vnclowpot Logo

vnclowpot

0
Free
Visit Website

Low-interaction VNC honeypot that listens on a port and logs responses to a static VNC Auth challenge. It was inspired by VNC-Pot, but does not have any dependencies outside the go standard library. Setup and Install: go get github.com/magisterquis/vnclowpot go install github.com/magisterquis/vnclowpot vnclowpot Options: There are only two options: The listen address can be changed with -l. John The Ripper-compatible lines can be generated with -j (and will need to be extracted from the log messages with something like cut -f 4 -d ' '). Pull requests are welcome. Cracker: In the cracker directory, there is a simple program to try to crack the handshakes logged in John The Ripper format. See its README for more details. Tester: In the tester directory, there is a simple program to generate VNC authentication attempts, for use in testing vnclowpot, as well as being production-grade for pentesting. See its README for more details. Windows: Should probably work.

FEATURES

ALTERNATIVES

SSH Honeypot written in Go that records commands and IP addresses of attempted logins.

A low-interaction honeypot to detect and analyze attempts to exploit the CVE-2017-10271 vulnerability in Oracle WebLogic Server

A low-interaction SSH authentication logging honeypot that logs all authentication attempts in JSON format.

A low interaction honeypot to detect CVE-2018-2636 in Oracle Hospitality Applications.

A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.

Apache 2 based honeypot for detecting and blocking Struts CVE 2017-5638 exploit with added support for content disposition filename parsing vulnerability.

A powerful tool for finding and exploiting subdomain takeover vulnerabilities

Beelzebub is an advanced honeypot framework for detecting and analyzing cyber attacks, with integration options for OpenAI GPT-3 and deployment on Kubernetes using Helm.

PINNED