Skip to content

deoktr/goneypot

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
cmd.go
cmd.go
 
 
creds.example
creds.example
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 
prometheus.go
prometheus.go
 
 
server.go
server.go
 
 

Repository files navigation

goneypot

Low-interaction SSH honeypot written in Go.

Attackers will be able to log in, and send commands, but nothing is ever executed, just logged.

Usage

Generate SSH server private keys without passphrase:

ssh-keygen -f id_rsa -N "" -t rsa

Build:

go build .

Run:

./goneypot -key id_rsa -addr 0.0.0.0 -port 2222

Test:

ssh -p 2222 user@localhost

Credentials

By default, goneypot accept any combinaison of username/password.

Login credentials can be added to restrict the username/password that can log in:

  1. create a file with username:password in it:

    echo "foo:foo" > creds

  2. start goneypot with the -creds-file flag:

    goneypot -creds-file creds

Prometheus

goneypot supports Prometheus, to enable it use flag -enable-prometheus:

goneypot -enable-prometheus -prom-port 9001 -prom-addr localhost

Alternatives

TODO

  • add connections timeout

License

goneypot is licensed under MIT.

About

Low-interaction SSH honeypot

Topics

honeypot ssh-honeypot low-interaction-honeypot

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

9 tags

Languages