SSH malware research data

2025-11-01

List of ideas for SSH malware research: SSH malware matrix like the c2 matrix, but SSH malware. might have to have a few categories: worms, scanners, ... Read More

ssh-it

2025-11-01

ssh-it is an SSH worm developed by THC. https://www.thc.org/ssh-it/ Read More

ssh-key-backdoor

2025-11-01

ssh-key-backdoor is a technique developed by THC that abuses SSH keys to achieve persistence and lateral movement. ... Read More

sshdinjector

2025-11-01

sshdinjector is Linux malware attributed to Evasive Panda that is injected into the SSH daemon. ... Read More

Suricata

2025-11-01

Suricata is a network analysis and threat detection engine used for IDS and IPS systems. https://suricata.io/ Read More

The Hackers Choice

2025-11-01

The Hacker’s Choice is an international hacking group. https://www.thc.org/ https://github.com/hackerschoice https://blog.thc.org/ Read More

VyOS

2025-11-01

VyOS is an open source platform used to develop routers. https://vyos.io/ https://en.wikipedia.org/wiki/VyOS https://github.com/vyos/vyos-build Read More

AbcBot

2025-10-28

Abcbot is malware written in Go targeting Linux hosts and used to perform DDoS attacks. https://thrive.trellix.com/s/article/KB95211?language=en_US ... Read More

attribution by SSH key reuse

2025-10-28

Attribution can be correlated via attackers reusing SSH keys. Read More

authentication bypass

2025-10-28

An authentication bypass is a vulnerability where the attacker gains unauthorized access to a system by bypassing the authentication process. Read More