About This Honeypot Project
What is a Honeypot?
A honeypot is a security mechanism that creates a decoy system designed to attract and detect attackers. It mimics vulnerable systems to lure malicious actors, allowing security professionals to observe attack patterns, techniques, and tools in a controlled environment.
Project Architecture
- Cowrie Honeypot: Medium-interaction SSH/Telnet honeypot that simulates a Linux system
- Python Backend: Log parsing, geolocation, and pattern analysis
- PostgreSQL Database: Structured storage for attack data
- Flask Dashboard: Real-time visualization of attack intelligence
What We Capture
- Login attempts (usernames and passwords)
- Commands executed by attackers
- Malware samples downloaded
- Attack source geolocation
- Session recordings and duration
Technologies Used
Python
Flask
PostgreSQL
Cowrie
Chart.js
Leaflet.js
SQLAlchemy
Security Considerations
This honeypot is deployed on an isolated VPS with strict firewall rules. It has no access to production systems and is designed to be compromised safely. All captured data is sanitized and analyzed in a secure environment.
GitHub Repository
This project is open source and available on GitHub. Feel free to explore the code, submit issues, or contribute improvements.
View on GitHub