Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/Ben0xA/HoneyCreds
HoneyCreds network credential injection to detect responder and other network poisoners.
https://github.com/Ben0xA/HoneyCreds
Last synced: 22 days ago
JSON representation
HoneyCreds network credential injection to detect responder and other network poisoners.
- Host: GitHub
- URL: https://github.com/Ben0xA/HoneyCreds
- Owner: Ben0xA
- License: gpl-3.0
- Created: 2020-10-30T13:55:56.000Z (about 4 years ago)
- Default Branch: main
- Last Pushed: 2021-11-05T13:38:49.000Z (about 3 years ago)
- Last Synced: 2024-08-05T17:45:07.235Z (4 months ago)
- Language: Python
- Size: 203 KB
- Stars: 213
- Watchers: 7
- Forks: 38
- Open Issues: 2
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- awesome-hacking-lists - Ben0xA/HoneyCreds - HoneyCreds network credential injection to detect responder and other network poisoners. (Python)
README
# HoneyCreds
HoneyCreds network credential injection to detect responder and other network poisoners.
![HoneyCreds Screenshot](/honeycreds_screenshot.png?raw=true "HoneyCreds Screenshot")
![HoneyCreds Splunk Detection](/splunk_detection.png?raw=true "HoneyCreds Splunk Detection")# Requirements
```
Requires Python 3.6+ (tested on Python 3.9)
smbprotocol
cffi
splunk-sdk
```# Installation
```
git clone https://github.com/Ben0xA/HoneyCreds.git
cd HoneyCreds
pip3 install -r requirements.txt
```# Running
```
python3 honeycreds.py
```# Settings
It is advised that you change these settings to best suit your environment. Note: You can use an existing account, just change the password.Change these in honeycreds.conf
Choose a legit looking username
```python
def_username = 'honeycreds'
```This can match your current Short Domain
```python
def_domain = 'XQQX'
```Make this whatever you want. Note: HTTP requests will send this in plaintext
```python
def_password = 'This is a honey cred account.'
```The FQDN. Leave .local at the end.
```python
def_fqdn = 'xqqx.local'
```The hostname that DOES NOT EXIST but looks legit.
```python
def_hostname = 'HNECRD01'
```The log file and location
```python
def_logfile = 'honeycreds.log'
```Ability to turn SMB or HTTP on or off. Set to "OFF" to turn off.
```python
SMB = 'ON'
HTTP = 'ON'
```
The time to pause in seconds between requests.
```python
SMB_SLEEP = 5
HTTP_SLEEP = 12
```