A powerful, high-performance SSH brute force tool written in Go with advanced honeypot detection, professional input system, pause/resume capability, and comprehensive system reconnaissance.
π New to SSHCracker? Check out our Complete Wiki Guide for step-by-step instructions!
SudoLite
- β‘ Enhanced Multi-Layer Workers - Revolutionary concurrent processing architecture
- π High Performance - Up to 1000+ concurrent connections
- π― Advanced Honeypot Detection - 11 intelligent detection algorithms
- π Real-Time Dashboard - Live progress tracking with beautiful UI
- βΈοΈ Pause/Resume - Press Ctrl+C to pause, resume anytime
- πΎ Auto-Save - Automatic progress saving every 5 minutes
- π Deep System Reconnaissance - Comprehensive server information gathering
- π Beautiful Output Formats - Enhanced logging with emojis
- π Cross-Platform Support - Linux, Windows, macOS
- βοΈ Intelligent Worker Management - Optimized concurrent processing
- π Thread-Safe Operations - Atomic operations for high-concurrency
- ποΈ Professional Input System - Validation, defaults, and colors
- Press Ctrl+C to gracefully pause the scan
- State automatically saved to
paused.json - Resume anytime with
./sshcracker --resume - Auto-save every 5 minutes for crash protection
- All progress, stats, and successful IPs preserved
- Interactive prompts with validation
- Default values - Just press Enter for common settings
- Colored feedback - Green β for valid, Red β for invalid
- File existence checking - Prevents typos and errors
- Scan summary with confirmation before starting
- 11 detection algorithms (was 9)
- Command Timing Analysis - Detects uniform response patterns
- SSH Banner Fingerprinting - Identifies known honeypot signatures
- Dynamic Threshold - Smart scoring based on test results
- 30+ honeypot signatures - Extended detection database
- Reduced false positives - Better accuracy
./sshcracker --help # Show help
./sshcracker --resume # Resume from paused.json
./sshcracker --resume-file X # Resume from custom file# Visit releases page and download for your platform:
# https://github.com/Matrix-Community-ORG/SSHCracker/releases/latest
# Make executable (Linux/macOS):
chmod +x sshcracker
# Run:
./sshcracker# Clone repository
git clone https://github.com/Matrix-Community-ORG/SSHCracker.git
cd SSHCracker
# Download dependencies
go mod tidy
# Build
go build -o sshcracker ssh.go
# Run
./sshcracker./sshcrackerThe tool will guide you through:
- Username list - Path to file with usernames
- Password list - Path to file with passwords
- IP list - Path to file with targets (ip:port format)
- Timeout - Connection timeout in seconds (default: 10)
- Workers - Number of concurrent workers (default: 100)
# Resume from paused.json
./sshcracker --resume
# Resume from custom file
./sshcracker --resume-file myscan.jsonUsernames (users.txt):
root
admin
user
ubuntu
Passwords (passwords.txt):
123456
password
admin
root
Targets (targets.txt):
192.168.1.1:22
10.0.0.1:22
example.com:2222
Our enhanced honeypot detection uses 11 sophisticated algorithms:
| Algorithm | Detection Method | Score Impact |
|---|---|---|
| Pattern Recognition | Known honeypot signatures (30+) | +3 per match |
| Response Time Analysis | Unusual timing patterns | +2 |
| Command Timing Analysis | Low variance in response times | +2 |
| SSH Banner Analysis | Known honeypot SSH versions | +3 |
| File System Analysis | Fake/empty directories | +1 per indicator |
| Process Analysis | Honeypot processes running | +2 per match |
| Network Configuration | Missing/fake network config | +1 per indicator |
| Behavioral Tests | File creation, command execution | +1-2 |
| Anomaly Detection | Suspicious hostname, uptime | +1 |
| Advanced Tests | CPU info, kernel, services | +1 per indicator |
| Performance Tests | I/O speed, network connections | +1-2 |
- Threshold automatically adjusts based on successful tests
- Minimum: 5 | Maximum: 8 | Default: ~6
- Prevents false positives when some tests fail
| File | Description |
|---|---|
su-goods.txt |
Successful credentials (ip:port@user:pass) |
detailed-results.txt |
Full details with system info |
honeypots.txt |
Detected honeypots with scores |
paused.json |
Scan state for resume |
autosave.json |
Auto-saved state (every 5 min) |
Timeout: 3 seconds
Workers: 100
Best for: Fast networks, many targets
Timeout: 10 seconds (default)
Workers: 100 (default)
Best for: Most scenarios
Timeout: 15 seconds
Workers: 10
Best for: Avoiding detection
- Go: Version 1.21 or higher
- Git: For cloning (if building from source)
golang.org/x/crypto - SSH client library
github.com/manifoldco/promptui - Interactive input
github.com/spf13/pflag - CLI flags
- β Linux (x64, ARM64)
- β Windows (x64)
- β macOS (Intel, Apple Silicon)
# Permission denied
chmod +x sshcracker
# Module errors
go mod tidy
# Too many open files
ulimit -n 65536# Check if paused.json exists
ls -la paused.json
# View saved state
cat paused.json | jq .- English Community: @MatrixORG
- Persian Community: @MatrixFa
- Chat Group: @DD0SChat
π¨ Important Notice: This tool is designed for:
- β Authorized penetration testing
- β Educational purposes
- β Security research
- β Your own systems
β DO NOT USE FOR:
- Unauthorized access attempts
- Illegal activities
- Systems you don't own without permission
Users are fully responsible for compliance with applicable laws.
We welcome contributions! See CONTRIBUTING.md for guidelines.
- Fork the repository
- Create your feature branch:
git checkout -b feature/AmazingFeature - Commit your changes:
git commit -m 'Add AmazingFeature' - Push to branch:
git push origin feature/AmazingFeature - Open a Pull Request
This project is licensed under the MIT License - see LICENSE for details.
- SudoLite - Lead Developer
- Matrix Community - Maintenance and support
- Go Community - Excellent SSH libraries
- Security Researchers - Honeypot detection algorithms
β Star this project if you find it useful! β
Made with β€οΈ by SudoLite & Matrix Community