
DefroxPot is a honeypot project designed to detect, monitor, and analyze malicious activity in a controlled environment. This project aims to provide cybersecurity enthusiasts and professionals with a powerful tool to study attack patterns, improve defensive strategies, and enhance security awareness.
 
 Variants 
  
 
 Install 
 
 
 Dependencies 
  
 
 Usage 
  
 
 Screenshots 
  
 
 Contributors 
 
The Web Honeypot simulates a vulnerable website to attract and analyze web-based attacks.
Web Logging
- Records all HTTP requests and responses
- Logs IP addresses, session details, user agents, user IDs, and paths visited
- Captures keystrokes through the website
File Analysis
- Analyzes files uploaded by attackers to check for malicious content
- Extracts metadata from the uploaded files
Dashboard
- Provides a dashboard for real-time monitoring
The Network Honeypot mimics a network environment to detect, log and analyze network-based attacks.
Network Logging
- Captures and logs all network traffic
- Records IP addresses and authentication attempts via FTP or SSH services (whichever you run)
Deceptive Environment
- Creates a deceptive environment to trap attackers
- Simulates various network services to attract malicious activity
- 
Clone the repository: git clone https://github.com/TeamDefronix/DefroxPot cd honeypot
- 
Install dependencies: pip install -r requirements.txt 
- 
Configure the honeypot: python manage.py migrate python manage.py createsuperuser Note: python manage.py createsuperuseris required to create for managing the DefroxPot tool
- 
Start the honeypot: python manage.py runserver You will receive a URL with port 8000. Open this URL in your browser to access the admin panel. 
- 
Apart from what is in requirements.txtExifTool is also required to extract metadata from images. You can visit the official website [https://exiftool.org]
- 
Virus total has been used to check malicious content if uploaded by an attacker [https://www.virustotal.com] You can visit the following URLs to check software authenticity. exiftool.exe(Windows): https://www.virustotal.com/gui/file/e9bfbb1ae99f3b5587f926393c3e9ccd86ad7e03a779a06f5e68601a6a85a714
 exiftool(Linux): https://www.virustotal.com/gui/file/4827ade560b85f0877c635fd7e32144e9196f4fa256cc504c42f8593cc79a32b
Django: A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
Flask: A lightweight WSGI web application framework in Python.
paramiko: A library for making SSH2 connections.
pyftpdlib: A library for creating FTP servers.
bcrypt: Library for hashing passwords in a secure manner.
blinker: Provides support for creating signals and listening to them, often used in Flask applications.
certifi: Provides Mozilla’s CA Bundle, useful for SSL verification.
cryptography: Provides cryptographic recipes and primitives.
itsdangerous: Provides various helpers to pass trusted data to untrusted environments.
pycparser: A C parser and AST generator written in Python.
PyNaCl: Python binding to the Networking and Cryptography (NaCl) library.
- Navigate to the Setuptab and launch the web setup. You will receive a URL with port 5000 that is intended to be accessed by an attacker.
- File Analysis,- Photo,- Keyloggerand- Websitetabs belong to Web honeypot. You can navigate to check logs.
- Navigate to the Setuptab and launch the network setup. Thesshandftpwill be started that is intended to be accessed by an attacker.
- Networktabs belong to network honeypot. You can navigate to check logs.
This tool is currently a prototype and can be further improved. If you have more context or specific improvements in mind, We can tailor the further requirements to fit your needs










