SSHHiPot

Free

Honeypots

Visit WebsiteVisit Website

High-interaction SSH honeypot (ok, it's really a logging ssh proxy). Still more or less a work-in-progress. Feel free to go install this repository if you'd like to try it. Run it with -h to see more options. In particular, logging is kinda rough. One of these days there'll be better documentation, really. The general idea is that sshlowpot runs somewhere between the attacker and the real SSH server such that the attacker logs into the honeypot, and the honeypot logs into the server. Contact: At this stage in its development, it's probably easier to find me on Freenode than anything, though reading the source is another option. It's not that painful. I can usually be found as magisterquis in #devious on freenode. Installation: go install github.com/magisterquis/sshhipot If you don't have go available, feel free to ask me (or someone who does) for compiled binaries. They can be made for a bunch of different platforms. Config: Most of the options should be useable as-is. The ones I expect will need to be configured: Option Use -ck SSH identity file (i.e. id_rsa) to use to authenticate to the

FEATURES

The author has not provided features for this tool yet. If you are the author, please sign in or claim the tool to add features by clicking the icon above.

ALTERNATIVES

Bluepot

Bluetooth Honeypot with monitoring capabilities

Free

Honeypots

Project Artillery

A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.

Free

Honeypots

DDoSPot

Honeypot platform for tracking and monitoring UDP-based DDoS attacks with support for various honeypot services.

Free

Honeypots

HoneyFS

An LLM-based honeypot file system creator that generates realistic file systems and configurations to lure attackers and improve analyst engagement.

Free

Honeypots

Nodepot

A nodejs web application honeypot designed for small environments.

Free

Honeypots

Liffy

A local file inclusion exploitation tool

Free

Honeypots

Honeybrid

A hybrid honeypot framework that combines low and high interaction honeypots for network security

Free

Honeypots

pghoney

A simple Postgres honey pot inspired by Elastichoney.

Free

Honeypots

PINNED

ImmuniWeb® Discovery

ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.

Attack Surface Management

InfoSecHired

An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.

Resources

Mandos Brief Newsletter

A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.

Resources

Checkmarx SCA

A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Application Security

Check Point CloudGuard WAF

A cloud-native web application and API security solution that uses contextual AI to protect against known and zero-day threats without signature-based detection.

Application Security

Orca Security

A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

Cloud Security

DryRun

A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.

Application Security

Wiz

Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.

Cloud Security