T-Pot - The All In One Multi Honeypot Platform Logo

T-Pot - The All In One Multi Honeypot Platform

0
Free
Visit Website

T-Pot is the all in one, optionally distributed, multiarch (amd64, arm64) honeypot plattform, supporting 20+ honeypots and countless visualization options using the Elastic Stack, animated live attack maps and lots of security tools to further improve the deception experience. TL;DR Meet the system requirements. The T-Pot installation needs at least 8-16 GB RAM, 128 GB free disk space as well as a working (outgoing non-filtered) internet connection. Download or use a running, supported distribution. Install the ISO with as minimal packages / services as possible (ssh required) Install curl: $ sudo [apt, dnf, zypper] install curl if not installed already Run installer as non-root from $HOME: env bash -c "$(curl -sL https://github.com/telekom-security/tpotce/raw/master/install.sh)" Follow instructions, read messages, check for possible port conflicts and reboot Table of Contents T-Pot - The All In One Multi Honeypot Platform TL;DR Table of Contents Disclaimer Technical Concept Technical Architecture Services User Types System Requirements Running in a VM Running on Hardware Running in a Cloud Required Ports System Placement Installation

FEATURES

ALTERNATIVES

A honeypot installation for Drupal that supports Go modules and mimics different versions of Drupal.

A hybrid honeypot framework that combines low and high interaction honeypots for network security

A subset of the Modern Honey Network project set up to run in docker, including hpfeeds broker, cowrie honeypot, and dionaea honeypot.

bap is a webservice honeypot that logs HTTP basic authentication credentials.

A honeypot system that detects and identifies attack commands, recon attempts, and download commands, mimicking a vulnerable Elasticsearch instance.

Helix is a versatile honeypot designed to mimic the behavior of various protocols including Kubernetes API server, HTTP, TCP, and UDP.

Galah is an LLM-powered web honeypot that mimics various web applications by dynamically responding to HTTP requests.

A project providing honeypots for embedded device vulnerabilities with support for AWS integration and JSON output.