rdppot Logo

rdppot

0
Free
Visit Website

Listens on port 3389, on a new connection it'll create a session & assign a virtual machine from a pool to that session. After 300 seconds (default) of the session being opened or 30 seconds (default) of no activity, the connection will be closed, and the session will be terminated. It stores a copy of the disk & a full pcap, runs Suricata against the pcap, and saves the output with the disk image and the pcap. Requirements: qemu, libvirt, Python3.7, Suricata, tcpdump. Suricata installation steps included.

FEATURES

ALTERNATIVES

A Go-based honeypot server for detecting and logging attacker activity

A low-interaction SSH authentication logging honeypot that logs all authentication attempts in JSON format.

A web application honeypot sensor attracting malicious traffic from the Internet

A honeypot tool with RDP and VNC feed support.

Medium interaction SSH honeypot for logging brute force attacks and shell interactions.

Distributed low interaction honeypot with Agent/Master design supporting various protocol handlers.

bap is a webservice honeypot that logs HTTP basic authentication credentials.

IMAP-Honey is a honeypot tool for IMAP and SMTP protocols with support for logging to console or syslog.

PINNED