https://github.com/teamdefronix/defroxpot
DefroxPot is a honeypot project designed to detect, monitor, and analyze malicious activity in a controlled environment. This project aims to provide cybersecurity enthusiasts and professionals with a powerful tool to study attack patterns, improve defensive strategies, and enhance security awareness.
https://github.com/teamdefronix/defroxpot
cybersecurity defronix defroxpot django flask hacker hacking hacking-tool honeypot python python-hacking-tools python3 security
Last synced: about 2 months ago
JSON representation
DefroxPot is a honeypot project designed to detect, monitor, and analyze malicious activity in a controlled environment. This project aims to provide cybersecurity enthusiasts and professionals with a powerful tool to study attack patterns, improve defensive strategies, and enhance security awareness.
- Host: GitHub
- URL: https://github.com/teamdefronix/defroxpot
- Owner: TeamDefronix
- License: mit
- Created: 2024-07-02T10:25:35.000Z (12 months ago)
- Default Branch: main
- Last Pushed: 2024-07-08T09:24:47.000Z (12 months ago)
- Last Synced: 2025-05-05T05:03:07.222Z (about 2 months ago)
- Topics: cybersecurity, defronix, defroxpot, django, flask, hacker, hacking, hacking-tool, honeypot, python, python-hacking-tools, python3, security
- Language: Perl
- Homepage: https://defronix.com/
- Size: 8.18 MB
- Stars: 8
- Watchers: 1
- Forks: 5
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
DefroxPot
Description
DefroxPot is a honeypot project designed to detect, monitor, and analyze malicious activity in a controlled environment. This project aims to provide cybersecurity enthusiasts and professionals with a powerful tool to study attack patterns, improve defensive strategies, and enhance security awareness.
---
**[
Variants
][Variants]**
**[
Install
][Install]**
**[
Dependencies
][Dependencies]**
**[
Usage
][Usage]**
**[
Screenshots
][ScreenShots]**
**[
Contributors
][Contributors]**
---
[Variants]: #Variants
[Install]: #Installation
[Dependencies]: #Dependencies
[Usage]: #Usage
[Screenshots]: #Screenshots
[Contributors]: #Contributors
# Variants
### Web Honeypot
The Web Honeypot simulates a vulnerable website to attract and analyze web-based attacks.
#### Features
**Web Logging**
- Records all HTTP requests and responses
- Logs IP addresses, session details, user agents, user IDs, and paths visited
- Captures keystrokes through the website
**File Analysis**
- Analyzes files uploaded by attackers to check for malicious content
- Extracts metadata from the uploaded files
**Dashboard**
- Provides a dashboard for real-time monitoring
### Network Honeypot
The Network Honeypot mimics a network environment to detect, log and analyze network-based attacks.
#### Features
**Network Logging**
- Captures and logs all network traffic
- Records IP addresses and authentication attempts via FTP or SSH services (whichever you run)
**Deceptive Environment**
- Creates a deceptive environment to trap attackers
- Simulates various network services to attract malicious activity
# Installation
1. **Clone the repository:**
```bash
git clone https://github.com/TeamDefronix/DefroxPot
cd honeypot
```
2. **Install dependencies:**
```bash
pip install -r requirements.txt
```
3. **Configure the honeypot:**
```bash
python manage.py migrate
python manage.py createsuperuser
```
**Note**: `python manage.py createsuperuser` is required to create for managing the DefroxPot tool
4. **Start the honeypot:**
```bash
python manage.py runserver
```
You will receive a URL with port 8000. Open this URL in your browser to access the admin panel.
# Dependencies
- Apart from what is in `requirements.txt` ExifTool is also required to extract metadata from images. You can visit the official website [https://exiftool.org]
- Virus total has been used to check malicious content if uploaded by an attacker [https://www.virustotal.com]
**You can visit the following URLs to check software authenticity.**
`exiftool.exe` (Windows): https://www.virustotal.com/gui/file/e9bfbb1ae99f3b5587f926393c3e9ccd86ad7e03a779a06f5e68601a6a85a714
`exiftool` (Linux): https://www.virustotal.com/gui/file/4827ade560b85f0877c635fd7e32144e9196f4fa256cc504c42f8593cc79a32b
# Technology Stack
### Essential Python Libraries
`Django`: A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
`Flask`: A lightweight WSGI web application framework in Python.
`paramiko`: A library for making SSH2 connections.
`pyftpdlib`: A library for creating FTP servers.
`bcrypt`: Library for hashing passwords in a secure manner.
`blinker`: Provides support for creating signals and listening to them, often used in Flask applications.
`certifi`: Provides Mozilla’s CA Bundle, useful for SSL verification.
`cryptography`: Provides cryptographic recipes and primitives.
`itsdangerous`: Provides various helpers to pass trusted data to untrusted environments.
`pycparser`: A C parser and AST generator written in Python.
`PyNaCl`: Python binding to the Networking and Cryptography (NaCl) library.
# Usage
### Website
- Navigate to the `Setup` tab and launch the web setup. You will receive a URL with port 5000 that is intended to be accessed by an attacker.
- `File Analysis`, `Photo`, `Keylogger` and `Website` tabs belong to Web honeypot. You can navigate to check logs.
### Network
- Navigate to the `Setup` tab and launch the network setup. The `ssh` and `ftp` will be started that is intended to be accessed by an attacker.
- `Network` tabs belong to network honeypot. You can navigate to check logs.
# Screenshots
# Contacts
# Support
*This tool is currently a prototype and can be further improved. If you have more context or specific improvements in mind, We can tailor the further requirements to fit your needs*
Thanks To All Contributors
