English | 中文
Welcome To Ehoney 👋
> ⭐️ The eSign security team has accumulated more than ten years of security experience and will gradually open to users. The "Ehoney" deception defense system is a cloud-native deception defense system, and it is also the only open source product in security fields that is benchmarked against commercial systems. The defense system deploys high-interaction and high-simulation "honeypots" and traffic proxy forwarding, combined with self-developed secret signatures and decoys, to direct attackers to the honeypots to disrupt the guidance and delay attacks, which can protect the business to a large extent safety.⭐️
![介绍视频](./doc/img/介绍.gif)
🏠 [Documentation](https://seccome.github.io/Ehoney/) :triangular_flag_on_post: [Demo Site](http://47.98.206.178:8080/decept-defense)
## 📝 Features
- **Support abundant honeypot types**
1. **General honeypot**: SSH honeypot, Http honeypot, Redis honeypot, Telnet honeypot, Mysql honeypot, RDP honeypot
2. **IOT honeypot**: RTSP honeypot
3. **Industrial control honeypo**: ModBus honeypot
- **Based on cloud native technology**
build saas platform deception defense based on k3s, generate unlimited honeypots, and simulate the business environment
- **The unique secret signature technology in esignature field**
original secret signature technology supports more than 20 kinds of secret signatures, such as documents, pictures, emails, etc.
- **Powerful Bait**
Support dozens of kinds of bait, manage by probe to deceive and deception drainage
- **Visualized topology**
can visually display the attack view, visualize all attacks, and form a complete attack link
- **Dynamic countermeasure technology**
Based on the prediction algorithm of LSTM, it can predict the hacker's next attack method, dynamic deception, delay the hacker attack time, and protect the real business
- **Powerful customization**
Support custom secret signatures, decoys, honeypots, etc., plug-in installation and deployment to meet many feature requirements
## ⛴ Running environment
- **Operating system**: CentOS 7 and above
- **Minimum configuration:**: Memory 4G, disk space above 10G
- **Recommended configuration:**: Memory 8G, disk space above 30G
## 🔧 Rapid deploy
```shell
git clone https://github.com/seccome/Ehoney.git
cd Ehoney && chmod +x quick-start.sh && ./quick-start.sh
# This installation process will be time-consuming and patient
**all the services are ready and happy to use!!!**
# It means the installation is successful.
```
You can visit `http://IP:8080/decept-defense` in browser and will see the login page
Default account:
username: `admin`
password: `123456`
## 🖥️ Demo
![操作视频](./doc/img/操作视频.gif)
## 🚀 Show results
- **Attack display**
![攻击事件大屏](./doc/img/攻击事件大屏.png)
- **HoneyPot topology**
![蜜罐拓扑图](./doc/img/蜜罐拓扑图.png)
- **Alarm list**
![告警列表](./doc/img/告警列表.png)
## 🙏 Contact
1. GitHub issue: [new issue](https://github.com/seccome/Ehoney/issues/new )
2. QQ Group: 597605141
3. Email: ask@seccome.com
4. Wechat Group: