Delilah Honeypot Logo

Delilah Honeypot

0
Free
Visit Website

Delilah is a honeypot system inspired by Jordan Wright’s Elastichoney that detects and identifies attack commands, recon attempts, and download commands. It acts as a vulnerable Elasticsearch instance that detects and identifies attack commands, recon attempts, and download commands. Whenever an attacker issues a download command, Delilah will attempt to download the file the attacker is attempting to introduce on a victim's system. Whenever Delilah detects an attacker's commands, a notification email is sent to one or more email addresses in order to alert analysts in real-time of incoming attacks. Delilah provides a variety of configurable parameters to mimic Elasticsearch instances and prevent an attacker from easily determining that they are interacting with a honeypot. Multiple Delilah nodes can be installed to form a network of sensors. To more easily view the sensor network, analysts should use the

FEATURES

ALTERNATIVES

WordPress honeypot tool running in a Docker container for monitoring access attempts.

A webapp for displaying statistics about your kippo SSH honeypot.

Python telnet honeypot for catching botnet binaries

Apache 2 based honeypot for detecting and blocking Struts CVE 2017-5638 exploit with added support for content disposition filename parsing vulnerability.

A medium interaction printer honeypot that simulates a standard networked printer

An easy to set up SSH honeypot for logging SSH connections and activity.

KFSensor is an advanced Windows honeypot system for detecting hackers and worms by simulating vulnerable system services.

A script for setting up a dionaea and kippo honeypot using Docker images.

PINNED