bap Logo

bap

0
Free
Visit Website

bap is a webservice honeypot that logs HTTP basic authentication credentials in a 'parser friendly format'. The webservice responds with 401 WWW-Authenticate: Basic realm='ADMIN' for HEAD and GET requests, and generates an error response for other HTTP methods. No valid username/password exists, only credentials are logged. Configuration involves setting HTTP_ADDR and HTTP_PORT in bap.py, with default binding to *:8080. Running bap.py starts the service, while start-bap-debian.sh and stop-bap-debian.sh manage background execution. Logging occurs in pot.log in the same directory as bap.py, with entries in the format: [Date Time] Client_address:Client_port Auth_method Decoded_auth_string.

FEATURES

ALTERNATIVES

A tool for exploiting SSRF and gaining RCE in various servers

A honeypot for the Log4Shell vulnerability (CVE-2021-44228) with various detection and logging features.

A security platform that automates the deployment and management of security canaries across cloud infrastructure to detect potential intrusions and unauthorized access.

Commercial

A low interaction honeypot to detect CVE-2018-2636 in Oracle Hospitality Applications.

An observation camera honeypot for proof-of-concept purposes

A web application honeypot sensor attracting malicious traffic from the Internet

Honeypot for analyzing data with customizable services and logging capabilities.

A honeypot tool that simulates an open relay to capture and analyze spam

PINNED