A honeypot mimicking Tomcat manager endpoints to log requests and save attacker's WAR files for analysis.
Helix is a versatile honeypot designed to mimic the behavior of various protocols including Kubernetes API server, HTTP, TCP, and UDP, serving as an active defense mechanism. Its primary goal is to detect malicious activities targeting infrastructure across different protocols without running a full-scale implementation. Helix provides the flexibility of deploying a customized honeypot that meets the specific requirements of your environment, thereby enhancing your ability to detect and mitigate threats. Features: - Multi-Protocol Emulation: Helix emulates the behavior of various protocols including Kubernetes API server, HTTP, TCP, and UDP. - Kubernetes API Emulation: In Kubernetes mode, Helix mimics a Kubernetes API server, providing responses to various API endpoints and generating random Kubernetes resources such as pods, namespaces, ingress, and secrets. - HTTP, TCP, and UDP Emulation: Helix can also run as a simple HTTP, TCP, or UDP server, providing basic responses to requests.
A honeypot mimicking Tomcat manager endpoints to log requests and save attacker's WAR files for analysis.
SSH honeypot with rich features for recording and analyzing malicious activities.
A full featured script to visualize statistics from a Shockpot honeypot, based on Kippo-Graph and utilizing various PHP libraries.
A local file inclusion exploitation tool
Find domains and subdomains related to a given domain
GHH is a honeypot tool to defend against search engine hackers using Google as a hacking tool.
