Snare/Tanner – Advanced Reactive honEypot

SNARE is a web application honeypot sensor attracting all sort of maliciousness from the Internet. This tool has feature parity with Glastopf and allows to convert existing web pages into attack surfaces.

TANNER is the second part of the program and allow to make the remote data analysis, and classification service, which will evaluate HTTP requests and composing the response served by the honeypot.

Snare/Tanner - successors to Glastopf
Snare/Tanner – successors to Glastopf

Honeypots will be useful to emulate vulnerable services that attract attacker. on the other side it is widely used to monitor and evaluate malicious behavior and detect infected systems.

Steps to setup on the targeted system:

  1. Get the tool
  2. Install requirements: sudo pip3 install -r requirements.txt
  3. Setup : sudo python3 setup.py install
  4. Clone a page: sudo clone --target http://example.com
  5. Run : sudo snare --port 8080 --page-dir example.com
  6. Test: Visit http://localhost:8080/index.html
  7. (Optionally) Have your own tanner service running.

You can read more about this tool over here: https://github.com/mushorg/snare

Share