honeypot
sshesame
| honeypot | sshesame | |
|---|---|---|
| 1 | 3 | |
| 2 | 1,394 | |
| - | - | |
| 4.5 | 0.0 | |
| about 1 month ago | about 1 year ago | |
| HTML | Go | |
| - | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
honeypot
-
There Are Too Many Damn Honeypots
* A fake HTTP proxy component that looks for CONNECT requests.
That combination of things is quite uncommon, and yet, for analyzing attackers' behavior, it works very well.
[1] https://github.com/supriyo-biswas/honeypot
sshesame
- Reminder to secure your homelab: I forgot to turn off SSH on my NAS 5 days ago after using it briefly and had almost 900 attacks since then. Fortunately SSH was not running on default 22 port and access was blocked on the Synology and no passthrough to SSH from my router.
-
relationship goals
there's also this other thing called sshesame which gives the attacker a fake shell to run commands in. i ended up with a 30gb logfile within a few months lol
-
So I opened up one port on my network for an SFTP server, and in just the last 7 days there have been 611 attempts to log into it... It's always interesting to see the usernames that try to log in, so I pulled them and sorted them all out.
I started an SSH honeypot project with the goal of finding out what these attackers (bots mainly) would do if they did get in.
What are some alternatives?
endlessh - SSH tarpit that slowly sends an endless banner
pshitt - Passwords of SSH Intruders Transferred to Text
honeytrap - Advanced Honeypot framework.
ipsum - Daily feed of bad IPs (with blacklist hit scores)
minerstat-os - msOS - Open Source Mining OS. Repository moved, no longer using github
gnupg - Patches to GnuPG smartcard support (bigger keys, better error handling)
gnupg - The GNU Privacy Guard. NOTE: Maintainers are not tracking this mirror. Do not make pull requests here, nor comment any commits, submit them usual way to bug tracker (https://www.gnupg.org/documentation/bts.html) or to the mailing list (https://www.gnupg.org/documentation/mailing-lists.html).
vssh - Go Library to Execute Commands Over SSH at Scale
acra - Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.