This SSH daemon will accept any username/password/key. It only allows 'session' channels (not port forwards or SFTP). It will present a fake shell and record any commands that people attempt to run, along with the date and their IP. It will log all sessions to: /var/log/gohoney/gohoney-yyyymmdd.log Build & Run First download and install Go. On OSX this is as easy as: $ brew install go For other linux/windows/freebsd check http://golang.org Then build it! # Clone this repo $ git clone https://github.com/PaulMaddox/gohoney.git # Fetch all of the Go module dependencies $ cd gohoney $ go get ./... # Build it! $ go build main.go Usage Usage: ./gohoney -b <bind address> -p <port>
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A honeypot tool to detect and log CVE-2019-19781 scan and exploitation attempts.
A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.
An open-source Python software for creating honeypots and honeynets securely.
A subset of the Modern Honey Network project set up to run in docker, including hpfeeds broker, cowrie honeypot, and dionaea honeypot.
Apache 2 based honeypot for detecting and blocking Struts CVE 2017-5638 exploit with added support for content disposition filename parsing vulnerability.
A full featured script to visualize statistics from a Shockpot honeypot, based on Kippo-Graph and utilizing various PHP libraries.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.