This project is a transparent proxy framework designed for the interception, analysis, and manipulation of secure shell traffic. By terminating client and server connections independently, it provides full visibility into encrypted sessions, allowing for the monitoring of authentication flows, file transfers, and command execution in real time.
ssh-mitm/ssh-mitm की मुख्य विशेषताएं हैं: Transparent Interception Proxies, Man-in-the-Middle Frameworks, Traffic Proxying and Interception, Proxy Security Auditors, Interception Proxies, Authentication Testing, SSH Security Tools, Tunneling and Proxying।
ssh-mitm/ssh-mitm के ओपन-सोर्स विकल्पों में शामिल हैं: voorivex/pentest-guide — This project is a comprehensive web application penetration testing guide and vulnerability research framework. It… kgretzky/evilginx2 — Evilginx2 is a man-in-the-middle phishing framework designed to proxy authentication traffic between a user and a… andresriancho/w3af — w3af is a web penetration testing suite and security audit framework designed to identify and exploit vulnerabilities… wifiphisher/wifiphisher — Wifiphisher is a modular security framework designed for wireless penetration testing and social engineering auditing.… reqable/reqable-app — Reqable is a cross-platform network debugging tool that functions as an HTTP/HTTPS debugging proxy, a REST API client,… oisf/suricata — Suricata is an open-source network intrusion detection and prevention engine that analyzes live network traffic in…
This project is a comprehensive web application penetration testing guide and vulnerability research framework. It provides a structured methodology for identifying and exploiting security flaws through a phased approach involving reconnaissance, analysis, and exploitation. The resource is distinguished by its use of a curated methodology framework that links theoretical vulnerability patterns to real-world bug bounty reports and historical exploit examples. It includes a payload-based testing library and a reference system that maps specific vulnerability categories to recommended third-part
Evilginx2 is a man-in-the-middle phishing framework designed to proxy authentication traffic between a user and a target web service. By acting as a reverse proxy, the tool intercepts and relays web requests to capture credentials and session tokens in real time, enabling the bypass of multi-factor authentication mechanisms through session cookie hijacking. The platform distinguishes itself by integrating infrastructure orchestration with modular template-driven content injection. It automates the deployment of proxy servers, manages the lifecycle of encryption certificates, and applies conte
w3af is a web penetration testing suite and security audit framework designed to identify and exploit vulnerabilities in web applications. It functions as a vulnerability scanner that crawls targets to find injection points and a fuzzer used to discover hidden endpoints and test input validation. The project distinguishes itself by providing an intercepting HTTP proxy for capturing and modifying traffic, combined with a knowledge-base driven exploitation system. It enables the execution of security exploits to gain remote shell access and supports post-exploitation activities, such as routing
Wifiphisher is a modular security framework designed for wireless penetration testing and social engineering auditing. It functions as a platform for security professionals to assess the resilience of Wi-Fi networks by simulating unauthorized access, performing man-in-the-middle interceptions, and executing credential-harvesting scenarios. The tool distinguishes itself through its ability to combine rogue access point deployment with dynamic phishing interfaces. By forcing wireless clients to associate with deceptive infrastructure, the framework can capture network metadata and inject it int