tpotce
smbeagle
tpotce | smbeagle | |
---|---|---|
31 | 3 | |
5,925 | 675 | |
1.7% | 0.3% | |
8.9 | 3.2 | |
3 days ago | 9 months ago | |
C | C# | |
GNU General Public License v3.0 only | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
tpotce
-
Honeypot in a home lab
Have a look at tpot created by Deutsche Telekom. https://github.com/telekom-security/tpotce
-
Securely running a honeypot server in a homelab (VLAN, Switch, proxmox, etc)
After installing proxmox, I created a VM on it containing t-pot, an (.iso) packaged group of containerized honeypots with a compelling aggregation of logs, attack attempts, a heatmap showing attack/scan locations, ips, and numerous other criteria logged and viewable in pretty elasticsearch dashboards.
-
Update for your NginxProxyManager Logs Dashboard: npmGrafStats v2.2
The Data for https://www.sicherheitstacho.eu/start/main comes from their Honeypot Software https://github.com/telekom-security/tpotce
-
What project ideas are there for a cybersecurity homelab?
As for blue team, there is tpotce which is a fully integrated Linux distro that deploys multiple honeypot containers and connects them back up into Elastic Search, but you'd need a device with 8GB+ RAM facing the internet unrestricted in a DMZ or something similar - https://github.com/telekom-security/tpotce
-
Unorthodox Things to Self Host?
T-Pot - The All In One Honeypot Platform - T-Pot
-
Docker in Cyber Security
I use it to run Splunk at home for testing. You can also run honeypots or use TPot.
- How to make honeypots.
-
Does anyone have OpenCanary working in a docker container?
Check this https://github.com/telekom-security/tpotce
- Release T-Pot 22.04.0 · telekom-security/tpotce
-
Flashy Network Monitoring Product?
If you want a live threat map/Honeypot and get a feel for what's attacking your network while also looking amazing, set up the T-pot - https://github.com/telekom-security/tpotce
smbeagle
-
PowerHuntShares is designed to automatically inventory, analyze, and report excessive privilege assigned to SMB shares on Active Directory domain joined computers
SMBeagle is another quickly evolving share scanner that’s worth looking at if you haven’t seen it. It supports a lot of nice features. It doesn’t generate IAMish summary reports (yet?), but does export results to csv and elasticsearch which is pretty cool. https://github.com/punk-security/smbeagle
- I'm talking at Blackhat Arsenal next week 😬
- SMBeagle: Intro SMBeagle is an (SMB) fileshare auditing tool that hunts out all files it can see in the network and reports if the file can be read and/or written. All these findings are streamed out to either a CSV file or an elasticsearch host, or both
What are some alternatives?
opencanary - Modular and decentralised honeypot
cowrie - Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io
tpotce - 🍯 T-Pot - The All In One Honeypot Platform 🐝 [Moved to: https://github.com/telekom-security/tpotce]
mhn - Modern Honey Network
cyberchef-recipes - A list of cyber-chef recipes and curated links
Stirling-PDF - #1 Locally hosted web application that allows you to perform various operations on PDF files
awesome-honeypots - an awesome list of honeypot resources
globalnoc-networkmap-panel - A network map panel for Grafana
Grafana - The open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many more.
pfSense - Main repository for pfSense
benotes - An open source self hosted notes and bookmarks taking web app.