STRLCPY/awesome-honeypots

📝 - Some missing honeypots added (#90).
lemorse committed 2 years ago

a5558bd5

1 parent 661f0b4b

Total 1 files

■ ■ ■ ■ ■ ■

README.md

		skipped 27 lines
28	28
29	29		- [Delilah](https://github.com/SecurityTW/delilah) - Elasticsearch Honeypot written in Python (originally from Novetta).
30	30		- [ESPot](https://github.com/mycert/ESPot) - Elasticsearch honeypot written in NodeJS, to capture every attempts to exploit CVE-2014-3120.
	31	+	- [ElasticPot](https://gitlab.com/bontchev/elasticpot) - An Elasticsearch Honeypot.
31	32		- [Elastic honey](https://github.com/jordan-wright/elastichoney) - Simple Elasticsearch Honeypot.
32	33		- [MongoDB-HoneyProxy](https://github.com/Plazmaz/MongoDB-HoneyProxy) - MongoDB honeypot proxy.
33	34		- [NoSQLpot](https://github.com/torque59/nosqlpot) - Honeypot framework built on a NoSQL-style database.
		skipped 1 lines
35	36		- [MysqlPot](https://github.com/schmalle/MysqlPot) - MySQL honeypot, still very early stage.
36	37		- [pghoney](https://github.com/betheroot/pghoney) - Low-interaction Postgres Honeypot.
37	38		- [sticky_elephant](https://github.com/betheroot/sticky_elephant) - Medium interaction postgresql honeypot.
	39	+	- [RedisHoneyPot](https://github.com/cypwnpwnsocute/RedisHoneyPot) - High Interaction Honeypot Solution for Redis protocol.
38	40
39	41		- Web honeypots
40	42
		skipped 47 lines
88	90		- [Tom's Honeypot](https://github.com/inguardians/toms_honeypot) - Low interaction Python honeypot.
89	91		- [WebLogic honeypot](https://github.com/Cymmetria/weblogic_honeypot) - Low interaction honeypot to detect CVE-2017-10271 in the Oracle WebLogic Server component of Oracle Fusion Middleware.
90	92		- [WhiteFace Honeypot](https://github.com/csirtgadgets/csirtg-honeypot) - Twisted based honeypot for WhiteFace.
	93	+	- [ddospot](https://github.com/aelth/ddospot) - NTP, DNS, SSDP, Chargen and generic UDP-based amplification DDoS honeypot.
	94	+	- [dionaea](https://github.com/DinoTools/dionaea) - Home of the dionaea honeypot.
91	95		- [dhp](https://github.com/ciscocsirt/dhp) - Simple Docker Honeypot server emulating small snippets of the Docker HTTP API.
92	96		- [honeycomb_plugins](https://github.com/Cymmetria/honeycomb_plugins) - Plugin repository for Honeycomb, the honeypot framework by Cymmetria.
93	97		- [honeyntp](https://github.com/fygrave/honeyntp) - NTP logger/honeypot.
94	98		- [honeypot-camera](https://github.com/alexbredo/honeypot-camera) - Observation camera honeypot.
95	99		- [honeypot-ftp](https://github.com/alexbredo/honeypot-ftp) - FTP Honeypot.
	100	+	- [honeypots](https://github.com/qeeqbox/honeypots) - 25 different honeypots in a single pypi package! (dns, ftp, httpproxy, http, https, imap, mysql, pop3, postgres, redis, smb, smtp, socks5, ssh, telnet, vnc, mssql, elastic, ldap, ntp, memcache, snmp, oracle, sip and irc).
96	101		- [honeytrap](https://github.com/honeytrap/honeytrap) - Advanced Honeypot framework written in Go that can be connected with other honeypot software.
97	102		- [pyrdp](https://github.com/gosecure/pyrdp) - RDP man-in-the-middle and library for Python 3 with the ability to watch connections live or after the fact.
98	103		- [troje](https://github.com/dutchcoders/troje/) - Honeypot that runs each connection with the service within a separate LXC container.
		skipped 16 lines
115	120
116	121		- Other/random
117	122
	123	+	- [CitrixHoneypot](https://github.com/MalwareTech/CitrixHoneypot) - Detect and log CVE-2019-19781 scan and exploitation attempts.
118	124		- [Damn Simple Honeypot (DSHP)](https://github.com/naorlivne/dshp) - Honeypot framework with pluggable handlers.
	125	+	- [dicompot](https://github.com/nsmfoo/dicompot) - DICOM Honeypot.
	126	+	- [IPP Honey](https://gitlab.com/bontchev/ipphoney) - A honeypot for the Internet Printing Protocol.
	127	+	- [Log4Pot](https://github.com/thomaspatzke/Log4Pot) - A honeypot for the Log4Shell vulnerability (CVE-2021-44228).
119	128		- [Masscanned](https://github.com/ivre/masscanned) - Let's be scanned. A low-interaction honeypot focused on network scanners and bots. It integrates very well with IVRE to build a self-hosted alternative to GreyNoise.
	129	+	- [medpot](https://github.com/schmalle/medpot) - HL7 / FHIR honeypot.
120	130		- [NOVA](https://github.com/DataSoft/Nova) - Uses honeypots as detectors, looks like a complete system.
121	131		- [OpenFlow Honeypot (OFPot)](https://github.com/upa/ofpot) - Redirects traffic for unused IPs to a honeypot, built on POX.
122	132		- [OpenCanary](https://github.com/thinkst/opencanary) - Modular and decentralised honeypot daemon that runs several canary versions of services that alerts when a service is (ab)used.
		skipped 196 lines
319	329		- [Blacknet](https://github.com/morian/blacknet) - Multi-head SSH honeypot system.
320	330		- [Cowrie](https://github.com/cowrie/cowrie) - Cowrie SSH Honeypot (based on kippo).
321	331		- [DShield docker](https://github.com/xme/dshield-docker) - Docker container running cowrie with DShield output enabled.
	332	+	- [endlessh](https://github.com/skeeto/endlessh) - SSH tarpit that slowly sends an endless banner. ([docker image](https://hub.docker.com/r/linuxserver/endlessh))
322	333		- [HonSSH](https://github.com/tnich/honssh) - Logs all SSH communications between a client and server.
323	334		- [HUDINX](https://github.com/Cryptix720/HUDINX) - Tiny interaction SSH honeypot engineered in Python to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker.
324	335		- [Kippo](https://github.com/desaster/kippo) - Medium interaction SSH honeypot.
		skipped 97 lines
422	433
423	434		- [Artemnesia VoIP](http://artemisa.sourceforge.net)
424	435
	436	+	- SIP
	437	+
	438	+	- [SentryPeer](https://github.com/SentryPeer/SentryPeer) - Protect your SIP Servers from bad actors.
	439	+
425	440		- IOT Honeypot
426	441
427	442		- [HoneyThing](https://github.com/omererdem/honeything) - TR-069 Honeypot.
		skipped 41 lines
469	484		- [libemu](https://github.com/buffer/libemu) - Shellcode emulation library, useful for shellcode detection.
470	485
471	486		- Sandbox-as-a-Service
	487	+
472	488		- [Hybrid Analysis](https://www.hybrid-analysis.com) - Free malware analysis service powered by Payload Security that detects and analyzes unknown threats using a unique Hybrid Analysis technology.
473	489		- [Joebox Cloud](https://jbxcloud.joesecurity.org/login) - Analyzes the behavior of malicious files including PEs, PDFs, DOCs, PPTs, XLSs, APKs, URLs and MachOs on Windows, Android and Mac OS X for suspicious activities.
474	490		- [VirusTotal](https://www.virustotal.com/) - Analyze suspicious files and URLs to detect types of malware, and automatically share them with the security community.
		skipped 12 lines
487	503		- [honeypotDisplay](https://github.com/Joss-Steward/honeypotDisplay) - Flask website which displays data gathered from an SSH Honeypot.
488	504
489	505		- Visualization
	506	+
490	507		- [Acapulco](https://github.com/hgascon/acapulco) - Automated Attack Community Graph Construction.
491	508		- [Afterglow Cloud](https://github.com/ayrus/afterglow-cloud)
492	509		- [Afterglow](http://afterglow.sourceforge.net/)
		skipped 20 lines
513	530		- [honeypotpi](https://github.com/free5ty1e/honeypotpi) - Script for turning a Raspberry Pi into a HoneyPot Pi.
514	531
515	532		- Research Papers
	533	+
516	534		- [Honeypot research papers](https://github.com/shbhmsingh72/Honeypot-Research-Papers) - PDFs of research papers on honeypots.
517	535		- [vEYE](https://link.springer.com/article/10.1007%2Fs10115-008-0137-3) - Behavioral footprinting for self-propagating worm detection and profiling.
518	536

📝 - Some missing honeypots added (#90).