sshd-honeypot Logo

sshd-honeypot

0
Free
Visit Website

The sshd-honeypot is a modified version of the OpenSSH deamon that forwards commands to Cowrie where all commands are interpreted and returned. The sshd-honeypot is designed to let Cowrie log brute force attacks and the shell interaction performed by the attacker. As the sshd-honeypot uses OpenSSH, it can not be fingerprinted based on protocol deviations or differences in error messages. [1] Bitter Harvest: Systematically Fingerprinting Low- and Medium-interaction Honeypots at Internet Scale, Proceedings of the 12th USENIX Workshop on Offensive Technologies (WOOT ’18) [PDF] Installing the sshd-honeypot Step 1: Install cowrie-sshd Step 2: Install dependencies Step 3: Checkout the code Step 4: Run the installer Step 5: Start the honeypot Step 1: Install cowrie-sshd First we need to install cowrie-sshd. Cowrie-sshd is a modified version of Cowrie which functions as backend for the sshd-honeypot to interpret commands and log interactions performed by the attacker. Step 2: Install dependencies On Debian based

FEATURES

ALTERNATIVES

Honeypot tool with bug-catching capabilities and support for multiple protocols.

A tool to generate a PNG image containing a XSS payload

WordPress honeypot tool running in a Docker container for monitoring access attempts.

Blacknet is a low interaction SSH multi-head honeypot system with logging capabilities.

A honeypot agent for running honeypots with service and data at threatwar.com.

A honeypot system that allows you to set up a decoy API to detect and analyze potential security threats.

Medium interaction SSH honeypot for logging brute force attacks and shell interactions.

A basic Flask-based Outlook Web App (OWA) honeypot for cybersecurity experimentation.

PINNED