npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

hash-honeypot

v1.0.4

Published

HTTP Agnostic Software Honeypot (HASH) - honeypot framework to build low interaction honeypots

Downloads

80

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Maintainers

datadogdatadog

Keywords

Readme

HASH (HTTP Agnostic Software Honeypot)

HASH is a framework for creating and launching low interactive honeypots.

HASH

🌟 Why HASH?

The main philosophy of HASH is to be easy to configure and flexible to mimic any software running on HTTP/HTTPs. With the minimum footprint possible to avoid being detected as honeypot.

⚡ Features

  • Single framework to deploy HTTP/HTTPs based honeypots
  • Easily configurable via YAML files
  • Built-in honeytraps
  • Powerful randomization based on fakerjs to avoid honeypot detection
  • Optionally, integration with Datadog to ingest and analyze honeypots logs and HTTP requests through APM

🚀 Getting Started

HASH is built using Node.js but it can mimic any web-based language / server based on the configuration. Read the full docs below.

Installation

You can Install it via NPM

npm install -g hash-honeypot

Or you can use it directly from docker

docker run --rm ghcr.io/datadog/hash help

Usage

Generate honeypot profile

HASH uses YAML files to configure how it simulate the desired software, The typical structure for the profile folder is the following

|____templates
|     |____resources
|     |     |____index.html
|     |     |____style.css
|     |     |____favicon.ico
|     |____404.yaml
|     |____default.yaml
|____init.yaml

You can build it yourself or you can generate it using generate command

Usage: HASH generate [options] <folder>

Generate honeypot profile

Arguments:
  folder                         path/to the app

Options:
  -t --template <template_name>  base template (default: "default")
  -n --name <honeypot_name>      Honeypot name
  -s --swagger <swagger_file>    Path to swagger file to convert
  -h, --help                     display help for command

Example

hash-honeypot generate myhoneypot --name my-honey-pot --template default

You can also convert swagger files to honeypot directly from the generate command

Example converting swagger file(s) to honeypot

hash-honeypot generate sample-swagger2 -n sample -s ./test-swagger/test-swagger.yaml

Running the honeypot

Usage: HASH run [options] <folder>

Run HASH

Arguments:
  folder                     path/to the template folder

Options:
  -l, --log <transport>      logging transport (default: "console,file,datadog")
  -f, --log_file <filename>  logging filename (default: "hash.log")
  -h, --help                 display help for command

example

hash-honeypot my-honeypot-profile -l file -f ./logs/hash.log

If you are using Datadog for logs make sure you export the datadog api key export DD_API_KEY=<your-api-key>

Customization and configuration

You can customize the your honeypot profile as you want

Example request template:

id: sqli-error
info:
    title: 'SQL error honeytrap'
requests:
    - isTrap: false
      expect:
          method: GET
          path: '/author/:Id([0-9]+)'
      reply:
          status: 200
          headers:
              content-type: 'text/html'
          body:
              view: 'author.html'
    - isTrap: true
      expect:
          method: GET
          path: '/author/:Id'
      reply:
          status: 500
          headers:
              content-type: 'text/html'
          body:
              contents: "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 2"

Read the configuration reference here or see the examples here.

Future work

  • [x] Create examples folder to show HASH features
  • [x] Ability to import API documentation formats (swagger ..etc)
  • [x] Package hash as module for easier distribution
  • [ ] Add capabilities for medium interactions
  • [ ] Add popular honeytraps
  • [ ] Add unit & integration tests

License and Contribution

Released under the Apache-2.0 license, contributions are welcome!

Contact

Feel free to open an issue, or reach out at [email protected].