HoneyDrive v3 Royal Jelly é uma distribuição Linux dedicada para uma única função, a de HoneyPot. HoneyPot é o nome dado a um sistema ou servidor que servirá de boi de piranha, uma porta para hackers e crackers executarem os seus ataques, onde tudo será coletado para posterior análise.
Grandes empresas de anti-vírus utilizam este tipo de ferramenta há anos. Agora, vc poderá fazer o mesmo.
O mais legal de tudo é que este carinha é uma máquina virtual, podendo assim ser duplicada facilmente.
Vejam as features desta ferramenta:
- Virtual appliance based on Xubuntu 12.04.4 LTS Desktop.
- Distributed as a single OVA file, ready to be imported.
- Full LAMP stack installed (Apache 2, MySQL 5), plus tools such as phpMyAdmin.
- Kippo SSH honeypot, plus Kippo-Graph, Kippo-Malware, Kippo2MySQL and other helpful scripts.
- Dionaea malware honeypot, plus DionaeaFR and other helpful scripts.
- Amun malware honeypot, plus helpful scripts.
- Glastopf web honeypot, along with Wordpot WordPress honeypot.
- Conpot SCADA/ICS honeypot.
- Honeyd low-interaction honeypot, plus Honeyd2MySQL, Honeyd-Viz and other helpful scripts.
- LaBrea sticky honeypot, Tiny Honeypot, IIS Emulator and INetSim.
- Thug and PhoneyC honeyclients for client-side attacks analysis, along with Maltrieve malware collector.
- ELK stack: ElasticSearch, Logstash, Kibana for log analysis and visualization.
- A full suite of security, forensics and anti-malware tools for network monitoring, malicious shellcode and PDF analysis, such as ntop, p0f, EtherApe, nmap, DFF, Wireshark, Recon-ng, ClamAV, ettercap, MASTIFF, Automater, UPX, pdftk, Flasm, Yara, Viper, pdf-parser, Pyew, Radare2, dex2jar and more.
- Firefox add-ons pre-installed, plus extra helpful software such as GParted, Terminator, Adminer, VYM, Xpdf and more.
RT @gustcol: HoneyDrive v3 Royal Jelly – distribuição Linux para HoneyPot: http://t.co/Xl5jPvt0dm