A modified version of Honeytrap (https://github.com/armedpot/honeytrap/tree/master) for a thesis. Added SSH, SCP, SFTP, DNS query modules, and updated HTTP for HTTPS support. Enhance your network monitoring and analysis with this versatile honeypot.
This modified version incorporates several additional modules to expand the honeypot's capabilities. The new modules introduced include SSH, SCP, and SFTP traffic monitoring, as well as DNS query analysis. The HTTP module has been extensively updated to support HTTPS and to replace deprecated functions with their up-to-date counterparts.
Key Features:
Emulates SSH, SCP, SFTP, DNS, and HTTP(S) services to attract and intercept malicious activities. Monitors and logs incoming SSH traffic, providing insights into potential unauthorized access attempts. Captures SCP and SFTP traffic, enabling analysis of file transfer attempts. Performs real-time analysis of DNS queries, allowing detection of suspicious domain activity. Enhanced HTTP module supports both HTTP and HTTPS, offering a comprehensive view of web-based attacks. Updated codebase replaces deprecated functions, ensuring compatibility with modern programming practices. This modified version of Honeytrap serves as a powerful tool for researchers, cybersecurity professionals, and students interested in studying network attacks and developing effective countermeasures. By extending the functionality of the original project, it provides a versatile platform for monitoring and analyzing malicious activities in various network protocols.
Please note that this modified repository is intended for academic use, research purposes, and cybersecurity education. It should be used responsibly and in compliance with all relevant laws and regulations.
Feel free to customize the description as needed, highlighting any additional features or aspects of your modified repository that you find important.