DShield Docker Logo

DShield Docker

0
Free
Visit Website

This Docker container starts a SSH honeypot (based on Cowrie) and enables the DShield output module to report statistics to the SANS ISC DShield project. Building the image: # git clone https://github.com/xme/dshield-docker # cd dshield-docker # docker build -t dshield/honeypot . Running the image: First, create a configuration file which will contain your DShield account details: # cat env.txt DSHIELD_UID=xxxxxxxxxx DSHIELD_APIKEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx DSHIELD_EMAIL=xxxxxxxxxxxxxxxxxxx Your credentials will be validated and the honeyport properly configured. Don't forget to register[1] if you don't already have an account. [1] https://www.dshield.org/register.html Boot the container: # docker run -d -p 2222:2222 --env-file=env.txt --restart=always --name dshield dshield/honeypot b56e526b6f7c9b6cb419245757b0586f73d7e99089fa93409f3626122990505a # docker logs dshield Validating provided credentials... API key verification succeeded! Starting cowrie... The honeypot is listening to port

FEATURES

ALTERNATIVES

A script for extracting network metadata and fingerprints such as JA3 and HASSH from packet capture files or live network traffic.

Set up your own IPsec VPN server in just a few minutes with IPsec/L2TP, Cisco IPsec, and IKEv2.

AWS Network Firewall provides fine-grained control over network traffic and enables easy deployment of firewall security.

Makes output from the tcpdump program easier to read and parse.

An open-source security tool for testing data center resiliency to perimeter breaches and internal server infection.

A honeypot system designed to detect and analyze potential security threats

PCAPdroid is a privacy-friendly app for tracking, analyzing, and blocking network connections on your device.

A fast and flexible HTTP enumerator for content discovery and credential bruteforcing