Home

Awesome

<p align="center"> <img src="https://raw.githubusercontent.com/qeeqbox/chameleon/master/readme/chameleonlogo.png"></p>

19 Customizable honeypots for monitoring network traffic, bots activities, and username\password credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres, MySQL, MSSQL, Elastic and ldap)

If you want to implement the honeypots in your project, check QeeqBox honeypots

Chameleon is considered very effective. This is an active defense tool. The system simulates open, unprotected ports and takes on attempts to find vulnerabilities - by Dean Chester, Chief Editor of cooltechzone

Pon un Honeypot en tu vida by Héctor Herrero, bujarra

Grafana Interface

<img src="https://raw.githubusercontent.com/qeeqbox/chameleon/master/readme/intro.gif" style="max-width:768px"/>

NMAP Scan

<img src="https://raw.githubusercontent.com/qeeqbox/chameleon/master/readme/nmap_scan.png" style="max-width:768px"/>

Credentials Monitoring

<img src="https://raw.githubusercontent.com/qeeqbox/chameleon/master/readme/creds_monitoring.png" style="max-width:768px"/>

General Features

Install and run

On ubuntu 18 or 19 System (test)

git clone https://github.com/qeeqbox/chameleon.git
cd chameleon
sudo chmod +x ./run.sh
sudo ./run.sh test

The Grafana interface http://localhost:3000 will open automatically after the initialization process (username is admin and password is admin). If you don't see the Chameleon dashboard, click on the search icon in the left bar and add it.

On ubuntu 18 or 19 System (Deploy)

git clone https://github.com/qeeqbox/chameleon.git
cd chameleon
sudo chmod +x ./run.sh
sudo ./run.sh deploy

The Grafana interface http://localhost:3000 will open automatically after the initialization process (username is changeme457f6460cb287 and password is changemed23b8cc6a20e0). If you don't see the Chameleon dashboard, click on the search icon in the left bar and add it.

Wait for a few seconds until honeypot shows the IP address

...
honeypot_1  | Your IP: 172.19.0.3
honeypot_1  | Your MAC: 09:45:aa:23:10:03
...

You can interact with the honeypot from your local system

ping 172.19.0.3
or run any network tool against it
nmap 172.19.0.3

Nested - Docker

sudo docker run -it --privileged -v /var/run/docker.sock:/var/run/docker.sock ubuntu:latest
git clone https://github.com/qeeqbox/chameleon.git
cd chameleon
sudo chmod +x ./run.sh
sudo ./run.sh test

Or, import your desired non-blocking server as an object (SSH Server)

You can do that by using this package honeypots

If you don't see Chameleon dashboard, click on the search icon in the left bar and add it

<img src="https://raw.githubusercontent.com/qeeqbox/chameleon/master/readme/find.png" style="max-width:768px"/>

Raspberry Pi 3B+ (setup zram first to avoid lockups)

Requirements (Servers only)

apt-get update -y && apt-get install -y iptables-persistent tcpdump nmap iputils-ping python python-pip python-psycopg2 lsof psmisc dnsutils
pip install scapy==2.4.4 netifaces==0.10.9 pyftpdlib==1.5.6 sqlalchemy==1.3.23 pyyaml==5.4.1 paramiko==2.7.1 impacket==0.9.22 twisted==20.3.0 psutil==5.8.0 requests==2.25.1 redis==3.5.3 mysql-connector-python==8.0.23 pygments==2.5.2
pip install -U requests[socks]
pip install -Iv rsa==4.0
pip install rdpy==1.3.2

Current Servers/Emulators

Changes

Resources

Twisted, documentation, Impacket, documentation, Grafana, documentation, Expert, Twisted, robertheaton

Other Licenses

By using this framework, you are accepting the license terms of all these packages: grafana, tcpdump, nmap, psycopg, dnsutils, scapy, netifaces, pyftpdlib, sqlalchemy, pyyaml, paramiko, impacket, rdpy, psutil, requests, FreeRDP, SMBClient, tigervnc

Disclaimer\Notes

Other Projects