Ensnare Logo

Ensnare

0
Free
Visit Website

Ensnare is packaged as a gem plugin for Ruby on Rails and was developed to allow configuring and deploying a basic malicious behavior detection and response scheme in less than ten minutes. Ensnare uses a combination of Honey Traps to entice malicious users, and a configurable suite of Trap Responses to confuse, allude, delay, or stop an attacker. Already heard about the tool and want to try it out? Do it! - Install the gem by adding it to your project's Gemfile: gem 'ensnare', :git => 'git@github.com:ahoernecke/Ensnare.git' - Install the gem: bundle install - Run the migrations for Ensnare: rake ensnare:install:migrations rake db:migrate - Enable parameter tampering for your application by changing the mass_assignment_sanitizer: vi config/environments/<ENVIRONMENT>.rb - Set config.active_record.mass_assignment_sanitizer to logger: config.active_record.mass_assignment_sanitizer = :logger - Enable Ensnare in your application_controller.rb file: vi app/controllers/application_controller.rb - Append the following filter below protect_from_forgery in your application_controller.rb file: before_filter :ensnare - Add the following to the end of your routes.rb file: mount Ensnare::Engine => "/ensnare", :a

FEATURES

ALTERNATIVES

Safing Portmaster is an open-source application firewall that monitors network connections, blocks trackers system-wide, and allows custom filtering rules at both global and per-application levels.

A powerful command-line packet analyzer and a portable C/C++ library for network traffic capture with comprehensive documentation.

A simple text viewer for Prompt(1) sessions

A fast and multi-purpose HTTP toolkit for sending HTTP requests and parsing responses

A bash script for scanning a target network for HTTP resources through XXE

Load-balancing solution by Microsoft Azure with global infrastructure and financial guidance.

Mass IP port scanner for Internet-scale scanning with high speed and flexibility.

A Linux command-line tool that allows you to kill in-progress TCP connections based on a filter expression, useful for libnids-based applications that require a full TCP 3-way handshake for TCB creation.