LSE toolsLSE toolsSSH MITM (154)SSH MITM (154)

Tool and Usage

Project details
LicensesBSD 2-clause, GPLv3
Programming languagePython
AuthorJoe Testa
Latest release2.2 []

Project health

This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

This tool would most likely be used to intercept traffic during security assessments. Plaintext passwords and session data can be intercepted with it.

How it works

A patch is applied to the OpenSSH source code. It allows this patched version to act as a proxy between the victim client and their intended server. Due to the role of a proxy, it is very likely that the SSH client of the victim will complain about a changed host key. Most users will happily ignore these warnings and continue to connect to the server of their choice.

Usage and audience

SSH MITM is commonly used for password discovery, security assessment, or session hijacking.

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:


  • + More than 1000 GitHub stars
  • + The source code of this software is available

Author and Maintainers

SSH MITM is under development by Joe Testa.

SSH MITM alternatives

Similar tools to SSH MITM:



The mitmproxy tool allows to intercept, inspect, modify, and replay traffic flows. It may be used for pentesting, troubleshooting, or learning about SSL/TLS.



Seth is a security tool to perform a man-in-the-middle (MitM) attack and extract clear text credentials from RDP connections.



ArpON is a host-based tool to improve the security of the Address Resolution Protocol (ARP).

All SSH MITM alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information


This tool is categorized as a MitM tool and SSH MitM tool.