Our great sponsors
-
Terrapin-Scanner
This repository contains a simple vulnerability scanner for the Terrapin attack present in the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation".
-
CryptoLyzer
CryptoLyzer is a fast, flexible and comprehensive server cryptographic protocol (TLS, SSL, SSH, DNSSEC) and related setting (HTTP headers, DNS records) analyzer and fingerprint (JA3, HASSH tag) generator with Python API and CLI/.
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
CryptoLyzer added SSH vulnerability check in its 0.12.2 version. Terrapin attack includedd. https://cryptolyzer.readthedocs.io/en/latest/changelog/#id1
Related posts
- Heartbleed and XZ Backdoor Learnings: Open Source Infrastructure Can Be Improved Efficiently With Moderate Funding
- Ask HN: How does the xz backdoor replace RSA_public_decrypt?
- Tell HN: Ubiquiti APs likely vulnerable to Terrapin
- Pingora: HTTP Server and Proxy Library, in Rust, by Cloudflare, Released
- Terrapin SSH Attack: An Overview