CVE-2023-48795

ssh, scp and sftp for java

sshj - SSHv2 library for Java Warning SSHJ versions up to and including 0370 are vulnerable to CVE-2023-48795 - Terrapin Please upgrade to 0380 or higher To get started, have a look at one of the examples Hopefully you will find the API pleasant to work with :) Getting SSHJ To get SSHJ, you have two options: Add a dependency to SSHJ to your

SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)

ssh-audit ssh-audit is a tool for ssh server & client configuration auditing jtesta/ssh-audit (v20+) is the updated and maintained version of ssh-audit forked from arthepsy/ssh-audit (v1x) due to inactivity Features Usage Screenshots Server Standard Audit Example Server Policy Audit Example Client Standard Audit Example Hardening Guides Pre-Built Packages W

This repository contains the artifacts for the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation".

Artifacts for Terrapin This repository contains artifacts for the paper "Terrapin Attack: Breaking SSH Channel Integrity By Sequence Number Manipulation", accepted at 33rd USENIX Security Symposium The code in this repository contains, among other artifacts, proof-of-concept attack proxies for the following CVEs: CVE-2023-48795 (general protocol flaw) CVE-2023-46445

SSH Terrapin Vulnerability Checker Overview This script is designed to simulate an SSH handshake with potential Terrapin manipulation, a vulnerability known as CVE-2023-48795 The Terrapin vulnerability is a man-in-the-middle prefix truncation weakness in SSH servers, allowing remote attackers to bypass integrity checks and downgrade the connection's security The vulnerab

openssh-server-gael This is NOT an original piece of work, just a snap of OpenSSH server The SSH2 protocol implemented in OpenSSH is standardized by the IETF secsh working group and is specified in several RFCs and drafts The overall structure of SSH2 is described in the architecture RFC Installation sudo snap install openssh-server-gael_89_amd64snap --devmode First use R

vagrant environment to test PowerShell/Win32-OpenSSH

This is a vagrant environment to test the PowerShell/Win32-OpenSSH service, which intents to be integrated into the upstream Portable OpenSSH project as the native SSHD for Windows In this environment you'll also find several language examples on how to access a machine through SSH Usage Build and install the Windows 2022 base image Launch the SSH server machine: vagran

Harden the OpenSSH implementation in Windows 10/11 with the help of methods from Positron Security

Harden-Windows-SSH The OpenSSH implementation in Windows 11 is vulnerable to security weaknesses, including the recently discovered Terrapin attack among other security weaknesses This repository provides PowerShell scripts to mitigate these weaknesses as much as possible The hardening measures are taken from SSH-Audit Install latest OpenSSH version for Windows It is strongl

Demo set for a hands-on experience with Akamai Cloud core primitives during the Akamai University training event

Akamai University Compute Demo This repository is a demonstration highlighting how developers can leverage the core primitives of Akamai/Linode cloud platform to seamlessly deploy cloud-native applications Offering a glimpse into a day in the life of a software developer or cloud engineer, this demo covers key aspects such as app deployment, containerization, security, networ