sshesame
honeytrap
sshesame | honeytrap | |
---|---|---|
3 | 1 | |
1,394 | 1,194 | |
- | 0.9% | |
0.0 | 0.0 | |
about 1 year ago | 7 months ago | |
Go | Go | |
Apache License 2.0 | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
sshesame
- Reminder to secure your homelab: I forgot to turn off SSH on my NAS 5 days ago after using it briefly and had almost 900 attacks since then. Fortunately SSH was not running on default 22 port and access was blocked on the Synology and no passthrough to SSH from my router.
-
relationship goals
there's also this other thing called sshesame which gives the attacker a fake shell to run commands in. i ended up with a 30gb logfile within a few months lol
-
So I opened up one port on my network for an SFTP server, and in just the last 7 days there have been 611 attempts to log into it... It's always interesting to see the usernames that try to log in, so I pulled them and sorted them all out.
I started an SSH honeypot project with the goal of finding out what these attackers (bots mainly) would do if they did get in.
honeytrap
What are some alternatives?
endlessh - SSH tarpit that slowly sends an endless banner
beelzebub - A secure low code honeypot framework, leveraging AI for System Virtualization.
pshitt - Passwords of SSH Intruders Transferred to Text
Gin - Gin is a HTTP web framework written in Go (Golang). It features a Martini-like API with much better performance -- up to 40 times faster. If you need smashing performance, get yourself some Gin.
ipsum - Daily feed of bad IPs (with blacklist hit scores)
acra - Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("transparent") encryption. SQL, NoSQL.
minerstat-os - msOS - Open Source Mining OS. Repository moved, no longer using github
kratos - Your ultimate Go microservices framework for the cloud-native era.
gnupg - Patches to GnuPG smartcard support (bigger keys, better error handling)
gnupg - The GNU Privacy Guard. NOTE: Maintainers are not tracking this mirror. Do not make pull requests here, nor comment any commits, submit them usual way to bug tracker (https://www.gnupg.org/documentation/bts.html) or to the mailing list (https://www.gnupg.org/documentation/mailing-lists.html).
vssh - Go Library to Execute Commands Over SSH at Scale