Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label DARWIS. Show all posts

Introducing Dionaea with Darwis Threat Intel API Integration

Cyber Security and Privacy Foundation is pleased to inform that we have made opensource and made available our panel and code for integrating dionaea with our threat intel API.

This can be used as a honeypot to gain insight on attackers and attacker malware.

To get started you will require a linux machine with docker installed. Once done you can simply follow these steps.

More detailed instructions in: 

https://github.com/CSPF-Founder/dionaea-darwis


Clone this repoistory

git clone https://github.com/cspF-Founder/dionaea-darwis 

Setup commands:

 cd dionaea-darwis 

./install.sh

Once all three containers started, now go to browser and open

https://localhost:12443

It will take you to the setup page. Click "Setup" button, it will do base setup for the panel. If successful, then it will take to license activation page.

To get a license key you have to go to https://cysecurity.co/panel/keys/request and give your email. You will get an email with a link to follow. The page will contain the key that you should input into the panel above. (Please note that the key can only be viewed/activated once, so ensure that you keep a backup)


Once the license key has been given then you can setup a local user account and then login to the panel. In the panel you can click on "View logs" to get a granular view of the data.

It will allow you to see the files that are captured along with the time and the verdict and the malware name if applicable. You can also filter by time and date. This data can also be exported into multiple formats such as CSV, XLS.