ssh-auth-logger Logo

ssh-auth-logger

0
Free
Visit Website

A low/zero interaction ssh authentication logging honeypot. Structured logging ssh-auth-logger logs all authentication attempts as json making it easy to consume in other tools. No more ugly openssh log parsing vulnerabilities. This is normally logged on one line { "client_version": "SSH-2.0-libssh2_1.4.3", "destinationServicename": "sshd", "dpt": "22", "dst": "192.168.1.2", "duser": "root", "level": "info", "msg": "Request with password", "password": "P@ssword1", "product": "ssh-auth-logger", "server_version": "SSH-2.0-OpenSSH_5.3", "spt": "38624", "src": "192.168.1.4", "time": "2017-11-17T19:16:37-05:00" }

FEATURES

ALTERNATIVES

A honeypot tool to mimic the router backdoor 'TCP32764' found in various router firmwares, providing a way to test for vulnerabilities.

A low-interaction honeypot that logs IP addresses, usernames, and passwords used by clients connecting via SSH, primarily used for gathering intelligence on brute force attacks.

A PoC tool for utilizing GPT3.5 in developing an SMTP honeypot.

Parse Cowrie honeypot logs into a Neo4j database.

The DShield Raspberry Pi Sensor is a tool that turns a Raspberry Pi into a honeypot to collect and submit security logs to the DShield project for analysis.

Medium interaction SSH Honeypot with multiple virtual hosts and sandboxed filesystems.

A tool for embedding XXE/XML exploits into different filetypes

An Open-source intelligence (OSINT) honeypot that monitors reconnaissance attempts by threat actors and generates actionable intelligence for Blue Teamers.

PINNED