AMT Honeypot Logo

AMT Honeypot

0
Free
Visit Website

A honeypot for Intel's AMT Firmware Vulnerability CVE-2017-5689. It replicates the behavior of Intel's AMT management service and serves content pulled from a HP machine to an attacker if successfully exploited. It can be built using the command `go build` and run using the command `./amthoneypot [logfile.txt]`. It also supports persistent execution using the command `nohup ./amthoneypot logfile.txt &`. Additionally, it lacks templating to make content dynamic/random and error checking. This tool is useful for detecting and preventing attacks on Intel's AMT firmware vulnerability CVE-2017-5689.

FEATURES

ALTERNATIVES

A subdomain finder tool

High interaction honeypot solution for Linux systems with data control and integrity features.

Parse Cowrie honeypot logs into a Neo4j database.

A full featured script to visualize statistics from a Shockpot honeypot, based on Kippo-Graph and utilizing various PHP libraries.

Honeytrap is a low-interaction honeypot and network security tool with various modes of operation and plugin support for catching attacks against TCP and UDP services.

A tool to bypass Content Security Policy (CSP) restrictions

Medium interaction SSH Honeypot with multiple virtual hosts and sandboxed filesystems.

A list of services and how to claim (sub)domains with dangling DNS records.

PINNED