django-kippo
Django App for the SSH Honeypot called 'kippo'
This unfortunately named program listens for incoming ssh connections and logs the IP address, username, and password used by the client. It is a low-interaction honeypot that does not allow malware or attackers to login. Originally written to gather rudimentary intelligence on brute force attacks, it is not meant for production usage. It is commonly used at attack/defend CTFs paired with sshunt: https://github.com/droberson/sshunt To set up, make sure headers/development packages are installed for: libssh, openssl, libjson-c, and libpcap. For Linux, run: apt install libssh-dev libjson-c-dev libpcap-dev libssl-dev Build and run with: make ssh-keygen -t rsa -f ./ssh-honeypot.rsa bin/ssh-honeypot -r ./ssh-honeypot.rsa For OSX (experimental/unsupported), ensure xcode is up to date and install libssh and json-c with brew. Specify MakefileOSX with make: make -f MakefileOSX
Django App for the SSH Honeypot called 'kippo'
A DNS server for executing DNS Rebinding attacks
LaBrea is a 'sticky' honeypot and IDS tool that traps malicious actors by creating virtual servers on unused IP addresses.
Honeypot platform for tracking and monitoring UDP-based DDoS attacks with support for various honeypot services.
A basic Flask-based Outlook Web App (OWA) honeypot for cybersecurity experimentation.
A high-interaction honeypot solution for detecting and analyzing SMB-based attacks