honeypots.js

🍯 honeypots.js v1.2.2

Honeypots.js is a powerful tool for enhancing the security of Node.js web applications. It works by placing decoy targets, known as honeypots, within the application's code to attract and identify malicious actors. These honeypots can simulate vulnerabilities or sensitive areas of the application, allowing for the early detection of potential attacks.

In addition to its honeypot capabilities, Honeypots.js can also generate detailed reports on detected threats and provide insights into their origin and behavior. This information can be invaluable for incident response teams, helping them to quickly identify and neutralize potential security threats.

Features

• Lightweight and easy to use.
• Provides an additional layer of security for your web application.
• Blocks automated attacks without disrupting legitimate user traffic.
• Logs details of attempted attacks for analysis.

Installation

This is a Node.js module available through the npm registry.

Before installing, download and install Node.js. Node.js 0.10 or higher is required.

If this is a brand new project, make sure to create a package.json first with the npm init command.

Installation is done using the npm install command:

npm install honeypots.js

Usage

To use Honeypots.js in your Node.js application, you need to add it as a middleware to your application's request handling chain. Here is an example of how to use Honeypots.js with Express:

const express = require('express');
const honeypots = require('honeypots.js');
const app = express();

app.use(honeypots());

// Your app...

When a request is made to any endpoint, Honeypots.js will analyse the request for suspicouse activity if any theats are detected the request will follow the configuration however by default the request will be blocked.

Configuration

Honeypots.js offers several options that can be configured to tailor its behavior to specific needs. For example, a blacklist and whitelist can be created to section off a webapp.

app.use(honeypots({
  fingerprint: true,
  return: 'unauthorised',
  obfuscation: {
    headers: true,
  },
}));

key	typeof	default	description
verbose	boolean	true	Log all activity from initialisation to attack detection
fingerprint	boolean	true	Fingerprint the threat actor for greater accuracy.
return	string	unauthorised	What a detected attack should return. caught will return a meme, unauthorised will return a generic unauthorised page, pass will not do anything.
obfuscation	object	null	Obfuscate certain aspects of your webapp to lure in threat actors.
blacklist	object	null	Blacklist url paths (supports wildcards "*").
whitelist	object	null	Whitelist url paths, this is good if you want to use pre-defined blacklist paths (supports wildcards "*").
disable_honeypot	object	null	Disable specified honeypots.
email	object	null	Configure email settings to recieve alerts of threats.
webhook	object	null	Configure webhook settings to recieve alerts of threats.

Performance

$ npm run performance
...

## Control
Requests: total: 151240
1XX: 0 ,2XX: 151230 ,3XX: 0 ,4XX: 0 ,5XX: 0

Request time avg: 0.06/s
Request time mean: 0.06/s

## Whitelist
Requests: total: 163050
1XX: 0 ,2XX: 163040 ,3XX: 0 ,4XX: 0 ,5XX: 0

Request time avg: 0.04/s
Request time mean: 0.04/s

## Blacklist (Honey trap)
Requests: total: 145070
1XX: 0, 2XX: 0, 3XX: 0, 4XX: 145060, 5XX: 0

Request time avg: 0.04/s
Request time mean: 0.04/s

## SQLI
Requests: total: 113280
1XX: 0, 2XX: 0, 3XX: 0, 4XX: 113270, 5XX: 0

Request time avg: 0.13/s
Request time mean: 0.13/s

## XSS
Requests: total: 94480
1XX: 0, 2XX: 0, 3XX: 0, 4XX: 94470, 5XX: 0

Request time avg: 0.25/s
Request time mean: 0.25/s

Contributing

Contributions are welcome! If you would like to contribute to Honeypots.js, please fork the repository, make your changes, and submit a pull request. Please ensure that your code follows the existing coding style and that you have added appropriate tests for any new functionality.

License

Honeypots.js is licensed under the GPL-3.0 License. See the LICENSE file for more information.