When there's no technical vulnerability to exploit, you should try to hack what humans left for you, and believe me, this always works.

Scylla provides all the power of what a real audit, intrusion, exclusion and analysis tool needs, giving the possibility of scanning misconfiguration bugs dynamically. Scylla aims to be a better tool for security auditors, extremely fast, designed based on real scenarios, developed by experienced coders and constructed with actual IT work methods.

The words “Configuration Tracer” are the best definition for Scylla, a tool to help on IT audits. Scylla is a tool to audit different online application protocols and configurations, built over a brute-force core.

This tool acts as a tool for unifying auditing techniques, in other words, it does what oscanner, winfingerprint, Hydra, DirBuster, and other tools do, and also what those tools don't do.

Supported Protocols

Terminal (Telnet, SSH, telnets)
FTP (FTPS, FTP, SFTP)
SMB (Also Windows RPC)
LDAP
POP3 (POP3S)
SMTP (SMTPS)
IMAP
MySql
MSSQL
Oracle (Database and TNS Listener)
DB2 (Database and DAS)
HTTP(HTTPS; Basic AUTH Brute Force, Digest AUTH Brute Force, Form Brute Force, Directory and files Brute Force)
DNS (DNS snooping)
Postgres SQL

Basic features:

• User, password list based Brute force
• Multiple hosts support
• Multiple session support
• Nmap integration
• Non-synchronized threads (proof to be a bit faster)
• Ability to restore sessions
• Session auto-saving (based on SQL Server CE)
• Easy to use
• Auto configured options
• Hacker oriented
• Free, and always free
• Database browser (who have hacked a DB and don’t have a DB client to connect to it- And worse if you don’t have internet)
• Open source tool

download:

http://code.google.com/p/scylla-v1/downloads/detail?name=Scylla.rar&can=2&q=