Skip to content

Latest commit

 

History

History
210 lines (151 loc) · 10.7 KB

README.md

File metadata and controls

210 lines (151 loc) · 10.7 KB

DefroxPot




Latest release Last commit License Stars Issues Repo Size follow on Twitter Discord

Description

DefroxPot is a honeypot project designed to detect, monitor, and analyze malicious activity in a controlled environment. This project aims to provide cybersecurity enthusiasts and professionals with a powerful tool to study attack patterns, improve defensive strategies, and enhance security awareness.



 Variants 

 Install 

 Dependencies 

 Usage 

 Screenshots 

 Contributors 


Variants

Web Honeypot

The Web Honeypot simulates a vulnerable website to attract and analyze web-based attacks.

Features

Web Logging

  • Records all HTTP requests and responses
  • Logs IP addresses, session details, user agents, user IDs, and paths visited
  • Captures keystrokes through the website

File Analysis

  • Analyzes files uploaded by attackers to check for malicious content
  • Extracts metadata from the uploaded files

Dashboard

  • Provides a dashboard for real-time monitoring

Network Honeypot

The Network Honeypot mimics a network environment to detect, log and analyze network-based attacks.

Features

Network Logging

  • Captures and logs all network traffic
  • Records IP addresses and authentication attempts via FTP or SSH services (whichever you run)

Deceptive Environment

  • Creates a deceptive environment to trap attackers
  • Simulates various network services to attract malicious activity

Installation

  1. Clone the repository:

    git clone https://github.com/TeamDefronix/DefroxPot
    cd honeypot
  2. Install dependencies:

    pip install -r requirements.txt
  3. Configure the honeypot:

    python manage.py migrate
    python manage.py createsuperuser

    Note: python manage.py createsuperuser is required to create for managing the DefroxPot tool

  4. Start the honeypot:

    python manage.py runserver

    You will receive a URL with port 8000. Open this URL in your browser to access the admin panel.

Dependencies

Technology Stack

Essential Python Libraries

Django: A high-level Python Web framework that encourages rapid development and clean, pragmatic design.

Flask: A lightweight WSGI web application framework in Python.

paramiko: A library for making SSH2 connections.

pyftpdlib: A library for creating FTP servers.

bcrypt: Library for hashing passwords in a secure manner.

blinker: Provides support for creating signals and listening to them, often used in Flask applications.

certifi: Provides Mozilla’s CA Bundle, useful for SSL verification.

cryptography: Provides cryptographic recipes and primitives.

itsdangerous: Provides various helpers to pass trusted data to untrusted environments.

pycparser: A C parser and AST generator written in Python.

PyNaCl: Python binding to the Networking and Cryptography (NaCl) library.

Usage

Website

  • Navigate to the Setup tab and launch the web setup. You will receive a URL with port 5000 that is intended to be accessed by an attacker.
  • File Analysis, Photo, Keylogger and Website tabs belong to Web honeypot. You can navigate to check logs.

Network

  • Navigate to the Setup tab and launch the network setup. The ssh and ftp will be started that is intended to be accessed by an attacker.
  • Network tabs belong to network honeypot. You can navigate to check logs.

Screenshots

d1

d2

d3

d4

d5

d6

d7

Contacts

Github Logo Facebook Logo Twitter Logo Instagram Logo WhatsApp Logo Youtube Logo LinkedIN Logo

Support

Buymeacoffee




Donate with paypal




Donate with paypal




Donate with paypal



This tool is currently a prototype and can be further improved. If you have more context or specific improvements in mind, We can tailor the further requirements to fit your needs

Thanks To All Contributors