Search Results for "ssh -x"

...Vuls v0.5.0 now possible to detect vulnerabilities that patches have not been published from distributors. Remote scan mode is required to only setup one machine that is connected to other scan target servers via SSH. If you don't want the central Vuls server to connect to each server by SSH, you can use Vuls in the Local Scan mode. Fast scan mode scans without root privilege, no internet access, almost no load on the scan target server. Deep scan mode scans in more detail. It is possible to acquire the state of the server executing some commands. ...

A post-exploitation framework for Linux/Windows. Initially, emp3r0r was developed as one of my weaponizing experiments. It was a learning process for me trying to implement common Linux adversary techniques and some of my original ideas. So, what makes emp3r0r different? First of all, it is the first C2 framework that targets Linux platform including the capability of using any other tools through it. Take a look at the features for more valid reasons to use it.

...However, sometimes attackers can easily access secrets due to flawed security policies or inadvertent mistakes by developers. Sometimes developers use default secrets or leave hard-coded secrets such as passwords, API keys, encryption keys, SSH keys, tokens, etc. in container images, especially during rapid development and deployment cycles in CI/CD pipeline. Also, sometimes users store passwords in plain text.

...Setup is simple, one command and one environment variable, and then the agent just runs in the background. Because it uses pure Go and leverages libraries like go-piv/piv-go and golang it works across platforms and integrates cleanly into SSH workflows. For developers or administrators who prioritize hardware-based SSH key security, this tool lowers the friction of using secure tokens in day-to-day SSH workflows. It also supports modern best practices in SSH authentication and brings stronger guarantees of key security in a user-friendly interface.

...It supports both asymetric encryption using OpenPGP, and symmetric encryption using AES256. It can be easily synced across devices using Dropbox, OneDrive. It can be exported and imported to/from multiple remote storages using integrated S3, ssh, and gist support. If used with OpenPGP encryption, it is able to restrict access to the data store to a set of recipients. Create a trousseau data store, add some key-value pairs to it, push it to S3 and re-import it from another device or simply sync it over Dropbox. Safe data sharing had never been that simple! Secrets are made to be shared, just not with anyone. ...

master is the active development branch and contains v2 code, for the stable v1 release (though it was once called v2.0), please refer to v1.0 branch. goflyway v2 is a special tool to forward local ports to a remote server securely, just like ssh -L. goflyway uses pure HTTP POST requests to relay TCP connections. There is no CONNECT involved nor needed because goflyway is designed mainly for those people who are behind a CONNECT-less HTTP proxy or want to accelerate connections through static CDNs. However pure HTTP requesting is definitely a waste of bandwidth if you already have a better network environment, so use -w to turn on WebSocket relay, or -K to turn on KCP relay if possible. ...