HoneyDB Honeypot workshop: Difference between revisions

From HOPE Wiki
Created page with "== Abstract == Honeypots can be implemented to discover new threat information or detect intruders on a network. However, while there are numerous free honeypots available, m..."
 
Learn how to deploy honeypots using HoneyDB in this workshop!
Line 2: Line 2:


Honeypots can be implemented to discover new threat information or detect intruders on a network. However, while there are numerous free honeypots available, many of them can be complicated to deploy and require additional engineering to consume log data. If you are curious about honeypots and are interested in a simple way to deploy your own honeypots, the HoneyDB honeypot workshop is for you.
Honeypots can be implemented to discover new threat information or detect intruders on a network. However, while there are numerous free honeypots available, many of them can be complicated to deploy and require additional engineering to consume log data. If you are curious about honeypots and are interested in a simple way to deploy your own honeypots, the HoneyDB honeypot workshop is for you.
All skill levels are welcome to attend, you only need an interest in honeypots :-)
== Agenda ==
* Intro to honeypots
* Open source honeypots
* HoneyDB
* HoneyDB Agent
* Deploying an agent in the cloud
* Testing the agent
* Querying the Threat API
* HoneyDB CLI Python tool
* Write an API client
* Resources (Slack / Twitter)
== Technical Requirements ==
* Laptop: Linux, Mac, or Windows
* SSH Client if using Windows - https://www.putty.org/
* Postman - https://www.getpostman.com/
* Code editor (MS Visual Studio Code is great: https://code.visualstudio.com/)
* Python 2.7 or greater
* PIP for Python - https://pip.pypa.io/en/stable/installing/
* A cloud host (one will be provided (DigitalOcean) in the workshop or you can get your own, see options here)
* Slack - https://slack.com/ (optional, if you want to join the community)

Revision as of 12:48, 15 July 2020

Abstract

Honeypots can be implemented to discover new threat information or detect intruders on a network. However, while there are numerous free honeypots available, many of them can be complicated to deploy and require additional engineering to consume log data. If you are curious about honeypots and are interested in a simple way to deploy your own honeypots, the HoneyDB honeypot workshop is for you.

All skill levels are welcome to attend, you only need an interest in honeypots :-)

Agenda

  • Intro to honeypots
  • Open source honeypots
  • HoneyDB
  • HoneyDB Agent
  • Deploying an agent in the cloud
  • Testing the agent
  • Querying the Threat API
  • HoneyDB CLI Python tool
  • Write an API client
  • Resources (Slack / Twitter)

Technical Requirements