Medusa Parallel Network Login Auditor :: Feature Comparison

JoMo-Kun / jmk "AT" foofus "DOT" net

Here's a quick comparison of Hydra and Medusa. This is based on my understanding of Hydra 5.0 and Medusa 1.4. It should be noted that even if a particular item is checked, it does not necessarily mean it works correctly. I have not used Hydra in a number of years. If newer versions have addressed some of the known issues or added new functionality that should be reflected here, please let me know.

Area Feature Hydra Medusa
* License HYDRA GPL-2
Bugs &radic &radic
Core Parallel Method fork() pthread
Service Design Built-in Modular
Speed ? ?
Generic Wrapper Module &radic
CVS Broken - infinite loop &radic
FTP FTP &radic &radic
Explicit FTPS (AUTH TLS Mode as defined in RFC 4217) &radic
Implicit FTPS (FTP over SSL (990/tcp) &radic
HTTP Basic Auth Broken - Base64 incorrect for some passwords &radic
NTLM Auth (Windows Integrated) &radic
HTTP Proxy &radic
ICQ &radic
IMAP Method AUTH-LOGIN Support &radic &radic
Method AUTH-PLAIN Support &radic
LDAP &radic
Microsoft SQL &radic &radic
MySQL Pre-4.1 Authentication &radic &radic
Pre-4.1 Hash Passing &radic
4.1 Authentication &radic
NCP (NetWare) &radic (ncpfs)
NNTP &radic (Original AUTHINFO) &radic (Original AUTHINFO)
Oracle Database Non-Functional &radic (via Wrapper script)
Listener Non-Functional
PcAnywhere Supported Encryption Level None None
Supported Authenication Mode(s) Native PCA Native PCA, ADS, NT, Windows
PCNFS &radic
POP3 &radic &radic
PostgreSQL &radic &radic
REXEC &radic &radic
RLOGIN .rhost Support &radic
Password Support &radic &radic
RSH &radic &radic
SAPR3 &radic
SIP &radic
SMB (Microsoft Windows/Samba) NetBIOS Mode &radic &radic
W2K Native Mode Broken &radic
Hash Passing Broken &radic
SMTP AUTH &radic &radic
AUTH with TLS &radic
VRFY &radic
SNMP &radic (overwrites sysName with "HYDRA") &radic (significantly faster design)
SOCKS5 &radic
SSHv2 &radic (libssh) &radic (libssh2)
SVN &radic &radic
TeamSpeak &radic
Telnet Generic Telnet &radic &radic
Cisco (AAA/non-AAA) &radic &radic
Cisco enable password &radic
VNC Password-less/Password-only Support &radic &radic
Anti-Brute Force Slowdown Support &radic
Username/Password Support
VmWare Authentication Daemon Non-SSL Authentication &radic &radic
SSL Authentication &radic
Web Form Module &radic


Medusa Documentation