1) Damn Simple Honeypot (DSHP) - Honeypot framework with pluggable handlers.
2) NOVA - uses honeypots as detectors, looks like a complete system.
3) OpenFlow Honeypot (OFPot) - Redirects traffic for unused IP addresses to a honeypot built on POX.
4) OpenCanary - A modular and decentralized honeypot daemon that runs several Canary versions of services and warns when (ab) is in use.
low- ciscoasa_honeypot Honeypot for a Cisco ASA that can detect CVE-2018-0101, DoS vulnerabilities, and remote code execution.
miniprint - Honeypot mid-interaction printer.
🦑 Botnet C2 Tools
1) Hale - Botnet management and control monitor.
2) dnsMole - analyzes DNS traffic and potentially detects botnet commands and monitors server activity, as well as infected hosts.
3) IPv6 attack detection tool
ipv6 attack detector is a Google Summer of Code 2012 project supported by the Honeynet Project.
dynamic code toolkit
4)Frida - Add JavaScript to explore native applications on Windows, Mac, Linux, iOS, and Android.
A tool for converting a site into server decoys
5) HIHAT - Convert arbitrary PHP applications to high-level Honeypots web interfaces.
malware collector
6) Kippo-Malware is a Python script that downloads all malicious files stored as URLs in the Kippo SSH honeypot database.
Distributed Deployment Sensor
7) Modern Honey Network - Multiple snort and honeypot sensor management, uses a network of virtual machines, small SNORT installations, hidden dioneas and a centralized server for management.
🦑Network analysis tool
1) Tracexploit - play network packets.
2) Anonymizer Journal
3) LogAnon - Anonymous logging library that helps ensure anonymous logs are consistent between logs and network captures.
Low-interaction Honeypot (router back door)
4) Honeypot-32764 - Honeypot for the back door of the router (TCP 32764).
5) WAPot - Honeypot that can be used to monitor traffic directed to home routers.
6) Honeynet Farm Traffic Redirector
Honeymole - Deploying multiple sensors that redirect traffic to a centralized collection of honey pots.
7) HTTPS Proxy
mitmproxy - allows you to intercept, verify, modify and play traffic flows.
🦑System hardware
1) Sysdig - An open-source system-level study allows you to record the status and activity of a system from a running GNU / Linux instance, and then save, filter, and analyze the results.
2) Fibratus - A tool for researching and tracking the Windows kernel.
Honeypot for malware distribution via USB
3) Ghost-usb - Honeypot for malware spreading through USB storage devices.
🦑 Data collection
1) Kippo2MySQL - Extracts some very simple statistics from Kippo text log files and inserts them into a MySQL database.
2) Kippo2ElasticSearch is a Python script for transferring data from the
3) Kippo SSH honeypot MySQL database to an ElasticSearch instance (server or cluster).
4) Passive Network Audit Framework Parser
[Passive Network Audit Infrastructure (pnaf)] ( https://github.com/jusafing/pnaf ) is a platform that combines several passive and automated analysis methods to provide an assessment of the security of network platforms.
🦑 VM monitoring and tools
1) Antivmdetect - Script to create templates for use with VirtualBox to make VM detection more difficult.
2) VMCloak - Automatically create a virtual machine and mask for a cuckoo sandbox.
[vmitools] ( http://libvmi.com/ ) is a C library with Python bindings that makes it easy to track the low-level details of a running virtual machine.
🦑 binary debugger
1) Hexgolems - the server part of the debugger Pint - the server part of the debugger and the LUA shell for the PIN code.
2) Hexgolems - external interface of the debugger Schem - external interface of the debugger.
ALL THOSE AVAIBLE AT GITHUB WILL WROTE SOME TUTORIALS FOR those
Enjoy! Follow us for more...
No comments:
Post a Comment