Auditing SSHBrute-forceNEW TOOLSScanSSHSSH Auditorssh securitySSH server

SSH Auditor – The Best Way To Scan For Weak Ssh Passwords On Your Network

Want create site? Find Free WordPress Themes and plugins.

The Best Way To Scan For Weak Ssh Passwords On Your Network

ssh-auditor will automatically:

  • Re-check all known hosts as new credentials are added. It will only check the new credentials.
  • Queue a full credential scan on any new host discovered.
  • Queue a full credential scan on any known host whose ssh version or key fingerprint changes.
  • Attempt command execution as well as attempt to tunnel a TCP connection.
  • Re-check each credential using a per credential scan_interval – default 14 days.

It’s designed so that you can run ssh-auditor discover + ssh-auditor scan from cron every hour to to perform a constant audit.


Earlier demo showing all of the features

Demo showing improved log output



$ brew install go # or however you want to install the go compiler
$ go get

or Build from a git clone

$ go build

Build a static binary including sqlite

$ make static

Ensure you can use enough file descriptors

$ ulimit -n 4096

Create initial database and discover ssh servers

$ ./ssh-auditor discover -p 22 -p 2222

Add credential pairs to check

$ ./ssh-auditor addcredential root root
$ ./ssh-auditor addcredential admin admin
$ ./ssh-auditor addcredential guest guest --scan-interval 1 #check this once per day

Try credentials against discovered hosts in a batch of 20000

$ ./ssh-auditor scan

Output a report on what credentials worked

$ ./ssh-auditor vuln

RE-Check credentials that worked

$ ./ssh-auditor rescan

Output a report on duplicate key usage

$ ./ssh-auditor dupes

Report query.
This query that ssh-auditor vuln runs is

hc.hostport, hc.user, hc.password, hc.result, hc.last_tested, h.version
host_creds hc, hosts h
h.hostport = hc.hostport
and result!='' order by last_tested asc

Did you find apk for android? You can find new Free Android Games and apps.