{"id":13585398,"url":"https://github.com/fofapro/fapro","last_synced_at":"2025-05-14T16:03:07.617Z","repository":{"id":39891668,"uuid":"404975701","full_name":"fofapro/fapro","owner":"fofapro","description":"Fake Protocol Server","archived":false,"fork":false,"pushed_at":"2025-01-02T03:21:11.000Z","size":50939,"stargazers_count":1575,"open_issues_count":11,"forks_count":180,"subscribers_count":31,"default_branch":"master","last_synced_at":"2025-04-13T20:18:54.501Z","etag":null,"topics":["elasticsearch","ftp","imap","mssql","mysql","network","oracle","pop3","postgresql","protocols","rdp","rtsp","samba","simulation","smtp","snmp","ssh","tns"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fofapro.png","metadata":{"files":{"readme":"README-CN.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-09-10T06:13:46.000Z","updated_at":"2025-04-12T03:19:12.000Z","dependencies_parsed_at":"2025-01-19T05:30:27.623Z","dependency_job_id":"cfa4bea2-21be-401b-b167-4dd087195266","html_url":"https://github.com/fofapro/fapro","commit_stats":{"total_commits":77,"total_committers":2,"mean_commits":38.5,"dds":"0.012987012987012991","last_synced_commit":"9797d660e3e92e1016e3a6d1090c139d0f46628c"},"previous_names":[],"tags_count":32,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fofapro%2Ffapro","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fofapro%2Ffapro/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fofapro%2Ffapro/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fofapro%2Ffapro/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fofapro","download_url":"https://codeload.github.com/fofapro/fapro/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248775206,"owners_count":21159567,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["elasticsearch","ftp","imap","mssql","mysql","network","oracle","pop3","postgresql","protocols","rdp","rtsp","samba","simulation","smtp","snmp","ssh","tns"],"created_at":"2024-08-01T15:04:55.256Z","updated_at":"2025-04-13T20:19:02.266Z","avatar_url":"https://github.com/fofapro.png","language":"Python","readme":"\n\u003ch1 align=\"center\"\u003e\n\u003cimg src=\"docs/fapro.png\" alt=\"\" width=\"32\" height=\"32\"/\u003e\n  FaPro\n  \u003cbr\u003e\n\u003c/h1\u003e\n\n\u003ch5 align=\"center\"\u003e免费、跨平台、单文件部署的网络协议服务端模拟器\u003c/h5\u003e\n\n![platform](https://img.shields.io/badge/platform-cross-important?color=%23189000)\n[![latest release version](https://img.shields.io/github/v/release/fofapro/fapro)](https://github.com/fofapro/fapro/releases)\n[![discord](https://img.shields.io/discord/891889408524038155?label=discord\u0026logo=Discord\u0026color=blue)](https://discord.gg/Eaz9dzV4AP)\n\n## [README of English](README.md)\n\n## 简介\n\nFaPro是一个服务端协议模拟工具,可以轻松启停多个网络服务。\n\n目标是支持尽可能多的协议，每个协议尽可能提供深度的交互支持。\n\n[示例网站](https://faweb.fofapro.com/)\n\n## 特性\n\n- 支持的运行模式\n  - [x] 本地模式\n  - [x] 虚拟网络\n- 支持的网络协议\n  - [x] DNS\n  - [x] DCE/RPC\n  - [x] EIP\n  - [x] Elasticsearch\n  - [x] FTP\n  - [x] HTTP\n  - [x] IEC 104\n  - [x] Memcached\n  - [x] Modbus\n  - [x] MQTT\n  - [x] MySQL\n  - [x] RDP\n  - [x] Redis \n  - [x] S7 \n  - [x] SMB\n  - [x] SMTP\n  - [x] SNMP\n  - [x] SSH \n  - [x] Telnet \n  - [x] VNC\n  - [x] IMAP\n  - [x] POP3\n  - [x] NTP\n  - [x] RTSP\n  - [x] PORTMAP\n  - [x] PostgreSQL\n  - [x] SIP\n  - [x] SSDP\n  - [x] BACnet\n  - [x] Oracle TNS\n  - [x] AMQP\n  - [x] NFS\n  - [x] COAP\n  - [x] WEMO\n  - [x] DHT\n  - [x] Ethereum\n  - [x] SOCKS5 \n  - [x] EOS.IO\n  - [x] ONVIF\n  - [x] NetBIOS\n  - [x] WebLogic\n  - [x] ICAP\n  - [x] MSSQL\n  - [x] LDAP\n  - [x] IKE\n  - [x] Fox\n  - [x] DNP3\n  - [x] OMRON\n  - [x] GE-SRTP\n  - [x] MongoDB\n  - [x] Java-RMI\n  - [x] PCWorx\n  - [x] Cassandra\n  - [x] RedLion-Crimson3\n  - [x] PPTP\n  - [x] L2TP\n  - [x] Melsecq-discover\n  - [x] Winbox\n\n- 使用TcpForward进行端口转发\n- 支持tcp syn请求记录\n- 支持ping请求记录\n- 支持udp数据包记录\n- 支持SSL ja3指纹\n- 支持ip限速控制\n\n## 协议模拟演示\n### Rdp\n支持 credssp ntlmv2 nla 认证。\n\n支持配置用户登陆时的图片。\n![RDP demo](docs/rdp.gif)\n\n### SSH \n支持用户登陆。\n支持部分终端命令，比如id、uid、whoami等。\n\n账户格式: username:password:home:uid\n![SSH demo](docs/ssh.gif)\n\n### IMAP \u0026 SMTP \n支持用户登陆并进行交互。\n\n![IMAP \u0026 SMTP demo](docs/imap_smtp.gif)\n\n### Mysql \n支持sql语句查询交互。\n\n![Mysql demo](docs/mysql.gif)\n\n### FTP \n支持用户登陆并进行交互。\n\n![Ftp demo](docs/ftp.gif)\n\n### Oracle and BACnet\n当前只支持nmap指纹欺骗\n\n![tns and BACnet demo](docs/oracle_bacnet.gif)\n\n### Telnet\n支持登录与交互\n\n![Telnet demo](docs/telnet.gif)\n\n### Redis \n支持登录与交互\n\n![Redis demo](docs/redis.gif)\n\n### Elasticsearch\n支持基本信息\n\n![Elasticsearch demo](docs/elasticsearch.gif)\n\n### AMQP \n支持登录与交互\n\n![AMQP demo](docs/amqp.gif)\n\n### COAP \n当前只支持nmap指纹欺骗\n\n![COAP demo](docs/coap.gif)\n\n### HTTP\n支持网站克隆。\n需要安装chrome浏览器和[chrome driver](https://chromedriver.chromium.org/downloads)才能使用。\n\n## 使用指南\n\n### 生成配置\n可以使用genConfig子命令生成所有协议和参数的配置文件。\n   \n使用172.16.0.0/16子网生成配置文件:\n```shell \nfapro genConfig -n 172.16.0.0/16 \u003e fapro.json\n```\n\n或者使用本机地址，不创建虚拟网络:\n```shell \nfapro genConfig \u003e fapro.json\n```\n\n只创建ssh协议的配置:\n```shell \n./fapro genConfig -p ssh\n```\n\n### 运行协议模拟器\n使用Verbose模式运行FaPro, 并在8080端口启动web服务:\n```shell\nfapro run -v -l :8080\n```\n\n### Tcp syn记录\n对于windows用户，请先安装[winpcap](https://www.winpcap.org/install/)或[npcap](https://nmap.org/npcap/)。\n\n\n## 日志分析\n使用ELK分析协议日志，例如:\n![FaPro Kibana](docs/FaProLogs.jpg)\n\n\n## 配置文件\n配置文件的简单介绍:\n\n```json\n{\n     \"version\": \"0.65\",\n     \"network\": \"127.0.0.1/32\",\n     \"network_build\": \"localhost\",\n     \"storage\": null,\n     \"geo_db\": \"/tmp/geoip_city.mmdb\",\n     \"hostname\": \"fapro1\",\n     \"use_logq\": true,\n     \"cert_name\": \"unknown\",\n     \"syn_dev\": \"any\",\n     \"udp_dev\": \"any\",\n     \"icmp_dev\": \"any\",\n     \"limiter\": {\n         \"period\": 10,\n         \"count\": 3,\n         \"block_period\": 20\n     },\n     \"exclusions\": [],\n     \"hosts\": [\n         {\n             \"ip\": \"127.0.0.1\",\n             \"handlers\": [\n                 {\n                     \"handler\": \"dcerpc\",\n                     \"port\": 135,\n                     \"params\": {\n                         \"accounts\": [\n                             \"administrator:123456\",\n                         ],\n                         \"domain_name\": \"DESKTOP-Q1Test\"\n                     }\n                 }\n             ]\n         }\n     ]\n}\n```\n\n - version: 配置文件版本号\n - network: 虚拟网络使用的子网，或者本机模式下绑定的ip地址\n - network_build: 网络模式(支持: localhost, all, userdef)\n   - localhost: 本地模式，所有服务在本机监听\n   - all: 创建虚拟网络中的所有主机(子网中的所有主机都可以ping通)\n   - userdef: 只创建hosts配置中指定的主机\n - storage: 指定日志收集的存储, 支持sqlite, mysql, elasticsearch. 示例:\n   - sqlite3:logs.db\n   - mysql://user:password@tcp(127.0.0.1:3306)/logs\n   - es://http://username:password@127.0.0.1:9200  (目前只支持Elasticsearch v7.x)\n - geo_db: MaxMind geoip2数据库的文件路径, 用于生成ip地理位置信息. 如果使用了Elasticsearch日志存储,则不需要此字段，将会使用Elasticsearch自带的geoip生成地理位置。\n - hostname: 指定日志中的host字段。\n - use_logq: 使用基于本地磁盘的消息队列保存日志，然后发送到远程mysql或Elasticsearch,防止日志丢失。\n - cert_name: 指定生成证书的公共名。\n - syn_dev: 指定捕获tcp syn包使用的网卡，如果为空则不记录tcp syn包。在windows上，网卡名称类似于 \"\\Device\\NPF_{xxxx-xxxx}\"。\n - udp_dev: 与syn_dev相同，记录udp数据包。\n - icmp_dev: 与syn_dev相同，记录icmp ping数据包。\n - limiter: ip限速配置,在指定时间段内(period)访问超过设定的次数(count)则封禁指定的时间(block_period)。\n   - period: ip限制访问的时间段(单位为分钟)\n   - count: ip在时间段内访问的最大次数\n   - block_period: 超过ip访问限制后的封禁时间(单位为分钟)\n - exclusions: 从日志记录中排除指定的remote ip。\n - hosts: 主机列表，每一项为一个主机配置\n - handlers: 服务列表，每一项为一个服务配置\n - handler: 服务名(协议名)\n - params: 设置服务支持的参数\n \n### 示例\n使用子网172.16.0.0/24创建一个虚拟网络，包含2个主机:\n\n172.16.0.3 运行dns、ssh服务\n\n172.16.0.5 运行rpc、rdp服务\n\n协议访问日志保存到elasticsearch，排除远程ip为127.0.0.1和8.8.8.8的日志。\n```json\n{\n    \"version\": \"0.65\",\n    \"network\": \"172.16.0.0/24\",\n    \"network_build\": \"userdef\",\n    \"storage\": \"es://http://127.0.0.1:9200\",\n    \"use_logq\": true,\n    \"cert_name\": \"unknown\",\n    \"syn_dev\": \"any\",\n    \"udp_dev\": \"any\",\n    \"icmp_dev\": \"any\",\n    \"exclusions\": [\"127.0.0.1\", \"8.8.8.8\"],\n    \"geo_db\": \"\",\n    \"hosts\": [\n        {\n            \"ip\": \"172.16.0.3\",\n            \"handlers\": [\n               {\n                    \"handler\": \"dns\",\n                    \"port\": 53,\n                    \"params\": {\n                        \"accounts\": [\n                            \"admin:123456\"\n                        ],\n                        \"appname\": \"domain\"\n                    }\n                },\n                {\n                    \"handler\": \"ssh\",\n                    \"port\": 22,\n                    \"params\": {\n                        \"accounts\": [\n                            \"root:5555555:/root:0\"\n                        ],\n                        \"prompt\": \"$ \",\n                        \"server_version\": \"SSH-2.0-OpenSSH_7.4\"\n                    }\n                }\n            ]\n        },\n        {\n            \"ip\": \"172.16.0.5\",\n            \"handlers\": [\n                {\n                    \"handler\": \"dcerpc\",\n                    \"port\": 135,\n                    \"params\": {\n                        \"accounts\": [\n                            \"administrator:123456\"\n                        ],\n                        \"domain_name\": \"DESKTOP-Q1Test\"\n                    }\n                },\n                {\n                    \"handler\": \"rdp\",\n                    \"port\": 3389,\n                    \"params\": {\n                        \"accounts\": [  \n                            \"administrator:123456\"\n                        ],\n                        \"auth\": false,\n                        \"domain_name\": \"DESKTOP-Q1Test\",\n                        \"image\": \"rdp.jpg\",\n                        \"sec_layer\": \"auto\"\n                    }\n                }\n            ]\n        }\n    ]\n}\n\n```\n\n### 一键克隆ip服务配置\n\n使用[脚本](scripts/README-CN.md)中的ipclone.py脚本，可以实现从[fofa](https://fofa.so)中克隆ip服务配置，快速生成真实设备的服务配置。\n\n![fofa_clone](docs/fofa_clone.gif)\n\n## 学习更多\n- [如何打造一个网络扫描分析平台 - Part I](./howto/howto_CN_1.md)\n- [如何打造一个网络扫描分析平台 - Part II](./howto/howto_CN_2.md)\n- [如何使用FaPro批量模拟设备](./howto/rule.md)\n- [Discord](https://discord.gg/Eaz9dzV4AP)\n\n## 常见问题\n我们收集了一些[常见问题](FAQ.md). 报告issue前，请先看看常见问题集中是否有你要找的答案。\n\n## 贡献\n* 欢迎提issue。\n  \n\n","funding_links":[],"categories":["Python","Honeypots"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffofapro%2Ffapro","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffofapro%2Ffapro","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffofapro%2Ffapro/lists"}