Ligolo-ng vs SSH-Snake
GitHub Stats
About Ligolo-ng
Ligolo-ng is an advanced tunneling and pivoting tool that creates a TUN interface for transparent proxying through compromised hosts. Written in Go, it enhances stealth by allowing attackers to route traffic through a compromised system without being detected. Its ability to create complex network topologies makes it a valuable tool for penetration testers seeking to exploit internal network resources while maintaining anonymity.
About SSH-Snake
SSH-Snake is a self-propagating tool that automatically discovers SSH private keys on a compromised system, determines which hosts they connect to, and uses them to hop to the next system. It operates filelessly by passing itself through SSH sessions, leaving minimal forensic artifacts. SSH-Snake recursively maps the network of systems reachable via SSH trust relationships, building a graph of infrastructure connectivity. It discovers keys in common locations, agent forwarding sockets, bash history, known_hosts files, and SSH configs. Useful for demonstrating the blast radius of a single compromised host.
Platform Support
Tags
Ligolo-ng only
SSH-Snake only