Script for turning a Raspberry Pi into a Honey Pot Pi. To install, copy these scripts to your Raspberry Pi and execute: chmod +x ./*.sh ./honeypotcreate.sh To start the XRDP honeypot run the following command: ./honeypotstart.sh (or the actual xrdp command) sudo /etc/xrdp/xrdp.sh start The login of failed attempts will be located at: /var/log/xrdp.log You can filter for failed logins in a very crude manner: ./honeypotloggedcredentials.sh (or the actual xrdp command) sudo cat /var/log/xrdp.log | grep USER: ...and check the raw log by typing: ./honeypotrawlog.sh (or the actual xrdp command) sudo cat /var/log/xrdp.log You can also check your Pi's temperature by typing: ./pitemp.sh If you would like to have some live monitoring, which shows the logged credentials and the current date every 30 seconds, type: ./honeypotmonitor.sh The monitor is very useful if you enter LXDE / windowed mode by typing: startx ...then you can open a terminal window and run the honeypotmonitor.sh on one desktop, ...and run etherape on another desktop by typing into a new terminal window: sudo etherape ...and run wireshark on another desktop by typing into a new terminal window: sudo wireshark
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
An SDN honeypot tool for detecting and analyzing malicious activities in Software-Defined Networking environments.
A honeypot tool to detect and log CVE-2019-19781 scan and exploitation attempts.
A full featured script to visualize statistics from a Shockpot honeypot, based on Kippo-Graph and utilizing various PHP libraries.
A subset of the Modern Honey Network project set up to run in docker, including hpfeeds broker, cowrie honeypot, and dionaea honeypot.
Apache 2 based honeypot for detecting and blocking Struts CVE 2017-5638 exploit with added support for content disposition filename parsing vulnerability.
A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.
A low-interaction honeypot to detect and analyze attempts to exploit the CVE-2017-10271 vulnerability in Oracle WebLogic Server
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.