HoneyAlarmG2
A simplified UI for showing honeypot alarms for the DTAG early warning system
The High Interaction Honeypot Analysis Toolkit (HIHAT) allows to transform arbitrary PHP applications into web-based high-interaction Honeypots. Furthermore a graphical user interface is provided which supports the process of monitoring the Honeypot and analysing the acquired data. Features: * automatically scans for known attacks. * detects SLQ-Injections, (Remote) File-Inlcusions, Cross-Site Scripting (XSS), Download attempts for malicious files e.g. with WGET or CURL, Command-Injections, etc. * provides an overview mode which allows you to look and scan for new incidents quickly (semi-automatic mode). * supports detailed information about all data correlated with every access to the honeypot. * saves copies of malicious tools in a secured place for later analysis. * provides a geographical, IP-based mapping about the attack sources. * generates numerous statistics about all traffic recognized at the system.
A simplified UI for showing honeypot alarms for the DTAG early warning system
WordPress honeypot tool running in a Docker container for monitoring access attempts.
Medium interaction SSH honeypot for logging brute force attacks and shell interactions.
A honeypot for the Log4Shell vulnerability (CVE-2021-44228) with various detection and logging features.
A tool for testing subdomain takeover possibilities at a mass scale.
A configurable DNS honeypot with SQLite logging and Docker support.