ssh-mitm
proxy.py
Our great sponsors
ssh-mitm | proxy.py | |
---|---|---|
42 | 5 | |
1,211 | 2,829 | |
2.0% | - | |
8.8 | 1.0 | |
5 days ago | 16 days ago | |
Python | Python | |
GNU General Public License v3.0 only | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ssh-mitm
-
Terrapin Attack for prefix injection in SSH
There is now an issue ticket in ssh-mitm to discuss the similarities between ssh-mitm and terrapin attack: https://github.com/ssh-mitm/ssh-mitm/issues/165
-
SSH-MITM - Support for OpenSSH's certificate authority planned
You should check the Revisionhistory of the Readme file first.. https://github.com/ssh-mitm/ssh-mitm/commit/564028af25c395528446fbb679c7392469d59bfd
-
SSH-MitM 2.0.0 – Licence change to GPLv3
According to the commit log this is the license the repo was created with in 2020[0] title should be "SSH-MitM doesn't change it's license". Just a point fishing attempt? It does seem to be undoing a customized wording of the GPLv3 from Dec/2020[1]
[0]: https://github.com/ssh-mitm/ssh-mitm/commit/f4263d19211f080f...
The “customized wording” you’re seeing is “The LGPL”. It’s a different license from the GPL.
The history on the repo shows that the original license was GPL (June 2020), the author changed the license to LGPL (December 2022), and now they’re changing it to GPL again. https://github.com/ssh-mitm/ssh-mitm/commits/master/LICENSE
-
GitHub - Developers Support Ukraine
I have already added a badge to my repository: https://github.com/ssh-mitm/ssh-mitm
-
SSH – Spoofing FIDO2 Tokens
Tangential: I found the documentation for this at https://docs.ssh-mitm.at/ to be good since it went into the underlying concepts and working in some detail. As someone who uses ssh with key based authentication but hasn’t learned this at a deeper level — neither ssh nor the configuration (security, usability, etc.) — what are some good tutorials and sources to follow (I think text with diagrams and/or videos would be helpful)?
-
SSH Agent Forwarding - What are the best practices and current security issues?
Disclosure: I'm the author of SSH-MITM and the patch for PuTTY to disable trivial authentication. I want to provide more information on how to protect ssh sessions and avoid security problems.
proxy.py
-
How to Choose the Right Python Concurrency API
The article gives a good summary of the quite complex landscape of concurrency in python. There's more to it, for example gil-free c-extensions, subprocesses and cross-machine (plus IPC) communication.
But I'm particularly bothered by the fact that many articles and tutorials look at concurrency as if it's only about factoring primes or writing a web server with many (perhaps even idempotent) parallel requests.
In reality, people will often want and need to combine multiple of these approaches, and then it gets VERY messy. I.e. try to combine a multiprocessing executor with multiple asyncio loops and boom you're in some very deep waters.
One project that does this (async loops inside multiple processes) is proxy.py - very enlightening to read its code base [1].
But I really, really wish python would do more to provide simple and robust abstractions for these kinds of tasks. My dream would be a robust actor system similar to erlang, but we'll probably never get that.
-
Handling 30,000 requests/sec with `proxy.py`
See `proxy.py` examples for some inspiration :) https://github.com/abhinavsingh/proxy.py/tree/develop/examples
What are some alternatives?
mitm - 👨🏼💻 A customizable man-in-the-middle TCP intercepting proxy.
one-ring - CSP on top of AsyncIO
mitm-omegle - Watch strangers talk on Omegle (man in the middle attack explained for kids)
lokinet-exit-provider - lokinet exit node webapp
cowrie - Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io
docker-sshd - Minimal Alpine Linux Docker image with sshd exposed and rsync installed
benchmark-proxypy
sftpretty - Provides multi-threaded routines and high level protocol abstractions for a pretty quick & simple file transfer experience. Drop in replacement for pysftp.
spike - :mega: A fast reverse proxy written in PHP that helps to expose local services to the internet
hass-weatherflow2mqtt - WeatherFlow to MQTT for Home Assistant. Use UDP to get local weather data in to Home Assistant using MQTT Discovery
super-auto-pets - A tool to allow for viewing of arbitrary Super Auto Pets replays