Our great sponsors
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
-
Tripwire
Tripwire monitors ports and icmp to send the admin a message if somebody is scanning a machine that shouldn't be touched
It's currently a cowrie (https://github.com/cowrie/cowrie) with ssh and telnet. For my use case a low interaction in enough, maybe I'll code my own in the future.
For the honeypot the above command is used inside https://github.com/jhuckaby/logalert
To avoid detection of something like a cuckoo I would use https://github.com/nsmfoo/antivmdetection and test it with https://github.com/therealdreg/anticuckoo and https://github.com/LordNoteworthy/al-khaser
To avoid detection of something like a cuckoo I would use https://github.com/nsmfoo/antivmdetection and test it with https://github.com/therealdreg/anticuckoo and https://github.com/LordNoteworthy/al-khaser
To avoid detection of something like a cuckoo I would use https://github.com/nsmfoo/antivmdetection and test it with https://github.com/therealdreg/anticuckoo and https://github.com/LordNoteworthy/al-khaser
I posted it on github if anybody else wants to try it.