{"id":37392,"date":"2025-04-01T08:33:02","date_gmt":"2025-04-01T08:33:02","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=37392"},"modified":"2025-04-01T08:33:04","modified_gmt":"2025-04-01T08:33:04","slug":"ssh-stealer","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/","title":{"rendered":"SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft"},"content":{"rendered":"\n

SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to escalate privileges and move laterally across networks. <\/p>\n\n\n\n

These tools exemplify the evolving sophistication of credential theft techniques in cybersecurity.<\/p>\n\n\n\n

SSH-Stealer: Smart Keylogging For SSH Credentials<\/strong><\/h2>\n\n\n\n

SSH-Stealer<\/strong> focuses on capturing SSH login details, including passwords and private keys, through smart keylogging<\/strong>. <\/p>\n\n\n\n

Unlike traditional keyloggers, it employs advanced filtering to selectively record sensitive input, such as credentials entered during SSH sessions. <\/p>\n\n\n\n

Stolen data is stored in an Alternate Data Stream (ADS)<\/strong> within the desktop.ini<\/a><\/code> file on the victim\u2019s desktop, a method that hides the data from casual inspection. Attackers retrieve the credentials using a simple command:<\/p>\n\n\n\n

textmore < \"C:\\Users\\<Username>\\Desktop\\desktop.ini:log\"<\/code><\/pre>\n\n\n\n
To erase traces, the tool provides a PowerShell command to delete the ADS stream.<\/p>\n\n\n\n
RunAs-Stealer: Multi-Technique Credential Theft<\/strong><\/h2>\n\n\n\n
RunAs-Stealer<\/strong> leverages three primary methods to steal credentials:<\/p>\n\n\n\n
    \n
  1. Hooking CreateProcessWithLogonW<\/strong>: Intercepts the Windows API function CreateProcessWithLogonW<\/code> to capture credentials during process creation.<\/li>\n\n\n\n
  2. Smart Keylogging<\/strong>: Similar to SSH-Stealer, it logs keystrokes but emphasizes capturing credentials used in privileged operations, such as runas.exe<\/code> executions.<\/li>\n\n\n\n
  3. Remote Debugging<\/strong>: Exploits debugging tools to inject code into processes and extract credentials.<\/li>\n<\/ol>\n\n\n\n
    The tool runs persistently in the background and requires manual termination via Task Manager. Credentials are similarly stored in desktop.ini<\/code> ADS.<\/p>\n\n\n\n
    Both tools highlight attackers\u2019 reliance on living-off-the-land<\/strong> tactics, such as abusing legitimate utilities like runas.exe<\/code>, and evasive storage methods like ADS. <\/p>\n\n\n\n
    SSH-Stealer\u2019s ability to target private keys mirrors tactics seen in SSH-Snake<\/strong>, a self-modifying worm that spreads via compromised SSH credentials.<\/p>\n\n\n\n
    To mitigate these threats:<\/p>\n\n\n\n
      \n
    • Monitor<\/strong> for unusual runas.exe<\/code> activity or unexpected ADS modifications.<\/li>\n\n\n\n
    • Restrict<\/strong> SSH key usage and enforce multi-factor authentication.<\/li>\n\n\n\n
    • Deploy<\/strong> integrity-checking tools to detect backdoored SSH binaries, as seen in historical cases like Linux\/SSHDoor.A.<\/li>\n<\/ul>\n\n\n\n
      These tools underscore the critical need for robust credential hygiene and proactive detection of stealthy attack patterns.<\/p>\n","protected":false},"excerpt":{"rendered":"
      SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to escalate privileges and move laterally across networks. These tools exemplify the evolving sophistication of credential theft techniques in cybersecurity. SSH-Stealer: Smart Keylogging For SSH Credentials SSH-Stealer focuses on capturing SSH login details, including passwords and private keys, through smart keylogging. […]<\/p>\n","protected":false},"author":12,"featured_media":37395,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"","fifu_image_alt":"","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[20,25,29],"tags":[737,6321,6052,6325,7294],"class_list":["post-37392","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cyber-security","category-hacking-tools","category-malware","tag-cybersecurity","tag-informationsecurity","tag-kalilinux","tag-kalilinuxtools","tag-ssh-stealer"],"yoast_head":"\nSSH-Stealer : The Stealthy Threat Of Advanced Credential Theft<\/title>\n<meta name=\"description\" content=\"SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to escalate privileges\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft\" \/>\n<meta property=\"og:description\" content=\"SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to escalate privileges\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2025-04-01T08:33:02+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-04-01T08:33:04+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SSH-Stealer.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"900\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Varshini\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Varshini\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/\"},\"author\":{\"name\":\"Varshini\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\"},\"headline\":\"SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft\",\"datePublished\":\"2025-04-01T08:33:02+00:00\",\"dateModified\":\"2025-04-01T08:33:04+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/\"},\"wordCount\":303,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SSH-Stealer.webp\",\"keywords\":[\"cybersecurity\",\"informationsecurity\",\"kalilinux\",\"kalilinuxtools\",\"SSH-Stealer\"],\"articleSection\":[\"Cyber security\",\"Hacking Tools\",\"Malware\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/\",\"name\":\"SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SSH-Stealer.webp\",\"datePublished\":\"2025-04-01T08:33:02+00:00\",\"dateModified\":\"2025-04-01T08:33:04+00:00\",\"description\":\"SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to escalate privileges\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/#primaryimage\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SSH-Stealer.webp\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SSH-Stealer.webp\",\"width\":1600,\"height\":900},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa\",\"name\":\"Varshini\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g\",\"caption\":\"Varshini\"},\"description\":\"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.\",\"sameAs\":[\"http:\/\/kalilinuxtutorials.com\",\"https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/\"],\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft","description":"SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to escalate privileges","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/","og_locale":"en_US","og_type":"article","og_title":"SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft","og_description":"SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to escalate privileges","og_url":"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2025-04-01T08:33:02+00:00","article_modified_time":"2025-04-01T08:33:04+00:00","og_image":[{"width":1600,"height":900,"url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SSH-Stealer.webp","type":"image\/webp"}],"author":"Varshini","twitter_card":"summary_large_image","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"Varshini","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/"},"author":{"name":"Varshini","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa"},"headline":"SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft","datePublished":"2025-04-01T08:33:02+00:00","dateModified":"2025-04-01T08:33:04+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/"},"wordCount":303,"commentCount":0,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/#primaryimage"},"thumbnailUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SSH-Stealer.webp","keywords":["cybersecurity","informationsecurity","kalilinux","kalilinuxtools","SSH-Stealer"],"articleSection":["Cyber security","Hacking Tools","Malware"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/kalilinuxtutorials.com\/ssh-stealer\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/","url":"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/","name":"SSH-Stealer : The Stealthy Threat Of Advanced Credential Theft","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/#primaryimage"},"thumbnailUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SSH-Stealer.webp","datePublished":"2025-04-01T08:33:02+00:00","dateModified":"2025-04-01T08:33:04+00:00","description":"SSH-Stealer and RunAs-Stealer are malicious tools designed to stealthily harvest SSH credentials, enabling attackers to escalate privileges","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/ssh-stealer\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/ssh-stealer\/#primaryimage","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SSH-Stealer.webp","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SSH-Stealer.webp","width":1600,"height":900},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/3c3b3f82a74146532c4def299fe069fa","name":"Varshini","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f19f43637c0f83fb3dcfb498f306b2a9ac0025ce85840ab52ee8c01f5361f269?s=96&d=mm&r=g","caption":"Varshini"},"description":"Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.","sameAs":["http:\/\/kalilinuxtutorials.com","https:\/\/www.linkedin.com\/in\/senthamil-selvan-14043a285\/"],"url":"https:\/\/kalilinuxtutorials.com\/author\/vinayakagrawal\/"}]}},"jetpack_featured_media_url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/SSH-Stealer.webp","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":37057,"url":"https:\/\/kalilinuxtutorials.com\/runas-stealer\/","url_meta":{"origin":37392,"position":0},"title":"RunAs-Stealer : A Credential Stealing Tool","author":"Varshini","date":"March 12, 2025","format":false,"excerpt":"RunAs-Stealer is a sophisticated credential stealing tool that employs three distinct techniques to capture sensitive user information: Hooking CreateProcessWithLogonW, Smart Keylogging, and Remote Debugging. This tool operates stealthily in the background, requiring manual termination via Task Manager. Techniques Used Hooking CreateProcessWithLogonW: This method involves intercepting the CreateProcessWithLogonW function, which is\u2026","rel":"","context":"In "Cyber security"","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/RunAs-Stealer.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/RunAs-Stealer.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/RunAs-Stealer.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/RunAs-Stealer.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/RunAs-Stealer.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/03\/RunAs-Stealer.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":3289,"url":"https:\/\/kalilinuxtutorials.com\/ssh-auditor-scan-weak-ssh-passwords\/","url_meta":{"origin":37392,"position":1},"title":"SSH Auditor – Scan For Weak SSH Passwords On Your Network","author":"R K","date":"November 26, 2018","format":false,"excerpt":"SSH Auditor is the best way to scan for weak ssh passwords on your network. SSH Auditor will automatically: Re-check all known hosts as new credentials are added. It will only check the new credentials. Queue a full credential scan on any new host discovered. Queue a full credential scan\u2026","rel":"","context":"In "Kali Linux"","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/11\/Demos.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/11\/Demos.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/11\/Demos.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/11\/Demos.png?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/11\/Demos.png?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2018\/11\/Demos.png?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":36587,"url":"https:\/\/kalilinuxtutorials.com\/modern-network-fingerprinting\/","url_meta":{"origin":37392,"position":2},"title":"Modern Network Fingerprinting : HASSH And JA4+SSH Tools","author":"Varshini","date":"February 20, 2025","format":false,"excerpt":"Network fingerprinting is a critical technique for identifying and analyzing network traffic patterns, particularly in encrypted protocols. Two modern tools, HASSH and JA4+SSH, have emerged as powerful solutions for fingerprinting Secure Shell (SSH) traffic, enabling enhanced security, anomaly detection, and forensic analysis. HASSH: An Overview HASSH, developed by Ben Reardon\u2026","rel":"","context":"In "Cyber security"","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Modern-Network-Fingerprinting.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Modern-Network-Fingerprinting.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Modern-Network-Fingerprinting.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Modern-Network-Fingerprinting.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Modern-Network-Fingerprinting.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/Modern-Network-Fingerprinting.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":31383,"url":"https:\/\/kalilinuxtutorials.com\/ebpf-tools\/","url_meta":{"origin":37392,"position":3},"title":"eBPF Tools: Revolutionizing System Monitoring with Advanced PTY Sniffing Techniques","author":"Varshini","date":"November 27, 2023","format":false,"excerpt":"This piece talks about eBPF tools and shows how they can be used to improve system monitoring by keeping track of PTY sessions and sniffing private data like SSH, sudo, and su passwords. It shows users how to set up bpftrace, which is a necessary tool for using eBPF features,\u2026","rel":"","context":"In "Cyber security"","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiGnPR61q8PJBn9dAl0SKXxDGsmdmkwaxyre_hBjfcOI2gHjrJdreRtOAxIbzyHVfXff7tCkT3u6iZpiS_3uYqk2OX0LBAr78umrwWx4t8zhbBqGGcW17STujIUAnQrRN_NmcRBbV-pkis3PSXVjqsSa4wnB52Ss7KPxPUUsDDDAc7SEmjZb4JZvinB8w\/s16000\/eBPF%20Tools.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiGnPR61q8PJBn9dAl0SKXxDGsmdmkwaxyre_hBjfcOI2gHjrJdreRtOAxIbzyHVfXff7tCkT3u6iZpiS_3uYqk2OX0LBAr78umrwWx4t8zhbBqGGcW17STujIUAnQrRN_NmcRBbV-pkis3PSXVjqsSa4wnB52Ss7KPxPUUsDDDAc7SEmjZb4JZvinB8w\/s16000\/eBPF%20Tools.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiGnPR61q8PJBn9dAl0SKXxDGsmdmkwaxyre_hBjfcOI2gHjrJdreRtOAxIbzyHVfXff7tCkT3u6iZpiS_3uYqk2OX0LBAr78umrwWx4t8zhbBqGGcW17STujIUAnQrRN_NmcRBbV-pkis3PSXVjqsSa4wnB52Ss7KPxPUUsDDDAc7SEmjZb4JZvinB8w\/s16000\/eBPF%20Tools.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiGnPR61q8PJBn9dAl0SKXxDGsmdmkwaxyre_hBjfcOI2gHjrJdreRtOAxIbzyHVfXff7tCkT3u6iZpiS_3uYqk2OX0LBAr78umrwWx4t8zhbBqGGcW17STujIUAnQrRN_NmcRBbV-pkis3PSXVjqsSa4wnB52Ss7KPxPUUsDDDAc7SEmjZb4JZvinB8w\/s16000\/eBPF%20Tools.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiGnPR61q8PJBn9dAl0SKXxDGsmdmkwaxyre_hBjfcOI2gHjrJdreRtOAxIbzyHVfXff7tCkT3u6iZpiS_3uYqk2OX0LBAr78umrwWx4t8zhbBqGGcW17STujIUAnQrRN_NmcRBbV-pkis3PSXVjqsSa4wnB52Ss7KPxPUUsDDDAc7SEmjZb4JZvinB8w\/s16000\/eBPF%20Tools.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiGnPR61q8PJBn9dAl0SKXxDGsmdmkwaxyre_hBjfcOI2gHjrJdreRtOAxIbzyHVfXff7tCkT3u6iZpiS_3uYqk2OX0LBAr78umrwWx4t8zhbBqGGcW17STujIUAnQrRN_NmcRBbV-pkis3PSXVjqsSa4wnB52Ss7KPxPUUsDDDAc7SEmjZb4JZvinB8w\/s16000\/eBPF%20Tools.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":36604,"url":"https:\/\/kalilinuxtutorials.com\/lummac2-stealer\/","url_meta":{"origin":37392,"position":4},"title":"LummaC2 Stealer : Unpacking The Threats Of A Marketed ‘Premium’ Malware","author":"Varshini","date":"February 20, 2025","format":false,"excerpt":"LummaC2 is a commodity malware designed as an information stealer, targeting browsers, cryptocurrency wallets, and authentication data. Marketed as a \"premium\" infostealer on underground cybercrime forums, its actual implementation reveals significant weaknesses, making it a low-quality tool in the malware ecosystem. Despite its advanced claims, the stealer is riddled with\u2026","rel":"","context":"In "Cyber security"","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/LummaC2-Stealer.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/LummaC2-Stealer.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/LummaC2-Stealer.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/LummaC2-Stealer.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/LummaC2-Stealer.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/02\/LummaC2-Stealer.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":32103,"url":"https:\/\/kalilinuxtutorials.com\/ssh-snake\/","url_meta":{"origin":37392,"position":5},"title":"SSH-Snake : Automated SSH-Based Network Traversal","author":"Varshini","date":"February 23, 2024","format":false,"excerpt":"SSH-Snake is a powerful tool designed to perform automatic network traversal using SSH private keys discovered on systems, with the objective of creating a comprehensive map of a network and its dependencies, identifying to what extent a network can be compromised using SSH and SSH private keys starting from a\u2026","rel":"","context":"In "Cyber security"","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgTskLjWZiGck-bbeUUzW4ADPYJbg-co9Z7mRMJxCkxqpEi7hbo8YVliBCWrTQ8hbX9rbdSw9pzAulVYgyYU6UCgPXYyPir4G-HFv3Jiy9JkmRShkBX7-xVgHWlQqNus64iPYsy7cflaTFqfoAPzApzRf6Fk84CSjhpZUjY3OxEvbOx-MI1zP2QYCwefM_i\/s16000\/Untitled%20design%20%286%29.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgTskLjWZiGck-bbeUUzW4ADPYJbg-co9Z7mRMJxCkxqpEi7hbo8YVliBCWrTQ8hbX9rbdSw9pzAulVYgyYU6UCgPXYyPir4G-HFv3Jiy9JkmRShkBX7-xVgHWlQqNus64iPYsy7cflaTFqfoAPzApzRf6Fk84CSjhpZUjY3OxEvbOx-MI1zP2QYCwefM_i\/s16000\/Untitled%20design%20%286%29.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgTskLjWZiGck-bbeUUzW4ADPYJbg-co9Z7mRMJxCkxqpEi7hbo8YVliBCWrTQ8hbX9rbdSw9pzAulVYgyYU6UCgPXYyPir4G-HFv3Jiy9JkmRShkBX7-xVgHWlQqNus64iPYsy7cflaTFqfoAPzApzRf6Fk84CSjhpZUjY3OxEvbOx-MI1zP2QYCwefM_i\/s16000\/Untitled%20design%20%286%29.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgTskLjWZiGck-bbeUUzW4ADPYJbg-co9Z7mRMJxCkxqpEi7hbo8YVliBCWrTQ8hbX9rbdSw9pzAulVYgyYU6UCgPXYyPir4G-HFv3Jiy9JkmRShkBX7-xVgHWlQqNus64iPYsy7cflaTFqfoAPzApzRf6Fk84CSjhpZUjY3OxEvbOx-MI1zP2QYCwefM_i\/s16000\/Untitled%20design%20%286%29.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgTskLjWZiGck-bbeUUzW4ADPYJbg-co9Z7mRMJxCkxqpEi7hbo8YVliBCWrTQ8hbX9rbdSw9pzAulVYgyYU6UCgPXYyPir4G-HFv3Jiy9JkmRShkBX7-xVgHWlQqNus64iPYsy7cflaTFqfoAPzApzRf6Fk84CSjhpZUjY3OxEvbOx-MI1zP2QYCwefM_i\/s16000\/Untitled%20design%20%286%29.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEgTskLjWZiGck-bbeUUzW4ADPYJbg-co9Z7mRMJxCkxqpEi7hbo8YVliBCWrTQ8hbX9rbdSw9pzAulVYgyYU6UCgPXYyPir4G-HFv3Jiy9JkmRShkBX7-xVgHWlQqNus64iPYsy7cflaTFqfoAPzApzRf6Fk84CSjhpZUjY3OxEvbOx-MI1zP2QYCwefM_i\/s16000\/Untitled%20design%20%286%29.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/37392","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=37392"}],"version-history":[{"count":3,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/37392\/revisions"}],"predecessor-version":[{"id":37396,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/37392\/revisions\/37396"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/37395"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=37392"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=37392"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=37392"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}