SSH server auditing Tool – Penetration Testing in Linux

ssh-audit

ssh-audit is a tool for ssh server auditing.

Features

SSH1 and SSH2 protocol server support;
grab banner, recognize device or software and operating system, detect compression;
gather key-exchange, host-key, encryption and message authentication code algorithms;
output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc);
output algorithm recommendations (append or remove based on recognized software version);
output security information (related issues, assigned CVE list, etc);
analyze SSH version compatibility based on algorithm information;
historical information from OpenSSH, Dropbear SSH and libssh;
no dependencies, compatible with Python 2.6+, Python 3.x and PyPy;

Usage

usage: ssh-audit.py [-bnv] [-l ]

-1, –ssh1 force ssh version 1 only
-2, –ssh2 force ssh version 2 only
-b, –batch batch output
-n, –no-colors disable colors
-v, –verbose verbose output
-l, –level= minimum output level (info|warn|fail)

batch flag -b will output sections without header and without empty lines (implies verbose flag).
verbose flag -v will prefix each line with section type and algorithm name.

Downloadroot@kali:~/Desktop# git clone http://ift.tt/2pukYcj

Source

The post SSH server auditing Tool appeared first on Penetration Testing in Linux. http://ift.tt/2oihR6p http://ift.tt/2aM8QhC

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s