A Simple SSH Honeypot in Go

Related tags

Security ssh-honeypot-go
Overview

ssh-honeypot-go

Go Report Card

Dependencies:

Build:

go build

or

go build -ldflags="-s -w"

for a lightweight binary.

Generate Host Private Key(not obligatory, default host key will be auto generated):

"> 
ssh-keygen -t <type> -b <bits> -N "" -f <output_filepath>
ssh-keygen -t rsa -b 2048 -N "" -f hostkey_rsa

Changing Username and Password:

Edit the config.json file.

Default:

{
	"creator": "Ex0dIa-dev",
	"auth": {
		"user": 	"root",
		"password": "toor"
	}
}

Usage:

./ssh-honeypot-go
./ssh-honeypot-go -port <port>
./ssh-honeypot-go -port <port> -notify
./ssh-honeypot-go -port <port> -notify -keyfile <host private key filepath>
./ssh-honeypot-go -port <port> -notify -log
./ssh-honeypot-go -port <port> -log-all

Example:

./ssh-honeypot-go -port 1234 -notify
./ssh-honeypot-go -port 1234 -keyfile hostkey_rsa -notify
./ssh-honeypot-go -port 1234 -keyfile hostkey_rsa -notify -log

Flags:

  • '-port' ==> enter the honeypot server port(default: 2222)
  • '-notify' ==> activate notifier service(default: false)
  • '-keyfile' ==> enter the filepath of host private key
  • '-log' ==> activate logging(logs path: "logs/")
  • '-log-all' ==> logging all attempts(terminal, and notification), failed too

TODO LIST:

  • adding a fake shell as sessionHandler
  • log collected ip addresses in a file
You might also like...
SingularityCE is the Community Edition of Singularity, an open source container platform designed to be simple, fast, and secure.

SingularityCE Guidelines for Contributing Pull Request Template Project License Documentation Support Citation SingularityCE is the Community Edition

Sylabs Inc. 398 Jan 5, 2023
Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place

cent Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one place Inst

null 461 Jan 9, 2023
🔑 A decentralized key derivation protocol for simple passphrase.

Throttled Identity Protocol (TIP) is a decentralized key derivation protocol, which allows people to obtain a strong secret key through a very simple passphrase, e.g. a six-digit PIN.

Mixin Network 40 Dec 25, 2022
Simple PKI for developers.

SimpleCA Have you ever been working with a technology and needed TLS certificates quickly? Perhaps you wanted to set up a PKI infrastructure for testi

Eamon Bauman 5 Mar 31, 2022
its a simple backdoor service that im making cuz i think that it could be cool its not finished but this is a cool project
its a simple backdoor service that im making cuz i think that it could be cool its not finished but this is a cool project

yackdoor its a simple backdoor service that im making cuz i think that it could be cool its not finished but this is a cool project how it looks backd

ranon rat 7 Aug 18, 2022
This is a simple version of user profile using Echo app.
This is a simple version of user profile using Echo app.

Overview It's an API of simple profile to CRUD profile user based on Echo framework. How to run it Run the application using the command in the termin

null 0 Nov 3, 2021
Simple attempt at making a program to Brute Force Gift codes for Roberts Space Industries AKA Star Citizen.
Simple attempt at making a program to Brute Force Gift codes for Roberts Space Industries AKA Star Citizen.

Roberts Space Industries: Gift Generator Simple attempt at making a program to Brute Force Gift codes for Roberts Space Industries AKA Star Citizen. I

SaturnsVoid 2 Nov 2, 2021
Simple password manager app in GO

Introduction This is my first project in Go, a password manager application. A humble attempt at execution of an idea I've had for some time now. The

Dhruv 12 Sep 13, 2022
Simple CLI to generate passwords

pwdrng Simple CLI to generate passwords $ pwdrng Copied password to clipboard: bfx861[X26-b^UT Installation and Usage With Homebrew $ brew tap docto

Perry 2 Apr 8, 2022
Releases(v0.2)

  • v0.2(Sep 15, 2021)

    Release v0.2

    Fixed some bugs and added new features.

    New Features:

    • Logging data to logFile in JSON
    • Added Donation Link in README.md

    Notes:

    actually can be runned only on Linux

    Source code(tar.gz)
    Source code(zip)

  • v0.1(Sep 11, 2021)

    Release v0.1

    Contains a ssh honeypot server written in go.

    Features:

    • Very lightweight binary
    • Runnable on docker
    • Logs captured data(user,password,ip address) in a file
    • Notification server for connection attempt

    Notes:

    actually can be runned only on Linux

    Source code(tar.gz)
    Source code(zip)
Owner
Luca
Italy Boy
Luca
GitHub
Webserver Log4j Honeypot With Golang

Webserver Log4j Honeypot This honeypots runs fake Webserver waiting to be exploited. Payload classes are saved to payloads directory. Forked from http

null 2 Dec 17, 2021
Ssh-lxd - A proof of concept for an ssh server that spawns a bash session inside a LXD container

SSH LXD A proof of concept for an ssh server that spawns a bash session inside a

Henning Dahlheim 2 Aug 16, 2022
🌰 encrypt/decrypt using ssh keys

ssh-vault ?? encrypt/decrypt using ssh private keys Documentation https://ssh-vault.com Usage $ ssh-vault -h Example: $ echo "secret" | ssh-vault -u

ssh-vault 364 Dec 30, 2022
Ladon Pentest Scanner framework 全平台Go开源内网渗透扫描器框架,Windows/Linux/Mac内网渗透,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。

Ladon Scanner For Golang Wiki http://k8gege.org/Ladon/LadonGo.html 简介 LadonGo一款开源内网渗透扫描器框架,使用它可轻松一键探测C段、B段、A段存活主机、指纹识别、端口扫描、密码爆破、远程执行、高危漏洞检测等。3.6版本包含2

null 1.1k Jan 6, 2023
Convert SSH Ed25519 keys to age keys. This is useful for usage in sops-nix and sops

ssh-to-age Convert SSH Ed25519 keys to age keys. This is useful for usage in sops-nix and sops Usage Exports the private key: $ ssh-to-age -private-ke

Jörg Thalheim 24 Dec 21, 2022
Driftwood is a tool that can enable you to lookup whether a private key is used for things like TLS or as a GitHub SSH key for a user.

Driftwood is a tool that can enable you to lookup whether a private key is used for things like TLS or as a GitHub SSH key for a user. Drift

Truffle Security 315 Dec 29, 2022
Go library to create/verify armored SSH signatures

Armored ssh signatures in go Package sshsig implements signing/verifying armored SSH signatures. You can use this package to sign data and verify sign

Wim 3 Sep 18, 2022
A simple Go script to brute force or parse a password-protected PKCS#12 (PFX/P12) file.

A simple Go script to brute force or parse a password-protected PKCS#12 (PFX/P12) file.

Evi1cg 34 Oct 14, 2022
A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

age age is a simple, modern and secure file encryption tool, format, and library. It features small explicit keys, no config options, and UNIX-style c

Filippo Valsorda 12.4k Dec 28, 2022
simple webshell scanner

shellboy ShellBoy is a useful web shell finder. It simply knows the signatures of active or inactive webshells on the market and looks for these signa

Oğuzhan YILMAZ 39 Dec 18, 2022