SNARE is a web application honeypot sensor attracting all sort of maliciousness from the Internet. Documentation can be found here. Basic Concepts: Surface first. Focus on the attack surface generation. Sensors and masters. Lightweight collectors (SNARE) and central decision maker (tanner). Getting started: You need Python3.6 to run SNARE. This was tested with a recent Ubuntu based Linux. Steps to setup: Get SNARE: git clone https://github.com/mushorg/snare.git and cd snare [Optional] Make virtual environment: python3 -m venv venv [Optional] Activate virtual environment: . venv/bin/activate Note: Do not use sudo with below commands if you're running snare in virtual environment. Install requirements: sudo pip3 install -r requirements.txt Setup snare: sudo python3 setup.py install Clone a page: sudo clone --target http://example.com --path <path to base dir> Run SNARE: sudo snare --port 8080 --page-dir example.com --path <path to base dir> Test: Visit http://localhost:8080/index.html Optionally have your own tanner service running. [Note : Cloner clones the whole website, to restrict to a desired depth of cloning.
FEATURES
ALTERNATIVES
A script for setting up a dionaea and kippo honeypot using Docker images.
A modified version of OpenSSH deamon forwarding commands to Cowrie for logging brute force attacks and shell interactions.
An extensible and open-source system for running, monitoring, and managing honeypots with advanced features.
PINNED

InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Check Point CloudGuard WAF
A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.