ssh-honeypotd
A low-interaction SSH honeypot written in C. Command Line Options: Usage: ssh-honeypotd [options]... Mandatory arguments to long options are mandatory for short options too. Options: -k, --host-key FILE: the file containing the private host key (RSA, DSA, ECDSA, ED25519) -b, --address ADDRESS: the IP address to bind to (default: 0.0.0.0) -p, --port PORT: the port to bind to (default: 22) -P, --pid FILE: the PID file (if not specified, the daemon will run in the foreground) -n, --name NAME: the name of the daemon for syslog (default: ssh-honeypotd) -u, --user USER: drop privileges and switch to this USER (default: daemon or nobody) -g, --group GROUP: drop privileges and switch to this GROUP (default: daemon or nogroup) -x, --no-syslog: log messages only to stderr (only works with --foreground) -f, --foreground: do not daemonize -h, --help: display help and exit -v, --version: output version information and exit -k option must be specified at least once if ssh-honeypots is compiled against libssh prior to 0.8.0 (note that in Ubuntu (and possibly Debian), libssh 0.8.0 is detected as 0.7.0 because of a bug in libssh.h). For newer libssh versions, the host key is generated automatically.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
Tcpdump is a command-line packet analyzer for capturing and analyzing network traffic.
A Linux command-line tool that allows you to kill in-progress TCP connections based on a filter expression, useful for libnids-based applications that require a full TCP 3-way handshake for TCB creation.
Tcpreplay is a suite of Open Source utilities for editing and replaying captured network traffic.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Unfurl is a URL analysis tool that extracts and visualizes data from URLs, breaking them down into components and presenting the information visually.
WiGLE.net is a platform that collects and provides data on WiFi networks and cell towers, with over 1.3 billion networks collected.
A blog sharing packet capture files and malware samples for training and analysis, with archived posts and traffic analysis exercises.
Tor Browser is a free and open-source software that allows users to browse the internet anonymously and privately.
Suricata offers real-time intrusion detection, intrusion prevention, and network monitoring.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.