README
¶
Honeytrap 
Honeytrap is an extensible and opensource system for running, monitoring and managing honeypots.
Features
- Combine multiple services to one honeypot, eg a LAMP server
- Honeytrap Agent will download the configuration from the Honeytrap Server
- Use the Honeytrap Agent to redirect traffic out of the network to a seperate network
- Deploy a large amount agents while having one Honeytrap Server, configuration will be downloaded automatically and logging centralized
- Payload detection to determine which service should handle the request, one port can handle multiple protocols
- Monitor lateral movement within your network with the Sensor listener. The sensor will complete the handshake (in case of tcp), and store the payload
- Create high interaction honeypots using the LXC or remote hosts directors, traffic will be man-in-the-middle proxied, while information will be extracted
- Extend honeytrap with existing honeypots (like cowrie or glutton), while using the logging and listening framework of Honeytrap
- Advanced logging system with filtering and logging to Elasticsearch, Kafka, Splunk, Raven, File or Console
- Services are easily extensible and will extract as much information as possible
- Low- to high interaction Honeypots, where connections will be upgraded seamless to high interaction
To start using Honeytrap
See our documentation on docs.honeytrap.io.
Community
Join the honeytrap-users mailing list to discuss all things Honeytrap.
Creators
DutchSec’s mission is to safeguard the evolution of technology and therewith humanity. By delivering groundbreaking and solid, yet affordable security solutions we make sure no people, companies or institutes are harmed while using technology. We aim to make cyber security available for everyone.
Our team consists of boundary pushing cyber crime experts, grey hat hackers and developers specialized in big data, machine learning, data- and context driven security. By building open source and custom-made security tooling we protect and defend data, both offensively and proactively.
We work on the front line of security development and explore undiscovered grounds to fulfill our social (and corporate) responsibility. We are driven by the power of shared knowledge and constant learning, and hope to instigate critical thinking in all who use technology in order to increase worldwide safety. We therefore stimulate an open culture, without competition or rivalry, for our own team, as well as our clients. Security is what we do, safety is what you get.
Copyright and license
Code and documentation copyright 2016-2019 DutchSec B.V..
Code released under Apache License, Version 2.0.
Documentation
¶
Overview ¶
Copyright 2016-2019 DutchSec (https://dutchsec.com/)
Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
ja3/crypto/internal/cipherhw
Package cipherhw exposes common functions for detecting whether hardware support for certain ciphers and authenticators is present.
|
Package cipherhw exposes common functions for detecting whether hardware support for certain ciphers and authenticators is present. |
|
ja3/crypto/tls
Package tls partially implements TLS 1.2, as specified in RFC 5246.
|
Package tls partially implements TLS 1.2, as specified in RFC 5246. |