HoneyBot – A Windows Based Honeypot

Outsmart Malicious Hackers


HoneyBOT

HoneyBOT is a Windows based medium interaction honeypot solution.

What is a Honeypot?

A honeypot is a device placed on a computer network specifically designed to capture malicious network traffic. The logging capability of a honeypot is far greater than any other network security tool and captures raw packet level data even including the keystrokes and mistakes made by hackers. The captured information is highly valuable as it contains only malicious traffic with little to no false positives.

Honeypots are becoming one of the leading security tools used to monitor the latest tricks and exploits of hackers by recording their every move so that the security community can more quickly respond to new exploits.

How it Works

HoneyBOT works by opening over 1000 udp and tcp listening sockets on your computer and these sockets are designed to mimic vulnerable services. When an attacker connects to these services they are fooled into thinking they are attacking a real server. The honeypot safely captures all communications with the attacker and logs these results for future analysis. Should an attacker attempt an exploit or upload a rootkit or trojan to the server the honeypot environment will safely store these files on your computer for analysis and submission to antivirus vendors. Our test server has captured several thousand trojans and rootkits from these simulated services including:

  • Dabber
  • Devil
  • Kuang
  • MyDoom
  • Netbus
  • Sasser
  • LSASS
  • DCOM (msblast, etc)
  • Lithium
  • Sub7

HoneyBOT Installation

We suggest that you install HoneyBOT on a dedicated computer with no valuable information or resources required of it. In fact, you want your honeypot to be as free as possible from any legitimate traffic so in broad terms we can consider any traffic to the honeypot to be malicious in nature.

HoneyBOT requires minimum operating system of Windows 2000 and at least 128MB RAM is recommended.

You can read more here:

Honeybot

Posted in: Countermeasures, Security Software

, , ,


Latest Posts:


OWASP ZSC - Obfuscated Code Generator Tool OWASP ZSC – Obfuscated Code Generator Tool
OWASP ZSC is an open source obfuscated code generator tool in Python which lets you generate customized shellcodes and convert scripts to an obfuscated script.
A Look Back At 2017 – Tools & News Highlights A Look Back At 2017 – Tools & News Highlights
So here we are in 2018, taking a look back at 2017, quite a year it was. Here is a quick rundown of some of the best hacking/security tools released in 2017, the biggest news stories and the 10 most viewed posts on Darknet as a bonus.
Spectre & Meltdown Checker - Vulnerability Mitigation Tool For Linux Spectre & Meltdown Checker – Vulnerability Mitigation Tool For Linux
Spectre & Meltdown Checker is a simple shell script to tell if your Linux installation is vulnerable against the 3 "speculative execution" CVEs that were made public early 2018.
Hijacker - Reaver For Android Wifi Hacker App Hijacker – Reaver For Android Wifi Hacker App
Hijacker is a native GUI which provides Reaver for Android along with Aircrack-ng, Airodump-ng and MDK3 making it a powerful Wifi hacker app.
Sublist3r - Fast Python Subdomain Enumeration Tool Sublist3r – Fast Python Subdomain Enumeration Tool
Sublist3r is a Python-based tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting.
coWPAtty Download - Audit Pre-shared WPA Keys coWPAtty Download – Audit Pre-shared WPA Keys
coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys.


2 Responses to HoneyBot – A Windows Based Honeypot

  1. stacksmasher July 18, 2006 at 4:36 pm #

    This site closed down, its an advertising site, did someone get an .exe from the page before it closed down?

    I googled for the old link and it was malware ; (

  2. Darknet July 19, 2006 at 6:29 am #

    Yeah looks like their domain got hijacked or it expired, I’m not sure if I have the download here, will check it out..