Ensnare Logo

Ensnare

0
Free
Visit Website

Ensnare is packaged as a gem plugin for Ruby on Rails and was developed to allow configuring and deploying a basic malicious behavior detection and response scheme in less than ten minutes. Ensnare uses a combination of Honey Traps to entice malicious users, and a configurable suite of Trap Responses to confuse, allude, delay, or stop an attacker. Already heard about the tool and want to try it out? Do it! - Install the gem by adding it to your project's Gemfile: gem 'ensnare', :git => 'git@github.com:ahoernecke/Ensnare.git' - Install the gem: bundle install - Run the migrations for Ensnare: rake ensnare:install:migrations rake db:migrate - Enable parameter tampering for your application by changing the mass_assignment_sanitizer: vi config/environments/<ENVIRONMENT>.rb - Set config.active_record.mass_assignment_sanitizer to logger: config.active_record.mass_assignment_sanitizer = :logger - Enable Ensnare in your application_controller.rb file: vi app/controllers/application_controller.rb - Append the following filter below protect_from_forgery in your application_controller.rb file: before_filter :ensnare - Add the following to the end of your routes.rb file: mount Ensnare::Engine => "/ensnare", :a

FEATURES

ALTERNATIVES

High-performance remote packet capture and collection tool used for forensic analysis in cloud workloads.

A fast and simple recursive content discovery tool

A powerful command-line packet analyzer and a portable C/C++ library for network traffic capture with comprehensive documentation.

pfSense is a leading open source firewall and network security solution, providing advanced protection and connectivity options.

6Guard is an IPv6 attack detector sponsored by Google Summer of Code 2012 and supported by The Honeynet Project organization.

A module for loading Bro logs as tables in Osquery

A technique to associate applications with TLS parameters for identifying malware and vulnerable applications.