Scylla v1 Penetration Testing Tool - Because there's no patch for human stupidity
Scylla provides all the power of what a real audit, intrusion, exclusion and analysis tool needs, giving the possibility of scanning misconfiguration bugs dynamically. Scylla aims to be a better tool for security auditors, extremely fast, designed based on real scenarios, developed by experienced coders and constructed with actual IT work methods.
The words “Configuration Tracer” are the best definition for Scylla, a tool to help on IT audits. Scylla is a tool to audit different online application protocols and configurations, built over a brute-force core.
This tool acts as a tool for unifying auditing techniques, in other words, it does what oscanner, winfingerprint, Hydra, DirBuster, and other tools do, and also what those tools don't do.
Supported Protocols
- Terminal (Telnet, SSH, telnets)
- FTP (FTPS, FTP, SFTP)
- SMB (Also Windows RPC)
- LDAP
- POP3 (POP3S)
- SMTP (SMTPS)
- IMAP
- MySql
- MSSQL
- Oracle (Database and TNS Listener)
- DB2 (Database and DAS)
- HTTP(HTTPS; Basic AUTH Brute Force, Digest AUTH Brute Force, Form Brute Force, Directory and files Brute Force)
- DNS (DNS snooping)
- Postgres SQL
Basic features:
- User, password list based Brute force
- Multiple hosts support
- Multiple session support
- Nmap integration
- Non-synchronized threads (proof to be a bit faster)
- Ability to restore sessions
- Session auto-saving (based on SQL Server CE)
- Easy to use
- Auto configured options
- Hacker oriented
- Free, and always free
- Database browser (who have hacked a DB and don’t have a DB client to connect to it- And worse if you don’t have internet)
- Open source tool
Subscribe to our Daily Newsletter via email - Be First to know about Security and Penetration testing tools. or Join our Huge Hackers Community on Facebook , Google+ and Twitter .
Subscribe Top Hacker Stories via email
Posted by Mohit Kumar at Thursday, November 01, 2012
The Hacker News - Daily Updates