Osueta it's a simple Python2 script to exploit the OpenSSH User Enumeration Timing Attack, present in OpenSSH versions 5.* and 6.*. The script has the ability to make variations of the username employed in the bruteforce attack, and the possibility to establish a DOS condition in the OpenSSH server.
usage: osueta.py [-h] [-H HOST] [-k HFILE] [-f FQDN] [-p PORT] [-L UFILE] [-U USER] [-d DELAY] [-v VARI] [-o OUTP] [-l LENGTH] [-c VERS] [--dos DOS] [-t THREADS] OpenSSH User Enumeration Time-Based Attack Python script optional arguments: -h, --help show this help message and exit -H HOST Host Ip or CIDR netblock. -k HFILE Host list in a file. -f FQDN FQDN to attack. -p PORT Host port. -L UFILE Username list file. -U USER Only use a single username. -d DELAY Time delay fixed in seconds. If not, delay time is calculated. -v VARI Make variations of the username (default yes). -o OUTP Output file with positive results. -l LENGTH Length of the password in characters (x1000) (default 40). -c VERS Check or not the OpenSSH version (default yes). --dos DOS Try to make a DOS attack (default no). -t THREADS Threads for the DOS attack (default 5).