ssh-penetration-testing

Conduct comprehensive SSH security assessments including enumeration, credential attacks, vulnerability exploitation, tunneling techniques, and post-exploitation activities. This skill covers the complete methodology for testing SSH service security. Identify SSH services on target networks: Gather detailed information about SSH services: Identify weak configurations: Key configuration weaknesses to identify: Test for weak or exposed keys: Check for exposed keys: Search for known vulnerabilities: Forward local port to remote service: Expose local service to remote network: Create SOCKS proxy for network pivoting: Chain through multiple SSH servers: Activities after gaining SSH access: Python-based SSH automation: Use Metasploit for comprehensive SSH testing: This skill is applicable to execute the workflow or actions described in the overview. - Nmap with SSH scripts - Hydra or Medusa for brute-forcing - ssh-audit for configuration analysis - Metasploit Framework - Python with Paramiko library - SSH protocol fundamentals - Public/private key authentication - Port forwarding concepts - Linux command-line proficiency - SSH Enumeration Report - Versions, algorithms, configurations - Credential Assessment - Weak passwords, default credentials - Vulnerability Assessment - Known CVEs, misconfigurations - Tunnel Documentation - Port forwarding configurations - Weak key exchange...