Почти все о "медовых" бочонках

Форум Сообщества Практиков Конкурентной разведки (СПКР)

Конкурентная разведка, Бизнес-разведка, Корпоративная разведка,
Деловая разведка по открытым источникам в бизнесе.
Работаем строго в рамках закона.

Дезинформация и активные мероприятия в бизнесе
Форум Сообщества Практиков Конкурентной разведки (СПКР) »   Защита информации в бизнесе »   Почти все о "медовых" бочонках

Почти все о "медовых" бочонках

<<Назад  Вперед>>Печать
Долгожитель форума

Откуда: г. Пенза
Всего сообщений: 802
Рейтинг пользователя: 14


Дата регистрации на форуме:
4 дек. 2012
Практически полная коллекция Honeypots.. с описаниями, примерами, открытыми проектами по теме -
Database Honeypots
Elastic honey - A Simple Elasticsearch Honeypot
mysql - A mysql honeypot, still very very early stage
A framework for nosql databases ( only redis for now) - The NoSQL Honeypot Framework
ESPot - ElasticSearch Honeypot
Web honeypots
Glastopf - Web Application Honeypot
phpmyadmin_honeypot - - A simple and effective phpMyAdmin honeypot
servlet - Web application Honeypot
Nodepot - A nodejs web application honeypot
basic-auth-pot bap - http Basic Authentication honeyPot
Shadow Daemon - A modular Web Application Firewall / High-Interaction Honeypot for PHP, Perl & Python apps
Servletpot - Web application Honeypot
Google Hack Honeypot - designed to provide reconnaissance against attackers that use search engines as a hacking tool against your resources.
smart-honeypot - PHP Script demonstrating a smart honey pot
HonnyPotter - A WordPress login honeypot for collection and analysis of failed login attempts.
wp-smart-honeypot - WordPress plugin to reduce comment spam with a smarter honeypot
wordpot - A WordPress Honeypot
Bukkit Honeypot Honeypot - A honeypot plugin for Bukkit
Laravel Application Honeypot - Honeypot - Simple spam prevention package for Laravel applications
stack-honeypot - Inserts a trap for spam bots into responses
EoHoneypotBundle - Honeypot type for Symfony2 forms
shockpot - WebApp Honeypot for detecting Shell Shock exploit attempts
Service Honeypots
Kippo - Medium interaction SSH honeypot
honeyntp - NTP logger/honeypot
honeypot-camera - observation camera honeypot
troje - a honeypot built around lxc containers. It will run each connection with the service within a seperate lxc container.
slipm-honeypot - A simple low-interaction port monitoring honeypot
HoneyPy - A low interaction honeypot
Ensnare - Easy to deploy Ruby honeypot
RDPy - A Microsoft Remote Desktop Protocol (RDP) honeypot in python
Anti-honeypot stuff
kippo_detect - This is not a honeypot, but it detects kippo. (This guy has lots of more interesting stuff)
ICS/SCADA honeypots
Conpot - ICS/SCADA honeypot
scada-honeynet - mimics many of the services from a popular PLC and better helps SCADA researchers understand potential risks of exposed control system devices
SCADA honeynet - Building Honeypots for Industrial Networks
Dionaea and EC2 in 20 Minutes - a tutorial on setting up Dionaea on an EC2 instance
honeypotpi - Script for turning a Raspberry Pi into a Honey Pot Pi
Data Analysis
Kippo-Graph - a full featured script to visualize statistics from a Kippo SSH honeypot
Kippo stats - Mojolicious app to display statistics for your kippo SSH honeypot
NOVA uses honeypots as detectors, looks like a complete system.
Open Canary - A low interaction honeypot intended to be run on internal networks.
libemu - Shellcode emulation library, useful for shellcode detection.
Open Relay Spam Honeypot
SpamHAT - Spam Honeypot Tool
Botnet C2 monitor
Hale - Botnet command & control monitor
IPv6 attack detection tool
ipv6-attack-detector - Google Summer of Code 2012 project, supported by The Honeynet Project organization
Research Paper
vEYE - behavioral footprinting for self-propagating worm detection and profiling
Honeynet statistics
HoneyStats - A statistical view of the recorded activity on a Honeynet
Dynamic code instrumentation toolkit
Frida - Inject JavaScript to explore native apps on Windows, Mac, Linux, iOS and Android
Front-end for dionaea
DionaeaFR - Front Web to Dionaea low-interaction honeypot
Tool to convert website to server honeypots
HIHAT - ransform arbitrary PHP applications into web-based high-interaction Honeypots
Malware collector
Kippo-Malware - Python script that will download all malicious files stored as URLs in a Kippo SSH honeypot database
Sebek in QEMU
Qebek - QEMU based Sebek. As Sebek, it is data capture tool for high interaction honeypot
Malware Simulator
imalse - Integrated MALware Simulator and Emulator
Distributed sensor deployment
Smarthoneypot - custom honeypot intelligence system that is simple to deploy and easy to manage
Modern Honey Network - Multi-snort and honeypot sensor management, uses a network of VMs, small footprint SNORT installations, stealthy dionaeas, and a centralized server for management
ADHD - Active Defense Harbinger Distribution (ADHD) is a Linux distro based on Ubuntu LTS. It comes with many tools aimed at active defense preinstalled and configured
Network Analysis Tool
Tracexploit - replay network packets
Log anonymizer
LogAnon - log anonymization library that helps having anonymous logs consistent between logs and network captures
Honeysink - open source network sinkhole that provides a mechanism for detection and prevention of malicious traffic on a given network
Botnet traffic detection
dnsMole - analyse dns traffic, and to potentionaly detect botnet C&C server and infected hosts
Low interaction honeypot (router back door)
Honeypot-32764 - Honeypot for router backdoor (TCP 32764)
honeynet farm traffic redirector
Honeymole - eploy multiple sensors that redirect traffic to a centralized collection of honeypots
mitmproxy - allows traffic flows to be intercepted, inspected, modified and replayed
SendMeSpamIDS.py Simple SMTP fetch all IDS and analyzer
System instrumentation
Sysdig - open source, system-level exploration: capture system state and activity from a running Linux instance, then save, filter and analyze
Honeypot for USB-spreading malware
Ghost-usb - honeypot for malware that propagates via USB storage devices
Data Collection
Kippo2MySQL - extracts some very basic stats from Kippo’s text-based log files (a mess to analyze!) and inserts them in a MySQL database
Kippo2ElasticSearch - Python script to transfer data from a Kippo SSH honeypot MySQL database to an ElasticSearch instance (server or cluster)
Passive network audit framework parser
pnaf - Passive Network Audit Framework
VM Introspection
VIX virtual machine introspection toolkit - VMI toolkit for Xen, called Virtual Introspection for Xen (VIX)
vmscope - Monitoring of VM-based High-Interaction Honeypots
vmitools - C library with Python bindings that makes it easy to monitor the low-level details of a running virtual machine
Binary debugger
Hexgolems - Schem Debugger Frontend - A debugger frontend
Hexgolems - Pint Debugger Backend - A debugger backend and LUA wrapper for PIN
Mobile Analysis Tool
APKinspector - APKinspector is a powerful GUI tool for analysts to analyze the Android applications
Androguard - Reverse engineering, Malware and goodware analysis of Android applications ... and more
Low interaction honeypot
Honeypoint - platform of distributed honeypot technologies
Honeyperl - Honeypot software based in Perl with plugins developed for many functions like : wingates, telnet, squid, smtp, etc
Honeynet data fusion
HFlow2 - data coalesing tool for honeynet/network analysis
LaBrea - takes over unused IP addresses, and creates virtual servers that are attractive to worms, hackers, and other denizens of the Internet.
Kippo - SSH honeypot
KFSensor - Windows based honeypot Intrusion Detection System (IDS)
Honeyd Also see more honeyd tools
Glastopf - Honeypot which emulates thousands of vulnerabilities to gather data from attacks targeting web applications
DNS Honeypot - Simple UDP honeypot scripts
Conpot - ow interactive server side Industrial Control Systems honeypot
Bifrozt - High interaction honeypot solution for Linux based systems
Beeswarm - Honeypot deployment made easy
Bait and Switch - redirects all hostile traffic to a honeypot that is partially mirroring your production system
Artillery - open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods
Amun - vulnerability emulation honeypot
VM cloaking script
Antivmdetect - Script to create templates to use with VirtualBox to make vm detection harder
IDS signature generation
lookup service for AS-numbers and prefixes
Web interface (for Thug)
Rumal - Thug's Rumāl: a Thug's dress & weapon
Data Collection / Data Sharing
HPfriends - data-sharing platform
HPFeeds - lightweight authenticated publish-subscribe protocol
Distributed spam tracking
Project Honeypot
Python bindings for libemu
Pylibemu - A Libemu Cython wrapper
Controlled-relay spam honeypot
Shiva - Spam Honeypot with Intelligent Virtual Analyzer
Shiva The Spam Honeypot Tips And Tricks For Getting It Up And Running
Visualization Tool
Glastopf Analytics
Afterglow Cloud
central management tool
Network connection analyzer
Virtual Machine Cloaking
Honeypot deployment
Modern Honeynet Network
Automated malware analysis system
Hybrid Analysis
Low interaction
Low interaction honeypot on USB stick
Honeypot extensions to Wireshark
Whireshark Extensions
Data Analysis Tool
Telephony honeypot
Zapping Rachel
CWSandbox / GFI Sandbox
Visual analysis for network traffic
Binary Management and Analysis Framework
Honeyd For Windows
Deception Toolkit
PDF document inspector
Distribution system
Thug Distributed Task Queuing
HoneyClient Management
Network Analysis
Hybrid low/high interaction honeypot
Sebek on Xen
SSH Honeypot
Glastopf data analysis
Glastopf Analytics
Distributed sensor project
DShield Web Honeypot Project
Distributed Web Honeypot Project
a pcap analyzer
Client Web crawler
HoneySpider Network
network traffic redirector
Honeypot Distribution with mixed content
Honeypot sensor
Dragon Research Group Distro
Honeeepi - Honeeepi is a honeypot sensor on Raspberry Pi which based on customized Raspbian OS.
File carving
TestDisk & PhotoRec
File and Network Threat Intelligence
data capture
SSH proxy
Minecraft honeypot
behavioral analysis tool for win32
Capture BAT
Live CD
Mail::SMTP::Honeypot - perl module that appears to provide the functionality of a standard SMTP server
Commercial honeynet
Server (Bluetooth)
Dynamic analysis of Android apps
Dockerized Low Interaction packaging
Dockerized Thug
Dockerpot A docker based honeypot.
Docker honeynet Several Honeynet tools set up for Docker containers
Network analysis
Sebek data visualization
Sebek Dataviz
SIP Server
Artemnesia VoIP
Botnet C2 monitoring
low interaction
Malware collection

Honeyd Tools

Honeyd plugin
Honeyd viewer
Honeyd to MySQL connector
A script to visualize statistics from honeyd
Honeyd UI
Honeyd configuration GUI - application used to configure the honeyd daemon and generate configuration files
Honeyd stats

Network and Artifact Analysis

RFISandbox - a PHP 5.x script sandbox built on top of funcall
dorothy2 - A malware/botnet analysis framework written in Ruby
COMODO automated sandbox
Argos - An emulator for capturing zero-day attacks
malwr.com - free malware analysis service and community
detux.org - Multiplatform Linux Sandbox
Joebox Cloud - analyzes the behavior of malicious files including PEs, PDFs, DOCs, PPTs, XLSs, APKs, URLs and MachOs on Windows, Android and Mac OS X for suspicious activities

Data Tools

Front Ends
Tango - Honeypot Intelligence with Splunk
Django-kippo - Django App for kippo SSH Honeypot
Wordpot-Frontend - a full featured script to visualize statistics from a Wordpot honeypot -Shockpot-Frontend - a full featured script to visualize statistics from a Shockpot honeypot
HoneyMap - Real-time websocket stream of GPS events on a fancy SVG world map
HoneyMalt - Maltego tranforms for mapping Honeypot systems - ссылки кликабельны на источнике - www.kitploit.com/2015/12/collection-of-awesome-honeypots.html

истина где-то рядом...
<<Назад  Вперед>>Печать
Форум Сообщества Практиков Конкурентной разведки (СПКР) »   Защита информации в бизнесе »   Почти все о "медовых" бочонках

Последние RSS
Open Source Intelligence (OSINT) Tools and Resources Handbook
Top tips on gathering information about companies by using free online sources
Новое на блоге HRразведка
Безопасность данных в MS Access
Слово как улика
20 Recon and Intel Gathering Tools used by InfoSec Professionals
What’s Changed?
10 альтернативных поисковиков
Ситуационный центр главы Республики Коми
Развёртывание ситуационных центров на базе технологии Avalanche
Как принимать сложные решения. Советы бывшего оперативника ЦРУ.
Открытая информация о "Новичке" из сети интернет.
Ген. директор "ОЗХО" Ахмет Узюмдж о "Новичке" и хим. атаке в Сирии
Онлайн-сервисы для Twitter
Коллекция для Twitter
Приложение Opera VPN закрывается
О работе разведки
Deep web и 11 поисковиков по нему
Об изначальной "лживости" любых документов
Обновление на блоге HRазведка

Самые активные 20 тем RSS
Стандартные источники информации в СайтСпутнике
Слово как улика
Open Source Intelligence (OSINT) Tools and Resources Handbook