Manuka by SpaceRaccoon Logo

Manuka by SpaceRaccoon

0
Free
Visit Website

Manuka is an Open-source intelligence (OSINT) honeypot that monitors reconnaissance attempts by threat actors and generates actionable intelligence for Blue Teamers. It creates a simulated environment consisting of staged OSINT sources, such as social media profiles and leaked credentials, and tracks signs of adversary interest, closely aligning to MITRE’s PRE-ATT&CK framework. Manuka gives Blue Teams additional visibility of the pre-attack reconnaissance phase and generates early-warning signals for defenders. Although they vary in scale and sophistication, most traditional honeypots focus on networks. These honeypots uncover attackers at Stage 2 (Weaponization) to 7 (Actions on Objectives) of the cyber kill chain, with the assumption that attackers are already probing the network. Manuka conducts OSINT threat detection at Stage 1 (Reconnaissance) of the cyber kill chain. Despite investing millions of dollars into network defenses, organisations can be easily compromised through a single Google search. One recent example is hackers exposing corporate meetings, therapy sessions, and college classes through Zoom calls left on the open Web. Enterprises need to detect and deter these types of attacks. Manuka is designed to help organisations stay ahead of the attackers by providing real-time insights into the reconnaissance phase of the cyber kill chain.

FEATURES

ALTERNATIVES

A simple Postgres honey pot inspired by Elastichoney.

Parse Cowrie honeypot logs into a Neo4j database.

Script for turning a Raspberry Pi into a Honey Pot Pi with various monitoring and logging capabilities.

Apache 2 based honeypot for detecting and blocking Struts CVE 2017-5638 exploit with added support for content disposition filename parsing vulnerability.

Ansible role for deploying and managing Bifrozt honeypots

A project providing honeypots for embedded device vulnerabilities with support for AWS integration and JSON output.

A tool for embedding XXE/XML exploits into different filetypes

A honeypot for the Log4Shell vulnerability (CVE-2021-44228) with various detection and logging features.

PINNED