TANNER is a remote data analysis and classification service designed to work with SNARE honeypots. The tool evaluates HTTP requests received by SNARE and composes appropriate responses to maintain the deception. The service emulates multiple application vulnerabilities to create realistic responses that can fool attackers. It analyzes incoming HTTP traffic and determines how to respond based on the type of attack being attempted. TANNER provides dorks (search queries) to enhance SNARE's ability to attract attackers by making the honeypot appear more vulnerable and interesting to potential threats. This helps increase the honeypot's effectiveness in capturing attack data. The tool requires Python 3.7 or higher and integrates with Redis for data storage, PHP Sandbox for safe code execution, and Docker for containerized deployment. It serves as the backend intelligence component that makes SNARE honeypots more sophisticated and realistic.
FEATURES
SIMILAR TOOLS
A subset of the Modern Honey Network project set up to run in docker, including hpfeeds broker, cowrie honeypot, and dionaea honeypot.
A full featured script to visualize statistics from a Shockpot honeypot, based on Kippo-Graph and utilizing various PHP libraries.
A low Interaction Client honeypot designed to detect malicious websites through signature, anomaly and pattern matching techniques.
A low-interaction SSH authentication logging honeypot that logs all authentication attempts in JSON format.
PINNED

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.