awesome-repositories.com
Blog
awesome-repositories.com

Entdecke die besten Open-Source-Repositories mit KI-gestützter Suche.

EntdeckenKuratierte SuchenOpen-Source-AlternativenSelf-hosted SoftwareBlogSitemap
ProjektÜber unsRanking-MethodikPresseMCP-Server
RechtlichesDatenschutzAGB
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·
ssh-mitm avatar

ssh-mitm/ssh-mitm

0
View on GitHub↗
1,457 Stars·155 Forks·Python·GPL-3.0·4 Aufrufedocs.ssh-mitm.at↗

Ssh Mitm

Dieses Projekt ist ein transparentes Proxy-Framework, das für das Abfangen, Analysieren und Manipulieren von SSH-Datenverkehr entwickelt wurde. Durch die unabhängige Terminierung von Client- und Serververbindungen bietet es volle Transparenz über verschlüsselte Sitzungen und ermöglicht die Überwachung von Authentifizierungsabläufen, Dateiübertragungen und Befehlsausführungen in Echtzeit.

Das Tool zeichnet sich durch eine modulare, Plugin-basierte Architektur aus, die es Benutzern ermöglicht, eigene Interzeptionslogik in den Proxy-Workflow einzubinden. Es unterstützt die Erstellung ephemerer Umgebungen und Mock-Agenten im Arbeitsspeicher, was die Simulation von Sicherheitsszenarien und das Testen der Authentifizierungsrobustheit ohne externe Infrastruktur erleichtert.

Das Framework deckt ein breites Spektrum an Funktionen ab, einschließlich der Prüfung des Client-Sicherheitsverhaltens, der Erfassung von Authentifizierungsdaten und der Inspektion gekapselter Netzwerkprotokolle wie Tunnel und Remote-Management-Operationen. Es bietet zudem operative Kontrollen zur Verwaltung gleichzeitiger Sitzungen und zur Aufrechterhaltung der Sitzungsparität durch Terminal-Signal-Weiterleitung.

Features

  • Transparent Interception Proxies - Terminates client and server connections independently to provide full visibility into encrypted session data and authentication flows.
  • Man-in-the-Middle Frameworks - Terminates client and server connections independently to provide full visibility into encrypted session data and authentication flows.
  • Traffic Proxying and Interception - Acts as a modular tool for intercepting and modifying secure shell traffic, including file transfers and network tunnels.
  • Proxy Security Auditors - Serves as a transparent proxy for auditing authentication flows and client security behavior in real time.
  • Interception Proxies - Inspects and manipulates authentication flows to capture credentials or force interactive fallbacks.
  • Authentication Testing - Probes remote servers and simulates client responses to evaluate the robustness of authentication methods and multi-factor security.
  • SSH Security Tools - Analyzes client and server authentication behavior to identify vulnerabilities and weak configurations in remote access implementations.
  • Tunneling and Proxying - Enables remote port forwarding and proxy jump capabilities to facilitate complex network traversal.
  • NETCONF Subsystem Interceptions - Provides real-time inspection and modification of NETCONF operations within secure shell tunnels.
  • SSH Session Simulations - Facilitates testing of authentication robustness by simulating SSH environments entirely in memory.
  • Interception Proxies - Intercepts file transfers to store copies or replace files on the fly during active sessions.
  • Traffic Protocol Inspection - Parses and manipulates encapsulated data streams including network tunnels, file transfers, and terminal output during active sessions.
  • Application-Layer Protocol Inspections - Captures and parses encapsulated traffic like NETCONF, SOCKS tunnels, and file transfers within secure shell connections.
  • Authentication Credential Captures - Intercepts passwords and public key authentication attempts to audit how sensitive credentials are handled.
  • Bypass Testing - Exploits authentication negotiation vulnerabilities to circumvent hardware-based security requirements during testing.
  • Authentication Method Auditing - Probes remote servers for supported authentication methods and validates public keys to identify security misconfigurations.
  • Client Behavior Auditing - Identifies potential vulnerabilities in authentication handling by analyzing how clients respond to manipulated server responses.
  • Multi-Factor Authentication Bypass Testing - Intercepts authentication requests to establish sessions using basic credentials, bypassing hardware-based multi-factor confirmations.
  • Encapsulated Traffic Inspection - Captures and inspects TCP tunnels, SOCKS forwarding, and remote command sessions to monitor encapsulated communications.
  • Session Auditing - Decrypts and displays live terminal output while logging command execution and state transitions for security auditing.
  • SSH Agent Forwarding - Utilizes forwarded authentication agents to establish connections to remote servers after session interception.
  • Host Key Auto-Generators - Supports multiple host key algorithms and persists generated keys to maintain consistent server identity.
  • Vulnerability Analysis - Evaluates connecting software security by observing key negotiation and protocol behaviors to detect implementation weaknesses.
  • Security Testing and Auditing - Examines negotiation behavior during connection attempts to identify known vulnerabilities and security weaknesses in remote session software.
  • Asynchronous Session Management - Manages concurrent sessions as asynchronous coroutines to ensure stable performance during high-volume traffic analysis.
  • Plugin-Based Extensibility - Enables developers to inject custom interception logic and automated responses into the proxy workflow through modular plugins.
  • Live User Session Mirroring - Mirrors active sessions to enable real-time monitoring and command injection while remaining transparent to the user.

Star-Verlauf

Star-Verlauf für ssh-mitm/ssh-mitmStar-Verlauf für ssh-mitm/ssh-mitm

KI-Suche

Entdecke weitere awesome Repositories

Beschreibe in einfachen Worten, was du brauchst — die KI bewertet tausende kuratierte Open-Source-Projekte nach Relevanz.

Start searching with AI

Kuratierte Suchen mit Ssh Mitm

Handverlesene Sammlungen, in denen Ssh Mitm vorkommt.
  • Toolkits für Man-in-the-Middle-Netzwerksicherheit

Open-Source-Alternativen zu Ssh Mitm

Ähnliche Open-Source-Projekte, sortiert nach der Anzahl der gemeinsamen Funktionen mit Ssh Mitm.
  • voorivex/pentest-guideAvatar von Voorivex

    Voorivex/pentest-guide

    2,761Auf GitHub ansehen↗

    This project is a comprehensive web application penetration testing guide and vulnerability research framework. It provides a structured methodology for identifying and exploiting security flaws through a phased approach involving reconnaissance, analysis, and exploitation. The resource is distinguished by its use of a curated methodology framework that links theoretical vulnerability patterns to real-world bug bounty reports and historical exploit examples. It includes a payload-based testing library and a reference system that maps specific vulnerability categories to recommended third-part

    bugbountybypassowasp-tests
    Auf GitHub ansehen↗2,761
  • kgretzky/evilginx2Avatar von kgretzky

    kgretzky/evilginx2

    14,627Auf GitHub ansehen↗

    Evilginx2 is a man-in-the-middle phishing framework designed to proxy authentication traffic between a user and a target web service. By acting as a reverse proxy, the tool intercepts and relays web requests to capture credentials and session tokens in real time, enabling the bypass of multi-factor authentication mechanisms through session cookie hijacking. The platform distinguishes itself by integrating infrastructure orchestration with modular template-driven content injection. It automates the deployment of proxy servers, manages the lifecycle of encryption certificates, and applies conte

    Go
    Auf GitHub ansehen↗14,627
  • andresriancho/w3afAvatar von andresriancho

    andresriancho/w3af

    4,850Auf GitHub ansehen↗

    w3af is a web penetration testing suite and security audit framework designed to identify and exploit vulnerabilities in web applications. It functions as a vulnerability scanner that crawls targets to find injection points and a fuzzer used to discover hidden endpoints and test input validation. The project distinguishes itself by providing an intercepting HTTP proxy for capturing and modifying traffic, combined with a knowledge-base driven exploitation system. It enables the execution of security exploits to gain remote shell access and supports post-exploitation activities, such as routing

    Pythonappseccross-site-scriptingscanner
    Auf GitHub ansehen↗4,850
  • wifiphisher/wifiphisherAvatar von wifiphisher

    wifiphisher/wifiphisher

    14,631Auf GitHub ansehen↗

    Wifiphisher is a modular security framework designed for wireless penetration testing and social engineering auditing. It functions as a platform for security professionals to assess the resilience of Wi-Fi networks by simulating unauthorized access, performing man-in-the-middle interceptions, and executing credential-harvesting scenarios. The tool distinguishes itself through its ability to combine rogue access point deployment with dynamic phishing interfaces. By forcing wireless clients to associate with deceptive infrastructure, the framework can capture network metadata and inject it int

    Pythonaccess-pointattackmalware
    Auf GitHub ansehen↗14,631
Alle 30 Alternativen zu Ssh Mitm anzeigen→

Häufig gestellte Fragen

Was macht ssh-mitm/ssh-mitm?

Dieses Projekt ist ein transparentes Proxy-Framework, das für das Abfangen, Analysieren und Manipulieren von SSH-Datenverkehr entwickelt wurde. Durch die unabhängige Terminierung von Client- und Serververbindungen bietet es volle Transparenz über verschlüsselte Sitzungen und ermöglicht die Überwachung von Authentifizierungsabläufen, Dateiübertragungen und Befehlsausführungen in Echtzeit.

Was sind die Hauptfunktionen von ssh-mitm/ssh-mitm?

Die Hauptfunktionen von ssh-mitm/ssh-mitm sind: Transparent Interception Proxies, Man-in-the-Middle Frameworks, Traffic Proxying and Interception, Proxy Security Auditors, Interception Proxies, Authentication Testing, SSH Security Tools, Tunneling and Proxying.

Welche Open-Source-Alternativen gibt es zu ssh-mitm/ssh-mitm?

Open-Source-Alternativen zu ssh-mitm/ssh-mitm sind unter anderem: voorivex/pentest-guide — This project is a comprehensive web application penetration testing guide and vulnerability research framework. It… kgretzky/evilginx2 — Evilginx2 is a man-in-the-middle phishing framework designed to proxy authentication traffic between a user and a… andresriancho/w3af — w3af is a web penetration testing suite and security audit framework designed to identify and exploit vulnerabilities… wifiphisher/wifiphisher — Wifiphisher is a modular security framework designed for wireless penetration testing and social engineering auditing.… reqable/reqable-app — Reqable is a cross-platform network debugging tool that functions as an HTTP/HTTPS debugging proxy, a REST API client,… oisf/suricata — Suricata is an open-source network intrusion detection and prevention engine that analyzes live network traffic in…