17 tools and resources
SSHGuard protects hosts from brute-force attacks by monitoring system logs, detecting attacks, and blocking attackers using a firewall.
GridPot is a cybersecurity tool that integrates GridLAB-D, Conpot, and libiec61850 to simulate and detect attacks on industrial control systems (ICS).
A serverless application for creating and monitoring URL tokens with threat intelligence and customizable alerts.
Honeytrap is a low-interaction honeypot and network security tool with various modes of operation and plugin support for catching attacks against TCP and UDP services.
A honeypot designed to detect and analyze malicious activities in instant messaging platforms.
Hived is a honeypot tool for deceiving attackers and gathering information.
Medium interaction SSH honeypot for logging brute force attacks and shell interactions.
An open source honeypot for NoSQL databases with support for Redis and additional features for detecting attackers and logging attack incidents.
A modified version of OpenSSH deamon forwarding commands to Cowrie for logging brute force attacks and shell interactions.
A cybersecurity concept categorizing indicators of compromise based on their level of difficulty for threat actors to change.
NotRuler is a tool for Exchange Admins to detect client-side Outlook rules and VBScript enabled forms, aiding in the detection of attacks created through Ruler.
Kippo is a medium interaction SSH honeypot with fake filesystem and session logging capabilities.
6Guard is an IPv6 attack detector sponsored by Google Summer of Code 2012 and supported by The Honeynet Project organization.
A honeypot system that detects and identifies attack commands, recon attempts, and download commands, mimicking a vulnerable Elasticsearch instance.
A low-interaction honeypot that logs IP addresses, usernames, and passwords used by clients connecting via SSH, primarily used for gathering intelligence on brute force attacks.
A Go-based honeypot server for detecting and logging attacker activity
Honeypot platform for tracking and monitoring UDP-based DDoS attacks with support for various honeypot services.
