+2349
Char 102 -> 554982/5441
Char 111 -> 4953-4842
Char 114 -> 907440/7960
Char 109 -> 3406-3297
Char 97 -> 3570-3473
Char 116 -> 3624-3508
Char 105 -> 137130/1306
Char 111 -> 632-521
Char 110 -> 8712-8602
Char 44 -> 94468/2147
Char 32 -> 14176/443
Char 34 -> 884/26
Char 84 -> -9768+9852
Char 104 -> -5195+5299
Char 105 -> 706335/6727
Char 115 -> 6469-6354
Char 32 -> 250304/7822
Char 105 -> -9605+9710
Char 115 -> 771190/6706
Char 32 -> -1319+1351
Char 97 -> 674053/6949
Char 32 -> -6907+6939
Char 109 -> 3365-3256
Char 101 -> 170791/1691
Char 115 -> 17020/148
Char 115 -> 3217-3102
Char 97 -> -6948+7045
Char 103 -> -9545+9648
Char 101 -> 9670-9569
Char 98 -> 926002/9449
Char 111 -> 130869/1179
Char 120 -> 255600/2130
Char 34 -> -1384+1418
Char 42 -> 1784-1742
Done!

Results (comparison)
First output

Dim SzVeVmXkoEZx, LALrsGQYjZtj, kLTOaGJfsmSG
SzVeVmXkoEZx = "6974-6865*602140/5236*45732/444*-8743+8841*8842-8731*5179-5059*-4646+4678*892-858*5573-5501*129-28*9855-9747*-6681+6789*-9095+9206*257184/8037*311721/3583*-7211+7322*741684/6506*-5620+5728*241300/2413*198-165*-9925+9959*6380-6336*5552-5520*-9222+9340*569-471*-6484+6563*6988-6881*128533/1627*-5150+5260*4828-4720*5616-5495*6062-6030*5407-5364*313728/9804*-9272+9390*-767+865*3735-3662*-2705+2815*-4151+4253*73704/664*-9531+9645*-7310+7419*-1882+1979*3171-3055*9554-9449*2676-2565*-1012+1122*107448/2442*4055-4023*-6753+6787*2058-1974*-5464+5568*428610/4082*2479-2364*-3013+3045*-9195+9300*128225/1115*56448/1764*-6899+6996*161760/5055*253752/2328*756288/7488*-4081+4196*29900/260*-3164+3261*-6830+6933*-6580+6681*-8764+8862*861360/7760*330840/2757*-2407+2441"
LALrsGQYjZtj = Split(SzVeVmXkoEZx, chr(eval(261366/6223)))
for each SKhxsIKQEybA in LALrsGQYjZtj
kLTOaGJfsmSG = kLTOaGJfsmSG & chr(eval(SKhxsIKQEybA))
next
execute(kLTOaGJfsmSG)

Second output

Dim wEQHvB, vsSBaV, pwgtko
wEQHvB = "-1912+2021*168-53*938948/9116*5796-5698*666666/6006*938-818*-4889+4921*-9635+9669*302112/4196*-9587+9688*-4950+5058*1012608/9376*-6763+6874*235232/7351*-8833+8920*412920/3720*1007190/8835*594432/5504*-5605+5705*1113-1080*9516-9482*347644/7901*181536/5673*198712/1684*615734/6283*779-700*6051-5944*-2574+2653*172370/1567*2086-1978*681472/5632*4765-4733*-2746+2789*54880/1715*2593-2475*733040/7480*-5259+5332*-7261+7371*103326/1013*-8585+8696*7371-7257*6640-6531*4564-4467*-6527+6643*62265/593*-1349+1460*2314-2204*-5438+5482*-5860+5892*4779-4745*1086-1002*-265+369*1276-1171*2588-2473*-2914+2946*101850/970*698050/6070*181760/5680*3610-3513*236896/7403*5004-4895*4565-4464*720245/6263*812360/7064*3582-3485*36977/359*4691-4590*482944/4928*-773+884*546720/4556*5235-5201"
vsSBaV = Split(wEQHvB, chr(eval(1039-997)))
for each KxRKRt in vsSBaV
pwgtko = pwgtko & chr(eval(KxRKRt))
next
execute(pwgtko)

Download VBS-Obfuscator

Read More

Cupp - Common User Passwords Profiler

The most common form of authentication is the combination of a username and a password or passphrase. If both match values stored within a locally stored table, the user is authenticated for a connection. Password strength is a measure of the difficulty involved in guessing or breaking the password through cryptographic techniques or library-based automated testing of alternate values.

A weak password might be very short or only use alphanumberic characters, making decryption simple. A weak password can also be one that is easily guessed by someone profiling the user, such as a birthday, nickname, address, name of a pet or relative, or a common word such as God, love, money or password.

That is why CUPP has born, and it can be used in situations like legal penetration tests or forensic crime investigations.

Options

Usage: cupp.py [OPTIONS]

    -h      this menu

    -i      Interactive questions for user password profiling

    -w      Use this option to profile existing dictionary,
            or WyD.pl output to make some pwnsauce :)

    -l      Download huge wordlists from repository

    -a      Parse default usernames and passwords directly from Alecto DB.
            Project Alecto uses purified databases of Phenoelit and CIRT which where merged and enhanced.

    -v      Version of the program

Configuration
CUPP has configuration file cupp.cfg with instructions.

Download Cupp

Read More

icmpsh - Simple Reverse ICMP Shell

Sometimes, network administrators make the penetration tester's life harder. Some of them do use firewalls for what they are meant to, surprisingly! Allowing traffic only onto known machines, ports and services (ingress filtering) and setting strong egress access control lists is one of these cases. In such scenarios when you have owned a machine part of the internal network or the DMZ (e.g. in a Citrix breakout engagement or similar), it is not always trivial to get a reverse shell over TCP, not to consider a bind shell.

However, what about UDP (commonly a DNS tunnel) or ICMP as the channel to get a reverse shell? ICMP is the focus on this tool.

Description

icmpsh is a simple reverse ICMP shell with a win32 slave and a POSIX compatible master in C, Perl or Python. The main advantage over the other similar open source tools is that it does not require administrative privileges to run onto the target machine.

The tool is clean, easy and portable. The slave (client) runs on the target Windows machine, it is written in C and works on Windows only whereas the master (server) can run on any platform on the attacker machine as it has been implemented in C and Perl.

Features

• Open source software - primarily coded by Nico, forked by me.
• Client/server architecture.
• The master is portable across any platform that can run either C, Perl or Python code.
• The target system has to be Windows because the slave runs on that platform only for now.
• The user running the slave on the target system does not require administrative privileges.

Usage

Running the master

The master is straight forward to use. There are no extra libraries required for the C and Python versions. The Perl master however has the following dependencies:

• IO::Socket
• NetPacket::IP
• NetPacket::ICMP

When running the master, don't forget to disable ICMP replies by the OS. For example:

sysctl -w net.ipv4.icmp_echo_ignore_all=1

If you miss doing that, you will receive information from the slave, but the slave is unlikely to receive commands send from the master.

Running the slave

The slave comes with a few command line options as outlined below:

-t host            host ip address to send ping requests to. This option is mandatory!

-r                 send a single test icmp request containing the string "Test1234" and then quit. 
                   This is for testing the connection.

-d milliseconds    delay between requests in milliseconds 

-o milliseconds    timeout of responses in milliseconds. If a response has not received in time, 
                   the slave will increase a counter of blanks. If that counter reaches a limit, the slave will quit.
                   The counter is set back to 0 if a response was received.

-b num             limit of blanks (unanswered icmp requests before quitting

-s bytes           maximal data buffer size in bytes 

In order to improve the speed, lower the delay (-d) between requests or increase the size (-s) of the data buffer.

Download icmpsh

Read More

Crouton - Chromium OS Universal Chroot Environment

crouton is a set of scripts that bundle up into an easy-to-use, Chromium OS-centric chroot generator. Currently Ubuntu and Debian are supported (using debootstrap behind the scenes), but "Chromium OS Debian, Ubuntu, and Probably Other Distros Eventually Chroot Environment" doesn't acronymize as well (crodupodece is admittedly pretty fun to say, though).

"crouton"...an acronym?

It stands for ChRomium Os Universal chrooT envirONment...or something like that. Do capitals really matter if caps-lock has been (mostly) banished, and the keycaps are all lower-case?

Moving on...

Who's this for?

Anyone who wants to run straight Linux on their Chromium OS device, and doesn't care about physical security. You're also better off having some knowledge of Linux tools and the command line in case things go funny, but it's not strictly necessary.

What's a chroot?

Like virtualization, chroots provide the guest OS with their own, segregated file system to run in, allowing applications to run in a different binary environment from the host OS. Unlike virtualization, you are not booting a second OS; instead, the guest OS is running using the Chromium OS system. The benefit to this is that there is zero speed penalty since everything is run natively, and you aren't wasting RAM to boot two OSes at the same time. The downside is that you must be running the correct chroot for your hardware, the software must be compatible with Chromium OS's kernel, and machine resources are inextricably tied between the host Chromium OS and the guest OS. What this means is that while the chroot cannot directly access files outside of its view, it can access all of your hardware devices, including the entire contents of memory. A root exploit in your guest OS will essentially have unfettered access to the rest of Chromium OS.

...but hey, you can run TuxRacer!

Prerequisites

You need a device running Chromium OS that has been switched to developer mode.

For instructions on how to do that, go to this Chromium OS wiki page, click on your device model and follow the steps in the Entering Developer Modesection.

Note that developer mode, in its default configuration, is completely insecure, so don't expect a password in your chroot to keep anyone from your data. crouton does support encrypting chroots, but the encryption is only as strong as the quality of your passphrase. Consider this your warning.

It's also highly recommended that you install the crouton extension, which, when combined with the extension or xiwitargets, provides much improved integration with Chromium OS.

That's it! Surprised?

Usage

crouton is a powerful tool, and there are a lot of features, but basic usage is as simple as possible by design.

If you're just here to use crouton, you can grab the latest release from https://goo.gl/fd3zc. Download it, pop open a shell (Ctrl+Alt+T, type shell and hit enter), and run sh ~/Downloads/crouton to see the help text. See the "examples" section for some usage examples.

If you're modifying crouton, you'll probably want to clone or download the repo and then either run installer/main.sh directly, or use make to build your very own crouton. You can also download the latest release, cd into the Downloads folder, and run sh crouton -x to extract out the juicy scripts contained within, but you'll be missing build-time stuff like the Makefile.

crouton uses the concept of "targets" to decide what to install. While you will have apt-get in your chroot, some targets may need minor hacks to avoid issues when running in the chrooted environment. As such, if you expect to want something that is fulfilled by a target, install that target when you make the chroot and you'll have an easier time. Don't worry if you forget to include a target; you can always update the chroot later and add it. You can see the list of available targets by running sh ~/Downloads/crouton -t help.

Once you've set up your chroot, you can easily enter it using the newly-installed enter-chroot command, or one of the target-specific start* commands. Ta-da! That was easy.

Read more here.

Download Crouton

Read More

REMnux v6 - A Linux Toolkit for Reverse-Engineering and Analyzing Malware

REMnux is a free Linux toolkit for assisting malware analysts with reverse-engineering malicious software. It strives to make it easier for forensic investigators and incident responders to start using the variety of freely-available tools that can examine malware, yet might be difficult to locate or set up.

The heart of the project is the REMnux Linux distribution based on Ubuntu. This lightweight distro incorporates many tools for analyzing Windows and Linux malware, examining browser-based threats such as obfuscated JavaScript, exploring suspicious document files and taking apart other malicious artifacts. Investigators can also use the distro to intercept suspicious network traffic in an isolated lab when performing behavioral malware analysis.

Malware Analyis Tools Installed on REMnux

The REMnux distribution includes many free tools useful for examining malicious software. These utilities are set up and tested to make it easier for you to perform malware analysis tasks without needing to figure out how to install them. The majority of these tools are listed below.

Examine Browser Malware

• Website analysis: Thug, mitmproxy, Network Miner Free Edition, curl, Wget, Burp Proxy Free Edition, Automater, pdnstool, Tor, tcpextract, tcpflow, passive.py, CapTipper
• Flash: xxxswf, SWF Tools, RABCDAsm, extract_swf, Flare
• Java: Java Cache IDX Parser, JD-GUI Java Decompiler, JAD Java Decompiler, Javassist, CFR
• JavaScript: Rhino Debugger, ExtractScripts, Firebug, SpiderMonkey, V8, JS Beautifier

Examine Document Files

• PDF: AnalyzePDF, Pdfobjflow, pdfid, pdf-parser, peepdf, Origami, PDF X-RAY Lite, PDFtk, swf_mastah
• Microsoft Office: officeparser, pyOLEScanner.py, oletools, libolecf, oledump, emldump
• Shellcode: sctest, unicode2hex-escaped, unicode2raw, dism-this, shellcode2exe

Extract and Decode Artifacts

• Deobfuscate: unXOR, XORStrings, ex_pe_xor, XORSearch, brutexor/iheartxor, xortool, NoMoreXOR, XORBruteForcer, Balbuzard
• Extract strings: strdeobj, pestr, strings
• Carving: Foremost, Scalpel, bulk_extractor, Hachoir

Handle Network Interactions

• Sniffing: Wireshark, ngrep, TCPDump, tcpick
• Services: FakeDNS, Nginx, fakeMail, Honeyd, INetSim, Inspire IRCd, OpenSSH, accept-all-ips
• Miscellaneous network: prettyping.sh, set-static-ip, renew-dhcp, Netcat, EPIC IRC Client, stunnel

Process Multiple Samples

• Maltrieve, Ragpicker, Viper, MASTIFF, Density Scout

Examine File Properties and Contents

• Define signatures: YaraGenerator, IOCextractor, Autorule, Rule Editor
• Scan: Yara, ClamAV, TrID, ExifTool, virustotal-submit, Disitool
• Hashes: nsrllookup, Automater, Hash Identifier, totalhash, ssdeep, virustotal-search, VirusTotalApi

Investigate Linux Malware

• System: Sysdig, Unhide
• Disassemble: Vivisect, Udis86, objdump
• Debug: Evan’s Debugger (EDB), GNU Project Debugger (GDB)
• Trace: strace, ltrace
• Investigate: Radare 2, Pyew, Bokken, m2elf

Edit and View Files

• Text: SciTE, Geany, Vim
• Images: feh, ImageMagick
• Binary: wxHexEditor, VBinDiff
• Documents: Xpdf

Examine Memory Snapshots

• Volatility Framework, findaes, AESKeyFinder, RSAKeyFinder, VolDiff, Rekall

Statically Examine PE Files

• Unpacking: UPX, Bytehist, Density Scout, PackerID
• Disassemble: objdump, Udis86, Vivisect
• Find anomalies: Signsrch, pescanner, ExeScan, pev, Peframe, pedump
• Investigate: Bokken, RATDecoders, Pyew, readpe.py, PyInstaller Extractor

Investigate Mobile Malware

• Androwarn, AndroGuard

Perform Other Tasks

• ProcDOT, bashhacks, Docker, vtTool, REMnux Updater, Decompyle++

REMnux Documentation 

REMnux documentation is a relatively recent effort, which can provide additional details regarding the toolkit. The document set in need of improvement and expansion.

The one-page REMnux cheat sheet highlights some of the most useful tools and commands available as part of the REMnux distro. It’s an especially nice starting point for people who are new to the distribution. 

• Malware Analysis Essentials Using REMnux

Download REMnux v6

Read More

Medusa - Speedy, Parallel and Modular Login Brute-Forcer

Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. The goal is to support as many services which allow remote authentication as possible. The author considers following items as some of the key features of this application:

• Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords concurrently.
• Flexible user input. Target information (host/user/password) can be specified in a variety of ways. For example, each item can be either a single entry or a file containing multiple entries. Additionally, a combination file format allows the user to refine their target listing.
• Modular design. Each service module exists as an independent .mod file. This means that no modifications are necessary to the core application in order to extend the supported list of services for brute-forcing.

Why?

Why create Medusa? Isn't this the same thing as THC-Hydra? Here are some of the reasons for this application:

• Application stability. Maybe I'm just lame, but Hydra frequently crashed on me. I was no longer confident that Hydra was actually doing what it claimed to be. Rather than fix Hydra, I decided to create my own buggy application which could crash in new and exciting ways.
• Code organization. A while back I added several features to Hydra (parallel host scanning, SMBNT module). Retro-fitting the parallel host code to Hydra was a serious pain. This was mainly due to my coding ignorance, but was probably also due to Hydra not being designed from the ground-up to support this. Medusa was designed from the start to support parallel testing of hosts, users and passwords.
• Speed. Hydra accomplishes its parallel testing by forking off a new process for each host and instance of the service being tested. When testing many hosts/users at once this creates a large amount of overhead as user/password lists must be duplicated for each forked process. Medusa is pthread-based and does not unnecessarily duplicate information.
• Education. I am not an experienced C programmer, nor do I consider myself an expert in multi-threaded programming. Writing this application was a training exercise for me. Hopefully, the results of it will be useful for others. 

Module specific details:

•     AFP
•     CVS
•     FTP
•     HTTP
•     IMAP
•     MS-SQL
•     MySQL
•     NetWare NCP
•     NNTP
•     PcAnywhere
•     POP3
•     PostgreSQL
•     REXEC
•     RDP
•     RLOGIN
•     RSH
•     SMBNT
•     SMTP-AUTH
•     SMTP-VRFY
•     SNMP
•     SSHv2
•     Subversion (SVN)
•     Telnet
•     VMware Authentication Daemon (vmauthd)
•     VNC
•     Generic Wrapper
•     Web Form 

News

2015-06-07: Released Medusa v2.2_rc2

2015-05-28: Released Medusa v2.2_rc1

2012-05-25: Released Medusa v2.1.1

2012-04-02: Released Medusa v2.1

2011-03-04: tak and bigmoneyhat have released a Java-based GUI for Medusa (Medusa-gui)

2010-02-09: Released Medusa v2.0

Download Medusa

Read More