Automated script to install and deploy a honeypot with kippo, dionaea, and p0f on Ubuntu 12.04.
The sshd-honeypot is a modified version of the OpenSSH deamon that forwards commands to Cowrie where all commands are interpreted and returned. The sshd-honeypot is designed to let Cowrie log brute force attacks and the shell interaction performed by the attacker. As the sshd-honeypot uses OpenSSH, it can not be fingerprinted based on protocol deviations or differences in error messages. [1] Bitter Harvest: Systematically Fingerprinting Low- and Medium-interaction Honeypots at Internet Scale, Proceedings of the 12th USENIX Workshop on Offensive Technologies (WOOT ’18) [PDF] Installing the sshd-honeypot Step 1: Install cowrie-sshd Step 2: Install dependencies Step 3: Checkout the code Step 4: Run the installer Step 5: Start the honeypot Step 1: Install cowrie-sshd First we need to install cowrie-sshd. Cowrie-sshd is a modified version of Cowrie which functions as backend for the sshd-honeypot to interpret commands and log interactions performed by the attacker. Step 2: Install dependencies On Debian based
Automated script to install and deploy a honeypot with kippo, dionaea, and p0f on Ubuntu 12.04.
WordPress honeypot tool running in a Docker container for monitoring access attempts.
A highly interactive honeypot for observing access from attackers by building easily targeted and compromised web applications, forwarding logs to Google BigQuery for accumulation and visualization.
A configurable DNS honeypot with SQLite logging and Docker support.
A nodejs web application honeypot designed for small environments.
A honeypot for remote file inclusion (RFI) and local file inclusion (LFI) using fake URLs to catch scanning bots and malwares.