ssh
A golang implementation of endlessh (SSH tarpit) exporting Prometheus metrics, visualized by a Grafana dashboard.
runn ( means "Run N". is pronounced /rʌ́n én/. ) is a package/tool for running operations following a scenario.
Key features of runn are:
-
As a tool for scenario based testing.
-
As a test helper package for the Go language.
-
As a tool for workflow automation.
-
Support HTTP request, gRPC request, DB query, Chrome DevTools Protocol, and SSH/Local command execution
-
OpenAPI Document-like syntax for HTTP request testing.
-
Single binary = CI-Friendly.
An executable to convert SOCKS5 proxy into HTTP proxy.
Related contents:
shell teleporter plugin/dotfiles manager (bash/zsh/ksh).
bash/zsh/ksh plugin/dotfiles manager and teleporter
Your shell env and plugins are available everywhere (hosts/users)
bzzz bzzz !
What's the point to have a fine tuned local shell environment if you lose it as soon as you connect to another server / sudo to another user ?
Secure Snake Home, or ssh, is a protocol and client for securely playing multiplayer snake over the internet.
Related contents:
Modern credential testing tool in pure Go.
Fast, zero-dependency credential testing tool in Go. Brute force SSH, MySQL, PostgreSQL, Redis, MongoDB, SMB, and 20+ protocols. Hydra alternative with native fingerprintx/naabu pipeline integration.
Brutus is a multi-protocol authentication testing tool designed to address a critical gap in offensive security tooling: efficient credential validation across diverse network services. While HTTP-focused tools are abundant, penetration testers and red team operators frequently encounter databases, SSH, SMB, and other network services that require purpose-built authentication testing capabilities.
Dropbear is a relatively small SSH server and client. It runs on a variety of unix platforms. Dropbear is open source software, distributed under a MIT-style license. Dropbear is particularly useful for "embedded"-type Linux (or other Unix) systems, such as wireless routers.
Related contents:
The open source server management software for SSH, VNC & RDP.
Connect to your servers via SSH, VNC & RDP. Manage files, deploy containers, and monitor your infrastructure - all from one place.
Related contents:
Secure SSH bastion & PAM/NSS modules for LemonLDAP::NG - Centralized SSH & sudo access control with SSO integration.
Control SSH access and sudo privileges on your Linux servers through a centralized bastion server.
Open Bastion integrates your servers with LemonLDAP::NG (LLNG) to centrally manage who can SSH into which servers and who can use sudo. Administrators define access rules in the portal, and the PAM/NSS modules enforce them on each server.
Related contents:
Backup Docker volumes locally or to any S3, WebDAV, Azure Blob Storage, Dropbox, Google Drive or SSH compatible storage.
The offen/docker-volume-backup Docker image can be used as a lightweight (below 15MB) companion container to an existing Docker setup. It handles recurring or one-off backups of Docker volumes to a local directory, any S3, WebDAV, Azure Blob Storage, Dropbox, Google Drive or SSH compatible storage (or any combination thereof) and rotates away old backups if configured. It also supports encrypting your backups using GPG and sending notifications for (failed) backup runs.
A guide for how to use your smartphone to code anywhere at anytime.
SSHM is a beautiful command-line tool that transforms how you manage and connect to your SSH hosts. Built with Go and featuring an intuitive TUI interface, it makes SSH connection management effortless and enjoyable.
Related contents:
Protect your SSH keys with your Mac's Secure Enclave.
Secretive is an app for protecting and managing SSH keys with the Secure Enclave.
Related contents:
UI for Backup automation over SSH, replacing custom shell scripts and cron configurations, as a binary < 50 MB.
BackApp is a Go + React application that lets automatically schedule and inspect backups of remote servers via SSH.
It is a very lightweight server (under 50 MB) that runs locally (or on a dedicated machine) and provides a web interface to manage backup profiles.
Easy, GUI SSH config editor and validator built with Python, GTK 4 and libadwaita.
Related contents:
The easiest way to expose localhost to the internet. Expose localhost to the internet.
Instant public URLs for your local web server. No installation required. Just SSH.
Related contents:
User-friendly SSH Connection Manager.
SSH Pilot is a user-friendly, lightweight SSH connection manager with an integrated terminal and SFTP client.
No more memorizing host aliases or complex SSH commands to manage your machines, deploy keys or set up port forwarding.
Related contents:
A terminal-based SSH manager inspired by lazydocker and k9s - Written in go.
Lazyssh is a terminal-based, interactive SSH manager inspired by tools like lazydocker and k9s — but built for managing your fleet of servers directly from your terminal. With lazyssh, you can quickly navigate, connect, manage, and transfer files between your local machine and any server defined in your ~/.ssh/config. No more remembering IP addresses or running long scp commands — just a clean, keyboard-driven UI.
Recall your SSH sessions (also search your SSH config file).
Related contents:
Bring your .bashrc, .vimrc, etc. with you when you ssh.
sshrc works just like ssh, but it also sources the ~/.sshrc on your local computer after logging in remotely.
Related contents:
Exosphere offers aggregated patch and security update reporting as well as basic system status across multiple Unix-like hosts via SSH.
Exosphere is a CLI and Text UI driven application that offers aggregated patch and security update reporting as well as basic system status across multiple Unix-like hosts over SSH.
It is targeted at small to medium sized networks, and is designed to be simple to deploy and use, requiring no central server, agents and complex dependencies on remote hosts.
Bundle and save your SSH keys with Nix. This flake provides a way to encrypt and bundle your SSH keys and SSH config in a readable format!
Shoji-Nix is a Nix flake designed to manage and securely store your SSH keys. With Shoji-Nix, you can bundle your SSH configuration and .ssh folder into a YAML file which can then be encrypted and saved in your repository.
Cloud-based development using your local tools.
Mutagen provides real-time file synchronization and flexible network forwarding for developers, extending the reach of local development tools to cloud-based containers and infrastructure.
Mutagen is a new kind of remote development tool that enables your existing local tools to work with code in remote environments like cloud servers and containers. It does this by providing high-performance real-time file synchronization and flexible network forwarding. It supports synchronization and forwarding between local systems, SSH-accessible locations, and Docker containers.
An open-source security log auditing & RDP, VNC, SSH and databases management bastion platform.
PHP Secure Communications Library.
Pure-PHP implementations of SSH, SFTP, RSA / DSA / Elliptic Curves, AES / ChaCha20 / etc, X.509
Social Media via SSH.
itter.sh is your escape from the noise. It's a micro-blogging platform accessed entirely via SSH. No web browser. No JavaScript. No endless scroll of algorithmic 'content'. Just you, your trusty terminal, and 180 characters at a time ("eets"). Why? Because terminals are cool. Because less is more. Because sometimes, you just need to type.
The last bastion
Secure access to your internal SSH, HTTPS, MySQL and Postgres servers with SSO and RBAC.
Related contents:
The ultimate ssh powered services for developers.
Our mission is to enable developers with services that help them rapidly prototype on the web. We want to make it easier than ever for developers to share their projects with the world.
A ssl/ssh multiplexer.
Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port).
sslh accepts connections on specified ports, and forwards them further based on tests performed on the first data packet sent by the remote client.
Probes for HTTP, TLS/SSL (including SNI and ALPN), SSH, OpenVPN, tinc, XMPP, SOCKS5, are implemented, and any other protocol that can be tested using a regular expression, can be recognised. A typical use case is to allow serving several services on port 443 (e.g. to connect to SSH from inside a corporate firewall, which almost never block port 443) while still serving HTTPS on that port.
Related contents:
Corkscrew is a tool for tunneling SSH through HTTP proxies, but... you might find another use for it.
Related contents:
Stealth tunneling through HTTP(S) proxies.
This is proxytunnel, a program that connects stdin and stdout to an origin server somewhere in the Internet through an industry standard HTTPS proxy. I originally wrote this program to be used as an extension to SSH, to be able to SSH to my box at home. In this file, I will describe the use with SSH. If you want to use it with some other application, feel free, and let me know!
Related contents:
opkssh is a tool which enables ssh to be used with OpenID Connect allowing SSH access management via identities like alice@example.com instead of long-lived SSH keys. It does not replace ssh, but rather generates ssh public keys that contain PK Tokens and configures sshd to verify the PK Token in the ssh public key. These PK Tokens contain standard OpenID Connect ID Tokens. This protocol builds on the OpenPubkey which adds user public keys to OpenID Connect without breaking compatibility with existing OpenID Provider.
Related contents:
Termix is an open-source forever free self-hosted server management panel.
Termix is an open-source forever free self-hosted SSH (other protocols planned, see Planned Features) server management panel inspired by Nexterm. Its purpose is to provide an all-in-one docker-hosted web solution to manage your servers in one easy place. I'm using this project to help me learn React, Vite, and Docker but also because I could never settle on a server management software that I enjoyed to use.
Related contents:
Smart SSH, HTTPS and MySQL bastion that requires no additional client-side software.
Run sequential command(s) on a group of SSH servers.
SSH Commander is a powerful, colorful command-line tool for executing commands across multiple SSH servers simultaneously. It supports both password and key-based authentication, custom ports, and can execute both single commands and command files.
Seamless, technology-driven remote access from anywhere, at any time. Take control of your servers and devices from any location while boosting security through our centralized SSH gateway tailored for edge and cloud computing.
SSH tarpit that slowly sends an endless banner.
Endlessh is an SSH tarpit that very slowly sends an endless, random SSH banner. It keeps SSH clients locked up for hours or even days at a time. The purpose is to put your real SSH server on another port and then let the script kiddies get stuck in this tarpit instead of bothering a real server.
Related contents:
🧸 fully isolated honeypot ssh server using thrussh.
A very simple SSH server using thrussh that exposes mocked versions of a bash shell, some commands and SSH subsystems to act as a honeypot for would-be crackers.
All actions undertaken on the connection by the client are recorded in JSON format in an audit log file.
Authentication, authorization, traceability and auditability for SSH accesses.
A so-called bastion is a machine used as a single entry point by operational teams (such as sysadmins, developers, devops, database admins, etc.) to securely connect to other machines of an infrastructure, usually using ssh.
The bastion provides mechanisms for authentication, authorization, traceability and auditability for the whole infrastructure.
Related contents:
SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
This free tool audits the configuration of an SSH server or client and highlights the areas needing improvement.
Too many admins overlook SSH configuration when setting up new systems. Unfortunately, the defaults for many operating systems are optimized for compatibility, not security.
🌱 Web based ssh client.
A simple web application to be used as an ssh client to connect to your ssh servers. It is written in Python, base on tornado, paramiko and xterm.js.
Simple Localhost Tunnels.
Public URLs for Localhost. Without downloading any binary! Create HTTP, TCP, UDP, or TLS tunnels to your Mac/PC. Even if it is sitting behind firewalls and NATs.
Simple way to manage your remote machines and SSH keys.
Bare metal servers are awesome. They let you pick where to run your software and how to deploy it. You get full control to make the most of the server's resources. No limits, no compromises. That's real freedom.
Viking makes it easier to work with them.
sshx lets you share your terminal with anyone by link, on a multiplayer infinite canvas.
It has real-time collaboration, with remote cursors and chat. It's also fast and end-to-end encrypted, with a lightweight server written in Rust.
Related content:
Your entire server infrastructure at your fingertips. Manage all your servers from your local desktop. No remote setup required.
XPipe is a new type of shell connection hub and remote file manager that allows you to access your entire server infrastructure from your local machine. It works on top of your installed command-line programs and does not require any setup on your remote systems. So if you normally use CLI tools like ssh, docker, kubectl, etc. to connect to your servers, you can just use XPipe on top of that.
Open source ngrok alternative. Expose local http, tcp or websocket connections to the public internet.
Open source ngrok alternative designed for teams. Tunnel http, tcp or websocket connections. Portr is a tunnel solution that allows you to expose local http, tcp or websocket connections to the public internet. It utilizes SSH remote port forwarding under the hood to securely tunnel connections.
Portr is primarily designed for small teams looking to expose development servers on a public URL. It is not recommended for use alongside production servers.
Apache MINA SSHD is a 100% pure java library to support the SSH protocols on both the client and server side. It does not aim at being a replacement for the SSH client or SSH server from Unix operating systems, but rather provides support for Java based applications requiring SSH support.
Unexpected Exposures in SSH. SSHamble is a research tool for SSH implementations.
SSHamble simulates potential attack scenarios, including unauthorized remote access due to unexpected state transitions, remote command execution in post-session login implementations, and information leakage through unlimited high-speed authentication requests. The SSHamble interactive shell provides raw access to SSH requests in the post-session (but pre-execution) environment, allowing for simple testing of environment controls, signal processing, port forwarding, and more.
🎩 simple, fun and transparent SSH (and telnet) bastion server.
Jump host/Jump server without the jump, a.k.a Transparent SSH bastion.
An open-source PAM tool alternative to CyberArk
JumpServer is an open-source Privileged Access Management (PAM) tool that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints through a web browser.
This tool can lead to password exposure.
Non-interactive ssh password auth download.
Sshpass is a tool for non-interactivly performing password authentication with SSH's so called "interactive keyboard password authentication". Most user should use SSH's more secure public key authentiaction instead.
SSH Honeypot that gathers creds and attempted commands.
SSH Honeypot that gathers attempted creds, IP addresses and versions. The SSH server will either issue a warning, or drop the attacker into a fake shell.
OpenPubkey is an open source project that binds public keys and workload identities using standard SSO and OpenID Connect.
Use OpenPubkey today to SSH to machines on your network without SSH keys.
SSH3: faster and rich secure shell using HTTP/3.
SSH3 is a complete revisit of the SSH protocol, mapping its semantics on top of the HTTP mechanisms. In a nutshell, SSH3 uses QUIC+TLS1.3 for secure channel establishment and the HTTP Authorization mechanisms for user authentication.
SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
Related contents:
A fast TCP/UDP tunnel over HTTP.
Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH. Single executable including both client and server. Written in Go (golang). Chisel is mainly useful for passing through firewalls, though it can also be used to provide a secure endpoint into your network.
Simple, Pythonic remote execution and deployment.
Fabric is a high level Python (2.7, 3.4+) library designed to execute shell commands remotely over SSH, yielding useful Python objects in return. It builds on top of Invoke (subprocess command execution and command-line features) and Paramiko (SSH protocol implementation), extending their APIs to complement one another and provide additional functionality.
Related contents: