From 8d3a22bd1e05d53eaad698d10b8ec29901b76777 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Thu, 9 Nov 2023 13:21:30 +0530 Subject: [PATCH] Update dionaea-http-honeypot-detect.yaml --- .../dionaea-http-honeypot-detect.yaml | 64 +++++++++---------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/http/honeypot/dionaea-http-honeypot-detect.yaml b/http/honeypot/dionaea-http-honeypot-detect.yaml index 5412eedd54..c3a781a0a6 100644 --- a/http/honeypot/dionaea-http-honeypot-detect.yaml +++ b/http/honeypot/dionaea-http-honeypot-detect.yaml @@ -1,37 +1,37 @@ - id: dionaea-http-honeypot-detect +id: dionaea-http-honeypot-detect - info: - name: Dionaea HTTP Honeypot - Detect - author: UnaPibaGeek - severity: info - description: | - Dionaea HTTP honeypot has been identified. - The response to an incorrect HTTP method reveals a possible setup of the Dioanea web application honeypot. - metadata: - max-request: 1 - vendor: dionaea - product: http - tags: dionaea,honeypot,ir,cti +info: + name: Dionaea HTTP Honeypot - Detect + author: UnaPibaGeek + severity: info + description: | + Dionaea HTTP honeypot has been identified. + The response to an incorrect HTTP method reveals a possible setup of the Dioanea web application honeypot. + metadata: + max-request: 1 + vendor: dionaea + product: http + tags: dionaea,honeypot,ir,cti - http: - - raw: - - | - AAAA / HTTP/1.1 - Host: {{Hostname}} +http: + - raw: + - | + AAAA / HTTP/1.1 + Host: {{Hostname}} - unsafe: true - matchers-condition: and - matchers: - - type: status - status: - - 501 + unsafe: true + matchers-condition: and + matchers: + - type: status + status: + - 501 - - type: word - part: header - words: - - "nginx" + - type: word + part: header + words: + - "nginx" - - type: word - part: body - words: - - '' \ No newline at end of file + - type: word + part: body + words: + - ''