Links

Readme

SSH enumeration is a key step in assessing the security of an SSH server. This tutorial covers the basics of SSH enumeration and provides a comprehensive look at SSH penetration testing techniques.
SSH enumeration is an important skill for performing penetration tests on remote systems.
This website provides step-by-step instructions on how to use various tools to enumerate SSH servers, detect potential flaws, and exploit those vulnerabilities for penetration testing.
Gain the knowledge and skills you need to safely simulate real-world attack scenarios.

Dangerous Settings

Setting
Description
PasswordAuthentication yes
Allows password-based authentication.
PermitEmptyPasswords yes
Allows the use of empty passwords.
PermitRootLogin yes
Allows to log in as the root user.
Protocol 1
Uses an outdated version of encryption.
X11Forwarding yes
Allows X11 forwarding for GUI applications.
AllowTcpForwarding yes
Allows forwarding of TCP ports.
PermitTunnel
Allows tunneling.
DebianBanner yes
Displays a specific banner when logging in.