Collecting workspace information
This project is a honeypot implementation that captures and logs unauthorized access attempts to SSH and HTTP services. It includes a web dashboard to visualize the captured data.
.gitignore
assets/
dashboard_data_parser.py
honeypy.py
log_files/
baseline_ssh.py
cmd_audits.log
creds_audits.log
http_audit.log
http_audits.log
notes.md
public.env
ssh_honeypot.py
systemd/
honeypy.service
templates/
dashboard.html
index.html
wp-admin.html
web_app.py
web_honeypot.py
- dashboard_data_parser.py: Contains functions to parse log files and generate data for the dashboard.
- honeypy.py: Main script to run the honeypot.
- log_files/: Directory containing log files and a baseline SSH server script.
- public.env: Environment variables configuration.
- ssh_honeypot.py: SSH honeypot implementation.
- systemd/honeypy.service: Systemd service configuration for running the honeypot.
- templates/: HTML templates for the web dashboard.
- web_app.py: Web application to visualize the captured data.
- web_honeypot.py: HTTP honeypot implementation.
-
Install Dependencies:
pip install -r requirements.txt
-
Generate SSH Server Key:
ssh-keygen -t rsa -b 2048 -f server.key
-
Configure Environment Variables: Edit
public.env
to set the required environment variables.
- Run the Honeypot:
python honeypy.py -a <address> -p <port> -s
-
SSH Honeypot:
python honeypy.py -a <address> -p <port> -s
-
HTTP Honeypot:
python honeypy.py -a <address> -p <port> -wh
-
Web Dashboard:
python web_app.py
To run the honeypot as a systemd service, copy honeypy.service to /etc/systemd/system/ and enable the service:
sudo systemctl enable honeypy.service
sudo systemctl start honeypy.service