Browsing tag
An active malware campaign is leveraging two zero-day vulnerabilities with remote code execution (RCE) functionality to rope routers and video recorders into a Mirai-based distributed denial-of-service (DDoS) botnet. “The payload targets routers and network video recorder (NVR) devices with default admin credentials and installs Mirai variants when successful,” Akamai said in an advisory published this […]
Public Wi-Fi, which has long since become the norm, poses threats to not only individual users but also businesses. With the rise of remote work, people can now work from virtually anywhere: a cafe close to home, a hotel in a different city, or even while waiting for a plane at the airport. Next, let’s […]
A few weeks ago, the 32nd edition of RSA, one of the world’s largest cybersecurity conferences, wrapped up in San Francisco. Among the highlights, Kevin Mandia, CEO of Mandiant at Google Cloud, presented a retrospective on the state of cybersecurity. During his keynote, Mandia stated: “There are clear steps organizations can take beyond common safeguards […]
HosTaGe is a lightweight, low-interaction, portable, and generic honeypot for mobile devices that aims on the detection of malicious, wireless network environments. As most malware propagate over the network via specific protocols, a low-interaction honeypot located at a mobile device can check wireless networks for actively propagating malware. We envision such honeypots running on […]
snare – Super Next generation Advanced Reactive honEypot Super Next generation Advanced Reactive honEypot About SNARE is a web application honeypot sensor attracting all sort of maliciousness from the Internet. Documentation The documentation can be found here. Basic Concepts Surface first. Focus on the attack surface generation. Sensors and masters. Lightweight collectors (SNARE) and […]
Nowdays internal & external networks are not secure, explain ethical hacking researchers. That’s why various security policies are implemented on networking level are implemented. These policies still need many new adaptations for getting a good security measures. Various companies uses network firewalls, IDS, IPS & honeypots for network security. Nowdays most companies are adopting honeypots […]
A low interaction honeypot with the capability to be more of a medium interaction honeypot. HoneyPy is written in Python2 and is intended to be easy to: install and deploy extend with plugins and loggers run with custom configurations Feel free to follow the QuickStart Guide to dive in directly. The main documentation can be […]
With this tool you can block HTTP Flood Attacks and analyze them with a honeypot. THE TOOL SEND YOU AN ADVERTISING EMAIL AFTER DETECT A DDOS ATTACK! First start the honeypot server (tools/analyze/logger.py). Then start the detector (tools/detector/detector.sh) in another window. If an attacker attack your server in preconfigured port (80), the detector will redirect […]
HonSSH is a high-interaction Honey Pot solution. HonSSH will sit between an attacker and a honey pot, creating two separate SSH connections between them. Features Captures all connection attempts to a text file, database or email alerts. When an attacker sends a password guess, HonSSH can automatically replace their attempt with the correct password (spoof_login […]
Striker is an offensive information and vulnerability scanner. Features Just supply a domain name to Striker and it will automatically do the following for you: Check and Bypass Cloudflare Retrieve Server and Powered by Headers Fingerprint the operating system of Web Server Detect CMS (197+ CMSs are supported) Launch WPScan if target is using WordPress […]
This project implements a python telnet server trying to act as a honeypot for IoT Malware which spreads over horribly insecure default passwords on telnet servers on the internet. Other than https://github.com/stamparm/hontel or https://github.com/micheloosterhof/cowrie (examples), which provides full (via chroot) or simulated behaviour of a linux system this honeypots goal is just to collect statistics […]
Short Bytes: A recent report by the cyber security firm Rapid7 lists the top usernames and passwords used by hackers to attack your servers. During the past 334 days, the firm placed honeypots to collect such login attempts and record the data. During the past one year, the cyber security firm Rapid7 has been collecting […]