HoneypotPi
Script for turning a Raspberry Pi into a Honey Pot Pi. To install, copy these scripts to your Raspberry Pi and execute: chmod +x ./*.sh ./honeypotcreate.sh To start the XRDP honeypot run the following command: ./honeypotstart.sh (or the actual xrdp command) sudo /etc/xrdp/xrdp.sh start The login of failed attempts will be located at: /var/log/xrdp.log You can filter for failed logins in a very crude manner: ./honeypotloggedcredentials.sh (or the actual xrdp command) sudo cat /var/log/xrdp.log | grep USER: ...and check the raw log by typing: ./honeypotrawlog.sh (or the actual xrdp command) sudo cat /var/log/xrdp.log You can also check your Pi's temperature by typing: ./pitemp.sh If you would like to have some live monitoring, which shows the logged credentials and the current date every 30 seconds, type: ./honeypotmonitor.sh The monitor is very useful if you enter LXDE / windowed mode by typing: startx ...then you can open a terminal window and run the honeypotmonitor.sh on one desktop, ...and run etherape on another desktop by typing into a new terminal window: sudo etherape ...and run wireshark on another desktop by typing into a new terminal window: sudo wireshark
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A low-interaction honeypot to detect and analyze attempts to exploit the CVE-2017-10271 vulnerability in Oracle WebLogic Server
A low interaction honeypot to detect CVE-2018-2636 in Oracle Hospitality Applications.
A web-based visualization tool that displays statistics and generates charts from Shockpot honeypot data stored in PostgreSQL databases.
A plugin repository that extends the Honeycomb honeypot framework with additional features and capabilities for enhanced threat detection and analysis.
A low-interaction SSH authentication logging honeypot that logs all authentication attempts in JSON format.
PINNED
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.