Honeypot dockers
T-Pot offers docker images for the following honeypots:
Databases
ElasticPot - A honeypot simulating a vulnerable Elasticsearch server opened to the Internet.
RedisHoneyPot - High Interaction Honeypot Solution for Redis protocol.
Email
Mailoney - SMTP honeypot, Open Relay, Cred Harvester written in python.
ICS/SCADA
Conpot - An ICS honeypot with the goal to collect intelligence about the motives and methods of adversaries targeting industrial control systems.
Mobile
Android Debug Bridge over TCP/IP - Low interaction honeypot that simulates an Android device running Android Debug Bridge (ADB) server process.
Network services
Dionaea - A nepenthes successor, embedding python as scripting language, using libemu to detect shellcodes, supporting ipv6 and tls.
Cisco ASA honeypot - A low interaction honeypot for the Cisco ASA component capable of detecting CVE-2018-0101, a DoS and remote code execution vulnerability.
DDoSPot - NTP, DNS, SSDP, Chargen and generic UDP-based amplification DDoS honeypot.
Other
CitrixHoneypot - Detect and log CVE-2019-19781 scan and exploitation attempts.
Dicompot - DICOM Honeypot.
Log4Pot - A honeypot for the Log4Shell vulnerability (CVE-2021-44228).
medpot - HL7 / FHIR honeypot.
Server
Service
Honeypots - 25 different honeypots in a single pypi package! (dns, ftp, httpproxy, http, https, imap, mysql, pop3, postgres, redis, smb, smtp, socks5, ssh, telnet, vnc, mssql, elastic, ldap, ntp, memcache, snmp, oracle, sip and irc).
Honeytrap - Advanced Honeypot framework written in Go that can be connected with other honeypot software.
IPP Honey - A honeypot for the Internet Printing Protocol.
SIP
SentryPeer - A fraud detection tool which lets bad actors try to make phone calls and saves the IP address they came from and number they tried to call.