A low/zero interaction ssh authentication logging honeypot. Structured logging ssh-auth-logger logs all authentication attempts as json making it easy to consume in other tools. No more ugly openssh log parsing vulnerabilities. This is normally logged on one line { "client_version": "SSH-2.0-libssh2_1.4.3", "destinationServicename": "sshd", "dpt": "22", "dst": "192.168.1.2", "duser": "root", "level": "info", "msg": "Request with password", "password": "P@ssword1", "product": "ssh-auth-logger", "server_version": "SSH-2.0-OpenSSH_5.3", "spt": "38624", "src": "192.168.1.4", "time": "2017-11-17T19:16:37-05:00" }
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A low-interaction honeypot to detect and analyze attempts to exploit the CVE-2017-10271 vulnerability in Oracle WebLogic Server
A web-based visualization tool that displays statistics and generates charts from Shockpot honeypot data stored in PostgreSQL databases.
A low interaction honeypot to detect CVE-2018-2636 in Oracle Hospitality Applications.
A Docker-based honeypot network implementation featuring cowrie and dionaea honeypots with centralized event collection, geolocation enrichment, and real-time attack visualization.