HoneyDrive 0.2 Nectar edition released!
new release for HoneyDrive (Desktop)!
This is version 0.2 aka Nectar edition, which brings more honeypot and malware related tools on the distro.
This is version 0.2 aka Nectar edition, which brings more honeypot and malware related tools on the distro.
You can download it from HoneyDrive's SourceForge page at: http://sourceforge.net/ projects/honeydrive/
MD5 Checksum: 8f0d65b4260e963e5639ab4555b3c7 0f
SHA-1 Checksum: 285775170167cb4d4614ae39558898 82b4358fdf
SHA-1 Checksum: 285775170167cb4d4614ae39558898
Changes and additions on this version (in no particular order):
- Installed Kippo2Wordlist, a tool to create wordlists based on passwords used by attackers against Kippo SSH honeypot.
- Installed DionaeaFR , a visualization tool which was recently presented in my previous post.
- Added Kojoney SSH honeypot, patched version (updated scripts, new features, etc).
- Added Amun malware honeypot, along with useful scripts.
- Installed mwcrawler, a script that parses malicious URL lists and downloads malware files (video).
- Added Thug, a honeyclient written in Python aimed at mimicking the behavior of a web browser in order to detect and emulate malicious contents.
- Added the following tools: Pipal, John the Ripper, IRCD-Hybrid, Origami, dsniff, hping, Scapy, Tcpreplay, tcptrace, sslstrip, libemu, Adminer.
- Added the Open Penetration Testing Bookmarks Collection to Firefox.
HoneyDrive is a virtual appliance (OVA) with Xubuntu Desktop 12.04 32-bit edition installed. It contains various honeypot software packages such as Kippo SSH honeypot, Dionaea malware honeypot, Honeyd low-interaction honeypot, Thug honeyclient and more. Additionally it includes useful pre-configured scripts and utilities to analyze, visualize and process the data it can capture, such as Kippo-Graph, Honeyd-Viz, and much more. Lastly, many other helpful security, forensics and malware related tools are also present in the distribution.
Features
- Virtual appliance based on Xubuntu 12.04 Desktop.
- Distributed as a single OVA file, ready to be imported.
- Full LAMP stack installed (Apache 2, MySQL 5), plus tools such as phpMyAdmin.
- Kippo SSH Honeypot, plus Kippo-Graph, Kippo2MySQL and other helpful scripts.
- Dionaea malware honeypot, plus DionaeaFR other helpful scripts.
- Amun malware honeypot, plus helpful scripts.
- Kojoney SSH honeypot, plus helpful scripts.
- Honeyd low-interaction honeypot, plus Honeyd2MySQL, Honeyd-Viz and other helpful scripts.
- LaBrea sticky honeypot, Tiny Honeypot, IIS Emulator, INetSim and SimH.
- Thug honeyclient for client-side attacks analysis, along with mwcrawler malware collector.
- A full suite of security, forensics and anti-malware tools for network monitoring, malicious shellcode and PDF analysis, such as ntop, p0f, EtherApe, nmap, DFF, Wireshark, ClamAV, ettercap, Automater, UPX, pdftk, Flasm, pdf-parser, Pyew, dex2jar and more.
- Firefox plugins pre-installed, plus extra helpful software such as GParted, Terminator, Adminer, VYM, Xpdf and more.
DOWNLOAD:-
The latest version (0.2) of HoneyDrive Desktop (Nectar edition), released on January 16, 2012 is hosted at SourceForge.net: http://sourceforge.net/projects/honeydrive/
Download latest relased on 16-01-2013
HoneyDrive 0.1 Santa edition Released on 30-12-2012
MD5 Checksum: 8f0d65b4260e963e5639ab4555b3c70f
SHA-1 Checksum: 285775170167cb4d4614ae3955889882b4358fdf
SHA-1 Checksum: 285775170167cb4d4614ae3955889882b4358fdf
Please take a look at the README.txt file on SourceForge (also included inside the virtual disk) to see where everything is located.
INSTALLATION:
After downloading the file, you simply have to import the virtual appliance to your virtual machine manager/hypervisor (suggested software: Oracle VM VirtualBox).
FREQUENTLY ASKED QUESTIONS:
- Why use HoneyDrive?
HoneyDrive saves you time! It has all the major honeypot-related software pre-installed and pre-configured to work out of the box (or with some configuration options of your liking). As I have seen many times in comments or support requests I get, setting up a honeypot system is not always something easy. This is especially true for new infosec enthusiasts or sysadmins and “hard” to set up software like Dionaea for example. - What utilities and software are included in HoneyDrive?
HoneyDrive contains all the major honeypot-related software and many more useful tools. For a complete list you’ll have to take a look at the README.txt file included in the virtual appliance (you’ll find it on the desktop) or online at the downloads section of SourceForge (link above). - Why isn’t [insert-name-here] included in HoneyDrive?
I’m not a security guru and unfortunately can’t keep track of every different piece of software. But, I’m very open to suggestions about HoneyDrive! If you know a tool that could be of benefit please let me know by leaving a comment on this page and it will be included in the next release of HoneyDrive. - How do I get started? How do I login?
You just have to download the OVA file from SourceForge (link above) and import it in your virtual machine manager/hypervisor. You can then login using the password “honeydrive” (without the quotes). - What is the password for [insert-name-here]?
Again, your best bet is reading the README.txt file included in the virtual appliance or found online at the downloads section of SourceForge (link above). Every password you will need is included in its appropriate section.
SCREENSHOTS: