sshLooter alternatives

Looking for an alternative tool to replace sshLooter? During the review of sshLooter we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. Bucket Stream (AWS S3 bucket discovery using CT logs)
  2. LaZagne (password retrieval and recovery tool)
  3. chkrootkit (malware scanner)

These tools are ranked as the best alternatives to sshLooter.

Alternatives (by score)

64

Bucket Stream

Introduction

Bucket Stream can be used to discover AWS S3 buckets. This tool may be helpful during reconnaissance and security assessments. As it does not include active scanning on the target itself, it is a passive way of finding information. This is a huge benefit, as you don't have to guess or brute-force the names.

Project details

Bucket Stream is written in Python.

Strengths and weaknesses

  • + Tool is easy to use
  • + The source code of this software is available
  • - No releases on GitHub available

Typical usage

  • Discovery of sensitive information
  • Information leak detection
  • Penetration testing
  • Reconnaissance

Bucket Stream review

84

LaZagne

Introduction

The LaZagne tool can be a good addition to the toolkit of pentesters or forensic specialists to recover sensitive details from systems. For a pentester, this typically means that limited access has been gained. By trying to find passwords from local applications, the step to other applications or privilege level might be possible. For example, a password that is shared among multiple services, or even finding an administrator password.

Project details

LaZagne is written in Python.

Strengths and weaknesses

  • + More than 10 contributors
  • + More than 3000 GitHub stars
  • + The source code of this software is available

    Typical usage

    • Data extraction
    • Information gathering
    • Password discovery
    • Password recovery

    LaZagne review

    59

    chkrootkit

    Introduction

    The chkrootkit tool consists of multiple parts that may detect the presence of rootkit parts of rootkit behavior on a system.

    Some areas that are checked include:

    • interface in promiscuous mode
    • lastlog deletions
    • wtmp deletions
    • wtmpx deletions
    • signs of LKM trojans
    • utmp deletions

    Project details

    chkrootkit is written in C, shell script.

    Strengths and weaknesses

    • + Used language is shell script
    • + Project is mature (10+ years)
    • - Long time between releases

    Typical usage

    • Malware detection
    • Malware scanning

    chkrootkit review

    100

    ClamAV

    Introduction

    ClamAV is a popular tool to detect malicious software or malware. While it calls itself an antivirus engine, it probably won't encounter many viruses, as they have become rare. It is more likely to find other forms of malware like worms, backdoors, and ransomware. ClamAV can be used in a few ways, from doing an occasional scan up to scanning in batch. ClamAV does not do on-access scanning but can be combined with other tools to obtain similar functionality. ClamAV is often used to support scanning incoming emails for malicious content.

    Project details

    ClamAV is written in C.

    Strengths and weaknesses

    • + Many maintainers
    • + The source code of this software is available

      Typical usage

      • Malware analysis
      • Malware detection
      • Malware scanning

      ClamAV review

      64

      EvilAbigail

      Introduction

      This tool is used to perform an attack that is known as "evil maid".

      Project details

      59

      Rootkit Hunter (rkhunter)

      Introduction

      Rootkit Hunter is a small utility to find suspicious rootkit components. Other known backdoors or malicious software can also be discovered, especially if it has the goal to hide.

      The tool uses different ways to hunt, like using predefined directory locations and comparing the output of system utilities. Another method is by requesting a specific output and see if this output is altered, therefore tricking rootkits to reveal themselves.

      Project details

      Rootkit Hunter is written in shell script.

      Strengths and weaknesses

      • + Used language is shell script
      • + Project is mature (10+ years)
      • + The source code of this software is available

        Typical usage

        • Malware detection
        • Malware scanning

        Rootkit Hunter review

        60

        WeBaCoo

        Introduction

        WeBaCoo could be useful for penetration tests and security assessments, to test the effectiveness of security monitoring solutions.

        Project details

        WeBaCoo is written in Perl, Ruby.

        Strengths and weaknesses

        • + The source code of this software is available

          Typical usage

          • Application testing
          • Penetration testing

          WeBaCoo review

          Some relevant tool missing as an alternative to sshLooter? Please contact us with your suggestion.