SSH server auditing Tool – Penetration Testing in Linux


ssh-audit is a tool for ssh server auditing.


SSH1 and SSH2 protocol server support;
grab banner, recognize device or software and operating system, detect compression;
gather key-exchange, host-key, encryption and message authentication code algorithms;
output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc);
output algorithm recommendations (append or remove based on recognized software version);
output security information (related issues, assigned CVE list, etc);
analyze SSH version compatibility based on algorithm information;
historical information from OpenSSH, Dropbear SSH and libssh;
no dependencies, compatible with Python 2.6+, Python 3.x and PyPy;


usage: [-bnv] [-l ]

-1, –ssh1 force ssh version 1 only
-2, –ssh2 force ssh version 2 only
-b, –batch batch output
-n, –no-colors disable colors
-v, –verbose verbose output
-l, –level= minimum output level (info|warn|fail)

batch flag -b will output sections without header and without empty lines (implies verbose flag).
verbose flag -v will prefix each line with section type and algorithm name.

Downloadroot@kali:~/Desktop# git clone


The post SSH server auditing Tool appeared first on Penetration Testing in Linux.


Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do

Você está comentando utilizando sua conta Sair /  Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair /  Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair /  Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair /  Alterar )


Conectando a %s