This Docker container starts a SSH honeypot (based on Cowrie) and enables the DShield output module to report statistics to the SANS ISC DShield project. Building the image: # git clone https://github.com/xme/dshield-docker # cd dshield-docker # docker build -t dshield/honeypot . Running the image: First, create a configuration file which will contain your DShield account details: # cat env.txt DSHIELD_UID=xxxxxxxxxx DSHIELD_APIKEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx DSHIELD_EMAIL=xxxxxxxxxxxxxxxxxxx Your credentials will be validated and the honeyport properly configured. Don't forget to register[1] if you don't already have an account. [1] https://www.dshield.org/register.html Boot the container: # docker run -d -p 2222:2222 --env-file=env.txt --restart=always --name dshield dshield/honeypot b56e526b6f7c9b6cb419245757b0586f73d7e99089fa93409f3626122990505a # docker logs dshield Validating provided credentials... API key verification succeeded! Starting cowrie... The honeypot is listening to port
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A Linux command-line tool that allows you to kill in-progress TCP connections based on a filter expression, useful for libnids-based applications that require a full TCP 3-way handshake for TCB creation.
Tor Browser is a free and open-source software that allows users to browse the internet anonymously and privately.
A free, open-source network protocol analyzer for capturing and displaying packet-level data.
A free DNS recursive service that blocks malicious host names and protects user privacy.
pfSense is a leading open source firewall and network security solution, providing advanced protection and connectivity options.
Tcpreplay is a suite of Open Source utilities for editing and replaying captured network traffic.
A blog sharing packet capture files and malware samples for training and analysis, with archived posts and traffic analysis exercises.
Suricata offers real-time intrusion detection, intrusion prevention, and network monitoring.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.