honeydet Logo

honeydet

1
Free
Visit Website

honeydet is a signature based, multi-step, high interaction, multi-threaded honeypot detection tool written in Golang. It can detect honeypots based upon the premise that, given a set of specifically crafted requests they will generate a unique and identifying response. It can be run either as a web server, a command line tool, or as a web API. Signatures support multi-step, hex, string and regex detection on TCP and UDP. Features a SQL backend for persistent scans which can be managed through the web interface. Shodan API integration for non-private IPs, automatically adds shodan host information when the flag is set (currently CLI only) Signatures The signature list is growing as I run through different methods of fuzzing, reverse engineering and comparing real protocols and servers to their emulated counterparts. I continue to add features to the signature format as required, and will extend the applications support of protocols using additional libraries as needed for things like DICOM and Modbus. Frontend Features: Multi-threaded, and now super fast. /24 single port scan in around 1 second Supports single and multiple target

FEATURES

ALTERNATIVES

A low-interaction honeypot for detecting and analyzing security threats

A honeypot system that allows you to set up a decoy API to detect and analyze potential security threats.

A mini webserver with FTP support for XXE payloads

Medium interaction SSH honeypot for logging brute force attacks and shell interactions.

IMAP-Honey is a honeypot tool for IMAP and SMTP protocols with support for logging to console or syslog.

bap is a webservice honeypot that logs HTTP basic authentication credentials.

Honeypot for analyzing data with customizable services and logging capabilities.

Honeypot tool with bug-catching capabilities and support for multiple protocols.

PINNED