HoneyDrive v3 Royal Jelly – distribuição Linux para HoneyPot

HoneyDrive v3 Royal Jelly  é uma distribuição Linux dedicada para uma única função, a de HoneyPot. HoneyPot é o nome dado a um sistema ou servidor que servirá de boi de piranha, uma porta para hackers e crackers executarem os seus ataques, onde tudo será coletado para posterior análise.

Grandes empresas de anti-vírus utilizam este tipo de ferramenta há anos. Agora, vc poderá fazer o mesmo.

O mais legal de tudo é que este carinha é uma máquina virtual, podendo assim ser duplicada facilmente.

Vejam as features desta ferramenta:

• Virtual appliance based on Xubuntu 12.04.4 LTS Desktop.
• Distributed as a single OVA file, ready to be imported.
• Full LAMP stack installed (Apache 2, MySQL 5), plus tools such as phpMyAdmin.
• Kippo SSH honeypot, plus Kippo-Graph, Kippo-Malware, Kippo2MySQL and other helpful scripts.
• Dionaea malware honeypot, plus DionaeaFR and other helpful scripts.
• Amun malware honeypot, plus helpful scripts.
• Glastopf web honeypot, along with Wordpot WordPress honeypot.
• Conpot SCADA/ICS honeypot.
• Honeyd low-interaction honeypot, plus Honeyd2MySQL, Honeyd-Viz and other helpful scripts.
• LaBrea sticky honeypot, Tiny Honeypot, IIS Emulator and INetSim.
• Thug and PhoneyC honeyclients for client-side attacks analysis, along with Maltrieve malware collector.
• ELK stack: ElasticSearch, Logstash, Kibana for log analysis and visualization.
• A full suite of security, forensics and anti-malware tools for network monitoring, malicious shellcode and PDF analysis, such as ntop, p0f, EtherApe, nmap, DFF, Wireshark, Recon-ng, ClamAV, ettercap, MASTIFF, Automater, UPX, pdftk, Flasm, Yara, Viper, pdf-parser, Pyew, Radare2, dex2jar and more.
• Firefox add-ons pre-installed, plus extra helpful software such as GParted, Terminator, Adminer, VYM, Xpdf and more.