Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

https://github.com/honeynet/ghost-usb-honeypot

A honeypot for malware that propagates via USB storage devices
https://github.com/honeynet/ghost-usb-honeypot

Last synced: 2 months ago
JSON representation

A honeypot for malware that propagates via USB storage devices

Lists

README

        

README

Ghost is a honeypot for malware that uses USB storage devices
for propagation. It is able to capture such malware without
any further knowledge -- in particular, it doesn't need signatures
or the like to accomplish its task.

Detection is achieved by emulating a USB flash drive on
Windows systems and observing the emulated device. The assumption
is that on an infected machine the malware will eventually
copy itself to the removable device.

See http://code.google.com/p/ghost-usb-honeypot/ for more details.