HoneyDrive is a virtual appliance (OVA) with Xubuntu Desktop 12.04 32-bit edition installed. It contains various honeypot software packages such as Kippo SSH honeypot, Dionaea malware honeypot, Honeyd low-interaction honeypot, Glastopf web honeypot along with Wordpot, Thug honeyclient and more. Additionally it includes useful pre-configured scripts and utilities to analyze, visualize and process the data it can capture, such as Kippo-Graph, Honeyd-Viz, and much more. Lastly, many other helpful security, forensics and malware related tools are also present in the distribution.
We wrote about HoneyDrive when it first surfaced and was quite unpolished, it’s come a long way since then! Here’s the original post:
The feature set is a lot more complete now, with a whole range of different honeypots available and some useful tools too:
- Virtual appliance based on Xubuntu 12.04 Desktop.
- Distributed as a single OVA file, ready to be imported.
- Full LAMP stack installed (Apache 2, MySQL 5), plus tools such as phpMyAdmin.
- Kippo SSH Honeypot, plus Kippo-Graph, Kippo2MySQL and other helpful scripts.
- Dionaea malware honeypot, plus phpLiteAdmin and other helpful scripts.
- Honeyd low-interaction honeypot, plus Honeyd2MySQL, Honeyd-Viz and other helpful scripts.
- LaBrea sticky honeypot, Tiny Honeypot, IIS Emulator, INetSim and SimH.
- A full suite of security, forensics and anti-malware tools for network monitoring, malicious shellcode and PDF analysis, such as ntop, p0f, EtherApe, nmap, DFF, Wireshark, ClamAV, ettercap, Automater, UPX, pdftk, Flasm, pdf-parser, Pyew, dex2jar and more.
- Firefox plugins pre-installed, plus extra helpful software such as GParted, Terminator, VYM, Xpdf and more.
You can download HoneyDrive v0.2 here:
Or read more here.
- The Dude – Automatic Network Discovery & Layout Tool
- Graudit v1.9 Download – Grep Source Code Auditing Tool
- sptoolkit Rebirth – Simple Phishing Toolkit
- HoneyDrive 3 Released – The Premier Honeypot Bundle Distro
- HoneyDrive – Honeypots In A Box
- Google Desktop 3 Enterprise
Most Read in Countermeasures:
- AJAX: Is your application secure enough? - 119,494 views
- Password Hasher Firefox Extension - 117,264 views
- NDR or Backscatter Spam – How Non Delivery Reports Become a Nuisance - 57,602 views