Beeswarm is an active IDS project that provides easy configuration, deployment and management of honeypots and clients. The system operates by luring the hacker into the honeypots by setting up a deception infrastructure where deployed drones communicate with honeypots and intentionally leak credentials while doing so.
beeswarm overview
Beeswarm operates by deploying fake end-user systems (clients) and services (honeypots). Beeswarm uses these systems to provides IoC (Indication of Compromise) by observing the difference between expected and actual traffic. An IoC could be a certificate mismatch or the unexpected reuse of credentials (honeytokens).
beeswarm console
Latest Version and Changelog v0.7.17 11/6/2016:
– Rename in ui: “Honeypot name” -> “Drone name”
– Added functionality to ping all drones from UI
Usage:
first install dependencies sudo apt-get install libffi-dev build-essential python-dev python-pip libssl-dev libxml2-dev libxslt1-dev git clone https://github.com/honeynet/beeswarm && cd beeswarm pip install -r requirements.txt python setup.py install beeswarm Upgrade: cd [Your Path] git pull
Source: https://github.com/honeynet