{"id":19054469,"url":"https://github.com/datadog/hash","last_synced_at":"2025-04-15T06:55:41.957Z","repository":{"id":152222117,"uuid":"548814103","full_name":"DataDog/HASH","owner":"DataDog","description":"HASH (HTTP Agnostic Software Honeypot)","archived":false,"fork":false,"pushed_at":"2024-05-01T13:32:24.000Z","size":565,"stargazers_count":138,"open_issues_count":1,"forks_count":8,"subscribers_count":7,"default_branch":"main","last_synced_at":"2025-04-15T06:55:35.463Z","etag":null,"topics":["active-defense","honeynet","honeypot"],"latest_commit_sha":null,"homepage":"","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/DataDog.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-10-10T08:16:02.000Z","updated_at":"2025-04-10T03:45:50.000Z","dependencies_parsed_at":"2024-11-16T11:04:59.449Z","dependency_job_id":"d9a1a87c-22e9-411d-a39f-1ffdc947772a","html_url":"https://github.com/DataDog/HASH","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataDog%2FHASH","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataDog%2FHASH/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataDog%2FHASH/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DataDog%2FHASH/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/DataDog","download_url":"https://codeload.github.com/DataDog/HASH/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249023713,"owners_count":21199958,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["active-defense","honeynet","honeypot"],"created_at":"2024-11-08T23:38:30.280Z","updated_at":"2025-04-15T06:55:41.938Z","avatar_url":"https://github.com/DataDog.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# HASH (HTTP Agnostic Software Honeypot)\n\nHASH is a framework for creating and launching low interactive honeypots.\n\n![HASH](https://raw.githubusercontent.com/DataDog/HASH/main/docs/hash-intro.png 'HASH')\n\n# 🌟 Why HASH?\n\nThe main philosophy of HASH is to be easy to configure and flexible to mimic any software running on HTTP/HTTPs. With the minimum footprint possible to avoid being detected as honeypot.\n\n# ⚡ Features\n\n-   Single framework to deploy HTTP/HTTPs based honeypots\n-   Easily configurable via YAML files\n-   Built-in honeytraps\n-   Powerful randomization based on `fakerjs` to avoid honeypot detection\n-   Optionally, integration with Datadog to ingest and analyze honeypots logs and HTTP requests through APM\n\n# 🚀 Getting Started\n\nHASH is built using Node.js but it can mimic any web-based language / server based on the configuration. Read the full docs below.\n\n## Installation\n\n### You can Install it via NPM\n\n```\nnpm install -g hash-honeypot\n```\n\n### Or you can use it directly from docker\n\n```\ndocker run --rm ghcr.io/datadog/hash help\n```\n\n## Usage\n\n### Generate honeypot profile\n\nHASH uses YAML files to configure how it simulate the desired software, The typical structure for the profile folder is the following\n\n```\n|____templates\n|     |____resources\n|     |     |____index.html\n|     |     |____style.css\n|     |     |____favicon.ico\n|     |____404.yaml\n|     |____default.yaml\n|____init.yaml\n```\n\nYou can build it yourself or you can generate it using `generate` command\n\n```\nUsage: HASH generate [options] \u003cfolder\u003e\n\nGenerate honeypot profile\n\nArguments:\n  folder                         path/to the app\n\nOptions:\n  -t --template \u003ctemplate_name\u003e  base template (default: \"default\")\n  -n --name \u003choneypot_name\u003e      Honeypot name\n  -s --swagger \u003cswagger_file\u003e    Path to swagger file to convert\n  -h, --help                     display help for command\n```\n\n**Example**\n\n```\nhash-honeypot generate myhoneypot --name my-honey-pot --template default\n```\n\nYou can also convert swagger files to honeypot directly from the `generate` command\n\n**Example converting swagger file(s) to honeypot**\n\n```\nhash-honeypot generate sample-swagger2 -n sample -s ./test-swagger/test-swagger.yaml\n```\n\n### Running the honeypot\n\n```\nUsage: HASH run [options] \u003cfolder\u003e\n\nRun HASH\n\nArguments:\n  folder                     path/to the template folder\n\nOptions:\n  -l, --log \u003ctransport\u003e      logging transport (default: \"console,file,datadog\")\n  -f, --log_file \u003cfilename\u003e  logging filename (default: \"hash.log\")\n  -h, --help                 display help for command\n```\n\n**example**\n\n```\nhash-honeypot my-honeypot-profile -l file -f ./logs/hash.log\n```\n\n\u003e If you are using Datadog for logs make sure you export the datadog api key `export DD_API_KEY=\u003cyour-api-key\u003e`\n\n## Customization and configuration\n\nYou can customize the your honeypot profile as you want\n\n**Example request template:**\n\n```yaml\nid: sqli-error\ninfo:\n    title: 'SQL error honeytrap'\nrequests:\n    - isTrap: false\n      expect:\n          method: GET\n          path: '/author/:Id([0-9]+)'\n      reply:\n          status: 200\n          headers:\n              content-type: 'text/html'\n          body:\n              view: 'author.html'\n    - isTrap: true\n      expect:\n          method: GET\n          path: '/author/:Id'\n      reply:\n          status: 500\n          headers:\n              content-type: 'text/html'\n          body:\n              contents: \"You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 2\"\n```\n\nRead the configuration reference [here](./docs/config.md) or see the examples [here](./Examples). \n\n## Future work\n\n-   [x] Create examples folder to show HASH features\n-   [x] Ability to import API documentation formats (swagger ..etc)\n-   [x] Package hash as module for easier distribution\n-   [ ] Add capabilities for medium interactions\n-   [ ] Add popular honeytraps\n-   [ ] Add unit \u0026 integration tests\n\n## License and Contribution\n\nReleased under the Apache-2.0 license, contributions are welcome!\n\n## Contact\n\nFeel free to open an issue, or reach out at securitylabs@datadoghq.com.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdatadog%2Fhash","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdatadog%2Fhash","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdatadog%2Fhash/lists"}