DemonHunter is a distributed low interaction honeypot with an Agent/Master design. Agents are honeypots of different protocols, and the master receives attack information to show to honeypot administrators. By using DemonHunter, you can choose from various protocol handlers like Apache(v2.4.18) or Nginx(1.10.0) without needing to install anything extra on your server. Each Agent can handle multiple protocols, and each master can manage an unlimited number of agents. DemonHunter is developed under python3.6 and may work on python3.5. For documentation, visit http://demonhunter.readthedocs.io. To install the latest version, use: $ pip install git+https://github.com/RevengeComing/DemonHunter.git or $ pip install demonhunter from PyPI. To run DemonHunter, execute dh_run for the Master and set up Agents (Honeypots). Running the dh cli will start the master at http://127.0.0.1:8000 with a sqlitedb in the current directory.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A WordPress plugin that logs failed login attempts to help monitor unauthorized access attempts on WordPress websites.
A serverless application that creates and monitors fake HTTP endpoints as honeytokens to detect attackers, malicious insiders, and automated threats.
A low-interaction honeypot to detect and analyze attempts to exploit the CVE-2017-10271 vulnerability in Oracle WebLogic Server
A web-based visualization tool that displays statistics and generates charts from Shockpot honeypot data stored in PostgreSQL databases.
A low interaction client honeypot that detects malicious websites using signature, anomaly and pattern matching techniques with automated URL collection and JavaScript analysis capabilities.
An SDN honeypot tool for detecting and analyzing malicious activities in Software-Defined Networking environments.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.