{"id":20316672,"url":"https://github.com/calc1f4r/ssh-bruteforcer","last_synced_at":"2025-10-04T10:48:36.609Z","repository":{"id":179087150,"uuid":"662939959","full_name":"calc1f4r/SSH-Bruteforcer","owner":"calc1f4r","description":"The SSH Bruteforce repository consists of two Python scripts designed for password cracking on SSH servers. One script employs asynchronous programming, adopting a modern approach, while the other utilizes multithreading with locks to accomplish the same task.","archived":false,"fork":false,"pushed_at":"2023-07-08T11:38:32.000Z","size":10,"stargazers_count":15,"open_issues_count":0,"forks_count":6,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-08-22T05:47:00.835Z","etag":null,"topics":["asynchronous-programming","cybersecurity","multithreading","python","ssh"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/calc1f4r.png","metadata":{"files":{"readme":"readme.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2023-07-06T08:02:56.000Z","updated_at":"2025-08-16T16:05:57.000Z","dependencies_parsed_at":null,"dependency_job_id":"292310ee-d480-46cf-b7d5-d16a38f01765","html_url":"https://github.com/calc1f4r/SSH-Bruteforcer","commit_stats":null,"previous_names":["calc1f4r/ssh-bruteforcer"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/calc1f4r/SSH-Bruteforcer","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/calc1f4r%2FSSH-Bruteforcer","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/calc1f4r%2FSSH-Bruteforcer/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/calc1f4r%2FSSH-Bruteforcer/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/calc1f4r%2FSSH-Bruteforcer/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/calc1f4r","download_url":"https://codeload.github.com/calc1f4r/SSH-Bruteforcer/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/calc1f4r%2FSSH-Bruteforcer/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278302558,"owners_count":25964520,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-04T02:00:05.491Z","response_time":63,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["asynchronous-programming","cybersecurity","multithreading","python","ssh"],"created_at":"2024-11-14T18:27:23.248Z","updated_at":"2025-10-04T10:48:36.574Z","avatar_url":"https://github.com/calc1f4r.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"### ⚔ Description\r\n\r\n#### 🔥 Async SSH Bruteforce\r\n\r\nThis tool is an asynchronous SSH brute-force script written in Python, designed to aid in testing the security of SSH authentication. It utilizes the power of asynchronous programming using the asyncio library and the asyncssh and paramiko libraries for SSH connections.\r\n\r\nBy providing a target host, port, username, and a wordlist of passwords, the script attempts to establish SSH connections using different password combinations. It runs multiple SSH brute-force attempts concurrently, maximizing the efficiency of the process.\r\n\r\nThe tool provides real-time feedback on successful login attempts, displaying the host, login, and password combination in green. Failed attempts are also logged, allowing users to track the progress and identify potential weak credentials.\r\n\r\nWith its asynchronous approach, this script offers faster and more efficient SSH brute-forcing, making it a valuable addition to security testing and vulnerability assessment workflows.\r\n\r\nThis is the modern apporach of doing this type of things as it uses the minimal resources.\r\n\r\n\r\n\r\nhttps://github.com/calc1f4r/SSH-Bruteforcer/assets/74751675/ffee3c42-31bc-4559-8cdf-36b468127900\r\n\r\n\r\n\r\n\r\n\r\n\r\n### 🔥 Multi-threaded SSH bruteforcer\r\n\r\nThis is another variant of the same tool.\r\nMultithreaded Execution: The script utilizes multithreading to enable concurrent execution of multiple brute-force attempts. This approach maximizes efficiency and reduces the time required to test many passwords.\r\n\r\nParamiko Library: The script leverages the paramiko library, an SSH-2 implementation, to handle SSH communication and authentication. It provides a robust and reliable solution for establishing SSH connections.\r\n\r\nCommand-Line Arguments: The tool supports customization of the target host, port, username, and wordlist file through command-line arguments. This allows users to easily configure the script to target specific SSH servers and customize the authentication parameters.\r\n\r\nReal-Time Feedback: The script provides real-time feedback on successful login attempts. When a successful login is found, the script displays the host, login, and password combination in green, indicating a breach. This feature allows users to identify compromised credentials quickly.\r\n\r\nLogging of Failed Attempts: The tool logs failed attempts, providing users with the ability to track progress and identify potential weak credentials. Each failed attempt is logged, including the target host, login, and password combination that was attempted.\r\n\r\n![SSH bruetforce using threading](https://github.com/calc1f4r/SSH-Bruteforcer/assets/74751675/85fa67cb-4ee0-4382-a3a0-706f2c63f32d)\r\n\r\n\r\n### ⚔ Learnings\r\n\r\n- ⚡ How to use Paramiko for connecting to clients and sending commands\r\n- ⚡ How to use various features of async programming\r\n- ⚡ How to use argparse to parse outputs\r\n\r\n### ⚔ Resources Used\r\n\r\n- 📚Documentation of Paramiko | [Link](https://www.paramiko.org/)\r\n- 📚Article on How to Execute Shell Commands in a Remote Machine using Python | [Link](https://www.geeksforgeeks.org/how-to-execute-shell-commands-in-a-remote-machine-using-python-paramiko/)\r\n- 📚Documentation of Asyncio | [Link](https://docs.python.org/3/library/asyncio.html)\r\n- 📚Documentation of Asyncssh | [Link](https://asyncssh.readthedocs.io/en/latest/)\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcalc1f4r%2Fssh-bruteforcer","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcalc1f4r%2Fssh-bruteforcer","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcalc1f4r%2Fssh-bruteforcer/lists"}