a7c69c8849
* tiny refactoring name convention, and file name. * added command line arguments files * fix typo comment
4.9 KiB
Beelzebub
A secure honeypot framework low code, extremely easy to configure by yaml 🚀
OpenAI GPT integration
How to integrate with OpenAI GPT-3: Medium Article
Telegram bot realtime attacks
bot: telegram channel
Examples
mariocandela/beelzebub-example
Quick Start
Using docker-compose
$ docker-compose build
$ docker-compose up -d
Using go compiler
$ go mod download
$ go build
$ ./beelzebub
Unit Test:
$ make test.unit
Integration test:
Run integration testing
$ make test.integration
Features
- OpenAPI ChatBot GPT-3 Linux virtualization
- SSH Honeypot
- HTTP Honeypot
- TCP Honeypot
- Prometheus openmetrics
- Docker
- RabbitMQ integration
Example configuration service
The configurations are inside the /configurations/services directory, just add a new file for each service/port.
Example HTTP Honeypot on 80 port
http-80.yaml
apiVersion: "v1"
protocol: "http"
address: ":80"
description: "Wordpress 6.0"
commands:
- regex: "index.php"
handler: ""
headers:
- "Content-Type: text/html"
- "Server: Apache/2.4.53 (Debian)"
- "X-Powered-By: PHP/7.4.29"
statusCode: 200
- regex: "^(wp-login.php|/wp-admin)$"
handler: ""
headers:
- "Content-Type: text/html"
- "Server: Apache/2.4.53 (Debian)"
- "X-Powered-By: PHP/7.4.29"
statusCode: 200
Example HTTP Honeypot on 8080 port
http-8080.yaml
apiVersion: "v1"
protocol: "http"
address: ":8080"
description: "Apache 401"
commands:
- regex: ".*"
handler: "Unauthorized"
headers:
- "www-Authenticate: Basic"
- "server: Apache"
statusCode: 401
Example SSH Honeypot
Honeypot with ChatBot GPT-3 ssh-2222.yaml
apiVersion: "v1"
protocol: "ssh"
address: ":2222"
description: "SSH interactive ChatGPT"
commands:
- regex: "^(.+)$"
plugin: "OpenAIGPTLinuxTerminal"
serverVersion: "OpenSSH"
serverName: "ubuntu"
passwordRegex: "^(root|qwerty|Smoker666|123456|jenkins|minecraft|sinus|alex|postgres|Ly123456)$"
deadlineTimeoutSeconds: 60
plugin:
openAPIChatGPTSecretKey: "Here your ChatBot SecretKey "
ssh-22.yaml
apiVersion: "v1"
protocol: "ssh"
address: ":22"
description: "SSH interactive"
commands:
- regex: "^ls$"
handler: "Documents Images Desktop Downloads .m2 .kube .ssh .docker"
- regex: "^pwd$"
handler: "/home/"
- regex: "^uname -m$"
handler: "x86_64"
- regex: "^docker ps$"
handler: "CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES"
- regex: "^docker .*$"
handler: "Error response from daemon: dial unix docker.raw.sock: connect: connection refused"
- regex: "^uname$"
handler: "Linux"
- regex: "^ps$"
handler: " PID TTY TIME CMD\n21642 ttys000 0:00.07 /bin/dockerd"
- regex: "^(.+)$"
handler: "command not found"
serverVersion: "OpenSSH"
serverName: "ubuntu"
passwordRegex: "^(root|qwerty|Smoker666)$"
deadlineTimeoutSeconds: 60
TODO
- telnet
- UDP
ROADMAP
- SaaS Platform
Documentation
- API Docs #TODO
Contributing
The beelzebub team enthusiastically welcomes contributions and project participation! There's a bunch of things you can do if you want to contribute! The Contributor Guide has all the information you need for everything from reporting bugs to contributing entire new features. Please don't hesitate to jump in if you'd like to, or even ask us questions if something isn't clear.
All participants and maintainers in this project are expected to follow Code of Conduct, and just generally be excellent to each other.
Happy hacking!
License
This project is licensed under GNU GPL 3 License.
