.,:: .: .,,. ... :::::::.. .,-:::::; ,;;, `;;;, .,;;,;;'`';, ,;;, .;;;;;;;. ;;;;``;;;; ,;;-'````' ,[' [n '[[,,[[' [[, _,[[,[' [n ,[[ \[[,[[[,/[[[' [[[ [[[[[[[| $$ $$ Y$$$P Y$$P"$$$$ $$ $$$, $$$$$$$$$c "$$c. "$$ Y8, ,8" oP"``"Yo, ,,_,d8"Y8, ,8" "888,_ _,88P888b "88bo,`Y8bo,,,o88o "YmmP,m" "Mm, "MP" "YmmP (O) "YMMMMMP" MMMM "W/ `'YMUP"YMM ========================================================================= ------------------------------------------------------------------------- Mezcal - Automated HTTP(S) Brute Force by wxs by txs by nummish ------------------------------------------------------------------------- ========================================================================= CHANGELOG: 1.1 - Add the ability to process only headers. - Add a nested variable configuration (this is more like parallel, which was broken in 1.0). - Proper host validation before spewing lots of requests. - Fixed an obscure memory leak in the LiqourCabinet. - Minor speed enhancements and other small bug fixes. NOTES: - There is still a GDI handle leak with Mezcal. This is due to wx.NET _NOT_ Mezcal. As soon as wx.NET is fixed we will release a patched version. ------------------------------------------------------------------------- ========================================================================= Mezcal 1.1 (Mezcal explained...) Mezcal was designed to automate HTTP brute force attacks. Mezcal gives the user the power to handcraft the request and declare custom variables for substitution. Further documentation is available at http://www.0x90.org/releases/mezcal/docs. If you have any questions or comments on the tool, please do not hesitate to visit http://www.0x90.org/releases/mezcal or email mezcal@0x90.org. Hopefully you find this useful. -- WXS Thanks, props & big-ups to the following for their help & feedback: freshman, semen