Low-interaction VNC honeypot that listens on a port and logs responses to a static VNC Auth challenge. It was inspired by VNC-Pot, but does not have any dependencies outside the go standard library. Setup and Install: go get github.com/magisterquis/vnclowpot go install github.com/magisterquis/vnclowpot vnclowpot Options: There are only two options: The listen address can be changed with -l. John The Ripper-compatible lines can be generated with -j (and will need to be extracted from the log messages with something like cut -f 4 -d ' '). Pull requests are welcome. Cracker: In the cracker directory, there is a simple program to try to crack the handshakes logged in John The Ripper format. See its README for more details. Tester: In the tester directory, there is a simple program to generate VNC authentication attempts, for use in testing vnclowpot, as well as being production-grade for pentesting. See its README for more details. Windows: Should probably work.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A low interaction honeypot to detect CVE-2018-2636 in Oracle Hospitality Applications.
A low-interaction SSH authentication logging honeypot that logs all authentication attempts in JSON format.
An SDN honeypot tool for detecting and analyzing malicious activities in Software-Defined Networking environments.
A serverless application that creates and monitors fake HTTP endpoints as honeytokens to detect attackers, malicious insiders, and automated threats.
A low-interaction honeypot to detect and analyze attempts to exploit the CVE-2017-10271 vulnerability in Oracle WebLogic Server