wwwdanielg / the-watcher Public

Notifications You must be signed in to change notification settings
Fork 0
Star 0

A honeypot that logs traffic, with accompanying tools to analyze HTTP clients as well as perform passive recon on the client hosts.

0 stars 0 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 62 Commits
App		App
images		images
public		public
tools		tools
vendor-unmanaged/shodan-php-rest-api		vendor-unmanaged/shodan-php-rest-api
writable		writable
.gitignore		.gitignore
README.md		README.md
composer.json		composer.json
composer.lock		composer.lock

Repository files navigation

The Watcher

Author: Daniel Gilbert (AdaptOrDie247)

A honeypot that logs traffic, with accompanying tools to analyze HTTP clients as well as perform passive recon on the client hosts.

WARNING

If you make this application public-facing, make sure you know what you're doing.

Insecure deployment of the application can result in a system compromise, or worse.

Quick Setup

Install system dependencies: PHP, SQLite3.
Git clone the repo.
Install and run Composer to install the project dependencies.
Create a .env file in the project root with the following values:

database.directory: The database directory. E.g., writable/database.
database.name: The database name. E.g., the_watcher.db.
shodan.api_key: A valid Shodan API key if you want to use the recon tools.

Open a terminal in the public directory.
Start the PHP web server: php -S localhost:8000.
Navigate to localhost:8000 in a web browser to log the request.
Open a terminal in the tools directory.
List the HTTP clients: ./get-http-clients.php.
Perform passive recon on an IP address: ./recon-ip-address.php IP_ADDRESS.

About

A honeypot that logs traffic, with accompanying tools to analyze HTTP clients as well as perform passive recon on the client hosts.

honeypot logging traffic-analysis passive-recon

Report repository

Releases

No releases published

Packages

No packages published

Languages