mhn-core-docker Logo

mhn-core-docker

A Docker-based honeypot network implementation featuring cowrie and dionaea honeypots with centralized event collection, geolocation enrichment, and real-time attack visualization.

34
Security Operations
Free
Visit website
0

mhn-core-docker Description

A Docker-based implementation of a subset of the Modern Honey Network project that provides a containerized honeypot infrastructure. The system consists of multiple Docker containers working together: - A broker container that runs an hpfeeds broker, allowing clients to publish to channels or subscribe to channels - A cowrie container that runs the cowrie SSH/Telnet honeypot and connects to the broker to publish attack events - A dionaea container that runs the dionaea multi-protocol honeypot, connects to the broker, publishes events, and stores captured malware binaries Additional components include: - A geoloc application that subscribes to cowrie channel events and adds geolocation information - A honeymap application that creates a visual map of attacks by subscribing to the geoloc channel and serving it on port 3000 The setup requires creating a Docker network with static IP addressing and building the broker image from the provided repository. The system provides real-time visualization of honeypot activity through the web-based honeymap interface.

FEATURED

Proton Pass Logo

Password manager with end-to-end encryption and identity protection features

NordVPN Logo

VPN service providing encrypted internet connections and privacy protection

Mandos Fractional CISO Services Logo

Fractional CISO services for B2B companies to accelerate sales and compliance

Stay Updated with Mandos Brief

Get the latest cybersecurity updates in your inbox

POPULAR

RoboShadow Logo

Automated vulnerability assessment and remediation platform

10
TestSavantAI Logo

Security platform that provides protection, monitoring and governance for enterprise generative AI applications and LLMs against various threats including prompt injection and data poisoning.

5
Cybersec Feeds Logo

A threat intelligence aggregation service that consolidates and summarizes security updates from multiple sources to provide comprehensive cybersecurity situational awareness.

5
Fabric Platform by BlackStork Logo

Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.

5
Mandos Brief Newsletter Logo

A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

5
View Popular Tools →