请使用者遵守 中华人民共和国网络安全法,勿将Medusa项目用于非授权的测试,Medusa项目开发者不负任何连带法律责任。
The project is licensed under
GPL
.Free for non-commercial use.The project development manpower is insufficient. If you find a problem or have comments, please contact us.
bash
Ver. Online
Bot
Ver. Online
Web
Ver. Under development
中文文档 | EnglishDocumentation
http://medusa.ascotbe.com
http://medusa.ascotbe.com/Documentation/#/PluginDirectory
# Need nmap(example for ubuntu
apt-get install nmap
# clone project files
git clone https://github.com/Ascotbe/Medusa.git
cd Medusa
# Install python packages
pip3 install -r Medusa.txt
# Use the scanner
python3 MedusaScan.py -u www.ascotbe.com
# If download speed too slow when cloning, then you can use proxy.
# Global proxy setting
git config --global http.proxy http://127.0.0.1:1080
git config --global https.proxy https://127.0.0.1:1080
Command | Number of parameters | Effect | Annotation |
---|---|---|---|
-u | 1 | Input single url(Use http:// or https:// first better than none, do not use any paremeters follow the url |
example : -u https://www.ascotbe.com or -u https://192.168.0.1 |
-a | 1 | Specify header files or use random headers | When using this feature, please refer to the documentation for this content |
-f | 1 | The filename includes urls that want to scan. | -u or -f must exists one and only one |
-p | 1 | You need to fill in the IP of your proxy, if you have a port you need to bring the port | to use BURP as a proxy then you should pass in 127.0.0.1:8080 |
-m | 1 | Scan for single module,such as: Struts2 or Apache, etc. | The specific content can be entered by the corresponding name in the project Modules folder. |
-t | 1 | Threads usage setting, default(-t 15) | None |
-s | 0 | Subdomain search by DNS and search engine | Mod by Sublist3r , IP enumerate not support. |
-se | 0 | Contains -s funcitons, in addtional, enumerate by dictionary(time consuming) |
can not use this with -s at the same time. |
# clone project files
git clone https://github.com/Ascotbe/Medusa.git
cd Medusa
# Install python packages
pip3 install -r Medusa.txt
# Configuring look at BOT document
https://www.ascotbe.com/Medusa
http://medusa.ascotbe.com/Documentation/#/UpDataLog
https://www.ascotbe.com/Loophole
- If you find that the corresponding vulnerability cannot be scanned by the plug-in, please submit the [Bug] issue
- If you have any problems that cannot be solved by the documentation, please submit an issue of [help]
- If you have any good comments or ideas, please submit [idea] issue
- QQ group:690021184(Secret code:6CF2D42B629E5AA4E6C293B290798878)