JIHAD Posted December 24, 2014 Report Posted December 24, 2014 (edited) I'm using English so i can make sure everyone gets the point.As you read in the title, I'm seeking for a passionate colleague that will take care of website-development and graphics for a new opensource project.I will continue with a small Q&A.(i hope these are your main questions. )Q: What is the project about?A: Well, is about pentesting. I'm implementing a bunch of protocols and pentesting techniques written from scratch.Q: Why? There is also ncrack, hydra, metasploit, etc.A: I'm aware of all of them. But sometimes using them is difficult for some unexperienced users. There are also new modules that they do not exists in other pentesting frameworks and apps, at least not by default.Q: What protocols and tehniques?A: At this moment this is the project status: Completed Items: - (BRUTE) SMTP - Non-Encrypted and SSL/TLS with AUTH PLAIN and LOGIN available (ports 25,587,465). Protocol detections are made by itself, no need to specify anything but the port. - (BRUTE) FTP - Non-Encrypted and SSL/TLS. - (BRUTE) VNC - with AUTH and No-AUTH. - (BRUTE) SSH. - (BRUTE) HTTP/HTTPS BASIC Authentication. In Progress: - (BRUTE) IMAP Non-Encrypted and SSL/TLS (Almost there...). - (BRUTE) POP3 Non-Encrypted and SSL/TLS (Almost there...). - XSS Detection both HTTP/HTTPS. - SQL Injection Detection. - (BRUTE) HTTP/HTTPS form(Will identify login forms and submit). - (BRUTE) RDP AUTH (Almost there...). - (many more to come ) TODO: - At this moment SSH implementation is based on libssh2 library. Need to write the proto negociation and authentication to reduce library dependencies. (HINTS?).Above list is subject of change. Expect more to come.As you can see, there are many things going on. It's a big project that is time consuming.If you have time and wish to participate or willing to find out more about it, send me a message. I prefer to keep this thread clean.Thanks! Edited December 24, 2014 by JIHAD Quote
