DDoSPot
Honeypot platform for tracking and monitoring UDP-based DDoS attacks with support for various honeypot services.
SSHoney is an SSH honeypot designed to log SSH connection attempts on a given port. It listens on a non-privileged port (default 2222), pretends to be an SSH server, and logs connection details like IP, username, password, and SSH client version to stdout, syslog, or a specified log file. Basic setup involves installing the source and binary, ensuring the binary path is in the system path, and generating a host key.
Honeypot platform for tracking and monitoring UDP-based DDoS attacks with support for various honeypot services.
A tool for embedding XXE/XML exploits into different filetypes
A configurable DNS honeypot with SQLite logging and Docker support.
A honeypot system that detects and identifies attack commands, recon attempts, and download commands, mimicking a vulnerable Elasticsearch instance.
SMTP Honeypot with custom modules for different modes of operation.
LaBrea is a 'sticky' honeypot and IDS tool that traps malicious actors by creating virtual servers on unused IP addresses.