ESPot
ElasticSearch honeypot to capture attempts to exploit CVE-2014-3120, with logging and daemon options.
bap is a webservice honeypot that logs HTTP basic authentication credentials in a 'parser friendly format'. The webservice responds with 401 WWW-Authenticate: Basic realm='ADMIN' for HEAD and GET requests, and generates an error response for other HTTP methods. No valid username/password exists, only credentials are logged. Configuration involves setting HTTP_ADDR and HTTP_PORT in bap.py, with default binding to *:8080. Running bap.py starts the service, while start-bap-debian.sh and stop-bap-debian.sh manage background execution. Logging occurs in pot.log in the same directory as bap.py, with entries in the format: [Date Time] Client_address:Client_port Auth_method Decoded_auth_string.
ElasticSearch honeypot to capture attempts to exploit CVE-2014-3120, with logging and daemon options.
An active and aggressive honeypot tool for network security.
A tool to bypass Content Security Policy (CSP) restrictions
A tool to leak git repositories from misconfigured websites
Low-interaction VNC honeypot for logging responses to a static VNC Auth challenge.
A list of services and how to claim (sub)domains with dangling DNS records.