honeypots.js v1.2.2
🍯 honeypots.js v1.2.2
\ Honeypots.js is a powerful tool for enhancing the security of Node.js web applications. It works by placing decoy targets, known as honeypots, within the application's code to attract and identify malicious actors. These honeypots can simulate vulnerabilities or sensitive areas of the application, allowing for the early detection of potential attacks.
In addition to its honeypot capabilities, Honeypots.js can also generate detailed reports on detected threats and provide insights into their origin and behavior. This information can be invaluable for incident response teams, helping them to quickly identify and neutralize potential security threats.
Features
- Lightweight and easy to use.
- Provides an additional layer of security for your web application.
- Blocks automated attacks without disrupting legitimate user traffic.
- Logs details of attempted attacks for analysis.
Installation
This is a Node.js module available through the npm registry.
Before installing, download and install Node.js. Node.js 0.10 or higher is required.
If this is a brand new project, make sure to create a package.json
first with
the npm init
command.
Installation is done using the
npm install
command:
npm install honeypots.js
Usage
To use Honeypots.js in your Node.js application, you need to add it as a middleware to your application's request handling chain. Here is an example of how to use Honeypots.js with Express:
const express = require('express');
const honeypots = require('honeypots.js');
const app = express();
app.use(honeypots());
// Your app...
When a request is made to any endpoint, Honeypots.js will analyse the request for suspicouse activity if any theats are detected the request will follow the configuration however by default the request will be blocked.
Configuration
Honeypots.js offers several options that can be configured to tailor its behavior to specific needs. For example, a blacklist and whitelist can be created to section off a webapp.
app.use(honeypots({
fingerprint: true,
return: 'unauthorised',
obfuscation: {
headers: true,
},
}));
key | typeof | default | description |
---|---|---|---|
verbose | boolean | true | Log all activity from initialisation to attack detection |
fingerprint | boolean | true | Fingerprint the threat actor for greater accuracy. |
return | string | unauthorised | What a detected attack should return. caught will return a meme, unauthorised will return a generic unauthorised page, pass will not do anything. |
obfuscation | object | null | Obfuscate certain aspects of your webapp to lure in threat actors. |
blacklist | object | null | Blacklist url paths (supports wildcards "* "). |
whitelist | object | null | Whitelist url paths, this is good if you want to use pre-defined blacklist paths (supports wildcards "* "). |
disable_honeypot | object | null | Disable specified honeypots. |
object | null | Configure email settings to recieve alerts of threats. | |
webhook | object | null | Configure webhook settings to recieve alerts of threats. |
Performance
$ npm run performance
...
## Control
Requests: total: 151240
1XX: 0 ,2XX: 151230 ,3XX: 0 ,4XX: 0 ,5XX: 0
Request time avg: 0.06/s
Request time mean: 0.06/s
## Whitelist
Requests: total: 163050
1XX: 0 ,2XX: 163040 ,3XX: 0 ,4XX: 0 ,5XX: 0
Request time avg: 0.04/s
Request time mean: 0.04/s
## Blacklist (Honey trap)
Requests: total: 145070
1XX: 0, 2XX: 0, 3XX: 0, 4XX: 145060, 5XX: 0
Request time avg: 0.04/s
Request time mean: 0.04/s
## SQLI
Requests: total: 113280
1XX: 0, 2XX: 0, 3XX: 0, 4XX: 113270, 5XX: 0
Request time avg: 0.13/s
Request time mean: 0.13/s
## XSS
Requests: total: 94480
1XX: 0, 2XX: 0, 3XX: 0, 4XX: 94470, 5XX: 0
Request time avg: 0.25/s
Request time mean: 0.25/s
Contributing
Contributions are welcome! If you would like to contribute to Honeypots.js, please fork the repository, make your changes, and submit a pull request. Please ensure that your code follows the existing coding style and that you have added appropriate tests for any new functionality.
License
Honeypots.js is licensed under the GPL-3.0
License. See the LICENSE file for more information.