ssh-penetration-testinglisted

This skill should be used when the user asks to "pentest SSH services", "enumerate SSH configurations", "brute force SSH credentials", "exploit SSH vulnerabilities", "perform SSH tunneling", or "audit SSH security". It provides comprehensive SSH penetration testing methodologies and techniques.
aiskillstore/marketplace · ★ 334 · Testing & QA · score 83

Install: claude install-skill aiskillstore/marketplace

# SSH Penetration Testing ## Purpose Conduct comprehensive SSH security assessments including enumeration, credential attacks, vulnerability exploitation, tunneling techniques, and post-exploitation activities. This skill covers the complete methodology for testing SSH service security. ## Prerequisites ### Required Tools - Nmap with SSH scripts - Hydra or Medusa for brute-forcing - ssh-audit for configuration analysis - Metasploit Framework - Python with Paramiko library ### Required Knowledge - SSH protocol fundamentals - Public/private key authentication - Port forwarding concepts - Linux command-line proficiency ## Outputs and Deliverables 1. **SSH Enumeration Report** - Versions, algorithms, configurations 2. **Credential Assessment** - Weak passwords, default credentials 3. **Vulnerability Assessment** - Known CVEs, misconfigurations 4. **Tunnel Documentation** - Port forwarding configurations ## Core Workflow ### Phase 1: SSH Service Discovery Identify SSH services on target networks: ```bash # Quick SSH port scan nmap -p 22 192.168.1.0/24 --open # Common alternate SSH ports nmap -p 22,2222,22222,2200 192.168.1.100 # Full port scan for SSH nmap -p- --open 192.168.1.100 | grep -i ssh # Service version detection nmap -sV -p 22 192.168.1.100 ``` ### Phase 2: SSH Enumeration Gather detailed information about SSH services: ```bash # Banner grabbing nc 192.168.1.100 22 # Output: SSH-2.0-OpenSSH_8.4p1 Debian-5 # Telnet banner grab telnet 192.168.1.100 22 #