8000 GitHub - jimwangzx/honeypots: 🍯 19 honeypots in a single pypi package (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres, MySQL, MSSQL, Elastic, LDAP)
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
/ honeypots Public
forked from qeeqbox/honeypots

🍯 19 honeypots in a single pypi package (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres, MySQL, MSSQL, Elastic, LDAP)

License

AGPL-3.0 license
0 stars 121 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jimwangzx/honeypots

BranchesTags
 
 

Repository files navigation

19 honeypots in a single PyPI package for monitoring network traffic, bots activities, and username \ password credentials. All honeypots are non-blocking and can be used as objects or called directly with the in-built auto-configure scripts.

The honeypots are: dns ftp httpproxy http https imap mysql pop3 postgres redis smb smtp socks5 ssh telnet vnc mssql elastic ldap.

The honeypots output can be logged to a database, file, terminal or syslog

Install

pip3 install honeypots
< 8000 /div>

Usage Example - Auto configure

honeypot, or multiple honeypots separated by comma or word all

python3 -m honeypots --setup ssh

Usage Example - Auto configure with specific ports

Use as honeypot:port or multiple honeypots as honeypot:port,honeypot:port

python3 -m honeypots --setup imap:143,mysql:3306,redis:6379

Usage Example - Auto configure with logs location

honeypot, or multiple honeypots separated by comma or word all

python3 -m honeypots --setup ssh --config config.json

#config.json
{
    "logs":"file,terminal",
    "logs_location":"/temp/honeypots_logs/"
}

Usage Example - Custom configure

honeypot, or multiple honeypots in a dict

python3 -m honeypots --setup ftp --config config.json

config.json (Output to folder and terminal)

{
    "logs":"file,terminal",
    "logs_location":"/temp/honeypots_logs/",
    "honeypots": {
        "ftp": {
            "port": 21,
            "ip": "0.0.0.0",
            "username": "test",
            "password": "test"
            }
        }
}

config.json (Output to syslog)

{
    "logs":"syslog",
    "logs_location":"",
    "syslog_address": "udp://localhost:514",
    "syslog_facility": 3,
    "honeypots": {
        "ftp": {
            "port": 21,
            "ip": "0.0.0.0",
            "username": "test",
            "password": "test"
            }
        }
}

Usage Example - Import as object and auto test

#you need higher user permissions for binding\closing some ports

ip= String E.g. 0.0.0.0
port= Int E.g. 9999
username= String E.g. Test
password= String E.g. Test
mocking= Boolean or String E.g OpenSSH 7.0
logs= String E.g db, terminal or all
always remember to add process=true to run_server() for non-blocking

from honeypots import QSSHServer
qsshserver = QSSHServer(port=9999)
qsshserver.run_server(process=True)
qsshserver.test_server(port=9999)
INFO:chameleonlogger:['servers', {'status': 'success', 'username': 'test', 'ip': '127.0.0.1', 'server': 'ssh_server', 'action': 'login', 'password': 'test', 'port': 38696}]
qsshserver.kill_server()

Usage Example - Import as object and test with external ssh command

#you need higher user permissions for binding\closing some ports

from honeypots import QSSHServer
qsshserver = QSSHServer(port=9999)
qsshserver.run_server(process=True)

ssh test@127.0.0.1

INFO:chameleonlogger:['servers', {'status': 'success', 'username': 'test', 'ip': '127.0.0.1', 'server': 'ssh_server', 'action': 'login', 'password': 'test', 'port': 38696}]
qsshserver.kill_server()

Current Servers/Emulators

  • QDNSServer <- DNS (Server using Twisted)
  • QFTPServer <- FTP (Server using Twisted)
  • QHTTPProxyServer <- HTTP Proxy (Server using Twisted)
  • QHTTPServer <- HTTP (Server using Twisted)
  • QHTTPSServer <- HTTPS (Server using Twisted)
  • QIMAPServer <- IMAP (Server using Twisted)
  • QMysqlServer <- Mysql (Emulator using Twisted)
  • QPOP3Server <- POP3 (Server using Twisted)
  • QPostgresServer <- Postgres (Emulator using Twisted)
  • QRedisServer <- Redis (Emulator using Twisted)
  • QSMBServer <- SMB (Server using impacket)
  • QSMTPServer <- STMP (Server using smtpd)
  • QSOCKS5Server <- SOCK5 (Server using socketserver)
  • QSSHServer <- SSH (Server using socket)
  • QTelnetServer <- TELNET (Server using Twisted)
  • QVNCServer <- VNC (Emulator using Twisted)
  • QMSSQLServer <- MSSQL (Emulator using Twisted)
  • QElasticServer <- Elastic (Emulator using http.server)
  • QLDAPServer <- ldap (Emulator using Twisted)

Open Shell

Open in Cloud Shell Open in repl.it Shell

acknowledgment

  • By using this framework, you are accepting the license terms of all these packages: pipenv twisted psutil psycopg2-binary dnspython requests impacket paramiko redis mysql-connector pycryptodome vncdotool service_identity requests[socks] pygments http.server
  • Let me know if I missed a reference or resource!

Some Articles

securityonline

Notes

  • Almost all servers and emulators are stripped-down - You can adjust that as needed

Other Projects

About

🍯 19 honeypots in a single pypi package (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres, MySQL, MSSQL, Elastic, LDAP)

Resources

Readme

License

AGPL-3.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Python 100.0%
0