Honeypot Setup Script
A script to install and deploy a honeypot automatically and without user interaction. Currently installs and sets up: kippo, dionaea, p0f. These will all be installed as system services so running this script once should turn a vanilla install into a robust honeypot. Aims to use useful and secure defaults. Currently tested on Ubuntu 12.04. Use with caution: This script will happily and without prompt overwrite files, change the port your SSH server runs and all sorts. It is intended to be run on a vanilla install of Ubuntu 12.04. No thoughts have been made for the integrity of existing installations of software - so be careful! Usage: This script can cause damage to your system. It is meant only to be used on a vanilla installation. Only run this if you know what you are doing. wget -q https://raw.github.com/andrewmichaelsmith/honeypot-setup-script/master/setup.bash -O /tmp/setup.bash && bash /tmp/setup.bash. Effects: Moves SSH server from port 22 to 65534. Installs Dionaea, Kippo, p0f. Sets up Dionaea, Kippo, and p0f as system services that run on startup. Directory Structure: Logging Dionaea: /var/dionaea/, Kippo: /var/kippo/, p0f: /var/p0f/.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A low-interaction honeypot to detect and analyze attempts to exploit the CVE-2017-10271 vulnerability in Oracle WebLogic Server
A WordPress plugin that logs failed login attempts to help monitor unauthorized access attempts on WordPress websites.
A Docker-based honeypot network implementation featuring cowrie and dionaea honeypots with centralized event collection, geolocation enrichment, and real-time attack visualization.
A low-interaction SSH authentication logging honeypot that logs all authentication attempts in JSON format.
A serverless application that creates and monitors fake HTTP endpoints as honeytokens to detect attackers, malicious insiders, and automated threats.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.