{"id":24178019,"url":"https://github.com/whxitte/honeypot","last_synced_at":"2026-03-05T07:02:53.671Z","repository":{"id":251734270,"uuid":"838285250","full_name":"whxitte/Honeypot","owner":"whxitte","description":"A vulnerable honeypot setup using Flask and SSH to capture and analyze malicious activities. Includes real-time logging and monitoring to study attack patterns and exploit attempts","archived":false,"fork":false,"pushed_at":"2024-12-13T05:22:29.000Z","size":51,"stargazers_count":3,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-02T17:15:02.047Z","etag":null,"topics":["firewall","hacking","hacking-tool","honeypot","ids","intrusion-detection-system","log-analysis","logging","monitoring","monitoring-tool","network-analysis","network-security","web-security"],"latest_commit_sha":null,"homepage":"","language":"HTML","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/whxitte.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-08-05T10:30:43.000Z","updated_at":"2024-12-13T05:22:33.000Z","dependencies_parsed_at":"2024-12-13T06:23:54.435Z","dependency_job_id":"f0ef66e2-32cf-40e9-a36d-1c299911c95b","html_url":"https://github.com/whxitte/Honeypot","commit_stats":null,"previous_names":["wh1t3-e4gl3/honeypot","whxitte/honeypot"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whxitte%2FHoneypot","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whxitte%2FHoneypot/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whxitte%2FHoneypot/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/whxitte%2FHoneypot/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/whxitte","download_url":"https://codeload.github.com/whxitte/Honeypot/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":241541451,"owners_count":19979121,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["firewall","hacking","hacking-tool","honeypot","ids","intrusion-detection-system","log-analysis","logging","monitoring","monitoring-tool","network-analysis","network-security","web-security"],"created_at":"2025-01-13T04:22:40.830Z","updated_at":"2026-03-05T07:02:53.416Z","avatar_url":"https://github.com/whxitte.png","language":"HTML","funding_links":["https://buymeacoffee.com/whxitte"],"categories":[],"sub_categories":[],"readme":"# Honeypot Project\n\n[![](https://visitcount.itsvg.in/api?id=whxitte\u0026label=Repo%20Views%20Count\u0026color=0\u0026icon=5\u0026pretty=false)](https://visitcount.itsvg.in) [![\"Buy Me A Coffee\"](https://www.buymeacoffee.com/assets/img/custom_images/orange_img.png)](https://buymeacoffee.com/whxitte)\n\n\n\nA simple honeypot implementation to capture and monitor malicious activity. This project uses Flask to create a vulnerable web application and sets up an SSH service for attackers to interact with. It includes logging and monitoring scripts to track and analyze the activity.\n\n**_Project Ongoing...⌛_**\n\n![honeypotrun](https://github.com/user-attachments/assets/ad39a6f7-fcfc-4052-a0de-d88deba95d44)\n\n\n## Table of Contents\n\n- [Features](#features)\n- [Installation](#installation)\n- [Setup](#setup)\n- [Usage](#usage)\n- [Monitoring](#monitoring)\n- [Notes](#notes)\n- [License](#license)\n\n## Features\n\n- Flask-based vulnerable web application\n- SSH service configured with weak credentials\n- Logging of commands executed via the web application\n- Real-time monitoring of honeypot logs\n- More features coming soon...⌛\n\n0. **Pre Setup**\n   \n   Create a new user on your system for making that account as the Honeypot.\n   \n      sudo useradd -m -s /bin/bash vulnerableuser # change vulnerable user to your desired username\n      sudo passwd vulnerableuser  # Set a weak password like 'password123 or admin or root'\n   \n\n\n## Installation\n\n1. **Clone the repository:**\n\n    ```bash\n    git clone https://github.com/whxitte/Honeypot.git\n    cd Honeypot\n    ```\n\n2. **Create and activate a Python virtual environment:**\n\n    ```bash\n    python -m venv honeypot-env\n    source honeypot-env/bin/activate  # For Windows use `honeypot-env\\Scripts\\activate`\n    ```\n\n3. **Install the required Python packages:**\n\n    ```bash\n    pip install -r requirements.txt\n    ```\n\n4. **Install and configure SSH:**\n\n    ```bash\n    sudo apt-get install openssh-server\n    sudo nano /etc/ssh/sshd_config\n    ```\n\n    Edit the SSH configuration file (`/etc/ssh/sshd_config`) to allow password authentication. Add or modify the following lines:\n\n    ```\n    PermitRootLogin yes\n    PasswordAuthentication yes\n    PermitEmptyPasswords yes  # Optional, but increases vulnerability\n    ```\n\n    Restart the SSH service:\n\n    ```bash\n    sudo systemctl restart ssh\n    ```\n\n## Setup\n\n1. **Run the Flask application and SSH service:**\n\n    ```bash\n    sudo su\n    ./run_honeypot.sh\n    ```\n\n2. **Monitor logs in real-time:**\n\n    ```bash\n    \u003e\u003e tail -f /var/log/auth.log  # For SSH logs\n    or\n    \u003e\u003e sudo journalctl -u ssh -f (if above command for ssh not works)\n    or check ssh log in your system / monitor it live \n    \n    \u003e\u003e tail -f /var/log/honeypot.log  # For Flask app logs\n    ```\n\n## Usage\n\n- Access the vulnerable web application at [http://localhost](http://localhost)\n- Use the `/vulnerable` endpoint to execute commands. For example:\n\n    ```bash\n    http://localhost/vulnerable?cmd=ls\n    ```\n\n- The output of commands and any errors will be logged in `/var/log/honeypot.log`.\n\n## Monitoring\n\nTo monitor the honeypot activity, you can use the `monitor_honeypot.py` script:\n\n    ```bash\n    python monitor_honeypot.py\n    ```\n\nThis script will print new log entries in a formatted table in real-time.\n\n## Notes\n\n- Make sure to adjust permissions and configurations based on your security needs.\n- This setup is intentionally vulnerable for educational purposes and should not be used in a production environment.\n\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwhxitte%2Fhoneypot","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwhxitte%2Fhoneypot","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwhxitte%2Fhoneypot/lists"}