awesome-repositories.com
المدونة
awesome-repositories.com

اكتشف أفضل مستودعات المصادر المفتوحة باستخدام بحث مدعوم بالذكاء الاصطناعي.

استكشفعمليات بحث منسقةبدائل مفتوحة المصدربرمجيات ذاتية الاستضافةالمدونةخريطة الموقع
المشروعحولكيفية ترتيب النتائجالصحافةخادم MCP
قانونيالخصوصيةالشروط
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·
ssh-mitm avatar

ssh-mitm/ssh-mitm

0
View on GitHub↗
1,457 نجوم·155 تفرعات·Python·GPL-3.0·4 مشاهداتdocs.ssh-mitm.at↗

Ssh Mitm

هذا المشروع عبارة عن إطار عمل للوكيل الشفاف (transparent proxy) مصمم لاعتراض وتحليل ومعالجة حركة مرور بروتوكول Secure Shell (SSH). من خلال إنهاء اتصالات العميل والخادم بشكل مستقل، يوفر المشروع رؤية كاملة للجلسات المشفرة، مما يسمح بمراقبة تدفقات المصادقة، ونقل الملفات، وتنفيذ الأوامر في الوقت الفعلي.

تتميز الأداة ببنية معيارية تعتمد على الإضافات (plugins) التي تمكن المستخدمين من حقن منطق اعتراض مخصص في سير عمل الوكيل. كما تدعم إنشاء بيئات مؤقتة وعملاء وهميين في الذاكرة، مما يسهل محاكاة سيناريوهات الأمان واختبار قوة المصادقة دون الحاجة إلى بنية تحتية خارجية.

يغطي إطار العمل مساحة واسعة من القدرات، بما في ذلك تدقيق سلوك أمان العميل، والتقاط بيانات اعتماد المصادقة، وفحص بروتوكولات الشبكة المغلفة مثل الأنفاق وعمليات الإدارة عن بُعد. كما يوفر عناصر تحكم تشغيلية لإدارة الجلسات المتزامنة والحفاظ على تكافؤ الجلسة من خلال إعادة توجيه إشارات الطرفية.

Features

  • Transparent Interception Proxies - Terminates client and server connections independently to provide full visibility into encrypted session data and authentication flows.
  • Man-in-the-Middle Frameworks - Terminates client and server connections independently to provide full visibility into encrypted session data and authentication flows.
  • Traffic Proxying and Interception - Acts as a modular tool for intercepting and modifying secure shell traffic, including file transfers and network tunnels.
  • Proxy Security Auditors - Serves as a transparent proxy for auditing authentication flows and client security behavior in real time.
  • Interception Proxies - Inspects and manipulates authentication flows to capture credentials or force interactive fallbacks.
  • Authentication Testing - Probes remote servers and simulates client responses to evaluate the robustness of authentication methods and multi-factor security.
  • SSH Security Tools - Analyzes client and server authentication behavior to identify vulnerabilities and weak configurations in remote access implementations.
  • Tunneling and Proxying - Enables remote port forwarding and proxy jump capabilities to facilitate complex network traversal.
  • NETCONF Subsystem Interceptions - Provides real-time inspection and modification of NETCONF operations within secure shell tunnels.
  • SSH Session Simulations - Facilitates testing of authentication robustness by simulating SSH environments entirely in memory.
  • Interception Proxies - Intercepts file transfers to store copies or replace files on the fly during active sessions.
  • Traffic Protocol Inspection - Parses and manipulates encapsulated data streams including network tunnels, file transfers, and terminal output during active sessions.
  • Application-Layer Protocol Inspections - Captures and parses encapsulated traffic like NETCONF, SOCKS tunnels, and file transfers within secure shell connections.
  • Authentication Credential Captures - Intercepts passwords and public key authentication attempts to audit how sensitive credentials are handled.
  • Bypass Testing - Exploits authentication negotiation vulnerabilities to circumvent hardware-based security requirements during testing.
  • Authentication Method Auditing - Probes remote servers for supported authentication methods and validates public keys to identify security misconfigurations.
  • Client Behavior Auditing - Identifies potential vulnerabilities in authentication handling by analyzing how clients respond to manipulated server responses.
  • Multi-Factor Authentication Bypass Testing - Intercepts authentication requests to establish sessions using basic credentials, bypassing hardware-based multi-factor confirmations.
  • Encapsulated Traffic Inspection - Captures and inspects TCP tunnels, SOCKS forwarding, and remote command sessions to monitor encapsulated communications.
  • Session Auditing - Decrypts and displays live terminal output while logging command execution and state transitions for security auditing.
  • SSH Agent Forwarding - Utilizes forwarded authentication agents to establish connections to remote servers after session interception.
  • Host Key Auto-Generators - Supports multiple host key algorithms and persists generated keys to maintain consistent server identity.
  • Vulnerability Analysis - Evaluates connecting software security by observing key negotiation and protocol behaviors to detect implementation weaknesses.
  • Security Testing and Auditing - Examines negotiation behavior during connection attempts to identify known vulnerabilities and security weaknesses in remote session software.
  • Asynchronous Session Management - Manages concurrent sessions as asynchronous coroutines to ensure stable performance during high-volume traffic analysis.
  • Plugin-Based Extensibility - Enables developers to inject custom interception logic and automated responses into the proxy workflow through modular plugins.
  • Live User Session Mirroring - Mirrors active sessions to enable real-time monitoring and command injection while remaining transparent to the user.

سجل النجوم

مخطط تاريخ النجوم لـ ssh-mitm/ssh-mitmمخطط تاريخ النجوم لـ ssh-mitm/ssh-mitm

بحث بالذكاء الاصطناعي

استكشف المزيد من المستودعات الرائعة

صف ما تحتاجه بلغة بسيطة — وسيقوم الذكاء الاصطناعي بترتيب آلاف المشاريع مفتوحة المصدر المنسقة حسب الصلة.

Start searching with AI

بدائل مفتوحة المصدر لـ Ssh Mitm

مشاريع مفتوحة المصدر مشابهة، مرتبة حسب عدد الميزات المشتركة مع Ssh Mitm.
  • voorivex/pentest-guideالصورة الرمزية لـ Voorivex

    Voorivex/pentest-guide

    2,761عرض على GitHub↗

    This project is a comprehensive web application penetration testing guide and vulnerability research framework. It provides a structured methodology for identifying and exploiting security flaws through a phased approach involving reconnaissance, analysis, and exploitation. The resource is distinguished by its use of a curated methodology framework that links theoretical vulnerability patterns to real-world bug bounty reports and historical exploit examples. It includes a payload-based testing library and a reference system that maps specific vulnerability categories to recommended third-part

    bugbountybypassowasp-tests
    عرض على GitHub↗2,761
  • kgretzky/evilginx2الصورة الرمزية لـ kgretzky

    kgretzky/evilginx2

    14,627عرض على GitHub↗

    Evilginx2 is a man-in-the-middle phishing framework designed to proxy authentication traffic between a user and a target web service. By acting as a reverse proxy, the tool intercepts and relays web requests to capture credentials and session tokens in real time, enabling the bypass of multi-factor authentication mechanisms through session cookie hijacking. The platform distinguishes itself by integrating infrastructure orchestration with modular template-driven content injection. It automates the deployment of proxy servers, manages the lifecycle of encryption certificates, and applies conte

    Go
    عرض على GitHub↗14,627
  • andresriancho/w3afالصورة الرمزية لـ andresriancho

    andresriancho/w3af

    4,850عرض على GitHub↗

    w3af is a web penetration testing suite and security audit framework designed to identify and exploit vulnerabilities in web applications. It functions as a vulnerability scanner that crawls targets to find injection points and a fuzzer used to discover hidden endpoints and test input validation. The project distinguishes itself by providing an intercepting HTTP proxy for capturing and modifying traffic, combined with a knowledge-base driven exploitation system. It enables the execution of security exploits to gain remote shell access and supports post-exploitation activities, such as routing

    Pythonappseccross-site-scriptingscanner
    عرض على GitHub↗4,850
  • wifiphisher/wifiphisherالصورة الرمزية لـ wifiphisher

    wifiphisher/wifiphisher

    14,631عرض على GitHub↗

    Wifiphisher is a modular security framework designed for wireless penetration testing and social engineering auditing. It functions as a platform for security professionals to assess the resilience of Wi-Fi networks by simulating unauthorized access, performing man-in-the-middle interceptions, and executing credential-harvesting scenarios. The tool distinguishes itself through its ability to combine rogue access point deployment with dynamic phishing interfaces. By forcing wireless clients to associate with deceptive infrastructure, the framework can capture network metadata and inject it int

    Pythonaccess-pointattackmalware
    عرض على GitHub↗14,631
عرض جميع البدائل الـ 30 لـ Ssh Mitm→

الأسئلة الشائعة

ما هي وظيفة ssh-mitm/ssh-mitm؟

هذا المشروع عبارة عن إطار عمل للوكيل الشفاف (transparent proxy) مصمم لاعتراض وتحليل ومعالجة حركة مرور بروتوكول Secure Shell (SSH). من خلال إنهاء اتصالات العميل والخادم بشكل مستقل، يوفر المشروع رؤية كاملة للجلسات المشفرة، مما يسمح بمراقبة تدفقات المصادقة، ونقل الملفات، وتنفيذ الأوامر في الوقت الفعلي.

ما هي الميزات الرئيسية لـ ssh-mitm/ssh-mitm؟

الميزات الرئيسية لـ ssh-mitm/ssh-mitm هي: Transparent Interception Proxies, Man-in-the-Middle Frameworks, Traffic Proxying and Interception, Proxy Security Auditors, Interception Proxies, Authentication Testing, SSH Security Tools, Tunneling and Proxying.

ما هي البدائل مفتوحة المصدر لـ ssh-mitm/ssh-mitm؟

تشمل البدائل مفتوحة المصدر لـ ssh-mitm/ssh-mitm: voorivex/pentest-guide — This project is a comprehensive web application penetration testing guide and vulnerability research framework. It… kgretzky/evilginx2 — Evilginx2 is a man-in-the-middle phishing framework designed to proxy authentication traffic between a user and a… andresriancho/w3af — w3af is a web penetration testing suite and security audit framework designed to identify and exploit vulnerabilities… wifiphisher/wifiphisher — Wifiphisher is a modular security framework designed for wireless penetration testing and social engineering auditing.… reqable/reqable-app — Reqable is a cross-platform network debugging tool that functions as an HTTP/HTTPS debugging proxy, a REST API client,… oisf/suricata — Suricata is an open-source network intrusion detection and prevention engine that analyzes live network traffic in…

مجموعات مختارة تضم Ssh Mitm

مجموعات منسقة بعناية يظهر فيها Ssh Mitm.
  • مجموعات أدوات أمان الشبكات لهجمات الرجل في المنتصف (MitM)