Displaying 1 to 20 from 48 results

cowrie - Cowrie SSH/Telnet Honeypot

  •    Python

This is the official repository for the Cowrie SSH and Telnet Honeypot effort. Cowrie is a medium interaction SSH and Telnet honeypot designed to log brute force attacks and the shell interaction performed by the attacker.

awesome-honeypots - an awesome list of honeypot resources

  •    Python

A curated list of awesome honeypots, plus related components and much more, divided into categories such as Web, services, and others, with a focus on free and open source projects. There is no pre-established order of items in each category, the order is for contribution. If you want to contribute, please read the guide.

sshesame - A fake SSH server that lets everyone in and logs their activity

  •    Go

This software, just like any other, might contain bugs. Given the popular nature of SSH, you probably shouldn't run it unsupervised as root on a production server on port 22. Use common sense. without actually executing anything on the host.

conpot - ICS/SCADA honeypot

  •    Python

The build of the documentations source can be found here. There you will also find the instructions on how to install conpot and the FAQ. Navigate to http://MY_IP_ADDRESS to confirm the setup.




honeyLambda - honeyλ - a simple, serverless application designed to create and monitor fake HTTP endpoints (i

  •    Python

honeyλ allows you to create and monitor fake HTTP endpoints automatically. You can then place these URL honeytokens in e.g. your inbox, documents, browser history, or embed them as {hidden} links in your web pages (Note: honeybits can be used for spreading breadcrumbs across your systems to lure the attackers toward your traps). Depending on how and where you implement honeytokens, you may detect human attackers, malicious insiders, content scrapers, or bad bots. This application is based on Serverless framework and can be deployed in different cloud providers such as Amazon Web Services (AWS), Microsoft Azure, IBM OpenWhisk or Google Cloud (Only tested on AWS; the main function may need small changes to support other providers). If your cloud provider is AWS, it automatically creates HTTP endpoints using Amazon API Gateway and then starts monitoring the HTTP endpoints using honeyλ Lambda function.

invisible_captcha - :honey_pot: Unobtrusive and flexible spam protection for Rails apps

  •    Ruby

Simple and flexible spam protection solution for Rails applications. Invisible Captcha provides different techniques to protect your application against spambots.

honeytrap - Advanced Honeypot framework.

  •    Go

See our documentation on docs.honeytrap.io. Join the honeytrap-users mailing list to discuss all things Honeytrap.

Honeypot - Low interaction honeypot that displays real time attacks

  •    Javascript

Low interaction honeypot application that displays real time attacks in the web-interface. Made just for fun and it is not production ready. Written in Node.js the application listens on 128 most common TCP ports and saves results to the MySQL Database for further analysis.


dionaea - Home of the dionaea honeypot

  •    Python

Dionaea is meant to be a nepenthes successor, embedding python as scripting language, using libemu to detect shellcodes, supporting ipv6 and tls.

HoneyPy - A low to medium interaction honeypot.

  •    Python

A low interaction honeypot with the capability to be more of a medium interaction honeypot. Feel free to follow the QuickStart Guide to dive in directly. The main documentation can be found at the HoneyPy Docs site.

stack-honeypot - Inserts a trap for spam bots into responses.

  •    PHP

A port of Rack::Honeypot to Stack for PHP. Wrap your HttpKernelInterface app in an instance of CHH\Stack\Honeypot or add it to your middleware stack.

prickly-pete - A script using Docker to quickly bring up some honeypots exposing 16 services

  •    Shell

A script using Docker to quickly bring up some honeypots exposing 16 services. For research, reconnaissance and fun. While originally built to run on a laptop during the DEF CON hacker conference to see how many pings and pokes we could attract, it's a useful tool for research, and reconnaissance to test networks for infestations. I've completely rewritten this (July 2017) to use Docker and Docker-Compose to containerize all the honeypot services, greatly speeding up deployment time while reducing system requirements. prickly-pete uses Docker and Docker-Compose to bring up the following honeypots, automatically, with no configuration or extra steps necessary.

django-honeypot - 🍯 Generic honeypot utilities for use in django projects.

  •    Python

Django application that provides utilities for preventing automated form spam. Provides template tags, view decorators, and middleware to add and verify honeypot fields to forms.

go-sshoney - SSH Honeypot

  •    Go

SSHoney is an SSH honeypot designed purely to log the SSH connection attempts on a given port. It does not go any further than that. SSHoney works by listening on a non-privileged port (2222 by default) and pretends to be an SSH server. When an SSH client connects, SSHoney logs the connection details (IP, username, password and SSH clienr version) to stdout and/or syslog, a log file of your choosing (e.g /var/log/sshoney.log).

honeypot-for-tcp-32764 - Honeypot for router backdoor (TCP 32764)

  •    CoffeeScript

This is a first try to mock the router backdoor "TCP32764" found in several router firmwares at the end of 2013. The POC of the backdoor is located at this repository. This honeypot is not fully compatible to the real backdoor. However, we try to response positive answers for well known tests. Said this, both the poc.py and the web test from Heise recognize this being a real backdoor.

nodebb-plugin-spam-be-gone - yup

  •    Javascript

anti spam using both Akismet.com and StopForumSpam.com

honeybits - A simple tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your systems to lure the attacker toward your honeypots

  •    Go

A simple tool designed to enhance the effectiveness of your traps by spreading breadcrumbs & honeytokens across your production servers and workstations to lure the attacker toward your honeypots. Author: Adel "0x4D31" Karimi.

heralding - Credentials catching honeypot

  •    Python

Sometimes you just want a simple honeypot that collects credentials, nothing more. Heralding is that honeypot! Currently the following protocols are supported: ftp, telnet, ssh, http, https, pop3, pop3s, imap, imaps, smtp and postgresql. You need Python 3.5.0 or higher.

hontel - Telnet Honeypot

  •    Python

HonTel is a Honeypot for Telnet service. Basically, it is a Python v2.x application emulating the service inside the chroot environment. Originally it has been designed to be run inside the Ubuntu environment, though it could be easily adapted to run inside any Linux environment. Setting the environment and running the application requires intermmediate Linux administration knowledge. The whole deployment process can be found "step-by-step" inside the deploy.txt file. Configuration settings can be found and modified inside the hontel.py itself. For example, authentication credentials can be changed from default root:123456 to some arbitrary values (options AUTH_USERNAME and AUTH_PASSWORD), custom Welcome message can be changed from default (option WELCOME), custom hostname (option FAKE_HOSTNAME), architecture (option FAKE_ARCHITECTURE), location of log file (inside the chroot environment) containing all telnet commands (option LOG_PATH), location of downloaded binary files dropped by connected users (option SAMPLES_DIR), etc.