Run your own honeypot with T-Pot

T-Pot is a dockerized honypot system containing the following software:

  • conpot
  • cowrie
  • dionaea
  • elasticpot
  • emobility
  • glastopf
  • honeytrap
  • suricata

Events are visualized using the ELK stack. Installation is fairly straightforward, you will need a fresh Ubuntu 16.04 machine with your public key added.

Before you run the following commands, be aware that to avoid a known installation error, you need to replace line 306 in install.sh pip install --upgrade pip with pip install --upgrade pip && hash -r pip.

1
2
3
4
git clone https://github.com/dtag-dev-sec/t-pot-autoinstall.git
cd t-pot-autoinstall/
sudo su
./install.sh

After the script is done the machine will automatically reboot and you will be able to login into the dashboard with the specified credentials.