BW-Pot Logo

BW-Pot

0
Free
Visit Website

BW-Pot (Breakable Web applications honeyPot) is a highly interactive honeypot targeting HTTP or HTTPS, observing access from attackers by building easily targeted and compromised web applications. It forwards logs to Google BigQuery for accumulation and visualization, features frequent attack target web app environment usage, daily automatic restoration to a clean environment, real-time log integration with Google BigQuery, automatic log rotation, and saving packet capture files for detailed analysis, operable on low-spec servers. Architecture/Specification: Refer to the architecture diagram and detailed specifications. Installation: Hardware Requirements: 2GB RAM, 10GB SSD, Internet Connection. Software Requirements: Docker, Docker-Compose, logrotate. Service Account Requirements: Google Cloud Platform Account. Usage: Analyze logs forwarded to BigQuery using SQL execution in BigQuery's WebUI, create dashboards specifying BigQuery tables as data sources in the data portal. Licenses: Apache License v2 for Docker, Fluentd, Apache Tomcat; GPL v2 for Wireshark (tshark), WordPress, phpMyAdmin; BSD License for WOWHoneypot. Author: graneed. ToDo: Add Drupal to web applications, store network capture files in /data/tshark/dump/ for download and inspection with WireShark, etc., for log preservation, consider Amazon S3.

FEATURES

ALTERNATIVES

An automation framework for subdomain bruteforcing

A honeypot daemon project for processing, filtering, and redirecting incoming traffic to a sandbox environment.

A high-interaction honeypot system supporting the Redis protocol.

GHH is a honeypot tool to defend against search engine hackers using Google as a hacking tool.

A web application honeypot sensor attracting malicious traffic from the Internet

A tool to bypass Content Security Policy (CSP) restrictions

A project providing honeypots for embedded device vulnerabilities with support for AWS integration and JSON output.

Honeypot platform for tracking and monitoring UDP-based DDoS attacks with support for various honeypot services.