HoneyHTTPD
HoneyHTTPD is a Python-based web server honeypot framework. It makes it easy to set up fake web servers and record the requests given to it.
This information can be logged to different places, the currently supported outputs are:
- Files
- ElasticSearch
HoneyPoke supports both Python2 and Python 3.
Installation
- Clone or download this repo
- Install dependencies:
- Python 2:
sudo pip -r requirements2.txt
- Python 3:
sudo pip3 -r requirements3.txt
- Python 2:
- Be sure the
large
andlogs
directories are writeable by the user and group you plan to have HoneyHTTPD running under.
Setup
- Copy
config.json.default
toconfig.json
Modify the config file.loggers
enables and disables loggers. This done with theactive
key under the respective loggers. Some may need extra configuation, which is in theconfig
key.servers
contains a list of servers you want to run. Each entry has the following keys: *handler
indicates the server module in theservers
directory to use for that port *mode
is eitherhttp
orhttps
which indicates if the server should return normal HTTP or HTTPS *port
is the port to run on *domain
indicates the "domain" this server is running *timeout
is the timeout for requests *cert_path
is only required when inhttps
mode. This is the path to the server certificate in the PEM format.user
is the user you want the script to drop privileges togroup
is the group you want the script to drop privileges to
- Run HoneyHTTPD with:
- Python 2
sudo python2 start.py --config config.json
- Python 3
sudo python3 start.py --config config.json
- Python 2
Making Server Modules
Server modules live in the servers
directory. They are classes that handle the HTTP requests. These modules must inherit from the Server
class in lib.server
. The class name and the name of the server module file must be the same. Modules can inherit from other server modules to build on their functionality.
Generating SSL certificates
openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes
From here.
Contributing
Go at it! Open an issue, make a pull request, fork it, etc.
License
This project is licensed under the GNU General Public License (GPL) v3.0