Search Results for "ssh"

ssh man-in-the-middle (ssh-mitm) server for security audits supporting publickey authentication, session hijacking and file manipulation. SSH-MITM is a man in the middle SSH Server for security audits and malware analysis. Password and publickey authentication are supported and SSH-MITM is able to detect, if a user is able to login with publickey authentication on the remote server.

...Pastebin patched the vulnerability I previously used in order to get recent uploads, so at the moment it is not possible to get recently uploaded files, you are now limited to all syntaxes exempt the default one (95% get's uploaded as 'text' and this is removed from all recent upload lists). Bruteforce support for Spotify accounts, Instagram accounts, ssh servers, Microsoft RDP clients and Gmail accounts. Emagnet is a very powerful tool for capturing email addresses and passwords from leaked databases uploaded on Pastebin. It's almost impossible to find leaked passwords after they're removed from the list on pastebin.com. Either they have been deleted by Pastebin's techs or the upload is just one in the crowd.

Number one of the biggest security holes are passwords, as every password security study shows. This tool is a proof of concept code, to give researchers and security consultants the possibility to show how easy it would be to gain unauthorized access from remote to a system. There are already several login hacker tools available, however, none does either support more than one protocol to attack or support parallelized connects. It was tested to compile cleanly on Linux, Windows/Cygwin,...

A post-exploitation framework for Linux/Windows. Initially, emp3r0r was developed as one of my weaponizing experiments. It was a learning process for me trying to implement common Linux adversary techniques and some of my original ideas. So, what makes emp3r0r different? First of all, it is the first C2 framework that targets Linux platform including the capability of using any other tools through it. Take a look at the features for more valid reasons to use it.

SSHGuard protects hosts from brute-force attacks against SSH and other services. It aggregates system logs and blocks repeat offenders using several firewall backends, including iptables, ipfw, and pf.

...Brutosx is brutus.pl remote login and password bruteforce cracker inserted inside the application Brutosx (need only of Net::Telnet Perl module are required get them at CPAN, while the list of users and passwords, and the service is inserted inside the application). SSHOSX is ssh application client to establish an ssh connection from client to server, Nmaposx is nmap port scanner invoked from the application Nmaposx (Syntax of nmap is inside the application). Packetstorm is all packet storm exploits database all inserted inside in the application Packetstorm, Shoppingosx an example of https connection. The application Ob open four browsers, Tesseract applications container, TAL, Chatosx, AndroMac, AndroEmu, MySMS, Shutdown, Updater, Search for, MyMaps, SOA, BLI, Xcoder, BasicProg, BasicProg2, VM, D,M&Z Suite Basic and D,M&Z Suite Advanced (POSIX based).

Automated exploitation tool for SSH and RDP

This penetration testing tool allows an auditor to intercept SSH connections. A patch applied to the OpenSSH v7.5p1 source code causes it to act as a proxy between the victim and their intended SSH server; all plaintext passwords and sessions are logged to disk. Of course, the victim's SSH client will complain that the server's key has changed. But because 99.99999% of the time this is caused by a legitimate action (OS re-install, configuration change, etc), many/most users will disregard the warning and continue on. ...

PivotSuite is a portable, platform-independent and powerful network pivoting toolkit, Which helps Red Teamers / Penetration Testers to use a compromised system to move around inside a network. It is a Standalone Utility, Which can use as a Server or as a Client. If the compromised host is directly accessible (Forward Connection) from Our pentest machine, Then we can run pivotsuite as a server on the compromised machine and access the different subnet hosts from our pentest machine, Which was...

X-Crack Full is an SSH penetration testing tool. It is coded in Python.

...Also, contains a pentesting module to execute commands using a selected anonymous network, pentesting with TOR or TCP Follows a client/server model with well-defined communication interfaces. SSH is used to allow remote clients to access the machine and manage any anonymous network that is installed there, plus allows penetration testing anonymously (or non-anonymously) using tools such as Metasploit Framework, nmap, nikto, among others. The list of supported applications will grow as the project progresses. Until now, this project is under development and is very unstable (and some features aren't included). ...

cPInstall is a small bash script created at first for UnderHost customer then released to public. Its purpose is to give access to install, optimize, secure any common cPanel plugin within one click. Useful for novice and helpful for advanced users. http://underhost.com - Offshore Hosting Solutions New version coming soon!

This is a script to perform a dictionary based attack through protocol FTP and SSH2. You need libssh2 to use ssh2 methods. Syntax use: perl ssh2ftpcrack.pl [ssh or ftp] [user] [host] [wordlist] http://packetstormsecurity.org/Crackers/wordlists/

A multithreaded opensource password cracker

ssh bruteforce authentification with multiprocessing, string generator and dictionary attack

Java based webapp that utilizes TCP Wrappers to grant an IP access to a ssh server. Brute force attacks can be avoided while still allowing password based ssh access from multiple, changing IP values.

ShellTer is an iptables-based firewall. What sets it apart from the rest is that it has built-in SSH brute force protection. It is easy to configure and has an interactive CLI installer.

Login Alert is a small one click wizard GUI that sets up scripts on your Ubuntu/Debian Linux box. SSH Brute Force prevention through iptables, SSH and local login email alert notifications, able to install fail2ban and denyhost with a tick of the mouse.

Cheescloth is a security script that is used to monitor and block email being brute force sent to your mail server by zombie machines in control by spammers and hackers. It also will catch and block hackers trying to hack your server via SSH connection

BlockSSHD protects computers from SSH brute force attacks by dynamically blocking IP addresses by adding iptables rules.

Authdefender is a filtering application that, in combination with iptables, blocks malicious users from accessing any aspect of the server in question. Malicious users are defined by brute force ssh/ftp attempts and blocked regardless of tcp wrappers.

brutesshd is an application written in c/php in order to prevent bruteforce attacks through ssh. Brutesshd uses iptables/pfctl tools to block this type of attacks

A daemon that creates realtime dynamic, expirable iptables rules to block/drop IP addresses attempting brute-force breakin attacks on a linux host via ssh or other mechanism. Highly customizable and extensible.