SSH Pentesting Playbook

Everything you need to audit and attack SSH services in one concise playbook. What's inside: • Service enumeration — banner grabbing, version fingerprinting, cipher auditing • Authentication attacks — brute-force with Hydra/Medusa, default credential lists • SSH key attacks — weak key detection, stolen private key exploitation • Port forwarding & tunneling — local, remote, and dynamic forwarding for pivoting • ProxyJump & bastion host abuse — chaining hops through restricted networks • Post-exploitation — agent hijacking, authorized_keys persistence, SSHD config tampering • Defensive hardening — what to fix after you find it Ideal for OSCP candidates, internal network pentesters, and red teamers needing a quick SSH reference.