ssh-audit
CryptoLyzer
Our great sponsors
ssh-audit | CryptoLyzer | |
---|---|---|
21 | 8 | |
3,133 | - | |
- | - | |
8.6 | - | |
5 days ago | - | |
Python | Python | |
MIT License | Mozilla Public License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ssh-audit
-
Terrapin Attack for prefix injection in SSH
No. Mitigations are available now. Follow the recommendations from ssh-audit (master version). [0]
0. https://github.com/jtesta/ssh-audit
- SSH-audit: SSH server and client security auditing
- Quick/simple question checking for SSH vulnerabilities
- Why so many bots?
-
How to secure my self-hosted website?
Match Address 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 PasswordAuthentication yes ```` You may audit your SSH service by https://github.com/jtesta/ssh-audit
-
Why does my SSH private key still work after changing some bytes? (2016)
Off topic: audit tool for OpenSSH config files.
Posted here because SSH algorithms are a moving target.
https://github.com/jtesta/ssh-audit/tree/e50ac5c84d46e902e02...
-
SFTP (SSH) Cipher Sanity Check
In addition to ssllabs, I'll recommend jtesta's ssh-audit.py
CryptoLyzer
-
Terrapin-Scanner VS CryptoLyzer - a user suggested alternative
2 projects | 14 Jan 2024
CryptoLyzer added SSH vulnerability check in its 0.12.2 version. Terrapin attack includedd. https://cryptolyzer.readthedocs.io/en/latest/changelog/#id1
- Server TLS settings analyzer CryptoLyzer with OpenVPN support has released
- CryptoLyzer 0.8.5 with browser (Chromium, Firefox, Opera) compatibility checker
-
DHEat Attack
You can also use CryptoLyzer[1] to audit your TLS (not just HTTPS, but SMTP, IMAP, ...) and SSH servers if you do not want to use SaaS solutions.
There are another tools (open source and SaaS) on OWASP Transport Layer Protection Cheat Sheet page[2].
[1] https://gitlab.com/coroner/cryptolyzer
-
ssh-audit VS cryptolyzer - a user suggested alternative
2 projects | 24 Jan 2022
I am the author of the project. On the following link, you can find a blog post about CryptoLyzer with competitor comparison (e.g., SSLyze, testssl.sh). htps://pfeifferszilard.hu/2021/12/27/cryptolyzer-a-comprehensive-cryptographic-settings-analyzer.html
2 projects | 24 Jan 2022I am the author of the project. On the following link, you can find a blog post about CryptoLyzer with competitor comparison (e.g., SSLyze, testssl.sh). https://pfeifferszilard.hu/2021/12/27/cryptolyzer-a-comprehensive-cryptographic-settings-analyzer.html
-
testssl.sh VS cryptolyzer - a user suggested alternative
2 projects | 24 Jan 2022
I am the author of the project. On the following link, you can find a blog post about CryptoLyzer with competitor comparison (e.g., SSLyze, testssl.sh). htps://pfeifferszilard.hu/2021/12/27/cryptolyzer-a-comprehensive-cryptographic-settings-analyzer.html
-
sslyze VS cryptolyzer - a user suggested alternative
2 projects | 24 Jan 2022
I am the author of the project. On the following link, you can find a blog post about CryptoLyzer with competitor comparison (e.g., SSLyze, testssl.sh). https://pfeifferszilard.hu/2021/12/27/cryptolyzer-a-comprehensive-cryptographic-settings-analyzer.html
What are some alternatives?
Pritunl - Enterprise VPN server
davmail - DavMail POP/IMAP/SMTP/Caldav/Carddav/LDAP Exchange and Office 365 Gateway - Synced with main subversion repository at
testssl.sh - Testing TLS/SSL encryption anywhere on any port
Mitigating-Obsolete-TLS - Guidance for mitigating obsolete Transport Layer Security configurations. #nsacyber
yubikey-agent - yubikey-agent is a seamless ssh-agent for YubiKeys.
psql-hooks - Unofficial documentation for PostgreSQL hooks
ufw-docker - To fix the Docker and UFW security flaw without disabling iptables
PageSigner - Client for the TLSNotary protocol (Chromium extension).
tinyssh - TinySSH is small server (less than 100000 words of code)
server-side-tls - Server side TLS Tools
mistborn
jssh - Seemless ssh through jumpboxes & bastion hosts