• Diniz Martins

BAP – Basic Auth Pot | HoneyPot

What is a honeypot?

A honeypot is a computer or computer system intended to mimic likely targets of cyberattacks. It can be used to detect attacks or deflect them from a legitimate target. It can also be used to gain information about how cybercriminals operate.


How honeypots work?

The honeypot looks like a real computer system, with applications and data, fooling cybercriminals into thinking it's a legitimate target. Honeypots are made attractive to attackers by building in deliberate security vulnerabilities. For instance, a honeypot might have ports that respond to a port scan or weak passwords. Vulnerable ports might be left open to entice attackers into the honeypot environment, rather than the more secure live network.


About BAP:

BAP is a webservice honeypot that logs HTTP basic authentication credentials in a "parser friendly format"™.

The webservice handles HEAD and GET requests, to which it always responds with 401 WWW-Authenticate: Basic realm="ADMIN". HTTP request methods other than HEAD or GET will result in an error response generated by BaseHTTPServer.

There is no valid username / password for the service. Credentials are only decoded and logged.


Install:


Running:

Web Browser Check:


Logging:

Logfiles are written to the same directory as bap.py - stdout and stderr ends up here.


Recent Posts

See All

Admin-Scanner

This tool is design to find Admin Panel of any website by using custom wordlist or default wordlist easily. Grab the result and paste to your web browser: How to install: Usages: -site <url of website

Python | Subnet Ping

This script will ping and display status of all hosts in a subnet we provide. import subprocess import ipaddress from subprocess import Popen, PIPE subnet = input("Please enter the network: ") network

Sublist3r

Sublist3r is a python tool designed to enumerate subdomains of websites using OSINT. It helps penetration testers and bug hunters collect and gather subdomains for the domain they are targeting. Enume