Beeswarm is an active IDS project that provides easy configuration, deployment and management of honeypots and clients. The system operates by luring the hacker into the honeypots by setting up a deception infrastructure where deployed drones communicate with honeypots and intentionally leak credentials while doing so.
Beeswarm operates by deploying fake end-user systems (clients) and services (honeypots). Beeswarm uses these systems to provides IoC (Indication of Compromise) by observing the difference between expected and actual traffic. An IoC could be a certificate mismatch or the unexpected reuse of credentials (honeytokens).
Latest Version and Changelog v0.7.17 11/6/2016:
– Rename in ui: “Honeypot name” -> “Drone name”
– Added functionality to ping all drones from UI
first install dependencies
sudo apt-get install libffi-dev build-essential python-dev python-pip libssl-dev libxml2-dev libxslt1-dev
git clone https://github.com/honeynet/beeswarm && cd beeswarm
pip install -r requirements.txt
python setup.py install
cd [Your Path]