Skip to content
Branch: master
Go to file

Latest commit

puneet29 committed 2aca0d8 Mar 17, 2020
* Fixes #134

* Removed superuser checks

* Fixed the cloner constructor parameter

* Updated quick start documentation

* Fixed clone

* Fixed conflicts

* Fixed snare copy typo

* Fixed bin/snare

* Updated snare and clone as requested

* Fixed snare_setup

* Fixed markdown readability

* Fixed bugs

* Small bug fix

* Fixed test cases

* Small bug fix

* Fixed the test cases, finally

* Resolved conflicts

* Updated Quick Start docs

* Fixed coverage problem

* Fixed test cases for tanner handler

* Fixed snare tests

* Added unit test for check_privileges util


Failed to load latest commit information.
Latest commit message
Commit time


Documentation Status Build Status Coverage Status

Super Next generation Advanced Reactive honEypot


SNARE is a web application honeypot sensor attracting all sort of maliciousness from the Internet.


The documentation can be found here.

Basic Concepts

  • Surface first. Focus on the attack surface generation.
  • Sensors and masters. Lightweight collectors (SNARE) and central decision maker (tanner).

Getting started

  • You need Python3.6 to run SNARE
  • This was tested with a recent Ubuntu based Linux.

Steps to setup

  1. Get SNARE: git clone and cd snare
  2. [Optional] Make virtual environment: python3 -m venv venv
  3. [Optional] Activate virtual environment: . venv/bin/activate

Note: Do not use sudo with below commands if you're running snare in virtual environment.

  1. Install requirements: sudo pip3 install -r requirements.txt
  2. Setup snare: sudo python3 install
  3. Clone a page: sudo clone --target --path <path to base dir>
  4. Run SNARE: sudo snare --port 8080 --page-dir --path <path to base dir>
  5. Test: Visit http://localhost:8080/index.html
  6. (Optionally) Have your own tanner service running.

[Note : Cloner clones the whole website, to restrict to a desired depth of cloning add --max-depth parameter]

Docker build instructions

  1. Change current directory to snare project directory
  2. docker-compose build
  3. docker-compose up
  4. Snare will start on with port 80. More information about running docker-compose can be found here.

In case of an error while running docker-compose up, check the availability of port 80, if it is occupied then refer to Docker documentation to change the default port.

You obviously want to bind to and port 80 when running in production.


In order to run the tests and receive a test coverage report, we recommend running pytest:

    pip install pytest pytest-cov
    sudo pytest --cov-report term-missing --cov=snare snare/tests/

Sample Output

    # sudo snare --port 8080 --page-dir

       _____ _   _____    ____  ______
      / ___// | / /   |  / __ \/ ____/
      \__ \/  |/ / /| | / /_/ / __/
     ___/ / /|  / ___ |/ _, _/ /___
    /____/_/ |_/_/  |_/_/ |_/_____/

    privileges dropped, running as "nobody:nogroup"
    serving with uuid 9c10172f-7ce2-4fb4-b1c6-abc70141db56
    Debug logs will be stored in /opt/snare/snare.log
    Error logs will be stored in /opt/snare/snare.err
    ======== Running on ========
    (Press CTRL+C to quit)
    you are running the latest version
You can’t perform that action at this time.