rhetenor/awesome-awesomeness
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update render script and Makefile

Browse Source
This commit is contained in:
Jonas Zeunert
2024-04-22 21:54:39 +02:00
parent 2d63fe63cd
commit 4d0cd768f7
10975 changed files with 47095 additions and 4031084 deletions
Download Patch File Download Diff File Expand all files Collapse all files

89
terminal/honeypots
View File

@@ -1,4 +1,4 @@
 Awesome Honeypots !Awesome Honeypots (https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg) (https://github.com/sindresorhus/awesome)
 Awesome Honeypots !Awesome Honeypots (https://cdn.rawgit.com/sindresorhus/awesome/d7305f38d29fed78fa85652e3a63e154dd8e8829/media/badge.svg) (https://github.com/sindresorhus/awesome)
A curated list of awesome honeypots, plus related components and much more, divided into categories such as Web, services, and others, with a focus on free and open source projects.
@@ -6,7 +6,7 @@
Discover more awesome lists at sindresorhus/awesome (https://github.com/sindresorhus/awesome).
 Contents
 Contents
- Awesome Honeypots !Awesome Honeypots (https://github.com/sindresorhus/awesome) (#awesome-honeypots-)
- Contents (#contents)
@@ -68,7 +68,8 @@
- **Snare** (https://github.com/mushorg/snare) - Super Next generation Advanced Reactive honeypot.
- **Tanner** (https://github.com/mushorg/tanner) - Evaluating SNARE events. 
 - stack-honeypot (https://github.com/CHH/stack-honeypot) - Inserts a trap for spam bots into responses.
 - tomcat-manager-honeypot (https://github.com/helospark/tomcat-manager-honeypot) - Honeypot that mimics Tomcat manager endpoints. Logs requests and saves attacker's WAR file for later study.
 - tomcat-manager-honeypot (https://github.com/helospark/tomcat-manager-honeypot) - Honeypot that mimics Tomcat manager endpoints. Logs requests and saves attacker's WAR file for later 
study.
 - WordPress honeypots
- **HonnyPotter** (https://github.com/MartinIngesen/HonnyPotter) - WordPress login honeypot for collection and analysis of failed login attempts.
- **HoneyPress** (https://github.com/kungfuguapo/HoneyPress) - Python based WordPress honeypot in a Docker container. 
@@ -86,20 +87,21 @@
 - Ensnare (https://github.com/ahoernecke/ensnare) - Easy to deploy Ruby honeypot.
 - Helix (https://github.com/Zeerg/helix-honeypot) - K8s API Honeypot with Active Defense Capabilities.
 - honeycomb_plugins (https://github.com/Cymmetria/honeycomb_plugins) - Plugin repository for Honeycomb, the honeypot framework by Cymmetria.
 - honeydb (https://honeydb.io/downloads) - Multi-service honeypot that is easy to deploy and configure. Can be configured to send interaction data to to HoneyDB's centralized collectors for access via REST 
API.
 - honeydb (https://honeydb.io/downloads) - Multi-service honeypot that is easy to deploy and configure. Can be configured to send interaction data to to HoneyDB's centralized collectors 
for access via REST API.
 - honeyntp (https://github.com/fygrave/honeyntp) - NTP logger/honeypot.
 - honeypot-camera (https://github.com/alexbredo/honeypot-camera) - Observation camera honeypot.
 - honeypot-ftp (https://github.com/alexbredo/honeypot-ftp) - FTP Honeypot.
 - honeypots (https://github.com/qeeqbox/honeypots) - 25 different honeypots in a single pypi package! (dns, ftp, httpproxy, http, https, imap, mysql, pop3, postgres, redis, smb, smtp, socks5, ssh, telnet, vnc,
mssql, elastic, ldap, ntp, memcache, snmp, oracle, sip and irc).
 - honeypots (https://github.com/qeeqbox/honeypots) - 25 different honeypots in a single pypi package! (dns, ftp, httpproxy, http, https, imap, mysql, pop3, postgres, redis, smb, smtp, 
socks5, ssh, telnet, vnc, mssql, elastic, ldap, ntp, memcache, snmp, oracle, sip and irc).
 - honeytrap (https://github.com/honeytrap/honeytrap) - Advanced Honeypot framework written in Go that can be connected with other honeypot software.
 - HoneyPy (https://github.com/foospidy/HoneyPy) - Low interaction honeypot.
 - Honeygrove (https://github.com/UHH-ISS/honeygrove) - Multi-purpose modular honeypot based on Twisted.
 - Honeyport (https://github.com/securitygeneration/Honeyport) - Simple honeyport written in Bash and Python.
 - Honeyprint (https://github.com/glaslos/honeyprint) - Printer honeypot.
 - Lyrebird (https://hub.docker.com/r/lyrebird/honeypot-base/) - Modern high-interaction honeypot framework.
 - MICROS honeypot (https://github.com/Cymmetria/micros_honeypot) - Low interaction honeypot to detect CVE-2018-2636 in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (MICROS).
 - MICROS honeypot (https://github.com/Cymmetria/micros_honeypot) - Low interaction honeypot to detect CVE-2018-2636 in the Oracle Hospitality Simphony component of Oracle Hospitality 
Applications (MICROS).
 - node-ftp-honeypot (https://github.com/christophe77/node-ftp-honeypot) - FTP server honeypot in JS.
 - pyrdp (https://github.com/gosecure/pyrdp) - RDP man-in-the-middle and library for Python 3 with the ability to watch connections live or after the fact.
 - rdppot (https://github.com/kryptoslogic/rdppot) - RDP honeypot
@@ -126,8 +128,8 @@
 - GasPot (https://github.com/sjhilt/GasPot) - Veeder Root Gaurdian AST, common in the oil and gas industry.
 - SCADA honeynet (http://scadahoneynet.sourceforge.net) - Building Honeypots for Industrial Networks.
 - gridpot (https://github.com/sk4ld/gridpot) - Open source tools for realistic-behaving electric grid honeynets.
 - scada-honeynet (http://www.digitalbond.com/blog/2007/07/24/scada-honeynet-article-in-infragard-publication/) - Mimics many of the services from a popular PLC and better helps SCADA researchers understand 
potential risks of exposed control system devices.
 - scada-honeynet (http://www.digitalbond.com/blog/2007/07/24/scada-honeynet-article-in-infragard-publication/) - Mimics many of the services from a popular PLC and better helps SCADA 
researchers understand potential risks of exposed control system devices.
- Other/random
@@ -136,13 +138,14 @@
 - dicompot (https://github.com/nsmfoo/dicompot) - DICOM Honeypot.
 - IPP Honey (https://gitlab.com/bontchev/ipphoney) - A honeypot for the Internet Printing Protocol.
 - Log4Pot (https://github.com/thomaspatzke/Log4Pot) - A honeypot for the Log4Shell vulnerability (CVE-2021-44228).
 - Masscanned (https://github.com/ivre/masscanned) - Let's be scanned. A low-interaction honeypot focused on network scanners and bots. It integrates very well with IVRE to build a self-hosted alternative to 
GreyNoise.
 - Masscanned (https://github.com/ivre/masscanned) - Let's be scanned. A low-interaction honeypot focused on network scanners and bots. It integrates very well with IVRE to build a 
self-hosted alternative to GreyNoise.
 - medpot (https://github.com/schmalle/medpot) - HL7 / FHIR honeypot.
 - NOVA (https://github.com/DataSoft/Nova) - Uses honeypots as detectors, looks like a complete system.
 - OpenFlow Honeypot (OFPot) (https://github.com/upa/ofpot) - Redirects traffic for unused IPs to a honeypot, built on POX.
 - OpenCanary (https://github.com/thinkst/opencanary) - Modular and decentralised honeypot daemon that runs several canary versions of services that alerts when a service is (ab)used.
 - ciscoasa_honeypot (https://github.com/cymmetria/ciscoasa_honeypot) A low interaction honeypot for the Cisco ASA component capable of detecting CVE-2018-0101, a DoS and remote code execution vulnerability.
 - ciscoasa_honeypot (https://github.com/cymmetria/ciscoasa_honeypot) A low interaction honeypot for the Cisco ASA component capable of detecting CVE-2018-0101, a DoS and remote code 
execution vulnerability.
 - miniprint (https://github.com/sa7mon/miniprint) - A medium interaction printer honeypot.
- Botnet C2 tools
@@ -168,10 +171,10 @@
- Distributed sensor deployment
 - Community Honey Network (https://communityhoneynetwork.readthedocs.io/en/stable/) - CHN aims to make deployments honeypots and honeypot management tools easy and flexible. The default deployment method uses 
Docker Compose and Docker to deploy with a few simple commands.
 - Modern Honey Network (https://github.com/threatstream/mhn) - Multi-snort and honeypot sensor management, uses a network of VMs, small footprint SNORT installations, stealthy dionaeas, and a centralized 
server for management.
 - Community Honey Network (https://communityhoneynetwork.readthedocs.io/en/stable/) - CHN aims to make deployments honeypots and honeypot management tools easy and flexible. The default 
deployment method uses Docker Compose and Docker to deploy with a few simple commands.
 - Modern Honey Network (https://github.com/threatstream/mhn) - Multi-snort and honeypot sensor management, uses a network of VMs, small footprint SNORT installations, stealthy dionaeas, and
a centralized server for management.
- Network Analysis Tool
@@ -188,7 +191,8 @@
- honeynet farm traffic redirector
 - Honeymole (https://web.archive.org/web/20100326040550/http://www.honeynet.org.pt:80/index.php/HoneyMole) - Deploy multiple sensors that redirect traffic to a centralized collection of honeypots.
 - Honeymole (https://web.archive.org/web/20100326040550/http://www.honeynet.org.pt:80/index.php/HoneyMole) - Deploy multiple sensors that redirect traffic to a centralized collection of 
honeypots.
- HTTPS Proxy
@@ -196,7 +200,8 @@
- System instrumentation
 - Sysdig (https://sysdig.com/opensource/) - Open source, system-level exploration allows one to capture system state and activity from a running GNU/Linux instance, then save, filter, and analyze the results.
 - Sysdig (https://sysdig.com/opensource/) - Open source, system-level exploration allows one to capture system state and activity from a running GNU/Linux instance, then save, filter, and 
analyze the results.
 - Fibratus (https://github.com/rabbitstack/fibratus) - Tool for exploration and tracing of the Windows kernel.
- Honeypot for USB-spreading malware
@@ -206,12 +211,13 @@
- Data Collection
 - Kippo2MySQL (https://bruteforcelab.com/kippo2mysql) - Extracts some very basic stats from Kippos text-based log files and inserts them in a MySQL database.
 - Kippo2ElasticSearch (https://bruteforcelab.com/kippo2elasticsearch) - Python script to transfer data from a Kippo SSH honeypot MySQL database to an ElasticSearch instance (server or cluster).
 - Kippo2ElasticSearch (https://bruteforcelab.com/kippo2elasticsearch) - Python script to transfer data from a Kippo SSH honeypot MySQL database to an ElasticSearch instance (server or 
cluster).
- Passive network audit framework parser
 - Passive Network Audit Framework (pnaf) (https://github.com/jusafing/pnaf) - Framework that combines multiple passive and automated analysis techniques in order to provide a security assessment of network 
platforms.
 - Passive Network Audit Framework (pnaf) (https://github.com/jusafing/pnaf) - Framework that combines multiple passive and automated analysis techniques in order to provide a security 
assessment of network platforms.
- VM monitoring and tools
@@ -252,7 +258,8 @@
 - Honeysink (http://www.honeynet.org/node/773) - Open source network sinkhole that provides a mechanism for detection and prevention of malicious traffic on a given network.
 - Hontel (https://github.com/stamparm/hontel) - Telnet Honeypot.
 - KFSensor (http://www.keyfocus.net/kfsensor/) - Windows based honeypot Intrusion Detection System (IDS).
 - LaBrea (http://labrea.sourceforge.net/labrea-info.html) - Takes over unused IP addresses, and creates virtual servers that are attractive to worms, hackers, and other denizens of the Internet.
 - LaBrea (http://labrea.sourceforge.net/labrea-info.html) - Takes over unused IP addresses, and creates virtual servers that are attractive to worms, hackers, and other denizens of the 
Internet.
 - MTPot (https://github.com/Cymmetria/MTPot) - Open Source Telnet Honeypot, focused on Mirai malware.
 - SIREN (https://github.com/blaverick62/SIREN) - Semi-Intelligent HoneyPot Network - HoneyNet Intelligent Virtual Environment.
 - TelnetHoney (https://github.com/balte/TelnetHoney) - Simple telnet honeypot.
@@ -267,8 +274,8 @@
 - honeytrap (https://github.com/tillmannw/honeytrap) - Low-interaction honeypot and network security tool written to catch attacks against TCP and UDP services.
 - imap-honey (https://github.com/yvesago/imap-honey) - IMAP honeypot written in Golang.
 - mwcollectd (https://www.openhub.net/p/mwcollectd) - Versatile malware collection daemon, uniting the best features of nepenthes and honeytrap.
 - potd (https://github.com/lnslbrty/potd) - Highly scalable low- to medium-interaction SSH/TCP honeypot designed for OpenWrt/IoT devices leveraging several Linux kernel features, such as namespaces, seccomp 
and thread capabilities.
 - potd (https://github.com/lnslbrty/potd) - Highly scalable low- to medium-interaction SSH/TCP honeypot designed for OpenWrt/IoT devices leveraging several Linux kernel features, such as 
namespaces, seccomp and thread capabilities.
 - portlurker (https://github.com/bartnv/portlurker) - Port listener in Rust with protocol guessing and safe string display.
 - slipm-honeypot (https://github.com/rshipp/slipm-honeypot) - Simple low-interaction port monitoring honeypot.
 - telnet-iot-honeypot (https://github.com/Phype/telnet-iot-honeypot) - Python telnet honeypot for catching botnet binaries.
@@ -326,8 +333,8 @@
 - Thug Distributed Task Queuing (https://thug-distributed.readthedocs.io/en/latest/index.html)
 - Trigona (https://www.honeynet.org/project/Trigona)
 - URLQuery (https://urlquery.net/)
 - YALIH (Yet Another Low Interaction Honeyclient) (https://github.com/Masood-M/yalih) - Low-interaction client honeypot designed to detect malicious websites through signature, anomaly, and pattern matching 
techniques.
 - YALIH (Yet Another Low Interaction Honeyclient) (https://github.com/Masood-M/yalih) - Low-interaction client honeypot designed to detect malicious websites through signature, anomaly, and
pattern matching techniques.
- Honeypot
@@ -349,7 +356,8 @@
 - DShield docker (https://github.com/xme/dshield-docker) - Docker container running cowrie with DShield output enabled.
 - endlessh (https://github.com/skeeto/endlessh) - SSH tarpit that slowly sends an endless banner. (docker image (https://hub.docker.com/r/linuxserver/endlessh))
 - HonSSH (https://github.com/tnich/honssh) - Logs all SSH communications between a client and server.
 - HUDINX (https://github.com/Cryptix720/HUDINX) - Tiny interaction SSH honeypot engineered in Python to log brute force attacks and, most importantly, the entire shell interaction performed by the attacker.
 - HUDINX (https://github.com/Cryptix720/HUDINX) - Tiny interaction SSH honeypot engineered in Python to log brute force attacks and, most importantly, the entire shell interaction performed
by the attacker.
 - Kippo (https://github.com/desaster/kippo) - Medium interaction SSH honeypot.
 - Kippo_JunOS (https://github.com/gregcmartin/Kippo_JunOS) - Kippo configured to be a backdoored netscreen.
 - Kojoney2 (https://github.com/madirish/kojoney2) - Low interaction SSH honeypot written in Python and based on Kojoney by Jose Antonio Coret.
@@ -416,7 +424,8 @@
 - Mailoney (https://github.com/awhitehatter/mailoney) - SMTP honeypot, Open Relay, Cred Harvester written in python.
 - SendMeSpamIDS.py (https://github.com/johestephan/VerySimpleHoneypot) - Simple SMTP fetch all IDS and analyzer.
 - Shiva (https://github.com/shiva-spampot/shiva) - Spam Honeypot with Intelligent Virtual Analyzer.
- **Shiva The Spam Honeypot Tips And Tricks For Getting It Up And Running** (https://www.pentestpartners.com/security-blog/shiva-the-spam-honeypot-tips-and-tricks-for-getting-it-up-and-running/)
- **Shiva The Spam Honeypot Tips And Tricks For Getting It Up And Running** (https://www.pentestpartners.com/security-blog/shiva-the-spam-honeypot-tips-and-tricks-for-getting-it-up-and-runnin 
g/) 
 - SMTPLLMPot (https://github.com/referefref/SMTPLLMPot) - A super simple SMTP Honeypot built using GPT3.5
 - SpamHAT (https://github.com/miguelraulb/spamhat) - Spam Honeypot Tool.
 - Spamhole (http://www.spamhole.net/)
@@ -462,9 +471,10 @@
 - Kako (https://github.com/darkarnium/kako) - Honeypots for a number of well known and deployed embedded device vulnerabilities.
- Honeytokens
 - CanaryTokens (https://github.com/thinkst/canarytokens) - Self-hostable honeytoken generator and reporting dashboard; demo version available at CanaryTokens.org (https://canarytokens.org/generate).
 - Honeybits (https://github.com/0x4D31/honeybits) - Simple tool designed to enhance the effectiveness of your traps by spreading breadcrumbs and honeytokens across your production servers and workstations to 
lure the attacker toward your honeypots.
 - CanaryTokens (https://github.com/thinkst/canarytokens) - Self-hostable honeytoken generator and reporting dashboard; demo version available at CanaryTokens.org 
(https://canarytokens.org/generate).
 - Honeybits (https://github.com/0x4D31/honeybits) - Simple tool designed to enhance the effectiveness of your traps by spreading breadcrumbs and honeytokens across your production servers 
and workstations to lure the attacker toward your honeypots.
 - Honeyλ (HoneyLambda) (https://github.com/0x4D31/honeylambda) - Simple, serverless application designed to create and monitor URL honeytokens, on top of AWS Lambda and Amazon API Gateway.
 - dcept (https://github.com/secureworks/dcept) - Tool for deploying and detecting use of Active Directory honeytokens.
 - honeyku (https://github.com/0x4D31/honeyku) - Heroku-based web honeypot that can be used to create and monitor fake HTTP endpoints (i.e. honeytokens).
@@ -505,9 +515,10 @@
- Sandbox-as-a-Service
 - Hybrid Analysis (https://www.hybrid-analysis.com) - Free malware analysis service powered by Payload Security that detects and analyzes unknown threats using a unique Hybrid Analysis technology.
 - Joebox Cloud (https://jbxcloud.joesecurity.org/login) - Analyzes the behavior of malicious files including PEs, PDFs, DOCs, PPTs, XLSs, APKs, URLs and MachOs on Windows, Android and Mac OS X for suspicious 
activities.
 - Hybrid Analysis (https://www.hybrid-analysis.com) - Free malware analysis service powered by Payload Security that detects and analyzes unknown threats using a unique Hybrid Analysis 
technology.
 - Joebox Cloud (https://jbxcloud.joesecurity.org/login) - Analyzes the behavior of malicious files including PEs, PDFs, DOCs, PPTs, XLSs, APKs, URLs and MachOs on Windows, Android and Mac 
OS X for suspicious activities.
 - VirusTotal (https://www.virustotal.com/) - Analyze suspicious files and URLs to detect types of malware, and automatically share them with the security community.
 - malwr.com (https://malwr.com/) - Free malware analysis service and community.
@@ -533,8 +544,8 @@
 - HoneyMap (https://github.com/fw42/honeymap) - Real-time websocket stream of GPS events on a fancy SVG world map.
 - HoneyStats (https://sourceforge.net/projects/honeystats/) - Statistical view of the recorded activity on a Honeynet.
 - HpfeedsHoneyGraph (https://github.com/yuchincheng/HpfeedsHoneyGraph) - Visualization app to visualize hpfeeds logs.
 - IVRE (https://github.com/ivre/ivre) - Network recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Criminalip / Shodan / ZoomEye / Censys and 
GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
 - IVRE (https://github.com/ivre/ivre) - Network recon framework, published by @cea-sec & @ANSSI-FR. Build your own, self-hosted and fully-controlled alternatives to Criminalip / Shodan / 
ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more!
 - Kippo stats (https://github.com/mfontani/kippo-stats) - Mojolicious app to display statistics for your kippo SSH honeypot.
 - Kippo-Graph (https://bruteforcelab.com/kippo-graph) - Full featured script to visualize statistics from a Kippo SSH honeypot.
 - The Intelligent HoneyNet (https://github.com/jpyorre/IntelligentHoneyNet) - Create actionable information from honeypots.
@@ -548,8 +559,8 @@
- Deployment
 - Dionaea and EC2 in 20 Minutes (http://andrewmichaelsmith.com/2012/03/dionaea-honeypot-on-ec2-in-20-minutes/) - Tutorial on setting up Dionaea on an EC2 instance.
 - Using a Raspberry Pi honeypot to contribute data to DShield/ISC (https://isc.sans.edu/diary/22680) - The Raspberry Pi based system will allow us to maintain one code base that will make it easier to collect 
rich logs beyond firewall logs.
 - Using a Raspberry Pi honeypot to contribute data to DShield/ISC (https://isc.sans.edu/diary/22680) - The Raspberry Pi based system will allow us to maintain one code base that will make 
it easier to collect rich logs beyond firewall logs.
 - honeypotpi (https://github.com/free5ty1e/honeypotpi) - Script for turning a Raspberry Pi into a HoneyPot Pi.
- Research Papers