I developed a (small) honeypot to catch hackers & bots.
Рет қаралды 13,782
Күн бұрынReceive 10% off with any purchase on Hostinger (or use code GRANTCOLLINS): hostinger.com/grantcollins
🍯 SSH HONEY_PY GitHub Repository: - github.com/collinsmc23/ssh_ho...
⏰ Timestamps:
0:00 - Introduction
1:26 - Project Overview
3:00 - Logging
4:00 - Implementing SSH
6:46 - Creating Emulated Shell
7:54 - Multi-Threading Implementation
9:28 - Argument Support
10:01 - Deploying a VPS Honeypot with Hostinger
12:03 - Honeypot VPS Configuration
14:01 - Results: Collecting Usernames, Passwords, and IP Addresses
14:54 - Advanced Features + Conclusion
🔗 Links (Sources):
- securehoney.net/blog/how-to-b...
- / deceptive-defense-buil...
- gist.github.com/cschwede/3e2c...
- www.hostinger.com/tutorials/h...
- github.com/collinsmc23/ssh_ho...
🐕 Follow Me:
Twitter: / collinsinfosec
Instagram: / _collinsinfosec
Cybercademy Discord Server: / discord
🤔 Have questions, concerns, comments?:
Email me: grant@cybercademy.org
🎧 Gear:
Laptop (Lenovo X1 Carbon Ultrabook 6th Gen): amzn.to/2O0UfAM
Monitors (Dell D Series 31.5” D3218HN): amzn.to/2EXlgRF
Keyboard (Velocifire VM01): amzn.to/2TEswfd
Headphones (Audio Technica ATH-M40x): amzn.to/2F4Tvq6
Work Monitors (Dell U4919DW UltraSharp 49 Curved Monitor): amzn.to/3yQmDhM
Desk (FLEXISPOT EW8 Comhar Electric Standing Desk): amzn.to/3S9OxvG
💻 Cybersecurity PC Build Parts
[Processor] Intel Core i7-13700K 3.4 GHz 16-Core Processor: amzn.to/3OlTTUK
[Graphics Card] Asus DUAL OC GeForce RTX 3060 Ti 8 GB Video Card: amzn.to/3OE0bkd
[AIO Cooler] Corsair iCUE H100i RGB ELITE 65.57 CFM Liquid CPU Cooler: amzn.to/3DEUUT9
[Motherboard] MSI PRO Z690-A WIFI DDR4 ATX LGA1700 Motherboard: amzn.to/3Ol9La8
[RAM](2x) Corsair Vengeance LPX 64 GB (2 x 32 GB) DDR4-3200 CL16 Memory: amzn.to/3OlsgeM
[HDD] Seagate IronWolf NAS 8 TB 3.5" 7200 RPM Internal Hard Drive: amzn.to/3DFdc6K
[SSD] Samsung 980 Pro 2 TB M.2-2280 PCIe 4.0 X4 NVME Solid State Drive: amzn.to/3KpTnnQ
[Case] Corsair 5000D AIRFLOW ATX Mid Tower Case: amzn.to/44Rjaxf
[Power Supply] Corsair RM850x (2021) 850 W 80+ Gold Certified Fully Modular ATX Power Supply: amzn.to/478wC1r
[Fans] Corsair iCUE SP120 RGB ELITE 47.7 CFM 120 mm Fans 3-Pack: amzn.to/44R4myD
@collinsinfosec 9 күн бұрын
The commenters have spoken! I will create a crash course on this project. Before I do, I am going to add a few more "advanced" features (as I overviewed at 14:54) to the honeypot, including a small dashboard, tarpit (to trap the skids), and dockerize the application. Stay tuned for a follow-up video and a crash course in the next ~6 weeks.
@Lucasvrisaqt 8 күн бұрын
Grant are you able to hack and return my account?
@davido312 13 күн бұрын
a crash course on this is something i would definitely tune in to
@hexaheximal 11 күн бұрын
Small correction: You don't actually need to run the script as root to accept incoming connections on port 22, and you *really* shouldn't. The smarter approach (this is how my personal website is configured, for example) is to have the script and bind to an unprivileged port (e.g. 1234) and then use a firewall like iptables to redirect incoming traffic from the privileged port to the unprivileged port, in this case something like 22 -> 1234
@collinsinfosec 9 күн бұрын
Great to know! I was trying to find a way to do this. Now I know.
@smnomad9276 13 күн бұрын
These are the kind of videos and projects that will set you apart in the job market. You need to have real cyber security projects done that will highlight your skills. Don't get too comfortable in your job you might lose it anytime. Also, stop downplaying your work by saying "small", just directly say honeypot.
@TimMyles 13 күн бұрын
Would love to see more of this please!
@nft_synergy8880 13 күн бұрын
Let’s see that course brother🙌
@Liam.s 13 күн бұрын
would love a crash course this is awesome
@ParkerRC 13 күн бұрын
Great video Grant!!
@AndreasWienes 12 күн бұрын
I’ve tried something similar with the T-Pot project a while ago and gathered some interesting insights about the attackers and which infrastructure they use. Maybe you want to give this also a try.
@44544abc 12 күн бұрын
nice video. please more videos on hostinger vps projects. keep it up
@eliaspfeffer 12 күн бұрын
This is very interesting. Especially if you can do anything to the bots
@rollercoaster182 13 күн бұрын
Let's go with the crash course plsss
@collinsinfosec 13 күн бұрын
Sounds good! I will make note of this.
@malua7021 12 күн бұрын
Great content
@imca_b_5517 5 күн бұрын
Please Continue this Course
@johnvardy9559 11 күн бұрын
you finally woke up!
@diegomed3364 13 күн бұрын
Wish I will create mine
@GuyFawkes1 12 күн бұрын
Crash courseeeeeeeeee! :)
@MK_clp 13 күн бұрын
this wallpaper is awesome😍link please !
@robyee3325 11 күн бұрын
Is it legal to malware your honey pot to catch local adversary?
@cassandradawn780 13 күн бұрын
the backslashes were painful.
@collinsinfosec 13 күн бұрын
From the results... Yep they were.
@skaus2184 13 күн бұрын
Crash course, or something alike.
@cristhiamtovar9003 12 күн бұрын
Crash course please
@oildiggerlwd 7 күн бұрын
Crash course
@SaintFrost11 12 күн бұрын
Please make a crashcourse on this!
@domsw0rld 13 күн бұрын
This video is awesome! The additional project ideas you mentioned could definitely be turned into a fully-fledged application. Well done!
@collinsinfosec 13 күн бұрын
I will take that as a +1 for continuing on with the project!
@malua7021 12 күн бұрын
crash course
@miresoman1769 11 күн бұрын
Bro your hairline is crying.
@gourabsarker9552 13 күн бұрын
Sir do you earn 200k dollars a year in USA? Plz reply. Thanks a lot.
@danielcertan7655 13 күн бұрын
)))))
@1337Munkey 13 күн бұрын
Another way would be to setup ssh without password and monitor ~/.bash_history and get the ip address from /var/logs/auth.log. Interesting idea though. Great video!!
@patarisac 12 күн бұрын
that's too risky
@bjpoli6526 9 күн бұрын
Hacker du dimanche surtout 😂😹😹😹🙀😂🤡🤡🤡🤏
@Namazaky 12 күн бұрын
Crash course
@bhargavj9377 8 күн бұрын
crash course
Grant Collins
Рет қаралды 48 М.
DevOps Toolkit
Рет қаралды 4 М.