{"id":13795121,"url":"https://github.com/SneakersInc/HoneyMalt","last_synced_at":"2025-05-12T21:33:28.458Z","repository":{"id":84826734,"uuid":"22264209","full_name":"SneakersInc/HoneyMalt","owner":"SneakersInc","description":"Maltego tranforms for mapping Honeypot systems.","archived":true,"fork":false,"pushed_at":"2014-12-15T20:03:10.000Z","size":10367,"stargazers_count":13,"open_issues_count":1,"forks_count":3,"subscribers_count":3,"default_branch":"master","last_synced_at":"2024-11-02T17:43:09.765Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SneakersInc.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2014-07-25T17:01:10.000Z","updated_at":"2024-09-21T11:58:20.000Z","dependencies_parsed_at":"2023-02-26T02:25:39.249Z","dependency_job_id":null,"html_url":"https://github.com/SneakersInc/HoneyMalt","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SneakersInc%2FHoneyMalt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SneakersInc%2FHoneyMalt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SneakersInc%2FHoneyMalt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SneakersInc%2FHoneyMalt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SneakersInc","download_url":"https://codeload.github.com/SneakersInc/HoneyMalt/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225157000,"owners_count":17429698,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-03T23:00:52.376Z","updated_at":"2024-11-18T09:31:40.869Z","avatar_url":"https://github.com/SneakersInc.png","language":"Python","funding_links":[],"categories":["Data Tools","\u003ca id=\"a53d22b9c5d09dc894413453f4755658\"\u003e\u003c/a\u003e未分类","\u003ca name=\"visualizers\"\u003e\u003c/a\u003e Data Tools"],"sub_categories":[],"readme":"HoneyMalt\n=========\n\nHoneyMalt is a Maltego transform pack for the analysis (graphing) of Honeypots. Starting with Kippo (that uses MySQL) you can now export all that lovely SQL data and have your Maltego graphs displaying it (as long as your machine doesn't blow up trying).\n\nI've tried to use as many native Maltego entities as possible so you can make use of the built-in transforms and because I'm lazy.. (not really..)\n\nThe following python modules are also required:\n\n**canari (goes without saying)  \nMySQL Python Connector (mysql_connector_python)  \nPython Geoip (pygeoip)**  \n\n**IMPORTANT**  \nIf you are remotely connnecting to your kippo mysql instance you will need to allow remote connections. You can do this by running the following command:  \n\n`GRANT ALL ON kippo.* TO kippo@'IPADDR' IDENTIFIED BY 'Kippo-DB-Pass';`  \n\nYou will need to change the *IPADDR* and *Kippo-DB-Pass* to match your requirements.\n\nTo install the transform pack you need to do the following (make sure you have canari installed already and run Maltego at least once):\n\nclone this repo  \n`git clone https://github.com/catalyst256/HoneyMalt.git`  \nchange to the src directory  \n`cd src/`  \n`canari create-profile HoneyMalt -w [full path to src folder]`  \non my machine this is:  \n`canari create-profile HoneyMalt -w /root/localTransforms/HoneyMalt/src`  \n\nThis will create a **HoneyMalt.mtz** file in the `src/` directory and a **HoneyMalt.conf** file\n\nWithin the HoneyMalt.conf file you will need to enter your Kippo MySQL details (username, password, database name) and you can also change the location to your GeoIP file.\n\nLoad Maltego and import the configuration file that was just created in the src folder.\nYou will have a number of new transforms, entities and a Maltego machine to use.\n\nTo use HoneyMalt the process is as follows:\n\n1. Add the Kippo Honeypot entity into a new graph  \n2. Change the default IP to your MySQL server IP (or hostname)  \n3. Right click, Run Machine, HoneyMalt - Kippo (auto)  \n4. Go get coffee  \n\nThe Maltego machine will run all the available transforms in order and should go nuts and pull out all the nice information from your MySQL Kippo database. \n\nIf you just want to look for specific sessions relating to \"Evil IPs\", you can right click on the Kippo Honeypot entity and chose `HoneyMalt - Kippo: Search for Sessions by IP`. This will give you a popup box asking for an IP address which then will go look for any sessions that originated from that IP.\n\nI'm going to add some more search stuff later and expand the Honeypots you can target. Anything I've missed give me a shout..\n\nEnjoy!! (any issues raise a ticket on GitHub)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSneakersInc%2FHoneyMalt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FSneakersInc%2FHoneyMalt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSneakersInc%2FHoneyMalt/lists"}