SSH Server Auditing

SSH-Audit is a tool for SSH server auditing.


  • SSH1 and SSH2 protocol server support;
  • Grab banner, recognize device or software and operating system, detect compression;
  • Gather key-exchange, host-key, encryption and message authentication code algorithms;
  • Output algorithm information (available since, removed/disabled, unsafe/weak/legacy, etc);
  • Output algorithm recommendations (append or remove based on recognized software version);
  • Output security information (related issues, assigned CVE list, etc);
    analyze SSH version compatibility based on algorithm information;
  • Historical information from OpenSSH, Dropbear SSH and libssh;
    no dependencies, compatible with Python 2.6+, Python 3.x and PyPy;

Source: SSH Server Auditing


If you take two people, one of them is a learn-it-all and the other one is a know-it-all, the learn-it-all will always trump the know-it-all in the long run

– Satya Nadella on culture at Microsoft, inspired by Carol Dweck’s book, Mindset.

Inspecting a PDF File

I recently had to complete some work with inspecting a PDF file for malicious content. This was an interesting experience so I thought I’d share the approach I took to review the file from a sandboxed environment:

1. Start with using a service such as,, to scan the file

2. Use Adobe Acrobat to browse the internal PDF structure. Launch the PreFlight Tool (Print Production > Preflight) and then under Options select Browse Internal PDF Structure.

3. Use an Adobe PDF meta data application to inspect the file. Here are some I used that were quite helpful: – PeePDF is a Python based tool to explore PDF files – PDFID is a Python based tool to scan the file looking for certain PDF keywords. For e.g., does the file contain JavaScript or execute an action when opened – PDF-Parser is a Python based tool to parse a PDF document and identify the fundamental elements used in the file.

Additional Reading:

  1. Checking a PDF for exploits
  2. Viewing PDF objects
  3. PDF Tools from Didier Stevens
  4. Best tool tool for inspecting PDF files?
  5. PDF malware analysis

Additional Tools:

  1. GhostScript
  2. GSView
  3. PDF Validator Online Tool
  4. PDFMiner