https://github.com/qeeqbox/seahorse
ELKFH - Elastic, Logstash, Kibana, Filebeat and Honeypot (HTTP, HTTPS, SSH, RDP, VNC, Redis, MySQL, MONGO, SMB, LDAP)
https://github.com/qeeqbox/seahorse
elastic filebeat honeypot http https kibana ldap logstash mongo mysql rdp redis smb ssh vnc
Last synced: 2 months ago
JSON representation
ELKFH - Elastic, Logstash, Kibana, Filebeat and Honeypot (HTTP, HTTPS, SSH, RDP, VNC, Redis, MySQL, MONGO, SMB, LDAP)
- Host: GitHub
- URL: https://github.com/qeeqbox/seahorse
- Owner: qeeqbox
- License: agpl-3.0
- Created: 2020-08-24T23:39:45.000Z (almost 5 years ago)
- Default Branch: master
- Last Pushed: 2021-04-26T02:20:37.000Z (about 4 years ago)
- Last Synced: 2025-03-27T08:11:17.758Z (3 months ago)
- Topics: elastic, filebeat, honeypot, http, https, kibana, ldap, logstash, mongo, mysql, rdp, redis, smb, ssh, vnc
- Language: Python
- Homepage:
- Size: 5.87 MB
- Stars: 45
- Watchers: 5
- Forks: 11
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
#
[](https://github.com/qeeqbox/seahorse/blob/master/changes.md) [](https://github.com/qeeqbox/seahorse/blob/master/changes.md) [](https://github.com/qeeqbox/seahorse/stargazers)
ELKFH (Elastic, Logstash, Kibana, Filebeat and Honeypot) system for monitoring security tools that interact with (HTTP, HTTPS, SSH, RDP, VNC, Redis, MySQL, MONGO, SMB, LDAP)
## Kibana Interface
## General Features
- Logs are accessible via Kibana
- All services running in one container using supervisord
- Ingress sniffer, layers and packet parser
## Install and run
#### On Ubuntu 18 or 19 System (Auto-configure)
```bash
git clone https://github.com/qeeqbox/seahorse.git
cd seahorse
chmod +x ./run.sh
./run.sh auto_configure
Wait ~2-10 mins until the web browser opens up (until seahorse_initializer_1 exit with 0) - username is elastic and password is changeme
```
## Current Servers
- HTTP (Apache)
- HTTPS (Apache)
- SSH (Custom OpenSSH)
- FTP (vsftpd)
- SMB (samba)
- ldap (slapd)
- VNC (tightvncserver)
- RDP (xrdp)
- Redis (redis-server)
- Mysql (mysql-community-server)
## Changes
- 2020.V.01.01
## Roadmap
- Add more services
## Resources
`elastic, scapy`
## Other Licenses
By using this framework, you are accepting the license terms of all these packages: `elasticsearch, logstash, kibana, filebeat, openbsd, openbsd, Zlib, build-essential, libssl-dev, lsof, supervisord, rsyslog, openldap, mysql, redis, mongodb, Samba, Vsftpd, db-util, tvnserver, xrdp, apache, iptables, tcpdump, nmap, iputils-ping, python, Pip, psycopg, psmisc, dnsutils, python-ldap, FreeRDP, net-tools, sshpass, paramiko, connector-python, mongo-python-driver, pysmb, vncdotool, requests, cryptography`
## Disclaimer\Notes
- Do not deploy without proper configuration
- Setup some security group rules and remove default credentials
- Please let me know if i missed a resource or dependency
## Other Projects
[](https://github.com/qeeqbox/social-analyzer) [](https://github.com/qeeqbox/analyzer) [](https://github.com/qeeqbox/chameleon) [](https://github.com/qeeqbox/osint) [](https://github.com/qeeqbox/honeypots) [](https://github.com/qeeqbox/url-sandbox) [](https://github.com/qeeqbox/mitre-visualizer) [](https://github.com/qeeqbox/woodpecker) [](https://github.com/qeeqbox/docker-images) [](https://github.com/qeeqbox/rhino)