Code Monkey home page Code Monkey logo

scanme's Introduction

scanme - a safe honeypot

This is a honeypot, a program designed to mimic real services on the network in order to log hackers trying to hack those services, and to delay them by wasting their time. Bugs/vulnerabilities in honeypots may themselves enable hacker attacks, this is written with extra paranoia. The services are written in a strongly sandboxed Lua scripting environment.

Some major attributes are: * Lua -- All the services are written in the Lua scripting language, which is popular for other cybersec projects, such as Snort, nmap, and Wireshark. * Sandbox -- Instead of a standard Lua environment, this has been sandboxed. There is no generic access to the filesystem, for example, only a tightly controlled one. Of course, the expectation is that there will be further containerization and VMs securing this as well. * Scale -- Takes advantage of scalable APIs like epoll() in order to support massive numbers of connections, so that firewalls/routers can be configured to redirect traffic to this device. * Multi-core -- Designed to use all the CPU cores in the system. * Lightweight -- Designed to be run on low-end $19 wifi routers that have been reflashed with OpenWRT that may have only 64-megabytes of memory. * Portable -- Runs on Linux, macOS, Windows, as well as pretty much any operating system that supports ANSI C and POSIX Sockets. This can include things like AIX, Solaris, QNX, VxWorks, and so on. * Functional -- Many of the mock services are fully functional, so you could use this as a real web-server for example. * User-mode -- Some honeypots are designed to mimic other operating systems at the TCP stack level. In contrast, this is designed to run in user-mode, using whatever TCP/IP stack is on the system. * UPnP client -- Uses UPnP so that it can open up listening ports on the public Internet from behind a home NAT router.

Building

The code is ANSI C, so the files can just be compiled with your favorite compiler.

Or you could use the Makefile, which is written for gmake and works for a lot of platforms, such as Linux, macOS, and MingGW.

There are also IDE projects for Visual Studio in the vs10 directory and for XCode in the xcode directory.

Running

Run scanme configfile.conf to run as configured in the specified configuration file.

Run scanme somescript.lua to run a service where all the necessarry settings come from the script itself or from defaults.

scanme's People

Contributors

robertdavidgraham avatar

Watchers

avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.