Skip to content
/ Medusa Public
forked from Ascotbe/Medusa

🐈Medusa是一个漏洞扫描平台,单目标秒级探测。 http://medusa.ascotbe.com

License

Notifications You must be signed in to change notification settings

BZLXQxQ/Medusa

 
 

Repository files navigation

Medusa

Release Release Release Release Release Release

Welcome to Medusa

请使用者遵守 中华人民共和国网络安全法,勿将Medusa项目用于非授权的测试,Medusa项目开发者不负任何连带法律责任。

👉About Medusa

The project is licensed under GPL.Free for non-commercial use.

The project development manpower is insufficient. If you find a problem or have comments, please contact us.

bash Ver. Online

Bot Ver. Online

Web Ver. Under development

中文文档 | EnglishDocumentation

💡Document

http://medusa.ascotbe.com

🔎Bug coverage list

http://medusa.ascotbe.com/Documentation/#/PluginDirectory

👾Demo

demo

📖Bash Ver. instructions for use

# Need nmap(example for ubuntu
apt-get install nmap
# clone project files
git clone https://github.com/Ascotbe/Medusa.git
cd Medusa
# Install python packages
pip3 install -r Medusa.txt
# Use the scanner
python3 MedusaScan.py -u www.ascotbe.com

🚀Git proxy

# If download speed too slow when cloning, then you can use proxy. 
# Global proxy setting
git config --global http.proxy http://127.0.0.1:1080
git config --global https.proxy https://127.0.0.1:1080

📋Parameters

Command Number of parameters Effect Annotation
-u 1 Input single url(Use http:// or https:// first better than none, do not use any paremeters follow the url example : -u https://www.ascotbe.com or -u https://192.168.0.1
-a 1 Specify header files or use random headers When using this feature, please refer to the documentation for this content
-f 1 The filename includes urls that want to scan. -u or -f must exists one and only one
-p 1 You need to fill in the IP of your proxy, if you have a port you need to bring the port to use BURP as a proxy then you should pass in 127.0.0.1:8080
-m 1 Scan for single module,such as: Struts2 or Apache, etc. The specific content can be entered by the corresponding name in the project Modules folder.
-t 1 Threads usage setting, default(-t 15) None
-s 0 Subdomain search by DNS and search engine Mod by Sublist3r, IP enumerate not support.
-se 0 Contains -s funcitons, in addtional, enumerate by dictionary(time consuming) can not use this with -s at the same time.

📗Bot Ver. document

# clone project files
git clone https://github.com/Ascotbe/Medusa.git
cd Medusa
# Install python packages
pip3 install -r Medusa.txt
# Configuring look at BOT document
https://www.ascotbe.com/Medusa

🍀Updating logs

http://medusa.ascotbe.com/Documentation/#/UpDataLog

📂Bug replicate document

https://www.ascotbe.com/Loophole

💚Discussion

  • If you find that the corresponding vulnerability cannot be scanned by the plug-in, please submit the [Bug] issue
  • If you have any problems that cannot be solved by the documentation, please submit an issue of [help]
  • If you have any good comments or ideas, please submit [idea] issue
  • QQ group:690021184(Secret code:6CF2D42B629E5AA4E6C293B290798878

🌱Friend links

🌴Contributors

commit

🏁Timeline

star

About

🐈Medusa是一个漏洞扫描平台,单目标秒级探测。 http://medusa.ascotbe.com

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Python 100.0%