vnclowpot
Low-interaction VNC honeypot that listens on a port and logs responses to a static VNC Auth challenge. It was inspired by VNC-Pot, but does not have any dependencies outside the go standard library. Setup and Install: go get github.com/magisterquis/vnclowpot go install github.com/magisterquis/vnclowpot vnclowpot Options: There are only two options: The listen address can be changed with -l. John The Ripper-compatible lines can be generated with -j (and will need to be extracted from the log messages with something like cut -f 4 -d ' '). Pull requests are welcome. Cracker: In the cracker directory, there is a simple program to try to crack the handshakes logged in John The Ripper format. See its README for more details. Tester: In the tester directory, there is a simple program to generate VNC authentication attempts, for use in testing vnclowpot, as well as being production-grade for pentesting. See its README for more details. Windows: Should probably work.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A low-interaction SSH authentication logging honeypot that logs all authentication attempts in JSON format.
A low-interaction honeypot to detect and analyze attempts to exploit the CVE-2017-10271 vulnerability in Oracle WebLogic Server
A WordPress plugin that logs failed login attempts to help monitor unauthorized access attempts on WordPress websites.
A honeypot tool to detect and log CVE-2019-19781 scan and exploitation attempts.
A low interaction honeypot to detect CVE-2018-2636 in Oracle Hospitality Applications.
A plugin repository that extends the Honeycomb honeypot framework with additional features and capabilities for enhanced threat detection and analysis.
A low interaction client honeypot that detects malicious websites using signature, anomaly and pattern matching techniques with automated URL collection and JavaScript analysis capabilities.
PINNED
Proton Pass is a cross-platform password manager that provides encrypted storage, password generation, and security monitoring features with integrated 2FA and dark web monitoring capabilities.
NordVPN is a commercial VPN service that encrypts internet connections and hides IP addresses through a global network of servers, featuring integrated threat protection and multi-device support.
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.