🍯 HoneySSH

HoneySSH is a medium interaction honeypot that provides attackers a fully simulated Linux shell to play in.

All commands are simulated and run in a per-session sandbox that’s destroyed on disconnect.

Features include:

  • A relistic interactive shell.
  • 50+ built-in POSIX commands.
  • Payloads are captured with the fake scp, wget and curl commands for later analysis.
  • Asciicast compatible session keystroke recording and playback.
  • In-memory interactive file system.
  • Reporting capabilities.
  • Machine-readable JSON event log.