Express Honeypot
A honeypot for remote file inclusion (RFI) and local file inclusion (LFI) using fake URLs to catch scanning bots and malwares.
SNARE is a web application honeypot sensor attracting all sort of maliciousness from the Internet. Documentation can be found here. Basic Concepts: Surface first. Focus on the attack surface generation. Sensors and masters. Lightweight collectors (SNARE) and central decision maker (tanner). Getting started: You need Python3.6 to run SNARE. This was tested with a recent Ubuntu based Linux. Steps to setup: Get SNARE: git clone https://github.com/mushorg/snare.git and cd snare [Optional] Make virtual environment: python3 -m venv venv [Optional] Activate virtual environment: . venv/bin/activate Note: Do not use sudo with below commands if you're running snare in virtual environment. Install requirements: sudo pip3 install -r requirements.txt Setup snare: sudo python3 setup.py install Clone a page: sudo clone --target http://example.com --path <path to base dir> Run SNARE: sudo snare --port 8080 --page-dir example.com --path <path to base dir> Test: Visit http://localhost:8080/index.html Optionally have your own tanner service running. [Note : Cloner clones the whole website, to restrict to a desired depth of cloning.
A honeypot for remote file inclusion (RFI) and local file inclusion (LFI) using fake URLs to catch scanning bots and malwares.
Honeypot for Telnet service with configurable settings.
A PoC tool for utilizing GPT3.5 in developing an SMTP honeypot.
A modern directory scanner that can be used to find hidden directories and files on a web server.
Troje is a honeypot that creates a realistic environment within lxc containers to monitor and record traffic and changes to drives.
A simple honeypot that collects credentials across various protocols