Adding Honeypot / Honeynet Resources

Adding Honeypot / Honeynet Resources
This commit is contained in:
Omar Santos 2021-06-17 13:42:53 -04:00 committed by GitHub
parent 178316d6c2
commit 4ff1ebb04c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -6,23 +6,23 @@ The following are several references and resources related to HoneyPots/HoneyNet
## HoneyPots and Tools ## HoneyPots and Tools
- [T-Pot](https://github.com/telekom-security/tpotce) - [T-Pot](https://github.com/telekom-security/tpotce): an awesome collection of honeypots and additional tools.
- [adbhoney](https://github.com/huuck/ADBHoney) - [adbhoney](https://github.com/huuck/ADBHoney): Low interaction honeypot designed for Android Debug Bridge over TCP/IP
- [ciscoasa](https://github.com/Cymmetria/ciscoasa_honeypot) - [ciscoasa](https://github.com/Cymmetria/ciscoasa_honeypot): A low interaction honeypot for the Cisco ASA component capable of detecting CVE-2018-0101, a DoS and remote code execution vulnerability.
- [citrixhoneypot](https://github.com/MalwareTech/CitrixHoneypot) - [citrixhoneypot](https://github.com/MalwareTech/CitrixHoneypot): Detect and log CVE-2019-19781 scan and exploitation attempts.
- [conpot](http://conpot.org/) - [conpot](https://conpot.org/): Conpot is a low interactive server side Industrial Control Systems honeypot designed to be easy to deploy, modify and extend. By providing a range of common industrial control protocols we created the basics to build your own system, capable to emulate complex infrastructures to convince an adversary that he just found a huge industrial complex.
- [cowrie](https://github.com/cowrie/cowrie) - [cowrie](https://github.com/cowrie/cowrie): Cowrie is a medium to high interaction SSH and Telnet honeypot designed to log brute force attacks and the shell interaction performed by the attacker. In medium interaction mode (shell) it emulates a UNIX system in Python, in high interaction mode (proxy) it functions as an SSH and telnet proxy to observe attacker behavior to another system.
- [dicompot](https://github.com/nsmfoo/dicompot) - [dicompot](https://github.com/nsmfoo/dicompot): A Digital Imaging and Communications in Medicine (DICOM) Honeypot.
- [dionaea](https://github.com/DinoTools/dionaea) - [dionaea](https://github.com/DinoTools/dionaea): Dionaea is meant to be a nepenthes successor, embedding python as scripting language, using libemu to detect shellcodes, supporting ipv6 and tls.
- [elasticpot](https://gitlab.com/bontchev/elasticpot) - [elasticpot](https://gitlab.com/bontchev/elasticpot): An Elasticsearch Honeypot
- [glutton](https://github.com/mushorg/glutton) - [glutton](https://github.com/mushorg/glutton): Glutton provide SSH and a TCP proxy. SSH proxy works as a MITM between attacker and server to log everything in plain text.
- [heralding](https://github.com/johnnykv/heralding) - [heralding](https://github.com/johnnykv/heralding): Sometimes you just want a simple honeypot that collects credentials, nothing more. Heralding is that honeypot! Currently the following protocols are supported: ftp, telnet, ssh, http, https, pop3, pop3s, imap, imaps, smtp, vnc, postgresql and socks5.
- [honeypy](https://github.com/foospidy/HoneyPy) - [honeypy](https://github.com/foospidy/HoneyPy): A low interaction honeypot with the capability to be more of a medium interaction honeypot.
- [honeysap](https://github.com/SecureAuthCorp/HoneySAP) - [honeysap](https://github.com/SecureAuthCorp/HoneySAP): HoneySAP is a low-interaction research-focused honeypot specific for SAP services. It's aimed at learn the techniques and motivations behind attacks against SAP systems.
- [honeytrap](https://github.com/armedpot/honeytrap/) - [honeytrap](https://github.com/armedpot/honeytrap/): Honeytrap is a network security tool written to observe attacks against TCP or UDP services. It runs as a daemon and starts server processes dynamically on requested ports. A server emulates a well-known service by simply sending captured network traffic to a connected host.
- [ipphoney](https://gitlab.com/bontchev/ipphoney) - [ipphoney](https://gitlab.com/bontchev/ipphoney):A honeypot for the Internet Printing Protocol.
- [mailoney](https://github.com/awhitehatter/mailoney) - [mailoney](https://github.com/awhitehatter/mailoney): Mailoney is a SMTP Honeypot I wrote just to have fun learning Python.
- [medpot](https://github.com/schmalle/medpot) - [medpot](https://github.com/schmalle/medpot): Health Level Seven International (HL7) / Fast Healthcare Interoperability Resources (FHIR) Honeypot.
- [rdpy](https://github.com/citronneur/rdpy) - [rdpy](https://github.com/citronneur/rdpy): Remote Desktop Protocol Honeypot written in Python.
- [snare](http://mushmush.org/) - [snare](http://mushmush.org/): SNARE, a web application honeypot sensor, is the successor of Glastopf. SNARE has feature parity with Glastopf and allows to convert existing web pages into attack surfaces.
- [tanner](http://mushmush.org/) - [tanner](http://mushmush.org/): TANNER is SNARES "brain". Every event is send from SNARE to TANNER, gets evaluated and TANNER decides how SNARE should respond to the client. This allows us to change the behaviour of many sensors on the fly. We are providing a TANNER instance for your use, but there is nothing stopping you from setting up your own instance.